admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-05-04 15:01:13 +00:00
parent 1bce7c921a
commit 300624d616
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
18 changed files with 393 additions and 63 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

67
2018/21xxx/CVE-2018-21233.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-21233",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TensorFlow before 1.7.0 has an integer overflow that causes an out-of-bounds read, possibly causing disclosure of the contents of process memory. This occurs in the DecodeBmp feature of the BMP decoder in core/kernels/decode_bmp_op.cc."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2018-001.md",
"refsource": "MISC",
"name": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2018-001.md"
},
{
"url": "https://github.com/tensorflow/tensorflow/commit/49f73c55d56edffebde4bca4a407ad69c1cae433",
"refsource": "MISC",
"name": "https://github.com/tensorflow/tensorflow/commit/49f73c55d56edffebde4bca4a407ad69c1cae433"
}
]
}
}

58
2018/7xxx/CVE-2018-7574.json
View File

@ -1,61 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-7574",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-7574",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Google TensorFlow 1.6.x and earlier is affected by a Null Pointer Dereference vulnerability. The type of exploitation is: context-dependent."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2018-001.md",
"url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2018-001.md"
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-7576, CVE-2018-21233. Reason: this candidate was intended for one issue, but the description and references inadvertently combined multiple issues. Notes: All CVE users should consult CVE-2018-7576 and CVE-2018-21233 to determine which ID is appropriate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}

5
2019/16xxx/CVE-2019-16234.json
View File

@ -76,6 +76,11 @@
"refsource": "UBUNTU",
"name": "USN-4344-1",
"url": "https://usn.ubuntu.com/4344-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4345-1",
"url": "https://usn.ubuntu.com/4345-1/"
}
]
}

5
2019/18xxx/CVE-2019-18348.json
View File

@ -86,6 +86,11 @@
"refsource": "UBUNTU",
"name": "USN-4333-1",
"url": "https://usn.ubuntu.com/4333-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4333-2",
"url": "https://usn.ubuntu.com/4333-2/"
}
]
}

5
2019/19xxx/CVE-2019-19768.json
View File

@ -71,6 +71,11 @@
"refsource": "UBUNTU",
"name": "USN-4344-1",
"url": "https://usn.ubuntu.com/4344-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4345-1",
"url": "https://usn.ubuntu.com/4345-1/"
}
]
}

56
2020/10xxx/CVE-2020-10933.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-10933",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-10933",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocket#read_nonblock(requested_size, buffer, exception: false), the method resizes the buffer to fit the requested size, but no data is copied. Thus, the buffer string provides the previous value of the heap. This may expose possibly sensitive data from the interpreter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.ruby-lang.org/en/news/2020/03/31/heap-exposure-in-socket-cve-2020-10933/",
"url": "https://www.ruby-lang.org/en/news/2020/03/31/heap-exposure-in-socket-cve-2020-10933/"
}
]
}

5
2020/10xxx/CVE-2020-10942.json
View File

@ -91,6 +91,11 @@
"refsource": "UBUNTU",
"name": "USN-4344-1",
"url": "https://usn.ubuntu.com/4344-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4345-1",
"url": "https://usn.ubuntu.com/4345-1/"
}
]
}

5
2020/11xxx/CVE-2020-11608.json
View File

@ -71,6 +71,11 @@
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200430-0004/",
"url": "https://security.netapp.com/advisory/ntap-20200430-0004/"
},
{
"refsource": "UBUNTU",
"name": "USN-4345-1",
"url": "https://usn.ubuntu.com/4345-1/"
}
]
}

5
2020/11xxx/CVE-2020-11609.json
View File

@ -71,6 +71,11 @@
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200430-0004/",
"url": "https://security.netapp.com/advisory/ntap-20200430-0004/"
},
{
"refsource": "UBUNTU",
"name": "USN-4345-1",
"url": "https://usn.ubuntu.com/4345-1/"
}
]
}

5
2020/11xxx/CVE-2020-11668.json
View File

@ -71,6 +71,11 @@
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200430-0004/",
"url": "https://security.netapp.com/advisory/ntap-20200430-0004/"
},
{
"refsource": "UBUNTU",
"name": "USN-4345-1",
"url": "https://usn.ubuntu.com/4345-1/"
}
]
}

5
2020/11xxx/CVE-2020-11884.json
View File

@ -81,6 +81,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2020-b453269c4e",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3TZBP2HINNAX7HKHCOUMIFVQPV6GWMCZ/"
},
{
"refsource": "UBUNTU",
"name": "USN-4345-1",
"url": "https://usn.ubuntu.com/4345-1/"
}
]
}

61
2020/12xxx/CVE-2020-12111.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-12111",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-12111",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Certain TP-Link devices allow Command Injection. This affects NC260 1.5.2 build 200304 and NC450 1.5.3 build 200304."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.tp-link.com/us/security",
"refsource": "MISC",
"name": "https://www.tp-link.com/us/security"
},
{
"refsource": "MISC",
"name": "https://seclists.org/fulldisclosure/2020/May/4",
"url": "https://seclists.org/fulldisclosure/2020/May/4"
}
]
}

77
2020/12xxx/CVE-2020-12640.json Normal file
View File

@ -0,0 +1,77 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12640",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Roundcube Webmail before 1.4.4 allows attackers to include local files and execute code via directory traversal in a plugin name to rcube_plugin_api.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/roundcube/roundcubemail/releases/tag/1.4.4",
"refsource": "MISC",
"name": "https://github.com/roundcube/roundcubemail/releases/tag/1.4.4"
},
{
"url": "https://github.com/roundcube/roundcubemail/compare/1.4.3...1.4.4",
"refsource": "MISC",
"name": "https://github.com/roundcube/roundcubemail/compare/1.4.3...1.4.4"
},
{
"url": "https://roundcube.net/news/2020/04/29/security-updates-1.4.4-1.3.11-and-1.2.10",
"refsource": "MISC",
"name": "https://roundcube.net/news/2020/04/29/security-updates-1.4.4-1.3.11-and-1.2.10"
},
{
"url": "https://github.com/roundcube/roundcubemail/commit/814eadb699e8576ce3a78f21e95bf69a7c7b3794",
"refsource": "MISC",
"name": "https://github.com/roundcube/roundcubemail/commit/814eadb699e8576ce3a78f21e95bf69a7c7b3794"
}
]
}
}

77
2020/12xxx/CVE-2020-12641.json Normal file
View File

@ -0,0 +1,77 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12641",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to execute arbitrary code via shell metacharacters in a configuration setting for im_convert_path or im_identify_path."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/roundcube/roundcubemail/releases/tag/1.4.4",
"refsource": "MISC",
"name": "https://github.com/roundcube/roundcubemail/releases/tag/1.4.4"
},
{
"url": "https://github.com/roundcube/roundcubemail/compare/1.4.3...1.4.4",
"refsource": "MISC",
"name": "https://github.com/roundcube/roundcubemail/compare/1.4.3...1.4.4"
},
{
"url": "https://roundcube.net/news/2020/04/29/security-updates-1.4.4-1.3.11-and-1.2.10",
"refsource": "MISC",
"name": "https://roundcube.net/news/2020/04/29/security-updates-1.4.4-1.3.11-and-1.2.10"
},
{
"url": "https://github.com/roundcube/roundcubemail/commit/fcfb099477f353373c34c8a65c9035b06b364db3",
"refsource": "MISC",
"name": "https://github.com/roundcube/roundcubemail/commit/fcfb099477f353373c34c8a65c9035b06b364db3"
}
]
}
}

5
2020/3xxx/CVE-2020-3899.json
View File

@ -154,6 +154,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2020-7f34d2cfd8",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XPGNJ7JQCD6IE2SCSFAIMSUY5XHOYWKE/"
},
{
"refsource": "UBUNTU",
"name": "USN-4347-1",
"url": "https://usn.ubuntu.com/4347-1/"
}
]
},

5
2020/8xxx/CVE-2020-8492.json
View File

@ -81,6 +81,11 @@
"refsource": "UBUNTU",
"name": "USN-4333-1",
"url": "https://usn.ubuntu.com/4333-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4333-2",
"url": "https://usn.ubuntu.com/4333-2/"
}
]
}

5
2020/8xxx/CVE-2020-8648.json
View File

@ -66,6 +66,11 @@
"refsource": "UBUNTU",
"name": "USN-4344-1",
"url": "https://usn.ubuntu.com/4344-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4345-1",
"url": "https://usn.ubuntu.com/4345-1/"
}
]
}

5
2020/9xxx/CVE-2020-9383.json
View File

@ -71,6 +71,11 @@
"refsource": "UBUNTU",
"name": "USN-4344-1",
"url": "https://usn.ubuntu.com/4344-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4345-1",
"url": "https://usn.ubuntu.com/4345-1/"
}
]
}