admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-01-23 18:01:08 +00:00
parent e3a2a23b86
commit 1495451f87
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
28 changed files with 813 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
2012/6xxx/CVE-2012-6083.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-6083",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "freeciv",
"product": {
"product_data": [
{
"product_name": "freeciv",
"version": {
"version_data": [
{
"version_value": "before 2.3.3"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Freeciv before 2.3.3 allows remote attackers to cause a denial of service via a crafted packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.openwall.com/lists/oss-security/2012/12/31/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/12/31/2"
},
{
"refsource": "MISC",
"name": "https://freeciv.fandom.com/wiki/NEWS-2.3.3",
"url": "https://freeciv.fandom.com/wiki/NEWS-2.3.3"
}
]
}

5
2018/18xxx/CVE-2018-18035.json
View File

@ -56,6 +56,11 @@
"refsource": "CONFIRM",
"name": "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches",
"url": "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches"
},
{
"refsource": "MISC",
"name": "https://www.purplemet.com/blog/openemr-xss-vulnerability",
"url": "https://www.purplemet.com/blog/openemr-xss-vulnerability"
}
]
}

5
2019/14xxx/CVE-2019-14895.json
View File

@ -108,6 +108,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html"
},
{
"refsource": "UBUNTU",
"name": "USN-4225-2",
"url": "https://usn.ubuntu.com/4225-2/"
}
]
},

5
2019/14xxx/CVE-2019-14896.json
View File

@ -103,6 +103,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html"
},
{
"refsource": "UBUNTU",
"name": "USN-4225-2",
"url": "https://usn.ubuntu.com/4225-2/"
}
]
},

5
2019/14xxx/CVE-2019-14897.json
View File

@ -98,6 +98,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html"
},
{
"refsource": "UBUNTU",
"name": "USN-4225-2",
"url": "https://usn.ubuntu.com/4225-2/"
}
]
},

5
2019/14xxx/CVE-2019-14901.json
View File

@ -111,6 +111,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html"
},
{
"refsource": "UBUNTU",
"name": "USN-4225-2",
"url": "https://usn.ubuntu.com/4225-2/"
}
]
},

62
2019/15xxx/CVE-2019-15707.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-15707",
"ASSIGNER": "psirt@fortinet.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Fortinet FortiMail",
"version": {
"version_data": [
{
"version_value": "FortiMail 6.2.0, 6.0.0 to 6.0.6, 5.4.10 and below"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://fortiguard.com/advisory/FG-IR-19-237",
"url": "https://fortiguard.com/advisory/FG-IR-19-237"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "An improper access control vulnerability in FortiMail admin webUI 6.2.0, 6.0.0 to 6.0.6, 5.4.10 and below may allow administrators to perform system backup config download they should not be authorized for."
}
]
}
}

62
2019/15xxx/CVE-2019-15712.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-15712",
"ASSIGNER": "psirt@fortinet.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Fortinet FortiMail",
"version": {
"version_data": [
{
"version_value": "FortiMail 6.2.0, 6.0.0 to 6.0.6, 5.4.10 and below"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://fortiguard.com/advisory/FG-IR-19-237",
"url": "https://fortiguard.com/advisory/FG-IR-19-237"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "An improper access control vulnerability in FortiMail admin webUI 6.2.0, 6.0.0 to 6.0.6, 5.4.10 and below may allow administrators to access web console they should not be authorized for."
}
]
}
}

5
2019/16xxx/CVE-2019-16231.json
View File

@ -91,6 +91,11 @@
"refsource": "UBUNTU",
"name": "USN-4227-2",
"url": "https://usn.ubuntu.com/4227-2/"
},
{
"refsource": "UBUNTU",
"name": "USN-4225-2",
"url": "https://usn.ubuntu.com/4225-2/"
}
]
}

82
2019/16xxx/CVE-2019-16512.json Normal file
View File

@ -0,0 +1,82 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-16512",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. There is stored XSS in the Appearance modifier."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://know.bishopfox.com/advisories",
"refsource": "MISC",
"name": "https://know.bishopfox.com/advisories"
},
{
"refsource": "MISC",
"name": "https://know.bishopfox.com/advisories/connectwise-control",
"url": "https://know.bishopfox.com/advisories/connectwise-control"
},
{
"refsource": "MISC",
"name": "https://blog.huntresslabs.com/validating-the-bishop-fox-findings-in-connectwise-control-9155eec36a34",
"url": "https://blog.huntresslabs.com/validating-the-bishop-fox-findings-in-connectwise-control-9155eec36a34"
},
{
"refsource": "MISC",
"name": "https://www.crn.com/news/managed-services/connectwise-control-msp-security-vulnerabilities-are-severe-bishop-fox",
"url": "https://www.crn.com/news/managed-services/connectwise-control-msp-security-vulnerabilities-are-severe-bishop-fox"
},
{
"refsource": "MISC",
"name": "https://www.crn.com/slide-shows/managed-services/connectwise-control-attack-chain-exploit-20-questions-for-security-researcher-bishop-fox",
"url": "https://www.crn.com/slide-shows/managed-services/connectwise-control-attack-chain-exploit-20-questions-for-security-researcher-bishop-fox"
}
]
}
}

82
2019/16xxx/CVE-2019-16513.json Normal file
View File

@ -0,0 +1,82 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-16513",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. CSRF can be used to send API requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://know.bishopfox.com/advisories",
"refsource": "MISC",
"name": "https://know.bishopfox.com/advisories"
},
{
"refsource": "MISC",
"name": "https://know.bishopfox.com/advisories/connectwise-control",
"url": "https://know.bishopfox.com/advisories/connectwise-control"
},
{
"refsource": "MISC",
"name": "https://blog.huntresslabs.com/validating-the-bishop-fox-findings-in-connectwise-control-9155eec36a34",
"url": "https://blog.huntresslabs.com/validating-the-bishop-fox-findings-in-connectwise-control-9155eec36a34"
},
{
"refsource": "MISC",
"name": "https://www.crn.com/news/managed-services/connectwise-control-msp-security-vulnerabilities-are-severe-bishop-fox",
"url": "https://www.crn.com/news/managed-services/connectwise-control-msp-security-vulnerabilities-are-severe-bishop-fox"
},
{
"refsource": "MISC",
"name": "https://www.crn.com/slide-shows/managed-services/connectwise-control-attack-chain-exploit-20-questions-for-security-researcher-bishop-fox",
"url": "https://www.crn.com/slide-shows/managed-services/connectwise-control-attack-chain-exploit-20-questions-for-security-researcher-bishop-fox"
}
]
}
}

82
2019/16xxx/CVE-2019-16514.json Normal file
View File

@ -0,0 +1,82 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-16514",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. The server allows remote code execution. Administrative users could upload an unsigned extension ZIP file containing executable code that is subsequently executed by the server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://know.bishopfox.com/advisories",
"refsource": "MISC",
"name": "https://know.bishopfox.com/advisories"
},
{
"refsource": "MISC",
"name": "https://know.bishopfox.com/advisories/connectwise-control",
"url": "https://know.bishopfox.com/advisories/connectwise-control"
},
{
"refsource": "MISC",
"name": "https://blog.huntresslabs.com/validating-the-bishop-fox-findings-in-connectwise-control-9155eec36a34",
"url": "https://blog.huntresslabs.com/validating-the-bishop-fox-findings-in-connectwise-control-9155eec36a34"
},
{
"refsource": "MISC",
"name": "https://www.crn.com/news/managed-services/connectwise-control-msp-security-vulnerabilities-are-severe-bishop-fox",
"url": "https://www.crn.com/news/managed-services/connectwise-control-msp-security-vulnerabilities-are-severe-bishop-fox"
},
{
"refsource": "MISC",
"name": "https://www.crn.com/slide-shows/managed-services/connectwise-control-attack-chain-exploit-20-questions-for-security-researcher-bishop-fox",
"url": "https://www.crn.com/slide-shows/managed-services/connectwise-control-attack-chain-exploit-20-questions-for-security-researcher-bishop-fox"
}
]
}
}

82
2019/16xxx/CVE-2019-16515.json Normal file
View File

@ -0,0 +1,82 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-16515",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. Certain HTTP security headers are not used."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://know.bishopfox.com/advisories",
"refsource": "MISC",
"name": "https://know.bishopfox.com/advisories"
},
{
"refsource": "MISC",
"name": "https://wpvulndb.com/vulnerabilities/10013",
"url": "https://wpvulndb.com/vulnerabilities/10013"
},
{
"refsource": "MISC",
"name": "https://know.bishopfox.com/advisories/connectwise-control",
"url": "https://know.bishopfox.com/advisories/connectwise-control"
},
{
"refsource": "MISC",
"name": "https://blog.huntresslabs.com/validating-the-bishop-fox-findings-in-connectwise-control-9155eec36a34",
"url": "https://blog.huntresslabs.com/validating-the-bishop-fox-findings-in-connectwise-control-9155eec36a34"
},
{
"refsource": "MISC",
"name": "https://www.crn.com/news/managed-services/connectwise-control-msp-security-vulnerabilities-are-severe-bishop-fox",
"url": "https://www.crn.com/news/managed-services/connectwise-control-msp-security-vulnerabilities-are-severe-bishop-fox"
}
]
}
}

82
2019/16xxx/CVE-2019-16516.json Normal file
View File

@ -0,0 +1,82 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-16516",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. There is a user enumeration vulnerability, allowing an unauthenticated attacker to determine with certainty if an account exists for a given username."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://know.bishopfox.com/advisories",
"refsource": "MISC",
"name": "https://know.bishopfox.com/advisories"
},
{
"refsource": "MISC",
"name": "https://know.bishopfox.com/advisories/connectwise-control",
"url": "https://know.bishopfox.com/advisories/connectwise-control"
},
{
"refsource": "MISC",
"name": "https://blog.huntresslabs.com/validating-the-bishop-fox-findings-in-connectwise-control-9155eec36a34",
"url": "https://blog.huntresslabs.com/validating-the-bishop-fox-findings-in-connectwise-control-9155eec36a34"
},
{
"refsource": "MISC",
"name": "https://www.crn.com/news/managed-services/connectwise-control-msp-security-vulnerabilities-are-severe-bishop-fox",
"url": "https://www.crn.com/news/managed-services/connectwise-control-msp-security-vulnerabilities-are-severe-bishop-fox"
},
{
"refsource": "MISC",
"name": "https://www.crn.com/slide-shows/managed-services/connectwise-control-attack-chain-exploit-20-questions-for-security-researcher-bishop-fox",
"url": "https://www.crn.com/slide-shows/managed-services/connectwise-control-attack-chain-exploit-20-questions-for-security-researcher-bishop-fox"
}
]
}
}

82
2019/16xxx/CVE-2019-16517.json Normal file
View File

@ -0,0 +1,82 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-16517",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. There is a CORS misconfiguration, which reflected the Origin provided by incoming requests. This allowed JavaScript running on any domain to interact with the server APIs and perform administrative actions, without the victim's knowledge."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://know.bishopfox.com/advisories",
"refsource": "MISC",
"name": "https://know.bishopfox.com/advisories"
},
{
"refsource": "MISC",
"name": "https://know.bishopfox.com/advisories/connectwise-control",
"url": "https://know.bishopfox.com/advisories/connectwise-control"
},
{
"refsource": "MISC",
"name": "https://blog.huntresslabs.com/validating-the-bishop-fox-findings-in-connectwise-control-9155eec36a34",
"url": "https://blog.huntresslabs.com/validating-the-bishop-fox-findings-in-connectwise-control-9155eec36a34"
},
{
"refsource": "MISC",
"name": "https://www.crn.com/news/managed-services/connectwise-control-msp-security-vulnerabilities-are-severe-bishop-fox",
"url": "https://www.crn.com/news/managed-services/connectwise-control-msp-security-vulnerabilities-are-severe-bishop-fox"
},
{
"refsource": "MISC",
"name": "https://www.crn.com/slide-shows/managed-services/connectwise-control-attack-chain-exploit-20-questions-for-security-researcher-bishop-fox",
"url": "https://www.crn.com/slide-shows/managed-services/connectwise-control-attack-chain-exploit-20-questions-for-security-researcher-bishop-fox"
}
]
}
}

5
2019/18xxx/CVE-2019-18660.json
View File

@ -136,6 +136,11 @@
"refsource": "REDHAT",
"name": "RHSA-2020:0174",
"url": "https://access.redhat.com/errata/RHSA-2020:0174"
},
{
"refsource": "UBUNTU",
"name": "USN-4225-2",
"url": "https://usn.ubuntu.com/4225-2/"
}
]
}

5
2019/18xxx/CVE-2019-18813.json
View File

@ -71,6 +71,11 @@
"refsource": "UBUNTU",
"name": "USN-4225-1",
"url": "https://usn.ubuntu.com/4225-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4225-2",
"url": "https://usn.ubuntu.com/4225-2/"
}
]
}

5
2019/19xxx/CVE-2019-19045.json
View File

@ -86,6 +86,11 @@
"refsource": "UBUNTU",
"name": "USN-4227-2",
"url": "https://usn.ubuntu.com/4227-2/"
},
{
"refsource": "UBUNTU",
"name": "USN-4225-2",
"url": "https://usn.ubuntu.com/4225-2/"
}
]
}

5
2019/19xxx/CVE-2019-19051.json
View File

@ -76,6 +76,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html"
},
{
"refsource": "UBUNTU",
"name": "USN-4225-2",
"url": "https://usn.ubuntu.com/4225-2/"
}
]
}

5
2019/19xxx/CVE-2019-19052.json
View File

@ -106,6 +106,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html"
},
{
"refsource": "UBUNTU",
"name": "USN-4225-2",
"url": "https://usn.ubuntu.com/4225-2/"
}
]
}

5
2019/19xxx/CVE-2019-19055.json
View File

@ -81,6 +81,11 @@
"refsource": "UBUNTU",
"name": "USN-4225-1",
"url": "https://usn.ubuntu.com/4225-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4225-2",
"url": "https://usn.ubuntu.com/4225-2/"
}
]
}

5
2019/19xxx/CVE-2019-19072.json
View File

@ -81,6 +81,11 @@
"refsource": "UBUNTU",
"name": "USN-4225-1",
"url": "https://usn.ubuntu.com/4225-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4225-2",
"url": "https://usn.ubuntu.com/4225-2/"
}
]
}

5
2019/19xxx/CVE-2019-19524.json
View File

@ -116,6 +116,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html"
},
{
"refsource": "UBUNTU",
"name": "USN-4225-2",
"url": "https://usn.ubuntu.com/4225-2/"
}
]
}

5
2019/19xxx/CVE-2019-19529.json
View File

@ -91,6 +91,11 @@
"refsource": "UBUNTU",
"name": "USN-4227-2",
"url": "https://usn.ubuntu.com/4227-2/"
},
{
"refsource": "UBUNTU",
"name": "USN-4225-2",
"url": "https://usn.ubuntu.com/4225-2/"
}
]
}

5
2019/19xxx/CVE-2019-19534.json
View File

@ -106,6 +106,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html"
},
{
"refsource": "UBUNTU",
"name": "USN-4225-2",
"url": "https://usn.ubuntu.com/4225-2/"
}
]
}

5
2020/7xxx/CVE-2020-7210.json
View File

@ -71,6 +71,11 @@
"refsource": "BUGTRAQ",
"name": "20200123 SEC Consult SA-20200123-0 :: Cross-Site Request Forgery (CSRF) in Umbraco CMS",
"url": "https://seclists.org/bugtraq/2020/Jan/35"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/156062/Umbraco-CMS-8.2.2-Cross-Site-Request-Forgery.html",
"url": "http://packetstormsecurity.com/files/156062/Umbraco-CMS-8.2.2-Cross-Site-Request-Forgery.html"
}
]
}

61
2020/7xxx/CVE-2020-7220.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-7220",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-7220",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "HashiCorp Vault Enterprise 0.11.0 through 1.3.1 fails, in certain circumstances, to revoke dynamic secrets for a mount in a deleted namespace. Fixed in 1.3.2."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.hashicorp.com/blog/category/vault/",
"refsource": "MISC",
"name": "https://www.hashicorp.com/blog/category/vault/"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/hashicorp/vault/blob/master/CHANGELOG.md#132-january-22nd-2020",
"url": "https://github.com/hashicorp/vault/blob/master/CHANGELOG.md#132-january-22nd-2020"
}
]
}

5
2020/7xxx/CVE-2020-7246.json
View File

@ -56,6 +56,11 @@
"url": "https://docs.google.com/document/d/13ZZSm0DL1Ie6r_fU5ZdDKGZ4defFqiFXMG--zDo8S10/edit?usp=sharing",
"refsource": "MISC",
"name": "https://docs.google.com/document/d/13ZZSm0DL1Ie6r_fU5ZdDKGZ4defFqiFXMG--zDo8S10/edit?usp=sharing"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/156063/qdPM-9.1-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/156063/qdPM-9.1-Remote-Code-Execution.html"
}
]
}