admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #216 from CVEProject/master

Browse Source 
XFA Rebase
This commit is contained in:
Scott Moore 2020-02-04 11:41:15 -05:00 committed by GitHub
commit 21b80d95dd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
140 changed files with 3845 additions and 221 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2007/4xxx/CVE-2007-4774.json
View File

@ -61,6 +61,11 @@
"url": "https://osdn.net/projects/linux-kernel-docs/scm/git/linux-2.4.36/listCommit?skip=60",
"refsource": "MISC",
"name": "https://osdn.net/projects/linux-kernel-docs/scm/git/linux-2.4.36/listCommit?skip=60"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200204-0002/",
"url": "https://security.netapp.com/advisory/ntap-20200204-0002/"
}
]
}

65
2011/3xxx/CVE-2011-3629.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-3629",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Joomla! core",
"version": {
"version_data": [
{
"version_value": "1.7.1"
}
]
}
}
]
},
"vendor_name": "Joomla!"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,43 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Joomla! core 1.7.1 allows information disclosure due to weak encryption"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.openwall.com/lists/oss-security/2012/03/02/4",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/03/02/4"
},
{
"url": "http://www.openwall.com/lists/oss-security/2012/03/02/8",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/03/02/8"
},
{
"url": "http://www.openwall.com/lists/oss-security/2012/03/28/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/03/28/6"
},
{
"refsource": "MISC",
"name": "https://developer.joomla.org/security/news/370-20111001-core-information-disclosure",
"url": "https://developer.joomla.org/security/news/370-20111001-core-information-disclosure"
}
]
}

55
2011/4xxx/CVE-2011-4912.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-4912",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Joomla!",
"product": {
"product_data": [
{
"product_name": "Joomla!",
"version": {
"version_data": [
{
"version_value": "All 1.5.x prior to and including 1.5.13"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Joomla! com_mailto 1.5.x through 1.5.13 has an automated mail timeout bypass."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "mail timeout bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.openwall.com/lists/oss-security/2011/12/25/9",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2011/12/25/9"
},
{
"refsource": "MISC",
"name": "https://developer.joomla.org/security/news/303-20090723-core-com-mailto-timeout-issue.html",
"url": "https://developer.joomla.org/security/news/303-20090723-core-com-mailto-timeout-issue.html"
}
]
}

65
2011/4xxx/CVE-2011-4937.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-4937",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Joomla!",
"version": {
"version_data": [
{
"version_value": "1.7.1"
}
]
}
}
]
},
"vendor_name": "Joomla!"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,43 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Joomla! 1.7.1 has core information disclosure due to inadequate error checking."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.openwall.com/lists/oss-security/2012/03/02/4",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/03/02/4"
},
{
"url": "http://www.openwall.com/lists/oss-security/2012/03/28/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/03/28/6"
},
{
"url": "http://www.openwall.com/lists/oss-security/2012/03/02/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/03/02/1"
},
{
"refsource": "MISC",
"name": "https://developer.joomla.org/security/news/371-20111002-core-information-disclosure.html",
"url": "https://developer.joomla.org/security/news/371-20111002-core-information-disclosure.html"
}
]
}

55
2012/5xxx/CVE-2012-5618.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-5618",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Ushahidi",
"product": {
"product_data": [
{
"product_name": "Ushahidi",
"version": {
"version_data": [
{
"version_value": "before 2.6.1"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Ushahidi before 2.6.1 has insufficient entropy for forgot-password tokens."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "insufficient entropy"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.openwall.com/lists/oss-security/2012/12/04/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/12/04/1"
},
{
"url": "https://github.com/ushahidi/Ushahidi_Web/commit/e8c7ecd42818c331db8945d20f8b1865bc6d157e",
"refsource": "MISC",
"name": "https://github.com/ushahidi/Ushahidi_Web/commit/e8c7ecd42818c331db8945d20f8b1865bc6d157e"
}
]
}

53
2012/5xxx/CVE-2012-5686.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-5686",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "ZPanel 10.0.1 has insufficient entropy for its password reset process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.securityfocus.com/bid/56400",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/56400"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79841",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79841"
}
]
}

58
2013/1xxx/CVE-2013-1422.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-1422",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "webcalendar before 1.2.7 shows the reason for a failed login (e.g., \"no such user\")."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.openwall.com/lists/oss-security/2013/07/22/8",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/07/22/8"
},
{
"url": "http://www.openwall.com/lists/oss-security/2013/07/25/4",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/07/25/4"
},
{
"refsource": "MISC",
"name": "https://www.securityfocus.com/bid/58250/info",
"url": "https://www.securityfocus.com/bid/58250/info"
}
]
}

48
2013/2xxx/CVE-2013-2646.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-2646",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "TP-LINK TL-WR1043ND V1_120405 devices contain an unspecified denial of service vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "BID",
"name": "59472",
"url": "https://www.securityfocus.com/bid/59472"
}
]
}

53
2013/2xxx/CVE-2013-2672.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-2672",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Brother MFC-9970CDW devices with firmware 0D allow cleartext submission of passwords."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://packetstormsecurity.com/files/121553/Brother-MFC-9970CDW-Firmware-0D-Cross-Site-Scripting.html",
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/121553/Brother-MFC-9970CDW-Firmware-0D-Cross-Site-Scripting.html"
},
{
"refsource": "XF",
"name": "84094",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84094"
}
]
}

53
2013/2xxx/CVE-2013-2673.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-2673",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Brother MFC-9970CDW 1.10 firmware L devices contain a security bypass vulnerability which allows physically proximate attackers to gain unauthorized access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://packetstormsecurity.com/files/121553/Brother-MFC-9970CDW-Firmware-0D-Cross-Site-Scripting.html",
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/121553/Brother-MFC-9970CDW-Firmware-0D-Cross-Site-Scripting.html"
},
{
"refsource": "BID",
"name": "59727",
"url": "https://www.securityfocus.com/bid/59727"
}
]
}

58
2013/2xxx/CVE-2013-2674.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-2674",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Brother MFC-9970CDW 1.10 firmware L devices contain an information disclosure vulnerability which allows remote attackers to view sensitive information from referrer logs due to inadequate handling of HTTP referrer headers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://packetstormsecurity.com/files/121553/Brother-MFC-9970CDW-Firmware-0D-Cross-Site-Scripting.html",
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/121553/Brother-MFC-9970CDW-Firmware-0D-Cross-Site-Scripting.html"
},
{
"refsource": "XF",
"name": "84091",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84091"
},
{
"refsource": "BID",
"name": "59725",
"url": "https://www.securityfocus.com/bid/59725"
}
]
}

58
2013/2xxx/CVE-2013-2676.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-2676",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Brother MFC-9970CDW 1.10 firmware L devices contain an information disclosure vulnerability which allows remote attackers to view private IP addresses and other sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://packetstormsecurity.com/files/121553/Brother-MFC-9970CDW-Firmware-0D-Cross-Site-Scripting.html",
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/121553/Brother-MFC-9970CDW-Firmware-0D-Cross-Site-Scripting.html"
},
{
"refsource": "XF",
"name": "84090",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84090"
},
{
"refsource": "BID",
"name": "59726",
"url": "https://www.securityfocus.com/bid/59726"
}
]
}

63
2013/2xxx/CVE-2013-2678.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-2678",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,43 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cisco Linksys E4200 1.0.05 Build 7 routers contain a Local File Include Vulnerability which could allow remote attackers to obtain sensitive information or execute arbitrary code by sending a crafted URL request to the apply.cgi script using the submit_type parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "BID",
"name": "59710",
"url": "http://www.securityfocus.com/bid/59710"
},
{
"refsource": "EXPLOIT-DB",
"name": "25292",
"url": "http://www.exploit-db.com/exploits/25292"
},
{
"url": "http://packetstormsecurity.com/files/121551/Cisco-Linksys-E4200-Cross-Site-Scripting-Local-File-Inclusion.html",
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/121551/Cisco-Linksys-E4200-Cross-Site-Scripting-Local-File-Inclusion.html"
},
{
"refsource": "XF",
"name": "84027",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84072"
}
]
}

63
2013/7xxx/CVE-2013-7051.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-7051",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,43 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "D-Link DIR-100 4.03B07: cli.cgi security bypass due to failure to check authentication parameters"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://pigstarter.krebsco.de/report/2013-12-18_dir100.txt",
"refsource": "MISC",
"name": "http://pigstarter.krebsco.de/report/2013-12-18_dir100.txt"
},
{
"url": "http://www.exploit-db.com/exploits/31425",
"refsource": "MISC",
"name": "http://www.exploit-db.com/exploits/31425"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90904",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90904"
},
{
"refsource": "MISC",
"name": "https://www.securityfocus.com/bid/65290",
"url": "https://www.securityfocus.com/bid/65290"
}
]
}

58
2013/7xxx/CVE-2013-7052.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-7052",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "D-Link DIR-100 4.03B07: security bypass via an error in the cliget.cgi script"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://pigstarter.krebsco.de/report/2013-12-18_dir100.txt",
"refsource": "MISC",
"name": "http://pigstarter.krebsco.de/report/2013-12-18_dir100.txt"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90902",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90902"
},
{
"refsource": "MISC",
"name": "https://www.securityfocus.com/bid/65290",
"url": "https://www.securityfocus.com/bid/65290"
}
]
}

58
2013/7xxx/CVE-2013-7053.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-7053",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "D-Link DIR-100 4.03B07: cli.cgi CSRF"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://pigstarter.krebsco.de/report/2013-12-18_dir100.txt",
"refsource": "MISC",
"name": "http://pigstarter.krebsco.de/report/2013-12-18_dir100.txt"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90905",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90905"
},
{
"refsource": "MISC",
"name": "https://www.securityfocus.com/bid/65290/info",
"url": "https://www.securityfocus.com/bid/65290/info"
}
]
}

58
2013/7xxx/CVE-2013-7054.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-7054",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "D-Link DIR-100 4.03B07: cli.cgi XSS"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://pigstarter.krebsco.de/report/2013-12-18_dir100.txt",
"refsource": "MISC",
"name": "http://pigstarter.krebsco.de/report/2013-12-18_dir100.txt"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90906",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90906"
},
{
"refsource": "MISC",
"name": "https://www.securityfocus.com/bid/65290/info",
"url": "https://www.securityfocus.com/bid/65290/info"
}
]
}

58
2013/7xxx/CVE-2013-7055.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-7055",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "D-Link DIR-100 4.03B07 has PPTP and poe information disclosure"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://pigstarter.krebsco.de/report/2013-12-18_dir100.txt",
"refsource": "MISC",
"name": "http://pigstarter.krebsco.de/report/2013-12-18_dir100.txt"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90903",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90903"
},
{
"refsource": "MISC",
"name": "https://www.securityfocus.com/bid/65290/info",
"url": "https://www.securityfocus.com/bid/65290/info"
}
]
}

58
2015/5xxx/CVE-2015-5155.json
View File

@ -1,61 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-5155",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2015-5155",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs:CVE-2010-3609. Reason: This candidate is a duplicate of CVE-2010-3609. Notes: All CVE users should reference CVE-2010-3609 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "with crafted \"nextoffset\" and \"extid\" values causes DoS"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://www.example.com",
"url": "http://www.example.com"
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-3609. Reason: This candidate is a reservation duplicate of CVE-2010-3609. Notes: All CVE users should reference CVE-2010-3609 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}

10
2015/5xxx/CVE-2015-5174.json
View File

@ -266,6 +266,16 @@
"refsource": "MLIST",
"name": "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/",
"url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[tomcat-users] 20200203 Re: 7.0.59 to 7.0.99 upgrade, CVE-2015-5174 fix prevents us from accessing resources outside context",
"url": "https://lists.apache.org/thread.html/r409efdf706c2077ae5c37018a87da725a3ca89570a9530342cdc53e4@%3Cusers.tomcat.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[tomcat-users] 20200204 Re: 7.0.59 to 7.0.99 upgrade, CVE-2015-5174 fix prevents us from accessing resources outside context",
"url": "https://lists.apache.org/thread.html/r1c62634b7426bee5f553307063457b99c84af73b078ede4f2592b34e@%3Cusers.tomcat.apache.org%3E"
}
]
}

22
2015/5xxx/CVE-2015-5290.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "ircd-ratbox 3.0.9 mishandles the MONITOR command which allows remote attackers to cause a denial of service (system out-of-memory event)."
"value": "A Denial of Service vulnerability exists in ircd-ratbox 3.0.9 in the MONITOR Command Handler."
}
]
},
@ -44,7 +44,7 @@
"description": [
{
"lang": "eng",
"value": "Other"
"value": "memory leak"
}
]
}
@ -53,14 +53,24 @@
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2015-5290",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1271113",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2015-5290"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1271113"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-5290",
"url": "http://www.openwall.com/lists/oss-security/2015/10/11/1",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-5290"
"name": "http://www.openwall.com/lists/oss-security/2015/10/11/1"
},
{
"url": "http://www.openwall.com/lists/oss-security/2015/10/12/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/10/12/1"
},
{
"refsource": "MISC",
"name": "https://github.com/skyhighwings/CVE-2015-5290",
"url": "https://github.com/skyhighwings/CVE-2015-5290"
}
]
}

45
2015/7xxx/CVE-2015-7542.json
View File

@ -8,6 +8,7 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "libgwenhywfar",
"product": {
"product_data": [
{
@ -15,14 +16,13 @@
"version": {
"version_data": [
{
"version_value": "4.12.0"
"version_value": "through 4.12.0"
}
]
}
}
]
},
"vendor_name": "libgwenhywfar"
}
}
]
}
@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "An issue exists in libgwenhywfar through 4.12.0 due to the usage of outdated bundled CA certificates."
"value": "A vulnerability exists in libgwenhywfar through 4.12.0 due to the usage of outdated bundled CA certificates."
}
]
},
@ -44,7 +44,7 @@
"description": [
{
"lang": "eng",
"value": "uses outdated bundled CA certificates"
"value": "hijacking an SSL session"
}
]
}
@ -52,30 +52,25 @@
},
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2015-7542",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2015-7542"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-7542",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-7542"
},
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2015-7542",
"refsource": "MISC",
"name": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2015-7542"
},
{
"url": "https://access.redhat.com/security/cve/cve-2015-7542",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2015-7542"
},
{
"url": "http://lists.opensuse.org/opensuse-updates/2018-01/msg00038.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2018-01/msg00038.html"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1272503",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1272503"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174484.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174484.html"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174540.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174540.html"
}
]
}

5
2015/8xxx/CVE-2015-8139.json
View File

@ -136,6 +136,11 @@
"name": "GLSA-201607-15",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201607-15"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200204-0003/",
"url": "https://security.netapp.com/advisory/ntap-20200204-0003/"
}
]
}

5
2015/8xxx/CVE-2015-8140.json
View File

@ -116,6 +116,11 @@
"name": "GLSA-201607-15",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201607-15"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200204-0003/",
"url": "https://security.netapp.com/advisory/ntap-20200204-0003/"
}
]
}

58
2016/1000xxx/CVE-2016-1000103.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1000103",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Security Bypass vulnerability exists in Nginx 2016-07-07 in the HTTP_PROXY variable, which could let a malicious user redirect outbound HTTP traffic"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.securityfocus.com/bid/91819",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/91819"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1353758",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1353758"
},
{
"refsource": "MISC",
"name": "https://www.ibm.com/support/pages/node/556747",
"url": "https://www.ibm.com/support/pages/node/556747"
}
]
}

26
2016/1000xxx/CVE-2016-1000104.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "A security Bypass vulnerability exists in mod_fcgid through 2016-07-07 in the FcgidPassHeader Proxy."
"value": "A security Bypass vulnerability exists in the FcgidPassHeader Proxy in mod_fcgid through 2016-07-07."
}
]
},
@ -53,24 +53,24 @@
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2016-1000104",
"url": "http://www.openwall.com/lists/oss-security/2016/07/18/6",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2016-1000104"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1000104",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1000104"
},
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2016-1000104",
"refsource": "MISC",
"name": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2016-1000104"
"name": "http://www.openwall.com/lists/oss-security/2016/07/18/6"
},
{
"url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00084.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00084.html"
},
{
"url": "http://www.securityfocus.com/bid/91822",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/91822"
},
{
"url": "https://www.tenable.com/security/tns-2017-04",
"refsource": "MISC",
"name": "https://www.tenable.com/security/tns-2017-04"
}
]
}

70
2016/4xxx/CVE-2016-4676.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2016-4676",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Safari",
"version": {
"version_data": [
{
"version_value": "before 10.0.1"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,48 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Cross-origin vulnerability exists in WebKit in Apple Safari before 10.0.1 when processing location attributes, which could let a remote malicious user obtain sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "cross-origin bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.securityfocus.com/bid/93851",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/93851"
},
{
"url": "http://seclists.org/fulldisclosure/2016/Oct/89",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2016/Oct/89"
},
{
"url": "http://www.securitytracker.com/id/1037087",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1037087"
},
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/cve/CVE-2016-4676",
"url": "https://packetstormsecurity.com/files/cve/CVE-2016-4676"
},
{
"refsource": "CONFIRM",
"name": "https://lists.apple.com/archives/security-announce/2016/Oct/msg00002.html",
"url": "https://lists.apple.com/archives/security-announce/2016/Oct/msg00002.html"
}
]
}

10
2017/7xxx/CVE-2017-7674.json
View File

@ -181,6 +181,16 @@
"refsource": "MLIST",
"name": "[tomcat-dev] 20200203 svn commit: r1873527 [25/30] - /tomcat/site/trunk/docs/",
"url": "https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[tomcat-users] 20200203 Re: 7.0.59 to 7.0.99 upgrade, CVE-2015-5174 fix prevents us from accessing resources outside context",
"url": "https://lists.apache.org/thread.html/r409efdf706c2077ae5c37018a87da725a3ca89570a9530342cdc53e4@%3Cusers.tomcat.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[tomcat-users] 20200204 Re: 7.0.59 to 7.0.99 upgrade, CVE-2015-5174 fix prevents us from accessing resources outside context",
"url": "https://lists.apache.org/thread.html/r1c62634b7426bee5f553307063457b99c84af73b078ede4f2592b34e@%3Cusers.tomcat.apache.org%3E"
}
]
}

10
2018/11xxx/CVE-2018-11243.json
View File

@ -71,6 +71,16 @@
"refsource": "FEDORA",
"name": "FEDORA-2020-20cf0743f5",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D7XU42G6MUQQXHWRP7DCF2JSIBOJ5GOO/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0162",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00001.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0163",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00003.html"
}
]
}

5
2018/7xxx/CVE-2018-7777.json
View File

@ -57,6 +57,11 @@
"name": "https://www.schneider-electric.com/en/download/document/SEVD-2018-095-01/",
"refsource": "CONFIRM",
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-095-01/"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/156184/Schneider-Electric-U.Motion-Builder-1.3.4-Command-Injection.html",
"url": "http://packetstormsecurity.com/files/156184/Schneider-Electric-U.Motion-Builder-1.3.4-Command-Injection.html"
}
]
}

5
2019/11xxx/CVE-2019-11043.json
View File

@ -216,6 +216,11 @@
"refsource": "FULLDISC",
"name": "20200131 APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra",
"url": "http://seclists.org/fulldisclosure/2020/Jan/40"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0322",
"url": "https://access.redhat.com/errata/RHSA-2020:0322"
}
]
},

5
2019/14xxx/CVE-2019-14287.json
View File

@ -221,6 +221,11 @@
"refsource": "CONFIRM",
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03976en_us",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03976en_us"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0388",
"url": "https://access.redhat.com/errata/RHSA-2020:0388"
}
]
}

5
2019/14xxx/CVE-2019-14296.json
View File

@ -66,6 +66,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-bf4633142b",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T52JATXV6NTPTMGXCRGT37H6KXERYNZN/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0163",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00003.html"
}
]
}

5
2019/14xxx/CVE-2019-14615.json
View File

@ -78,6 +78,11 @@
"refsource": "UBUNTU",
"name": "USN-4254-2",
"url": "https://usn.ubuntu.com/4254-2/"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html",
"url": "http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html"
}
]
},

10
2019/14xxx/CVE-2019-14814.json
View File

@ -148,6 +148,16 @@
"refsource": "REDHAT",
"name": "RHSA-2020:0174",
"url": "https://access.redhat.com/errata/RHSA-2020:0174"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0328",
"url": "https://access.redhat.com/errata/RHSA-2020:0328"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0339",
"url": "https://access.redhat.com/errata/RHSA-2020:0339"
}
]
},

10
2019/14xxx/CVE-2019-14815.json
View File

@ -78,6 +78,16 @@
"refsource": "REDHAT",
"name": "RHSA-2020:0174",
"url": "https://access.redhat.com/errata/RHSA-2020:0174"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0328",
"url": "https://access.redhat.com/errata/RHSA-2020:0328"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0339",
"url": "https://access.redhat.com/errata/RHSA-2020:0339"
}
]
},

10
2019/14xxx/CVE-2019-14816.json
View File

@ -153,6 +153,16 @@
"refsource": "REDHAT",
"name": "RHSA-2020:0204",
"url": "https://access.redhat.com/errata/RHSA-2020:0204"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0328",
"url": "https://access.redhat.com/errata/RHSA-2020:0328"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0339",
"url": "https://access.redhat.com/errata/RHSA-2020:0339"
}
]
},

5
2019/14xxx/CVE-2019-14865.json
View File

@ -53,6 +53,11 @@
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14865",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14865",
"refsource": "CONFIRM"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0335",
"url": "https://access.redhat.com/errata/RHSA-2020:0335"
}
]
},

15
2019/14xxx/CVE-2019-14895.json
View File

@ -113,6 +113,21 @@
"refsource": "UBUNTU",
"name": "USN-4225-2",
"url": "https://usn.ubuntu.com/4225-2/"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html",
"url": "http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0328",
"url": "https://access.redhat.com/errata/RHSA-2020:0328"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0339",
"url": "https://access.redhat.com/errata/RHSA-2020:0339"
}
]
},

5
2019/14xxx/CVE-2019-14896.json
View File

@ -108,6 +108,11 @@
"refsource": "UBUNTU",
"name": "USN-4225-2",
"url": "https://usn.ubuntu.com/4225-2/"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html",
"url": "http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html"
}
]
},

5
2019/14xxx/CVE-2019-14897.json
View File

@ -103,6 +103,11 @@
"refsource": "UBUNTU",
"name": "USN-4225-2",
"url": "https://usn.ubuntu.com/4225-2/"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html",
"url": "http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html"
}
]
},

15
2019/14xxx/CVE-2019-14901.json
View File

@ -121,6 +121,21 @@
"refsource": "REDHAT",
"name": "RHSA-2020:0204",
"url": "https://access.redhat.com/errata/RHSA-2020:0204"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html",
"url": "http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0328",
"url": "https://access.redhat.com/errata/RHSA-2020:0328"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0339",
"url": "https://access.redhat.com/errata/RHSA-2020:0339"
}
]
},

5
2019/16xxx/CVE-2019-16276.json
View File

@ -96,6 +96,11 @@
"refsource": "REDHAT",
"name": "RHSA-2020:0101",
"url": "https://access.redhat.com/errata/RHSA-2020:0101"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0329",
"url": "https://access.redhat.com/errata/RHSA-2020:0329"
}
]
}

5
2019/16xxx/CVE-2019-16451.json
View File

@ -51,6 +51,11 @@
"url": "https://helpx.adobe.com/security/products/acrobat/apsb19-55.html",
"refsource": "CONFIRM",
"name": "https://helpx.adobe.com/security/products/acrobat/apsb19-55.html"
},
{
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-145/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-145/"
}
]
},

5
2019/16xxx/CVE-2019-16519.json
View File

@ -56,6 +56,11 @@
"refsource": "CONFIRM",
"name": "http://support.eset.com/ca7317/",
"url": "http://support.eset.com/ca7317/"
},
{
"refsource": "MISC",
"name": "https://danishcyberdefence.dk/blog/esets-cyber-security",
"url": "https://danishcyberdefence.dk/blog/esets-cyber-security"
}
]
},

62
2019/16xxx/CVE-2019-16893.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-16893",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Web Management of TP-Link TP-SG105E V4 1.0.0 Build 20181120 devices allows an unauthenticated attacker to reboot the device via a reboot.cgi request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "EXPLOIT-DB",
"name": "47958",
"url": "https://exploit-db.com/exploits/47958"
}
]
}
}

5
2019/17xxx/CVE-2019-17596.json
View File

@ -96,6 +96,11 @@
"refsource": "REDHAT",
"name": "RHSA-2020:0101",
"url": "https://access.redhat.com/errata/RHSA-2020:0101"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0329",
"url": "https://access.redhat.com/errata/RHSA-2020:0329"
}
]
}

5
2019/17xxx/CVE-2019-17626.json
View File

@ -91,6 +91,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2020-f3e0ba2f79",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NSCTOE3DITFICY2XKBYZ5WAF5TSQ52DM/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0160",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00002.html"
}
]
}

10
2019/17xxx/CVE-2019-17666.json
View File

@ -116,6 +116,16 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0328",
"url": "https://access.redhat.com/errata/RHSA-2020:0328"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0339",
"url": "https://access.redhat.com/errata/RHSA-2020:0339"
}
]
}

5
2019/18xxx/CVE-2019-18282.json
View File

@ -61,6 +61,11 @@
"refsource": "CONFIRM",
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=55667441c84fa5e0911a0aac44fb059c15ba6da2",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=55667441c84fa5e0911a0aac44fb059c15ba6da2"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200204-0002/",
"url": "https://security.netapp.com/advisory/ntap-20200204-0002/"
}
]
}

106
2019/18xxx/CVE-2019-18567.json Normal file
View File

@ -0,0 +1,106 @@
{
"CVE_data_meta": {
"ASSIGNER": "cert@airbus.com",
"DATE_PUBLIC": "2019-09-10T00:00:00.000Z",
"ID": "CVE-2019-18567",
"STATE": "PUBLIC",
"TITLE": "Bromium client - out of bound read results in race condition causing Kernel memory leaks or denial of service"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Bromium",
"product": {
"product_data": [
{
"product_name": "Bromium client",
"version": {
"version_data": [
{
"version_value": "4.0.3.2060"
},
{
"version_value": "?< 4.0.3.2060"
},
{
"version_value": "?>= 4.0.3.2060"
},
{
"version_value": "< 4.1.7 Update 1"
}
]
}
}
]
}
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Nicolas DELHAYE from AIRBUS"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Bromium client version 4.0.3.2060 and prior to 4.1.7 Update 1 has an out of bound read results in race condition causing Kernel memory leaks or denial of service."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.6"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-362 Race Condition (Concurrent Execution using Shared Resource with Improper Synchronization)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.bromium.com/s/article/Bromium-Secure-Platform-4-1-Update-7-Released",
"refsource": "CONFIRM",
"url": "https://support.bromium.com/s/article/Bromium-Secure-Platform-4-1-Update-7-Released"
},
{
"name": "https://airbus-cyber-security.com/dive-into-a-kernel-bromium-race-condition-cve-2019-18567",
"refsource": "MISC",
"url": "https://airbus-cyber-security.com/dive-into-a-kernel-bromium-race-condition-cve-2019-18567"
}
]
},
"source": {
"discovery": "INTERNAL"
}
}

5
2019/18xxx/CVE-2019-18634.json
View File

@ -106,6 +106,11 @@
"refsource": "BUGTRAQ",
"name": "20200203 [SECURITY] [DSA 4614-1] sudo security update",
"url": "https://seclists.org/bugtraq/2020/Feb/2"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/156174/Slackware-Security-Advisory-sudo-Updates.html",
"url": "http://packetstormsecurity.com/files/156174/Slackware-Security-Advisory-sudo-Updates.html"
}
]
}

5
2019/18xxx/CVE-2019-18885.json
View File

@ -81,6 +81,11 @@
"refsource": "UBUNTU",
"name": "USN-4254-2",
"url": "https://usn.ubuntu.com/4254-2/"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html",
"url": "http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html"
}
]
}

56
2019/19xxx/CVE-2019-19273.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-19273",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-19273",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "On Samsung mobile devices with O(8.0) and P(9.0) software and an Exynos 8895 chipset, RKP (aka the Samsung Hypervisor EL2 implementation) allows arbitrary memory write operations. The Samsung ID is SVE-2019-16265."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://security.samsungmobile.com/securityUpdate.smsb",
"url": "https://security.samsungmobile.com/securityUpdate.smsb"
}
]
}

5
2019/19xxx/CVE-2019-19332.json
View File

@ -78,6 +78,11 @@
"refsource": "UBUNTU",
"name": "USN-4254-2",
"url": "https://usn.ubuntu.com/4254-2/"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200204-0002/",
"url": "https://security.netapp.com/advisory/ntap-20200204-0002/"
}
]
},

5
2019/19xxx/CVE-2019-19922.json
View File

@ -86,6 +86,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200204-0002/",
"url": "https://security.netapp.com/advisory/ntap-20200204-0002/"
}
]
}

5
2019/19xxx/CVE-2019-19927.json
View File

@ -71,6 +71,11 @@
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/453393369dc9806d2455151e329c599684762428",
"url": "https://github.com/torvalds/linux/commit/453393369dc9806d2455151e329c599684762428"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200204-0002/",
"url": "https://security.netapp.com/advisory/ntap-20200204-0002/"
}
]
}

5
2019/19xxx/CVE-2019-19947.json
View File

@ -66,6 +66,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200204-0002/",
"url": "https://security.netapp.com/advisory/ntap-20200204-0002/"
}
]
}

5
2019/19xxx/CVE-2019-19959.json
View File

@ -61,6 +61,11 @@
"refsource": "MISC",
"name": "https://github.com/sqlite/sqlite/commit/1e490c4ca6b43a9cf8637d695907888349f69bec",
"url": "https://github.com/sqlite/sqlite/commit/1e490c4ca6b43a9cf8637d695907888349f69bec"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200204-0001/",
"url": "https://security.netapp.com/advisory/ntap-20200204-0001/"
}
]
}

5
2019/19xxx/CVE-2019-19965.json
View File

@ -61,6 +61,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200204-0002/",
"url": "https://security.netapp.com/advisory/ntap-20200204-0002/"
}
]
}

5
2019/19xxx/CVE-2019-19966.json
View File

@ -66,6 +66,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200204-0002/",
"url": "https://security.netapp.com/advisory/ntap-20200204-0002/"
}
]
}

61
2019/19xxx/CVE-2019-19968.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-19968",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-19968",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "PandoraFMS 742 suffers from multiple XSS vulnerabilities, affecting the Agent Management, Report Builder, and Graph Builder components. An authenticated user can inject dangerous content into a data store that is later read and included in dynamic content."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://pandorafms.com",
"refsource": "MISC",
"name": "https://pandorafms.com"
},
{
"refsource": "MISC",
"name": "https://k4m1ll0.com/cve-2019-19968.html",
"url": "https://k4m1ll0.com/cve-2019-19968.html"
}
]
}

5
2019/20xxx/CVE-2019-20021.json
View File

@ -61,6 +61,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2020-20cf0743f5",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D7XU42G6MUQQXHWRP7DCF2JSIBOJ5GOO/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0163",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00003.html"
}
]
}

5
2019/20xxx/CVE-2019-20053.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/upx/upx/issues/314",
"refsource": "MISC",
"name": "https://github.com/upx/upx/issues/314"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0163",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00003.html"
}
]
}

5
2019/20xxx/CVE-2019-20054.json
View File

@ -71,6 +71,11 @@
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=89189557b47b35683a27c80ee78aef18248eefb4",
"refsource": "MISC",
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=89189557b47b35683a27c80ee78aef18248eefb4"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200204-0002/",
"url": "https://security.netapp.com/advisory/ntap-20200204-0002/"
}
]
}

5
2019/20xxx/CVE-2019-20095.json
View File

@ -61,6 +61,11 @@
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=003b686ace820ce2d635a83f10f2d7f9c147dabc",
"refsource": "MISC",
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=003b686ace820ce2d635a83f10f2d7f9c147dabc"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200204-0002/",
"url": "https://security.netapp.com/advisory/ntap-20200204-0002/"
}
]
}

61
2019/20xxx/CVE-2019-20174.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-20174",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-20174",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Auth0 Lock before 11.21.0 allows XSS when additionalSignUpFields is used with an untrusted placeholder."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/auth0/lock/releases/tag/v11.21.0",
"url": "https://github.com/auth0/lock/releases/tag/v11.21.0"
},
{
"refsource": "CONFIRM",
"name": "https://auth0.com/docs/security/bulletins/cve-2019-20174",
"url": "https://auth0.com/docs/security/bulletins/cve-2019-20174"
}
]
}

70
2019/20xxx/CVE-2019-20444.json
View File

@ -76,6 +76,76 @@
"refsource": "MLIST",
"name": "[druid-commits] 20200131 [GitHub] [druid] gianm merged pull request #9300: Fix / suppress netty CVEs CVE-2019-20445 and CVE-2019-20444",
"url": "https://lists.apache.org/thread.html/rff210a24f3a924829790e69eaefa84820902b7b31f17c3bf2def9114@%3Ccommits.druid.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-issues] 20200203 [jira] [Created] (ZOOKEEPER-3716) upgrade netty 4.1.42 to address CVE-2019-20444 CVE-2019-20445",
"url": "https://lists.apache.org/thread.html/ra9fbfe7d4830ae675bf34c7c0f8c22fc8a4099f65706c1bc4f54c593@%3Cissues.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-dev] 20200203 [jira] [Created] (ZOOKEEPER-3716) upgrade netty 4.1.42 to address CVE-2019-20444 CVE-2019-20445",
"url": "https://lists.apache.org/thread.html/r96e08f929234e8ba1ef4a93a0fd2870f535a1f9ab628fabc46115986@%3Cdev.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-issues] 20200203 [jira] [Assigned] (ZOOKEEPER-3716) upgrade netty 4.1.42 to address CVE-2019-20444 CVE-2019-20445",
"url": "https://lists.apache.org/thread.html/r804895eedd72c9ec67898286eb185e04df852b0dd5fe53cf5b6138f9@%3Cissues.zookeeper.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rce71d33747010d32d31d90f5d737dae26291d96552f513a266c92fbb@%3Cnotifications.zookeeper.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rce71d33747010d32d31d90f5d737dae26291d96552f513a266c92fbb@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rfb55f245b08d8a6ec0fb4dc159022227cd22de34c4419c2fbb18802b@%3Cnotifications.zookeeper.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rfb55f245b08d8a6ec0fb4dc159022227cd22de34c4419c2fbb18802b@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-issues] 20200203 [jira] [Updated] (ZOOKEEPER-3716) upgrade netty 4.1.42 to address CVE-2019-20444 CVE-2019-20445",
"url": "https://lists.apache.org/thread.html/ra2ace4bcb5cf487f72cbcbfa0f8cc08e755ec2b93d7e69f276148b08@%3Cissues.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-issues] 20200203 [jira] [Commented] (ZOOKEEPER-3716) upgrade netty 4.1.42 to address CVE-2019-20444 CVE-2019-20445",
"url": "https://lists.apache.org/thread.html/r36fcf538b28f2029e8b4f6b9a772f3b107913a78f09b095c5b153a62@%3Cissues.zookeeper.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r91e0fa345c86c128b75a4a791b4b503b53173ff4c13049ac7129d319@%3Cnotifications.zookeeper.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r91e0fa345c86c128b75a4a791b4b503b53173ff4c13049ac7129d319@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r310d2ce22304d5298ff87f10134f918c87919b452734f9841d95682d@%3Ccommits.zookeeper.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r310d2ce22304d5298ff87f10134f918c87919b452734f9841d95682d@%3Ccommits.zookeeper.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r9b20cdac704cf9a583400350e2d5b576fa8417c18ddb961201676c60@%3Ccommits.zookeeper.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r9b20cdac704cf9a583400350e2d5b576fa8417c18ddb961201676c60@%3Ccommits.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-issues] 20200204 [jira] [Resolved] (ZOOKEEPER-3716) upgrade netty 4.1.42 to address CVE-2019-20444 CVE-2019-20445",
"url": "https://lists.apache.org/thread.html/r640eb9b3213058a963e18291f903fc1584e577f60035f941e32f760a@%3Cissues.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-dev] 20200204 Build failed in Jenkins: zookeeper-branch36-java8 #38",
"url": "https://lists.apache.org/thread.html/r059b042bca47be53ff8a51fd04d95eb01bb683f1afa209db136e8cb7@%3Cdev.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-dev] 20200204 Build failed in Jenkins: zookeeper-branch36-java11 #39",
"url": "https://lists.apache.org/thread.html/r489886fe72a98768eed665474cba13bad8d6fe0654f24987706636c5@%3Cdev.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-dev] 20200204 Build failed in Jenkins: zookeeper-master-maven-jdk11 #361",
"url": "https://lists.apache.org/thread.html/r34912a9b1a5c269a77b8be94ef6fb6d1e9b3c69129719dc00f01cf0b@%3Cdev.zookeeper.apache.org%3E"
}
]
}

55
2019/20xxx/CVE-2019-20445.json
View File

@ -76,6 +76,61 @@
"refsource": "MLIST",
"name": "[druid-commits] 20200131 [GitHub] [druid] gianm merged pull request #9300: Fix / suppress netty CVEs CVE-2019-20445 and CVE-2019-20444",
"url": "https://lists.apache.org/thread.html/rff210a24f3a924829790e69eaefa84820902b7b31f17c3bf2def9114@%3Ccommits.druid.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-issues] 20200203 [jira] [Created] (ZOOKEEPER-3716) upgrade netty 4.1.42 to address CVE-2019-20444 CVE-2019-20445",
"url": "https://lists.apache.org/thread.html/ra9fbfe7d4830ae675bf34c7c0f8c22fc8a4099f65706c1bc4f54c593@%3Cissues.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-dev] 20200203 [jira] [Created] (ZOOKEEPER-3716) upgrade netty 4.1.42 to address CVE-2019-20444 CVE-2019-20445",
"url": "https://lists.apache.org/thread.html/r96e08f929234e8ba1ef4a93a0fd2870f535a1f9ab628fabc46115986@%3Cdev.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-dev] 20200203 Re: [VOTE] Apache ZooKeeper release 3.6.0 candidate 1",
"url": "https://lists.apache.org/thread.html/r81700644754e66ffea465c869cb477de25f8041e21598e8818fc2c45@%3Cdev.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-issues] 20200203 [jira] [Assigned] (ZOOKEEPER-3716) upgrade netty 4.1.42 to address CVE-2019-20444 CVE-2019-20445",
"url": "https://lists.apache.org/thread.html/r804895eedd72c9ec67898286eb185e04df852b0dd5fe53cf5b6138f9@%3Cissues.zookeeper.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rce71d33747010d32d31d90f5d737dae26291d96552f513a266c92fbb@%3Cnotifications.zookeeper.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rce71d33747010d32d31d90f5d737dae26291d96552f513a266c92fbb@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rfb55f245b08d8a6ec0fb4dc159022227cd22de34c4419c2fbb18802b@%3Cnotifications.zookeeper.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rfb55f245b08d8a6ec0fb4dc159022227cd22de34c4419c2fbb18802b@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-issues] 20200203 [jira] [Updated] (ZOOKEEPER-3716) upgrade netty 4.1.42 to address CVE-2019-20444 CVE-2019-20445",
"url": "https://lists.apache.org/thread.html/ra2ace4bcb5cf487f72cbcbfa0f8cc08e755ec2b93d7e69f276148b08@%3Cissues.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-issues] 20200203 [jira] [Commented] (ZOOKEEPER-3716) upgrade netty 4.1.42 to address CVE-2019-20444 CVE-2019-20445",
"url": "https://lists.apache.org/thread.html/r36fcf538b28f2029e8b4f6b9a772f3b107913a78f09b095c5b153a62@%3Cissues.zookeeper.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r310d2ce22304d5298ff87f10134f918c87919b452734f9841d95682d@%3Ccommits.zookeeper.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r310d2ce22304d5298ff87f10134f918c87919b452734f9841d95682d@%3Ccommits.zookeeper.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r9b20cdac704cf9a583400350e2d5b576fa8417c18ddb961201676c60@%3Ccommits.zookeeper.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r9b20cdac704cf9a583400350e2d5b576fa8417c18ddb961201676c60@%3Ccommits.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-issues] 20200204 [jira] [Resolved] (ZOOKEEPER-3716) upgrade netty 4.1.42 to address CVE-2019-20444 CVE-2019-20445",
"url": "https://lists.apache.org/thread.html/r640eb9b3213058a963e18291f903fc1584e577f60035f941e32f760a@%3Cissues.zookeeper.apache.org%3E"
}
]
}

5
2019/2xxx/CVE-2019-2214.json
View File

@ -53,6 +53,11 @@
"refsource": "UBUNTU",
"name": "USN-4226-1",
"url": "https://usn.ubuntu.com/4226-1/"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html",
"url": "http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html"
}
]
},

31
2019/3xxx/CVE-2019-3016.json
View File

@ -53,9 +53,9 @@
"references": {
"reference_data": [
{
"url": "https://www.openwall.com/lists/oss-security/2020/01/30/4",
"name": "https://www.openwall.com/lists/oss-security/2020/01/30/4",
"refsource": "CONFIRM"
"refsource": "MLIST",
"name": "[oss-security] 20200130 CVE-2019-3016: information leak within a KVM guest",
"url": "http://www.openwall.com/lists/oss-security/2020/01/30/4"
},
{
"url": "https://lore.kernel.org/lkml/1580407316-11391-1-git-send-email-pbonzini@redhat.com/",
@ -66,6 +66,31 @@
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1792167",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1792167",
"refsource": "CONFIRM"
},
{
"url": "https://git.kernel.org/linus/8c6de56a42e0c657955e12b882a81ef07d1d073e",
"name": "https://git.kernel.org/linus/8c6de56a42e0c657955e12b882a81ef07d1d073e",
"refsource": "CONFIRM"
},
{
"url": "https://git.kernel.org/linus/1eff70a9abd46f175defafd29bc17ad456f398a7",
"name": "https://git.kernel.org/linus/1eff70a9abd46f175defafd29bc17ad456f398a7",
"refsource": "CONFIRM"
},
{
"url": "https://git.kernel.org/linus/917248144db5d7320655dbb41d3af0b8a0f3d589",
"name": "https://git.kernel.org/linus/917248144db5d7320655dbb41d3af0b8a0f3d589",
"refsource": "CONFIRM"
},
{
"url": "https://git.kernel.org/linus/b043138246a41064527cf019a3d51d9f015e9796",
"name": "https://git.kernel.org/linus/b043138246a41064527cf019a3d51d9f015e9796",
"refsource": "CONFIRM"
},
{
"url": "https://git.kernel.org/linus/a6bd811f1209fe1c64c9f6fd578101d6436c6b6e",
"name": "https://git.kernel.org/linus/a6bd811f1209fe1c64c9f6fd578101d6436c6b6e",
"refsource": "CONFIRM"
}
]
},

5
2019/3xxx/CVE-2019-3693.json
View File

@ -121,6 +121,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0148",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00059.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0156",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00000.html"
}
]
},

15
2019/3xxx/CVE-2019-3774.json
View File

@ -76,6 +76,21 @@
"refsource": "MLIST",
"name": "[servicemix-issues] 20200203 [jira] [Created] (SM-4312) Upgrade spring-batch from 4.0.1 to 4.0.2 to address CVE-2019-3774",
"url": "https://lists.apache.org/thread.html/rcd26a5409af7356b5f69b2fafae3cf621bff8bf155f50e9ccf9ed5f6@%3Cissues.servicemix.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[servicemix-commits] 20200203 [servicemix-bundles] branch master updated: [SM-4312]Upgrade spring-batch from 4.0.1 to 4.0.2 to address CVE-2019-3774",
"url": "https://lists.apache.org/thread.html/rfea6eebfebb13bc015f258e7fa31d4e24a4202601be3b307da28d530@%3Ccommits.servicemix.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[servicemix-issues] 20200203 [jira] [Assigned] (SM-4312) Upgrade spring-batch from 4.0.1 to 4.0.2 to address CVE-2019-3774",
"url": "https://lists.apache.org/thread.html/ree71c6425d2cc0e36b77bda6902965a657c1e09c7229459811d66474@%3Cissues.servicemix.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[servicemix-issues] 20200203 [jira] [Updated] (SM-4312) Upgrade spring-batch from 4.0.1 to 4.0.2 to address CVE-2019-3774",
"url": "https://lists.apache.org/thread.html/r47c7f67a3067ec09262eef0705abc42ea1b646699d9198bcaf8dad02@%3Cissues.servicemix.apache.org%3E"
}
]
},

105
2019/4xxx/CVE-2019-4732.json
View File

@ -1,18 +1,105 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4732",
"STATE": "RESERVED"
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/pages/node/1288060",
"url": "https://www.ibm.com/support/pages/node/1288060",
"title": "IBM Security Bulletin 1288060 (Java)"
},
{
"name": "ibm-sdk-cve20194732-code-exec (172618)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/172618",
"refsource": "XF",
"title": "X-Force Vulnerability Report"
}
]
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "IBM SDK, Java Technology Edition Version 7.0.0.0 through 7.0.10.55, 7.1.0.0 through 7.1.4.55, and 8.0.0.0 through 8.0.6.0 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability in Microsoft Windows client. By placing a specially-crafted file in a compromised folder, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 172618."
}
]
}
},
"CVE_data_meta": {
"DATE_PUBLIC": "2020-01-31T00:00:00",
"ID": "CVE-2019-4732",
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com"
},
"impact": {
"cvssv3": {
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
},
"BM": {
"AC": "H",
"AV": "L",
"PR": "H",
"I": "H",
"C": "H",
"A": "H",
"S": "C",
"SCORE": "7.200",
"UI": "R"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Gain Privileges",
"lang": "eng"
}
]
}
]
},
"data_type": "CVE",
"data_format": "MITRE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "7.0.0.0"
},
{
"version_value": "7.1.0.0"
},
{
"version_value": "8.0.0.0"
},
{
"version_value": "7.0.10.55"
},
{
"version_value": "7.1.4.55"
},
{
"version_value": "8.0.6.0"
}
]
},
"product_name": "Java"
}
]
}
}
]
}
},
"data_version": "4.0"
}

5
2019/5xxx/CVE-2019-5108.json
View File

@ -53,6 +53,11 @@
"refsource": "MISC",
"name": "https://git.kernel.org/linus/3e493173b7841259a08c5c8e5cbe90adb349da7e",
"url": "https://git.kernel.org/linus/3e493173b7841259a08c5c8e5cbe90adb349da7e"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200204-0002/",
"url": "https://security.netapp.com/advisory/ntap-20200204-0002/"
}
]
},

5
2019/8xxx/CVE-2019-8449.json
View File

@ -58,6 +58,11 @@
"refsource": "CONFIRM",
"name": "https://jira.atlassian.com/browse/JRASERVER-69796",
"url": "https://jira.atlassian.com/browse/JRASERVER-69796"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/156172/Jira-8.3.4-Information-Disclosure.html",
"url": "http://packetstormsecurity.com/files/156172/Jira-8.3.4-Information-Disclosure.html"
}
]
}

79
2019/9xxx/CVE-2019-9501.json
View File

@ -1,8 +1,32 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2019-9501",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Broadcom wl driver is vulnerable to heap buffer overflow"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WiFi drivers",
"version": {
"version_data": [
{
"version_value": "wl"
}
]
}
}
]
},
"vendor_name": "Broadcom"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,8 +35,57 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. By supplying a vendor information element with a data length larger than 32 bytes, a heap buffer overflow is triggered in wlc_wpa_sup_eapol. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.9,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-122 Heap-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://blog.quarkslab.com/reverse-engineering-broadcom-wireless-chipsets.html",
"name": "https://blog.quarkslab.com/reverse-engineering-broadcom-wireless-chipsets.html"
},
{
"refsource": "MISC",
"url": "https://kb.cert.org/vuls/id/166939/",
"name": "https://kb.cert.org/vuls/id/166939/"
}
]
},
"source": {
"advisory": "VU#166939",
"discovery": "UNKNOWN"
}
}

79
2019/9xxx/CVE-2019-9502.json
View File

@ -1,8 +1,32 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2019-9502",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Broadcom wl driver is vulnerable to heap buffer overflow"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WiFi drivers",
"version": {
"version_data": [
{
"version_value": "wl"
}
]
}
}
]
},
"vendor_name": "Broadcom"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,8 +35,57 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. If the vendor information element data length is larger than 164 bytes, a heap buffer overflow is triggered in wlc_wpa_plumb_gtk. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.9,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-122 Heap-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://blog.quarkslab.com/reverse-engineering-broadcom-wireless-chipsets.html",
"name": "https://blog.quarkslab.com/reverse-engineering-broadcom-wireless-chipsets.html"
},
{
"refsource": "MISC",
"url": "https://kb.cert.org/vuls/id/166939/",
"name": "https://kb.cert.org/vuls/id/166939/"
}
]
},
"source": {
"advisory": "VU#166939",
"discovery": "UNKNOWN"
}
}

68
2019/9xxx/CVE-2019-9674.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9674",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,48 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.python.org/news/security/",
"refsource": "MISC",
"name": "https://www.python.org/news/security/"
},
{
"url": "https://github.com/python/cpython/blob/master/Lib/zipfile.py",
"refsource": "MISC",
"name": "https://github.com/python/cpython/blob/master/Lib/zipfile.py"
},
{
"refsource": "MISC",
"name": "https://bugs.python.org/issue36462",
"url": "https://bugs.python.org/issue36462"
},
{
"refsource": "MISC",
"name": "https://bugs.python.org/issue36260",
"url": "https://bugs.python.org/issue36260"
},
{
"refsource": "MISC",
"name": "https://python-security.readthedocs.io/security.html#archives-and-zip-bomb",
"url": "https://python-security.readthedocs.io/security.html#archives-and-zip-bomb"
}
]
}

67
2020/3xxx/CVE-2020-3937.json
View File

@ -1,18 +1,73 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"AKA": "TWCERT/CC",
"ASSIGNER": "cve@cert.org.tw",
"DATE_PUBLIC": "2020-02-04T05:00:00.000Z",
"ID": "CVE-2020-3937",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "SysJust Syuan-Gu-Da-Shih-SQL injection"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Syuan-Gu-Da-Shih",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "20191223"
}
]
}
}
]
},
"vendor_name": "CHANGING"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "SQL Injection in SysJust Syuan-Gu-Da-Shih, versions before 20191223, allowing attackers to perform unwanted SQL queries and access arbitrary file in the database."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "SQL-injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://tvn.twcert.org.tw/taiwanvn/TVN-201910013",
"name": "https://tvn.twcert.org.tw/taiwanvn/TVN-201910013"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}

67
2020/3xxx/CVE-2020-3938.json
View File

@ -1,18 +1,73 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"AKA": "TWCERT/CC",
"ASSIGNER": "cve@cert.org.tw",
"DATE_PUBLIC": "2020-02-04T05:00:00.000Z",
"ID": "CVE-2020-3938",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "SysJust Syuan-Gu-Da-Shih -Request-Forgery"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Syuan-Gu-Da-Shih",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "20191223"
}
]
}
}
]
},
"vendor_name": "CHANGING"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "SysJust Syuan-Gu-Da-Shih, versions before 20191223, contain vulnerability of Request Forgery, allowing attackers to launch inquiries into network architecture or system files of the server via forged inquests."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Request-Forgery"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://tvn.twcert.org.tw/taiwanvn/TVN-201910014",
"name": "https://tvn.twcert.org.tw/taiwanvn/TVN-201910014"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}

67
2020/3xxx/CVE-2020-3939.json
View File

@ -1,18 +1,73 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"AKA": "TWCERT/CC",
"ASSIGNER": "cve@cert.org.tw",
"DATE_PUBLIC": "2020-02-04T05:00:00.000Z",
"ID": "CVE-2020-3939",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "SysJust Syuan-Gu-Da-Shih -Cross-Site Scripting(XSS)"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Syuan-Gu-Da-Shih",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "20191223"
}
]
}
}
]
},
"vendor_name": "CHANGING"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "SysJust Syuan-Gu-Da-Shih, versions before 20191223, contain vulnerability of Cross-Site Scripting(XSS), personal information may be leaked to attackers via the vulnerability."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Request-Forgery"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://tvn.twcert.org.tw/taiwanvn/TVN-201910015",
"name": "https://tvn.twcert.org.tw/taiwanvn/TVN-201910015"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}

93
2020/4xxx/CVE-2020-4224.json
View File

@ -1,18 +1,93 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-4224",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/pages/node/1288150",
"url": "https://www.ibm.com/support/pages/node/1288150",
"title": "IBM Security Bulletin 1288150 (StoredIQ)"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/175133",
"refsource": "XF",
"name": "ibm-storediq-cve20204224-info-disc (175133)",
"title": "X-Force Vulnerability Report"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "IBM StoredIQ 7.6.0.17 through 7.6.0.20 could disclose sensitive information to a local user due to data in certain directories not being encrypted when it contained symbolic links. IBM X-Force ID: 175133."
}
]
}
},
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC",
"ID": "CVE-2020-4224",
"DATE_PUBLIC": "2020-01-31T00:00:00"
},
"impact": {
"cvssv3": {
"BM": {
"UI": "N",
"A": "N",
"S": "U",
"SCORE": "2.900",
"C": "L",
"I": "N",
"PR": "N",
"AC": "H",
"AV": "L"
},
"TM": {
"RL": "O",
"RC": "C",
"E": "U"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"data_type": "CVE",
"data_format": "MITRE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "StoredIQ",
"version": {
"version_data": [
{
"version_value": "7.6.0.17"
},
{
"version_value": "7.6.0.20"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_version": "4.0"
}

56
2020/5xxx/CVE-2020-5182.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-5182",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-5182",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The J-BusinessDirectory extension before 5.2.9 for Joomla! allows Reverse Tabnabbing. In some configurations, the link to the business website can be entered by any user. If it doesn't contain rel=\"noopener\" (or similar attributes such as noreferrer), the tabnabbing may occur. To reproduce the bug, create a business with a website link that contains JavaScript to exploit the window.opener property (for example, by setting window.opener.location)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.cmsjunkie.com/blog/joomla_business_directory_5-2-9_release/",
"url": "https://www.cmsjunkie.com/blog/joomla_business_directory_5-2-9_release/"
}
]
}

98
2020/5xxx/CVE-2020-5235.json
View File

@ -1,18 +1,104 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2020-5235",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Out-of-memory condition in Nanopb is potentially exploitable"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Nanopb",
"version": {
"version_data": [
{
"version_value": "< 0.2.9.4"
},
{
"version_value": ">= 0.3.0, < 0.3.9.5"
},
{
"version_value": ">= 0.4.0, < 0.4.1"
}
]
}
}
]
},
"vendor_name": "nanopb"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is a potentially exploitable out of memory condition In Nanopb before 0.4.1, 0.3.9.5, and 0.2.9.4. When nanopb is compiled with PB_ENABLE_MALLOC, the message to be decoded contains a repeated string, bytes or message field and realloc() runs out of memory when expanding the array nanopb can end up calling `free()` on a pointer value that comes from uninitialized memory. Depending on platform this can result in a crash or further memory corruption, which may be exploitable in some cases. This problem is fixed in nanopb-0.4.1, nanopb-0.3.9.5, nanopb-0.2.9.4."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/nanopb/nanopb/security/advisories/GHSA-gcx3-7m76-287p",
"refsource": "CONFIRM",
"url": "https://github.com/nanopb/nanopb/security/advisories/GHSA-gcx3-7m76-287p"
},
{
"name": "https://github.com/nanopb/nanopb/commit/45582f1f97f49e2abfdba1463d1e1027682d9856",
"refsource": "MISC",
"url": "https://github.com/nanopb/nanopb/commit/45582f1f97f49e2abfdba1463d1e1027682d9856"
},
{
"name": "https://github.com/nanopb/nanopb/commit/7b396821ddd06df8e39143f16e1dc0a4645b89a3",
"refsource": "MISC",
"url": "https://github.com/nanopb/nanopb/commit/7b396821ddd06df8e39143f16e1dc0a4645b89a3"
},
{
"name": "https://github.com/nanopb/nanopb/commit/aa9d0d1ca78d6adec3adfeecf3a706c7f9df81f2",
"refsource": "MISC",
"url": "https://github.com/nanopb/nanopb/commit/aa9d0d1ca78d6adec3adfeecf3a706c7f9df81f2"
}
]
},
"source": {
"advisory": "GHSA-gcx3-7m76-287p",
"discovery": "UNKNOWN"
}
}

82
2020/5xxx/CVE-2020-5236.json
View File

@ -1,18 +1,88 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2020-5236",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Catastrophic backtracking in regex allows Denial of Service in Waitress"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Waitress",
"version": {
"version_data": [
{
"version_value": "= 1.4.2"
}
]
}
}
]
},
"vendor_name": "Pylons"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Waitress version 1.4.2 allows a DOS attack When waitress receives a header that contains invalid characters. When a header like \"Bad-header: xxxxxxxxxxxxxxx\\x10\" is received, it will cause the regular expression engine to catastrophically backtrack causing the process to use 100% CPU time and blocking any other interactions. This allows an attacker to send a single request with an invalid header and take the service offline. This issue was introduced in version 1.4.2 when the regular expression was updated to attempt to match the behaviour required by errata associated with RFC7230. The regular expression that is used to validate incoming headers has been updated in version 1.4.3, it is recommended that people upgrade to the new version of Waitress as soon as possible."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400: Uncontrolled Resource Consumption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Pylons/waitress/security/advisories/GHSA-73m2-3pwg-5fgc",
"refsource": "CONFIRM",
"url": "https://github.com/Pylons/waitress/security/advisories/GHSA-73m2-3pwg-5fgc"
},
{
"name": "https://github.com/Pylons/waitress/commit/6e46f9e3f014d64dd7d1e258eaf626e39870ee1f",
"refsource": "MISC",
"url": "https://github.com/Pylons/waitress/commit/6e46f9e3f014d64dd7d1e258eaf626e39870ee1f"
}
]
},
"source": {
"advisory": "GHSA-73m2-3pwg-5fgc",
"discovery": "UNKNOWN"
}
}

5
2020/7xxx/CVE-2020-7039.json
View File

@ -91,6 +91,11 @@
"refsource": "DEBIAN",
"name": "DSA-4616",
"url": "https://www.debian.org/security/2020/dsa-4616"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0348",
"url": "https://access.redhat.com/errata/RHSA-2020:0348"
}
]
}

5
2020/7xxx/CVE-2020-7053.json
View File

@ -81,6 +81,11 @@
"refsource": "UBUNTU",
"name": "USN-4255-2",
"url": "https://usn.ubuntu.com/4255-2/"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200204-0002/",
"url": "https://security.netapp.com/advisory/ntap-20200204-0002/"
}
]
}

5
2020/8xxx/CVE-2020-8416.json
View File

@ -71,6 +71,11 @@
"refsource": "MISC",
"name": "https://pastebin.com/wqNWnCuN",
"url": "https://pastebin.com/wqNWnCuN"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/156170/BearFTP-0.1.0-Denial-Of-Service.html",
"url": "http://packetstormsecurity.com/files/156170/BearFTP-0.1.0-Denial-Of-Service.html"
}
]
}

5
2020/8xxx/CVE-2020-8512.json
View File

@ -52,6 +52,11 @@
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/156103/IceWarp-WebMail-11.4.4.1-Cross-Site-Scripting.html",
"url": "http://packetstormsecurity.com/files/156103/IceWarp-WebMail-11.4.4.1-Cross-Site-Scripting.html"
},
{
"url": "https://cxsecurity.com/issue/WLB-2020010205",
"refsource": "MISC",

67
2020/8xxx/CVE-2020-8548.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-8548",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "massCode 1.0.0-alpha.6 allows XSS via crafted Markdown text, with resultant remote code execution (because nodeIntegration in webPreferences is true)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/antonreshetov/massCode/issues/44",
"refsource": "MISC",
"name": "https://github.com/antonreshetov/massCode/issues/44"
},
{
"url": "https://github.com/antonreshetov/massCode/issues/43",
"refsource": "MISC",
"name": "https://github.com/antonreshetov/massCode/issues/43"
}
]
}
}

77
2020/8xxx/CVE-2020-8549.json Normal file
View File

@ -0,0 +1,77 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-8549",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stored XSS in the Strong Testimonials plugin before 2.40.1 for WordPress can result in an attacker performing malicious actions such as stealing session tokens."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wpvulndb.com/vulnerabilities/10056",
"refsource": "MISC",
"name": "https://wpvulndb.com/vulnerabilities/10056"
},
{
"url": "https://github.com/MachoThemes/strong-testimonials/blob/master/changelog.txt",
"refsource": "MISC",
"name": "https://github.com/MachoThemes/strong-testimonials/blob/master/changelog.txt"
},
{
"url": "https://www.getastra.com/blog/911/plugin-exploit/stored-xss-vulnerability-found-in-strong-testimonials-plugin/",
"refsource": "MISC",
"name": "https://www.getastra.com/blog/911/plugin-exploit/stored-xss-vulnerability-found-in-strong-testimonials-plugin/"
},
{
"url": "https://www.jinsonvarghese.com/stored-xss-vulnerability-in-strong-testimonials-plugin/",
"refsource": "MISC",
"name": "https://www.jinsonvarghese.com/stored-xss-vulnerability-in-strong-testimonials-plugin/"
}
]
}
}

18
2020/8xxx/CVE-2020-8550.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8550",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8551.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8551",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8552.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8552",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8553.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8553",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8554.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8554",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8555.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8555",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8556.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8556",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8557.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8557",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

Some files were not shown because too many files have changed in this diff Show More