admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-11-27 17:01:48 +00:00
parent 51cd3de12a
commit 25e3188ea0
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
13 changed files with 446 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
2019/19xxx/CVE-2019-19873.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-19873",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-19873",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. An attacker can get information from the AprolSqlServer DBMS by bypassing authentication, a different vulnerability than CVE-2019-16356 and CVE-2019-9983."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.br-automation.com/downloads_br_productcatalogue/BRP44400000000000000585952/APROL_R42_A1_ReleaseNotes_001.pdf",
"refsource": "MISC",
"name": "https://www.br-automation.com/downloads_br_productcatalogue/BRP44400000000000000585952/APROL_R42_A1_ReleaseNotes_001.pdf"
}
]
}

56
2019/19xxx/CVE-2019-19874.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-19874",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-19874",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. Some web scripts in the web interface allowed injection and execution of arbitrary unintended commands on the web server, a different vulnerability than CVE-2019-16364."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.br-automation.com/downloads_br_productcatalogue/BRP44400000000000000585952/APROL_R42_A1_ReleaseNotes_001.pdf",
"refsource": "MISC",
"name": "https://www.br-automation.com/downloads_br_productcatalogue/BRP44400000000000000585952/APROL_R42_A1_ReleaseNotes_001.pdf"
}
]
}

56
2019/19xxx/CVE-2019-19875.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-19875",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-19875",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. Arbitrary commands could be injected (using Python scripts) via the AprolCluster script that is invoked via sudo and thus executes with root privileges, a different vulnerability than CVE-2019-16364."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.br-automation.com/downloads_br_productcatalogue/BRP44400000000000000585952/APROL_R42_A1_ReleaseNotes_001.pdf",
"refsource": "MISC",
"name": "https://www.br-automation.com/downloads_br_productcatalogue/BRP44400000000000000585952/APROL_R42_A1_ReleaseNotes_001.pdf"
}
]
}

56
2019/19xxx/CVE-2019-19876.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-19876",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-19876",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. An EnMon PHP script was vulnerable to SQL injection, a different vulnerability than CVE-2019-10006."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.br-automation.com/downloads_br_productcatalogue/BRP44400000000000000585952/APROL_R42_A1_ReleaseNotes_001.pdf",
"refsource": "MISC",
"name": "https://www.br-automation.com/downloads_br_productcatalogue/BRP44400000000000000585952/APROL_R42_A1_ReleaseNotes_001.pdf"
}
]
}

56
2019/19xxx/CVE-2019-19877.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-19877",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-19877",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. An attacker can get access to sensitive information outside the working directory via Directory Traversal attacks against AprolSqlServer, a different vulnerability than CVE-2019-16357."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.br-automation.com/downloads_br_productcatalogue/BRP44400000000000000585952/APROL_R42_A1_ReleaseNotes_001.pdf",
"refsource": "MISC",
"name": "https://www.br-automation.com/downloads_br_productcatalogue/BRP44400000000000000585952/APROL_R42_A1_ReleaseNotes_001.pdf"
}
]
}

56
2019/19xxx/CVE-2019-19878.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-19878",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-19878",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. An attacker can get access to historical data from AprolSqlServer by bypassing authentication, a different vulnerability than CVE-2019-16358."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.br-automation.com/downloads_br_productcatalogue/BRP44400000000000000585952/APROL_R42_A1_ReleaseNotes_001.pdf",
"refsource": "MISC",
"name": "https://www.br-automation.com/downloads_br_productcatalogue/BRP44400000000000000585952/APROL_R42_A1_ReleaseNotes_001.pdf"
}
]
}

5
2020/25xxx/CVE-2020-25834.json
View File

@ -48,6 +48,11 @@
"refsource": "CONFIRM",
"name": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-1-1/ta-p/2837600",
"url": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-1-1/ta-p/2837600"
},
{
"refsource": "MISC",
"name": "https://www.cybereagle.io/blog/cve-2020-25834/",
"url": "https://www.cybereagle.io/blog/cve-2020-25834/"
}
]
},

56
2020/27xxx/CVE-2020-27745.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-27745",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-27745",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Slurm before 19.05.8 and 20.x before 20.02.6 has an RPC Buffer Overflow in the PMIx MPI plugin."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.schedmd.com/news.php",
"refsource": "MISC",
"name": "https://www.schedmd.com/news.php"
}
]
}

18
2020/29xxx/CVE-2020-29361.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-29361",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/29xxx/CVE-2020-29362.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-29362",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/29xxx/CVE-2020-29363.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-29363",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/29xxx/CVE-2020-29364.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-29364",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

32
2020/7xxx/CVE-2020-7780.json
View File

@ -84,28 +84,34 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-JAVA-COMSOFTWAREMILLAKKAHTTPSESSION-1045352"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JAVA-COMSOFTWAREMILLAKKAHTTPSESSION-1045352",
"name": "https://snyk.io/vuln/SNYK-JAVA-COMSOFTWAREMILLAKKAHTTPSESSION-1045352"
},
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-JAVA-COMSOFTWAREMILLAKKAHTTPSESSION-1046654"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JAVA-COMSOFTWAREMILLAKKAHTTPSESSION-1046654",
"name": "https://snyk.io/vuln/SNYK-JAVA-COMSOFTWAREMILLAKKAHTTPSESSION-1046654"
},
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-JAVA-COMSOFTWAREMILLAKKAHTTPSESSION-1046655"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JAVA-COMSOFTWAREMILLAKKAHTTPSESSION-1046655",
"name": "https://snyk.io/vuln/SNYK-JAVA-COMSOFTWAREMILLAKKAHTTPSESSION-1046655"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/softwaremill/akka-http-session/issues/77"
"refsource": "MISC",
"url": "https://github.com/softwaremill/akka-http-session/issues/77",
"name": "https://github.com/softwaremill/akka-http-session/issues/77"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/softwaremill/akka-http-session/issues/74"
"refsource": "MISC",
"url": "https://github.com/softwaremill/akka-http-session/issues/74",
"name": "https://github.com/softwaremill/akka-http-session/issues/74"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/softwaremill/akka-http-session/commit/57f11663eecb84be03383d164f655b9c5f953b41"
"refsource": "MISC",
"url": "https://github.com/softwaremill/akka-http-session/commit/57f11663eecb84be03383d164f655b9c5f953b41",
"name": "https://github.com/softwaremill/akka-http-session/commit/57f11663eecb84be03383d164f655b9c5f953b41"
}
]
},
@ -113,7 +119,7 @@
"description_data": [
{
"lang": "eng",
"value": "This affects the package com.softwaremill.akka-http-session:core_2.13 before 0.5.11; the package com.softwaremill.akka-http-session:core_2.12 before 0.5.11; the package com.softwaremill.akka-http-session:core_2.11 before 0.5.11.\n For older versions, endpoints protected by randomTokenCsrfProtection could be bypassed with an empty X-XSRF-TOKEN header and an empty XSRF-TOKEN cookie.\n"
"value": "This affects the package com.softwaremill.akka-http-session:core_2.13 before 0.5.11; the package com.softwaremill.akka-http-session:core_2.12 before 0.5.11; the package com.softwaremill.akka-http-session:core_2.11 before 0.5.11. For older versions, endpoints protected by randomTokenCsrfProtection could be bypassed with an empty X-XSRF-TOKEN header and an empty XSRF-TOKEN cookie."
}
]
},