admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 03:02:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-02-18 19:01:09 +00:00
parent 51caca1d98
commit 2c3b297ffe
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
21 changed files with 595 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
2013/4xxx/CVE-2013-4226.json
View File

@ -1,8 +1,8 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4226",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,61 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Authenticated User Page Caching (Authcache) module 7.x-1.x before 7.x-1.5 for Drupal does not properly restrict access to cached pages, which allows remote attackers with the same role-combination as the superuser to obtain sensitive information via the cached pages of the superuser."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Path Disclosure"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Authenticated User Page Caching (Authcache) module",
"version": {
"version_data": [
{
"version_value": "7.x-1.x before 7.x-1.5"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://drupal.org/node/2059589",
"url": "https://drupal.org/node/2059589"
},
{
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/08/10/1",
"url": "http://www.openwall.com/lists/oss-security/2013/08/10/1"
},
{
"refsource": "MISC",
"name": "https://drupal.org/node/2058165",
"url": "https://drupal.org/node/2058165"
}
]
}

70
2013/4xxx/CVE-2013-4228.json
View File

@ -1,8 +1,8 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4228",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,71 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The OG access fields (visibility fields) implementation in Organic Groups (OG) module 7.x-2.x before 7.x-2.3 for Drupal does not properly restrict access to private groups, which allows remote authenticated users to guess node IDs, subscribe to, and read the content of arbitrary private groups via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insecure Permissions"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Organic Groups (OG) module",
"version": {
"version_data": [
{
"version_value": "7.x-2.x before 7.x-2.3"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://drupal.org/node/2059765",
"url": "https://drupal.org/node/2059765"
},
{
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/08/10/1",
"url": "http://www.openwall.com/lists/oss-security/2013/08/10/1"
},
{
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/61708",
"url": "http://www.securityfocus.com/bid/61708"
},
{
"refsource": "MISC",
"name": "https://drupal.org/node/2059755",
"url": "https://drupal.org/node/2059755"
},
{
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86328",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86328"
}
]
}

55
2015/7xxx/CVE-2015-7507.json
View File

@ -1,8 +1,8 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-7507",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,56 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "libnsbmp.c in Libnsbmp 0.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a crafted color table to the (1) bmp_decode_rgb or (2) bmp_decode_rle function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Libnsbmp",
"version": {
"version_data": [
{
"version_value": "0.1.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://www.securityfocus.com/archive/1/archive/1/537132/100/0/threaded",
"url": "http://www.securityfocus.com/archive/1/archive/1/537132/100/0/threaded"
},
{
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2015/Dec/73",
"url": "http://seclists.org/fulldisclosure/2015/Dec/73"
}
]
}

5
2019/0xxx/CVE-2019-0193.json
View File

@ -118,6 +118,11 @@
"refsource": "MLIST",
"name": "[lucene-issues] 20200218 [jira] [Updated] (SOLR-13669) [CVE-2019-0193] Remote Code Execution via DataImportHandler",
"url": "https://lists.apache.org/thread.html/r33aed7ad4ee9833c4190a44e2b106efd2deb19504b85e012175540f6@%3Cissues.lucene.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[lucene-issues] 20200218 [jira] [Commented] (SOLR-13669) [CVE-2019-0193] Remote Code Execution via DataImportHandler",
"url": "https://lists.apache.org/thread.html/rb34d820c21f1708c351f9035d6bc7daf80bfb6ef99b34f7af1d2f699@%3Cissues.lucene.apache.org%3E"
}
]
},

5
2019/18xxx/CVE-2019-18634.json
View File

@ -151,6 +151,11 @@
"refsource": "REDHAT",
"name": "RHSA-2020:0509",
"url": "https://access.redhat.com/errata/RHSA-2020:0509"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0540",
"url": "https://access.redhat.com/errata/RHSA-2020:0540"
}
]
}

5
2020/0xxx/CVE-2020-0728.json
View File

@ -198,6 +198,11 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/156394/Microsoft-Windows-Modules-Installer-Service-Information-Disclosure.html",
"url": "http://packetstormsecurity.com/files/156394/Microsoft-Windows-Modules-Installer-Service-Information-Disclosure.html"
},
{
"refsource": "FULLDISC",
"name": "20200218 CVE-2020-0728: Windows Modules Installer Service Information Disclosure Vulnerability",
"url": "http://seclists.org/fulldisclosure/2020/Feb/16"
}
]
}

5
2020/2xxx/CVE-2020-2583.json
View File

@ -168,6 +168,11 @@
"refsource": "BUGTRAQ",
"name": "20200216 [SECURITY] [DSA 4621-1] openjdk-8 security update",
"url": "https://seclists.org/bugtraq/2020/Feb/22"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0541",
"url": "https://access.redhat.com/errata/RHSA-2020:0541"
}
]
}

5
2020/2xxx/CVE-2020-2590.json
View File

@ -143,6 +143,11 @@
"refsource": "BUGTRAQ",
"name": "20200216 [SECURITY] [DSA 4621-1] openjdk-8 security update",
"url": "https://seclists.org/bugtraq/2020/Feb/22"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0541",
"url": "https://access.redhat.com/errata/RHSA-2020:0541"
}
]
}

5
2020/2xxx/CVE-2020-2593.json
View File

@ -168,6 +168,11 @@
"refsource": "BUGTRAQ",
"name": "20200216 [SECURITY] [DSA 4621-1] openjdk-8 security update",
"url": "https://seclists.org/bugtraq/2020/Feb/22"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0541",
"url": "https://access.redhat.com/errata/RHSA-2020:0541"
}
]
}

5
2020/2xxx/CVE-2020-2601.json
View File

@ -143,6 +143,11 @@
"refsource": "BUGTRAQ",
"name": "20200216 [SECURITY] [DSA 4621-1] openjdk-8 security update",
"url": "https://seclists.org/bugtraq/2020/Feb/22"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0541",
"url": "https://access.redhat.com/errata/RHSA-2020:0541"
}
]
}

5
2020/2xxx/CVE-2020-2604.json
View File

@ -153,6 +153,11 @@
"refsource": "BUGTRAQ",
"name": "20200216 [SECURITY] [DSA 4621-1] openjdk-8 security update",
"url": "https://seclists.org/bugtraq/2020/Feb/22"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0541",
"url": "https://access.redhat.com/errata/RHSA-2020:0541"
}
]
}

5
2020/2xxx/CVE-2020-2654.json
View File

@ -139,6 +139,11 @@
"refsource": "BUGTRAQ",
"name": "20200216 [SECURITY] [DSA 4621-1] openjdk-8 security update",
"url": "https://seclists.org/bugtraq/2020/Feb/22"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0541",
"url": "https://access.redhat.com/errata/RHSA-2020:0541"
}
]
}

5
2020/2xxx/CVE-2020-2659.json
View File

@ -138,6 +138,11 @@
"refsource": "BUGTRAQ",
"name": "20200216 [SECURITY] [DSA 4621-1] openjdk-8 security update",
"url": "https://seclists.org/bugtraq/2020/Feb/22"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0541",
"url": "https://access.redhat.com/errata/RHSA-2020:0541"
}
]
}

5
2020/9xxx/CVE-2020-9264.json
View File

@ -61,6 +61,11 @@
"url": "https://blog.zoller.lu/p/tzo-11-2020-eset-generic-malformed.html",
"refsource": "MISC",
"name": "https://blog.zoller.lu/p/tzo-11-2020-eset-generic-malformed.html"
},
{
"refsource": "FULLDISC",
"name": "20200218 Re: [TZO-03-2020] ESET Generic Malformed Archive Bypass (ZIP Compression Information)",
"url": "http://seclists.org/fulldisclosure/2020/Feb/21"
}
]
}

70
2020/9xxx/CVE-2020-9265.json
View File

@ -1,18 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-9265",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-9265",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "phpMyChat-Plus 1.98 is vulnerable to multiple SQL injections against the deluser.php Delete User functionality, as demonstrated by pmc_username."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/J3rryBl4nks/PHPMyChatPlus/blob/master/SQLi.md",
"refsource": "MISC",
"name": "https://github.com/J3rryBl4nks/PHPMyChatPlus/blob/master/SQLi.md"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:N/A:L/C:H/I:N/PR:N/S:C/UI:N",
"version": "3.0"
}
}
}

56
2020/9xxx/CVE-2020-9266.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-9266",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-9266",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "SOPlanning 1.45 is vulnerable to a CSRF attack that allows for arbitrary changing of the admin password via process/xajax_server.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/J3rryBl4nks/SOPlanning/blob/master/AdminPasswordChangeCSRF.md",
"refsource": "MISC",
"name": "https://github.com/J3rryBl4nks/SOPlanning/blob/master/AdminPasswordChangeCSRF.md"
}
]
}

56
2020/9xxx/CVE-2020-9267.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-9267",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-9267",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "SOPlanning 1.45 is vulnerable to a CSRF attack that allows for arbitrary user creation via process/xajax_server.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/J3rryBl4nks/SOPlanning/blob/master/AddUserCSRF.md",
"refsource": "MISC",
"name": "https://github.com/J3rryBl4nks/SOPlanning/blob/master/AddUserCSRF.md"
}
]
}

56
2020/9xxx/CVE-2020-9268.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-9268",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-9268",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "SoPlanning 1.45 is vulnerable to SQL Injection in the OrderBy clause, as demonstrated by the projets.php?order=nom_createur&by= substring."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/J3rryBl4nks/SOPlanning/blob/master/SQLInjectionProjects.md",
"refsource": "MISC",
"name": "https://github.com/J3rryBl4nks/SOPlanning/blob/master/SQLInjectionProjects.md"
}
]
}

56
2020/9xxx/CVE-2020-9269.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-9269",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-9269",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "SOPlanning 1.45 is vulnerable to authenticated SQL Injection that leads to command execution via the users parameter, as demonstrated by export_ical.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/J3rryBl4nks/SOPlanning/blob/master/InjectionIcalShell.md",
"refsource": "MISC",
"name": "https://github.com/J3rryBl4nks/SOPlanning/blob/master/InjectionIcalShell.md"
}
]
}

56
2020/9xxx/CVE-2020-9270.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-9270",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-9270",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "ICE Hrm 26.2.0 is vulnerable to CSRF that leads to password reset via service.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/J3rryBl4nks/IceHRM/blob/master/ChangeUserPasswordCSRF.md",
"refsource": "MISC",
"name": "https://github.com/J3rryBl4nks/IceHRM/blob/master/ChangeUserPasswordCSRF.md"
}
]
}

56
2020/9xxx/CVE-2020-9271.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-9271",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-9271",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "ICE Hrm 26.2.0 is vulnerable to CSRF that leads to user creation via service.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/J3rryBl4nks/IceHRM/blob/master/AddNewUserCSRF.md",
"refsource": "MISC",
"name": "https://github.com/J3rryBl4nks/IceHRM/blob/master/AddNewUserCSRF.md"
}
]
}