admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-06-05 15:01:21 +00:00
parent 25d05b2c26
commit 178fa4140b
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
7 changed files with 377 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
2020/10xxx/CVE-2020-10543.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "Perl before 5.30.3 on 32-bit platforms allows heap memory corruption because nested regular expression quantifiers have an integer overflow."
"value": "Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow."
}
]
},
@ -61,6 +61,11 @@
"refsource": "CONFIRM",
"name": "https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3",
"url": "https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod",
"url": "https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod"
}
]
}

7
2020/10xxx/CVE-2020-10878.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "Perl before 5.30.3 has an overflow related to mishandling of a \"PL_regkind[OP(n)] == NOTHING\" situation."
"value": "Perl before 5.30.3 has an integer overflow related to mishandling of a \"PL_regkind[OP(n)] == NOTHING\" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection."
}
]
},
@ -66,6 +66,11 @@
"refsource": "CONFIRM",
"name": "https://github.com/perl/perl5/commit/3295b48defa0f8570114877b063fe546dd348b3c",
"url": "https://github.com/perl/perl5/commit/3295b48defa0f8570114877b063fe546dd348b3c"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod",
"url": "https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod"
}
]
}

50
2020/11xxx/CVE-2020-11975.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-11975",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@apache.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Apache Unomi",
"version": {
"version_data": [
{
"version_value": "Apache Unomi 1.0.0 to 1.5.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://unomi.apache.org/security/cve-2020-11975.txt",
"url": "http://unomi.apache.org/security/cve-2020-11975.txt"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Apache Unomi allows conditions to use OGNL scripting which offers the possibility to call static Java classes from the JDK that could execute code with the permission level of the running Java process."
}
]
}

76
2020/12xxx/CVE-2020-12723.json
View File

@ -1,17 +1,81 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-12723",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-12723",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/Perl/perl5/issues/16947",
"refsource": "MISC",
"name": "https://github.com/Perl/perl5/issues/16947"
},
{
"url": "https://github.com/Perl/perl5/issues/17743",
"refsource": "MISC",
"name": "https://github.com/Perl/perl5/issues/17743"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3",
"url": "https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod",
"url": "https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/perl/perl5/commit/66bbb51b93253a3f87d11c2695cfb7bdb782184a",
"url": "https://github.com/perl/perl5/commit/66bbb51b93253a3f87d11c2695cfb7bdb782184a"
}
]
}

82
2020/1xxx/CVE-2020-1883.json
View File

@ -4,14 +4,90 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-1883",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "NIP6800",
"version": {
"version_data": [
{
"version_value": "V500R001C60SPC500"
}
]
}
},
{
"product_name": "Secospace USG6600",
"version": {
"version_data": [
{
"version_value": "V500R001C30SPC200"
},
{
"version_value": "V500R001C30SPC600"
},
{
"version_value": "V500R001C60SPC500"
}
]
}
},
{
"product_name": "USG9500",
"version": {
"version_data": [
{
"version_value": "V500R001C30SPC200"
},
{
"version_value": "V500R001C30SPC600"
},
{
"version_value": "V500R001C60SPC500"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Leak"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200603-01-memory-en",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200603-01-memory-en"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Huawei products NIP6800;Secospace USG6600;USG9500 have a memory leak vulnerability. An attacker with high privileges exploits this vulnerability by continuously performing specific operations. Successful exploitation of this vulnerability can cause service abnormal."
}
]
}

91
2020/9xxx/CVE-2020-9074.json
View File

@ -4,14 +4,99 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-9074",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "HONOR 20 PRO",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.0.0.194(C432E9R5P1)"
},
{
"version_value": "Versions earlier than 10.0.0.194(C636E3R3P1)"
},
{
"version_value": "Versions earlier than 10.0.0.194(C00E62R8P12)"
},
{
"version_value": "Versions earlier than 10.0.0.194(C10E3R3P2)"
}
]
}
},
{
"product_name": "Honor View 20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.0.0.200(C185E3R3P3)"
},
{
"version_value": "Versions earlier than 10.0.0.201(C636E3R4P3)"
},
{
"version_value": "Versions earlier than 10.0.0.195(C00E62R4P11)"
},
{
"version_value": "Versions earlier than 10.0.0.201(C10E5R4P3)"
}
]
}
},
{
"product_name": "HONOR 20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.0.0.186(C185E2R2P1)"
},
{
"version_value": "Versions earlier than 10.0.0.194(C432E9R5P1)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Handling of Exceptional Condition"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200603-01-smartphone-en",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200603-01-smartphone-en"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Huawei Smartphones HONOR 20 PRO;Honor View 20;HONOR 20 have an improper handling of exceptional condition Vulnerability. A component cannot deal with an exception correctly. Attackers can exploit this vulnerability by sending malformed message. This could compromise normal service of affected phones."
}
]
}

84
2020/9xxx/CVE-2020-9859.json
View File

@ -4,14 +4,92 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-9859",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "iOS 13.5.1 and iPadOS 13.5.1"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "macOS Catalina 10.15.5 Supplemental Update"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "tvOS 13.4.6"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "watchOS 6.2.6"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An application may be able to execute arbitrary code with kernel privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://support.apple.com/HT211214",
"refsource": "MISC",
"name": "https://support.apple.com/HT211214"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.5.1 and iPadOS 13.5.1, macOS Catalina 10.15.5 Supplemental Update, tvOS 13.4.6, watchOS 6.2.6. An application may be able to execute arbitrary code with kernel privileges."
}
]
}