admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-07-23 14:01:22 +00:00
parent 87b9198a73
commit 162ab278c9
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
10 changed files with 536 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
2020/11xxx/CVE-2020-11440.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-11440",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-11440",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "httpRpmFs in WebCLI in Wind River VxWorks 5.5 through 7 SR0640 has no check for an escape from the web root."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://windriver.com",
"refsource": "MISC",
"name": "https://windriver.com"
},
{
"refsource": "MISC",
"name": "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-11440",
"url": "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-11440"
}
]
}

71
2020/15xxx/CVE-2020-15881.json
View File

@ -1,17 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-15881",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-15881",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Cross-Site Scripting (XSS) vulnerability in the munki_facts (aka Munki Conditions) module before 1.5 for MunkiReport allows remote attackers to inject arbitrary web script or HTML via the key name."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/munkireport/munki_facts/releases",
"refsource": "MISC",
"name": "https://github.com/munkireport/munki_facts/releases"
},
{
"url": "https://github.com/munkireport/munkireport-php",
"refsource": "MISC",
"name": "https://github.com/munkireport/munkireport-php"
},
{
"refsource": "MISC",
"name": "https://github.com/munkireport/munkireport-php/releases/tag/v5.6.3",
"url": "https://github.com/munkireport/munkireport-php/releases/tag/v5.6.3"
},
{
"refsource": "MISC",
"name": "https://github.com/munkireport/munkireport-php/wiki/20200722-munki_facts-XSS",
"url": "https://github.com/munkireport/munkireport-php/wiki/20200722-munki_facts-XSS"
}
]
}

66
2020/15xxx/CVE-2020-15882.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-15882",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-15882",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A CSRF issue in manager/delete_machine/{id} in MunkiReport before 5.6.3 allows attackers to delete arbitrary machines from the MunkiReport database."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/munkireport/munkireport-php/releases",
"refsource": "MISC",
"name": "https://github.com/munkireport/munkireport-php/releases"
},
{
"refsource": "MISC",
"name": "https://github.com/munkireport/munkireport-php/releases/tag/v5.6.3",
"url": "https://github.com/munkireport/munkireport-php/releases/tag/v5.6.3"
},
{
"refsource": "MISC",
"name": "https://github.com/munkireport/munkireport-php/wiki/20200722-CSRF-Bypass-On-Endpoints-With-No-Body-Parameters",
"url": "https://github.com/munkireport/munkireport-php/wiki/20200722-CSRF-Bypass-On-Endpoints-With-No-Body-Parameters"
}
]
}

71
2020/15xxx/CVE-2020-15883.json
View File

@ -1,17 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-15883",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-15883",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Cross-Site Scripting (XSS) vulnerability in the managedinstalls module before 2.6 for MunkiReport allows remote attackers to inject arbitrary web script or HTML via the last two URL parameters (through which installed packages names and versions are reported)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/munkireport/munkireport-php",
"refsource": "MISC",
"name": "https://github.com/munkireport/munkireport-php"
},
{
"url": "https://github.com/munkireport/managedinstalls/releases/tag/v2.6",
"refsource": "MISC",
"name": "https://github.com/munkireport/managedinstalls/releases/tag/v2.6"
},
{
"refsource": "MISC",
"name": "https://github.com/munkireport/munkireport-php/releases/tag/v5.6.3",
"url": "https://github.com/munkireport/munkireport-php/releases/tag/v5.6.3"
},
{
"refsource": "MISC",
"name": "https://github.com/munkireport/munkireport-php/wiki/20200722-Reflected-XSS-In-Managedinstalls-Module",
"url": "https://github.com/munkireport/munkireport-php/wiki/20200722-Reflected-XSS-In-Managedinstalls-Module"
}
]
}

66
2020/15xxx/CVE-2020-15884.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-15884",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-15884",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A SQL injection vulnerability in TableQuery.php in MunkiReport before 5.6.3 allows attackers to execute arbitrary SQL commands via the order[0][dir] field on POST requests to /datatables/data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/munkireport/munkireport-php/releases",
"refsource": "MISC",
"name": "https://github.com/munkireport/munkireport-php/releases"
},
{
"refsource": "MISC",
"name": "https://github.com/munkireport/munkireport-php/releases/tag/v5.6.3",
"url": "https://github.com/munkireport/munkireport-php/releases/tag/v5.6.3"
},
{
"refsource": "MISC",
"name": "https://github.com/munkireport/munkireport-php/wiki/20200722-SQL-Injection-In-Datatables-Order-By-In-Post-Body",
"url": "https://github.com/munkireport/munkireport-php/wiki/20200722-SQL-Injection-In-Datatables-Order-By-In-Post-Body"
}
]
}

71
2020/15xxx/CVE-2020-15885.json
View File

@ -1,17 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-15885",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-15885",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Cross-Site Scripting (XSS) vulnerability in the comment module before 4.0 for MunkiReport allows remote attackers to inject arbitrary web script or HTML by posting a new comment."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/munkireport/munkireport-php",
"refsource": "MISC",
"name": "https://github.com/munkireport/munkireport-php"
},
{
"url": "https://github.com/munkireport/comment/releases",
"refsource": "MISC",
"name": "https://github.com/munkireport/comment/releases"
},
{
"refsource": "MISC",
"name": "https://github.com/munkireport/munkireport-php/releases/tag/v5.6.3",
"url": "https://github.com/munkireport/munkireport-php/releases/tag/v5.6.3"
},
{
"refsource": "MISC",
"name": "https://github.com/munkireport/munkireport-php/wiki/20200722--XSS-Filter-Bypass-On-Comments",
"url": "https://github.com/munkireport/munkireport-php/wiki/20200722--XSS-Filter-Bypass-On-Comments"
}
]
}

71
2020/15xxx/CVE-2020-15886.json
View File

@ -1,17 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-15886",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-15886",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A SQL injection vulnerability in reportdata_controller.php in the reportdata module before 3.5 for MunkiReport allows attackers to execute arbitrary SQL commands via the req parameter of the /module/reportdata/ip endpoint."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/munkireport/munkireport-php/releases",
"refsource": "MISC",
"name": "https://github.com/munkireport/munkireport-php/releases"
},
{
"url": "https://github.com/munkireport/reportdata/releases",
"refsource": "MISC",
"name": "https://github.com/munkireport/reportdata/releases"
},
{
"refsource": "MISC",
"name": "https://github.com/munkireport/munkireport-php/releases/tag/v5.6.3",
"url": "https://github.com/munkireport/munkireport-php/releases/tag/v5.6.3"
},
{
"refsource": "MISC",
"name": "https://github.com/munkireport/munkireport-php/wiki/20200722-SQL-Injection-In-Reportdata-Ip-In-'req'-GET-Parameter",
"url": "https://github.com/munkireport/munkireport-php/wiki/20200722-SQL-Injection-In-Reportdata-Ip-In-'req'-GET-Parameter"
}
]
}

71
2020/15xxx/CVE-2020-15887.json
View File

@ -1,17 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-15887",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-15887",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A SQL injection vulnerability in softwareupdate_controller.php in the Software Update module before 1.6 for MunkiReport allows attackers to execute arbitrary SQL commands via the last URL parameter of the /module/softwareupdate/get_tab_data/ endpoint."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/munkireport/munkireport-php/releases",
"refsource": "MISC",
"name": "https://github.com/munkireport/munkireport-php/releases"
},
{
"url": "https://github.com/munkireport/softwareupdate/releases",
"refsource": "MISC",
"name": "https://github.com/munkireport/softwareupdate/releases"
},
{
"refsource": "MISC",
"name": "https://github.com/munkireport/munkireport-php/wiki/20200722-SQL-Injection-in-softwareupdate-module",
"url": "https://github.com/munkireport/munkireport-php/wiki/20200722-SQL-Injection-in-softwareupdate-module"
},
{
"refsource": "MISC",
"name": "https://github.com/munkireport/munkireport-php/releases/tag/v5.6.3",
"url": "https://github.com/munkireport/munkireport-php/releases/tag/v5.6.3"
}
]
}

18
2020/15xxx/CVE-2020-15909.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-15909",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/15xxx/CVE-2020-15910.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-15910",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}