admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-01-17 18:01:09 +00:00
parent beeb32901b
commit 29911e589b
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
13 changed files with 741 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
2019/10xxx/CVE-2019-10956.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2019-10956", "ID": "CVE-2019-10956",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Geutebruck IP Cameras",
"version": {
"version_data": [
{
"version_value": "G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx): All versions 1.12.0.25 and prior"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN OS COMMAND ('OS COMMAND INJECTION') CWE-78"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.us-cert.gov/ics/advisories/ICSA-19-155-03",
"url": "https://www.us-cert.gov/ics/advisories/ICSA-19-155-03"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Geutebruck IP Cameras G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx): All versions 1.12.0.25 and prior may allow a remote authenticated user, using a specially crafted URL command, to execute commands as root."
} }
] ]
} }

50
2019/10xxx/CVE-2019-10957.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2019-10957", "ID": "CVE-2019-10957",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Geutebruck IP Cameras",
"version": {
"version_data": [
{
"version_value": "G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx): All versions 1.12.0.25 and prior"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "IMPROPER NEUTRALIZATION OF INPUT DURING WEB PAGE GENERATION ('CROSS-SITE SCRIPTING') CWE-79"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.us-cert.gov/ics/advisories/ICSA-19-155-03",
"url": "https://www.us-cert.gov/ics/advisories/ICSA-19-155-03"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Geutebruck IP Cameras G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx): All versions 1.12.0.25 and prior may allow a remote authenticated attacker with access to event configuration to store malicious code on the server, which could later be triggered by a legitimate user resulting in code execution within the user\u2019s browser."
} }
] ]
} }

50
2019/10xxx/CVE-2019-10958.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2019-10958", "ID": "CVE-2019-10958",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Geutebruck IP Cameras",
"version": {
"version_data": [
{
"version_value": "G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx): All versions 1.12.0.25 and prior"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN OS COMMAND ('OS COMMAND INJECTION') CWE-78"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.us-cert.gov/ics/advisories/ICSA-19-155-03",
"url": "https://www.us-cert.gov/ics/advisories/ICSA-19-155-03"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Geutebruck IP Cameras G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx): All versions 1.12.0.25 and prior may allow a remote authenticated attacker with access to network configuration to supply system commands to the server, leading to remote code execution as root."
} }
] ]
} }

62
2019/14xxx/CVE-2019-14596.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-14596",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Intel",
"product": {
"product_data": [
{
"product_name": "Intel(R) Chipset Device Software INF Utility",
"version": {
"version_data": [
{
"version_value": "before version 10.1.18"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00306.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00306.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper access control in the installer for Intel(R) Chipset Device Software INF Utility before version 10.1.18 may allow an authenticated user to potentially enable denial of service via local access."
}
]
}
}

62
2019/14xxx/CVE-2019-14600.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-14600",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Intel",
"product": {
"product_data": [
{
"product_name": "Intel(R) SNMP Subagent Stand-Alone for Windows*",
"version": {
"version_data": [
{
"version_value": "all versions"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00300.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00300.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Uncontrolled search path element in the installer for Intel(R) SNMP Subagent Stand-Alone for Windows* may allow an authenticated user to potentially enable escalation of privilege via local access."
}
]
}
}

62
2019/14xxx/CVE-2019-14601.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-14601",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Intel",
"product": {
"product_data": [
{
"product_name": "Intel(R) RWC 3 for Windows",
"version": {
"version_data": [
{
"version_value": "before version 7.010.009.000"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "escalation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00308.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00308.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper permissions in the installer for Intel(R) RWC 3 for Windows before version 7.010.009.000 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
]
}
}

62
2019/14xxx/CVE-2019-14613.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-14613",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Intel",
"product": {
"product_data": [
{
"product_name": "Intel(R) VTune(TM) Amplifier for Windows*",
"version": {
"version_data": [
{
"version_value": "before update 8"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "escalation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00325.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00325.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper access control in driver for Intel(R) VTune(TM) Amplifier for Windows* before update 8 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
]
}
}

62
2019/14xxx/CVE-2019-14615.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-14615",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Intel",
"product": {
"product_data": [
{
"product_name": "Intel(R) Processors",
"version": {
"version_data": [
{
"version_value": "various"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00314.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00314.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficient control flow in certain data structures for some Intel(R) Processors with Intel(R) Processor Graphics may allow an unauthenticated user to potentially enable information disclosure via local access."
}
]
}
}

62
2019/14xxx/CVE-2019-14629.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-14629",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Intel",
"product": {
"product_data": [
{
"product_name": "Intel(R) DAAL",
"version": {
"version_data": [
{
"version_value": "before version 2020 Gold"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00332.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00332.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper permissions in Intel(R) DAAL before version 2020 Gold may allow an authenticated user to potentially enable information disclosure via local access."
}
]
}
}

67
2019/17xxx/CVE-2019-17125.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-17125",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Reflected Client Side Template Injection (CSTI) with Angular was discovered in the SolarWinds Orion Platform 2019.2 HF1 in many forms. An attacker can inject an Angular expression and escape the Angular sandbox to achieve stored XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://support.solarwinds.com/SuccessCenter/s/orion-platform",
"refsource": "MISC",
"name": "https://support.solarwinds.com/SuccessCenter/s/orion-platform"
},
{
"refsource": "CONFIRM",
"name": "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2019-4-Hotfix-3?ui-force-components-controllers-recordGlobalValueProvider.RecordGvp.getRecord=1&r=116&ui-knowledge-components-aura-actions.KnowledgeArticleVersionCreateDraftFromOnlineAction.createDraftFromOnlineArticle=1",
"url": "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2019-4-Hotfix-3?ui-force-components-controllers-recordGlobalValueProvider.RecordGvp.getRecord=1&r=116&ui-knowledge-components-aura-actions.KnowledgeArticleVersionCreateDraftFromOnlineAction.createDraftFromOnlineArticle=1"
}
]
}
}

67
2019/17xxx/CVE-2019-17127.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-17127",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Stored Client Side Template Injection (CSTI) with Angular was discovered in the SolarWinds Orion Platform 2019.2 HF1 in many application forms. An attacker can inject an Angular expression and escape the Angular sandbox to achieve stored XSS. This can lead to privilege escalation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://support.solarwinds.com/SuccessCenter/s/orion-platform",
"refsource": "MISC",
"name": "https://support.solarwinds.com/SuccessCenter/s/orion-platform"
},
{
"refsource": "CONFIRM",
"name": "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2019-4-Hotfix-3?ui-force-components-controllers-recordGlobalValueProvider.RecordGvp.getRecord=1&r=116&ui-knowledge-components-aura-actions.KnowledgeArticleVersionCreateDraftFromOnlineAction.createDraftFromOnlineArticle=1",
"url": "https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2019-4-Hotfix-3?ui-force-components-controllers-recordGlobalValueProvider.RecordGvp.getRecord=1&r=116&ui-knowledge-components-aura-actions.KnowledgeArticleVersionCreateDraftFromOnlineAction.createDraftFromOnlineArticle=1"
}
]
}
}

50
2020/3xxx/CVE-2020-3940.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-3940", "ID": "CVE-2020-3940",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "security@vmware.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "VMware",
"product": {
"product_data": [
{
"product_name": "Workspace ONE SDK",
"version": {
"version_data": [
{
"version_value": "Workspace ONE SDK for Android prior to 19.11.1 and Workspace ONE SDK for iOS (Objective-C) prior to 5.9.9.8"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Sensitive information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.vmware.com/security/advisories/VMSA-2020-0001.html",
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0001.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "VMware Workspace ONE SDK and dependent mobile application updates address sensitive information disclosure vulnerability."
} }
] ]
} }

50
2020/6xxx/CVE-2020-6862.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6862", "ID": "CVE-2020-6862",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "psirt@zte.com.cn",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "ZTE Corporation",
"product": {
"product_data": [
{
"product_name": "F6x2W",
"version": {
"version_data": [
{
"version_value": "V6.0.10P2T2?V6.0.10P2T5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information leak"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1012162",
"url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1012162"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "V6.0.10P2T2 and V6.0.10P2T5 of F6x2W product are impacted by Information leak vulnerability. Unauthorized users could log in directly to obtain page information without entering a verification code."
} }
] ]
} }