admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-05 18:28:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-09-24 23:01:48 +00:00
parent f302d4bdbe
commit 3032a1dc4a
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
11 changed files with 203 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2016/10xxx/CVE-2016-10066.json
View File

@ -71,6 +71,11 @@
"name": "https://github.com/ImageMagick/ImageMagick/commit/f6e9d0d9955e85bdd7540b251cd50d598dacc5e6",
"refsource": "CONFIRM",
"url": "https://github.com/ImageMagick/ImageMagick/commit/f6e9d0d9955e85bdd7540b251cd50d598dacc5e6"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/ImageMagick/ImageMagick/commit/e45e48b881038487d0bc94d92a16c1537616cc0a",
"url": "https://github.com/ImageMagick/ImageMagick/commit/e45e48b881038487d0bc94d92a16c1537616cc0a"
}
]
}

2
2017/8xxx/CVE-2017-8895.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "In Veritas Backup Exec 2014 before build 14.1.1187.1126, 15 before build 14.2.1180.3160, and 16 before FP1, there is a use-after-free vulnerability in multiple agents that can lead to a denial of service or remote code execution. An authenticated attacker can use this vulnerability to crash the agent or potentially take control of the agent process and then the system it is running on."
"value": "In Veritas Backup Exec 2014 before build 14.1.1187.1126, 15 before build 14.2.1180.3160, and 16 before FP1, there is a use-after-free vulnerability in multiple agents that can lead to a denial of service or remote code execution. An unauthenticated attacker can use this vulnerability to crash the agent or potentially take control of the agent process and then the system it is running on."
}
]
},

76
2020/13xxx/CVE-2020-13991.json
View File

@ -1,17 +1,81 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-13991",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-13991",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "vm/opcodes.c in JerryScript 2.2.0 allows attackers to hijack the flow of control by controlling a register."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/jerryscript-project/jerryscript/pull/3867",
"refsource": "MISC",
"name": "https://github.com/jerryscript-project/jerryscript/pull/3867"
},
{
"url": "https://github.com/jerryscript-project/jerryscript/issues/3860",
"refsource": "MISC",
"name": "https://github.com/jerryscript-project/jerryscript/issues/3860"
},
{
"url": "https://github.com/jerryscript-project/jerryscript/issues/3859",
"refsource": "MISC",
"name": "https://github.com/jerryscript-project/jerryscript/issues/3859"
},
{
"url": "https://github.com/jerryscript-project/jerryscript/issues/3858",
"refsource": "MISC",
"name": "https://github.com/jerryscript-project/jerryscript/issues/3858"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/googleprojectzero/fuzzilli#JerryScript",
"url": "https://github.com/googleprojectzero/fuzzilli#JerryScript"
}
]
}

10
2020/15xxx/CVE-2020-15160.json
View File

@ -53,6 +53,11 @@
},
"references": {
"reference_data": [
{
"name": "https://github.com/PrestaShop/PrestaShop/releases/tag/1.7.6.8",
"refsource": "MISC",
"url": "https://github.com/PrestaShop/PrestaShop/releases/tag/1.7.6.8"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-fghq-8h87-826g",
"refsource": "CONFIRM",
@ -62,11 +67,6 @@
"name": "https://github.com/PrestaShop/PrestaShop/commit/3fa0dfa5a8f4b149c7c90b948a12b4f5999a5ef8",
"refsource": "MISC",
"url": "https://github.com/PrestaShop/PrestaShop/commit/3fa0dfa5a8f4b149c7c90b948a12b4f5999a5ef8"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/releases/tag/1.7.6.8",
"refsource": "MISC",
"url": "https://github.com/PrestaShop/PrestaShop/releases/tag/1.7.6.8"
}
]
},

2
2020/15xxx/CVE-2020-15161.json
View File

@ -35,7 +35,7 @@
"description_data": [
{
"lang": "eng",
"value": "In PrestaShop from version 1.6.0.4 and before version 1.7.6.8 an attacker is able to inject javascript while using the contact form. The problem is fixed in 1.7.6.8"
"value": "In PrestaShop from version 1.6.0.4 and before version 1.7.6.8 an attacker is able to inject javascript while using the contact form. The problem is fixed in 1.7.6.8"
}
]
},

12
2020/15xxx/CVE-2020-15162.json
View File

@ -35,7 +35,7 @@
"description_data": [
{
"lang": "eng",
"value": "In PrestaShop from version 1.5.0.0 and before version 1.7.6.8, users are allowed to send compromised files. These attachments allowed people to input malicious JavaScript which triggered an XSS payload. The problem is fixed in version 1.7.6.8. "
"value": "In PrestaShop from version 1.5.0.0 and before version 1.7.6.8, users are allowed to send compromised files. These attachments allowed people to input malicious JavaScript which triggered an XSS payload. The problem is fixed in version 1.7.6.8."
}
]
},
@ -69,6 +69,11 @@
},
"references": {
"reference_data": [
{
"name": "https://github.com/PrestaShop/PrestaShop/releases/tag/1.7.6.8",
"refsource": "MISC",
"url": "https://github.com/PrestaShop/PrestaShop/releases/tag/1.7.6.8"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-rc8c-v7rq-q392",
"refsource": "CONFIRM",
@ -78,11 +83,6 @@
"name": "https://github.com/PrestaShop/PrestaShop/commit/2cfcd33c75974a49f17665f294f228454e14d9cf",
"refsource": "MISC",
"url": "https://github.com/PrestaShop/PrestaShop/commit/2cfcd33c75974a49f17665f294f228454e14d9cf"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/releases/tag/1.7.6.8",
"refsource": "MISC",
"url": "https://github.com/PrestaShop/PrestaShop/releases/tag/1.7.6.8"
}
]
},

56
2020/15xxx/CVE-2020-15843.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-15843",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-15843",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "ActFax Version 7.10 Build 0335 (2020-05-25) is susceptible to a privilege escalation vulnerability due to insecure folder permissions on %PROGRAMFILES%\\ActiveFax\\Client\\, %PROGRAMFILES%\\ActiveFax\\Install\\ and %PROGRAMFILES%\\ActiveFax\\Terminal\\. The folder permissions allow \"Full Control\" to \"Everyone\". An authenticated local attacker can exploit this to replace the TSClientB.exe binary in the Terminal directory, which is executed on logon for every user. Alternatively, the attacker can replace any of the binaries in the Client or Install directories. The latter requires additional user interaction, for example starting the client."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://blog.to.com/advisory-actfax-7-10-build-0335-privilege-escalation-cve-2020-15843/",
"url": "https://blog.to.com/advisory-actfax-7-10-build-0335-privilege-escalation-cve-2020-15843/"
}
]
}

56
2020/17xxx/CVE-2020-17365.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-17365",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-17365",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper directory permissions in the Hotspot Shield VPN client software for Windows 10.3.0 and earlier may allow an authorized user to potentially enable escalation of privilege via local access. The vulnerability allows a local user to corrupt system files: a local user can create a specially crafted symbolic link to a critical file on the system and overwrite it with privileges of the application."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.pango.co/sec31944/",
"url": "https://www.pango.co/sec31944/"
}
]
}

5
2020/7xxx/CVE-2020-7041.json
View File

@ -86,6 +86,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2020-dcdffcc368",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CKNKSGBVYGRRVRLFEFBEKUEJYJR5LWOF/"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/adrienverge/openfortivpn/commit/60660e00b80bad0fadcf39aee86f6f8756c94f91",
"url": "https://github.com/adrienverge/openfortivpn/commit/60660e00b80bad0fadcf39aee86f6f8756c94f91"
}
]
}

5
2020/7xxx/CVE-2020-7042.json
View File

@ -86,6 +86,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2020-dcdffcc368",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CKNKSGBVYGRRVRLFEFBEKUEJYJR5LWOF/"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/adrienverge/openfortivpn/commit/9eee997d599a89492281fc7ffdd79d88cd61afc3",
"url": "https://github.com/adrienverge/openfortivpn/commit/9eee997d599a89492281fc7ffdd79d88cd61afc3"
}
]
}

5
2020/7xxx/CVE-2020-7043.json
View File

@ -86,6 +86,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2020-dcdffcc368",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CKNKSGBVYGRRVRLFEFBEKUEJYJR5LWOF/"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/adrienverge/openfortivpn/commit/6328a070ddaab16faaf008cb9a8a62439c30f2a8",
"url": "https://github.com/adrienverge/openfortivpn/commit/6328a070ddaab16faaf008cb9a8a62439c30f2a8"
}
]
}