admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-02-24 18:01:16 +00:00
parent 603930ab68
commit 32ba03c9da
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
24 changed files with 339 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
2016/11xxx/CVE-2016-11020.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-11020",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

55
2019/10xxx/CVE-2019-10796.json
View File

@ -4,14 +4,63 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-10796",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "report@snyk.io",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "rpi",
"version": {
"version_data": [
{
"version_value": "All versions including 0.0.3"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/xseignard/rpi/blob/master/src/lib/gpio.js#L47",
"url": "https://github.com/xseignard/rpi/blob/master/src/lib/gpio.js#L47"
},
{
"refsource": "MISC",
"name": "https://snyk.io/vuln/SNYK-JS-RPI-548942",
"url": "https://snyk.io/vuln/SNYK-JS-RPI-548942"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "rpi through 0.0.3 allows execution of arbritary commands. The variable pinNumbver in function GPIO within src/lib/gpio.js is used as part of the arguement of exec function without any sanitization."
}
]
}

55
2019/10xxx/CVE-2019-10798.json
View File

@ -4,14 +4,63 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-10798",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "report@snyk.io",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "rdf-graph-array",
"version": {
"version_data": [
{
"version_value": "All versions including 0.3.0-rc6"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Prototype Pollution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/rdf-ext-archive/rdf-graph-array/blob/master/index.js#L211",
"url": "https://github.com/rdf-ext-archive/rdf-graph-array/blob/master/index.js#L211"
},
{
"refsource": "MISC",
"name": "https://snyk.io/vuln/SNYK-JS-RDFGRAPHARRAY-551803",
"url": "https://snyk.io/vuln/SNYK-JS-RDFGRAPHARRAY-551803"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "rdf-graph-array through 0.3.0-rc6 manipulation of JavaScript objects resutling in Prototype Pollution. The rdf.Graph.prototype.add method could be tricked into adding or modifying properties of Object.prototype."
}
]
}

55
2019/10xxx/CVE-2019-10799.json
View File

@ -4,14 +4,63 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-10799",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "report@snyk.io",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "compile-sass",
"version": {
"version_data": [
{
"version_value": "All versions prior to 1.0.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://snyk.io/vuln/SNYK-JS-RPI-548942",
"url": "https://snyk.io/vuln/SNYK-JS-RPI-548942"
},
{
"refsource": "MISC",
"name": "https://github.com/eiskalteschatten/compile-sass/commit/d9ada7797ff93875b6466dea7a78768e90a0f8d2",
"url": "https://github.com/eiskalteschatten/compile-sass/commit/d9ada7797ff93875b6466dea7a78768e90a0f8d2"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "compile-sass prior to 1.0.5 allows execution of arbritary commands. The function \"setupCleanupOnExit(cssPath)\" within \"dist/index.js\" is executed as part of the \"rm\" command without any sanitization."
}
]
}

5
2019/14xxx/CVE-2019-14615.json
View File

@ -88,6 +88,11 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/156455/Kernel-Live-Patch-Security-Notice-LSN-0063-1.html",
"url": "http://packetstormsecurity.com/files/156455/Kernel-Live-Patch-Security-Notice-LSN-0063-1.html"
},
{
"refsource": "UBUNTU",
"name": "USN-4285-1",
"url": "https://usn.ubuntu.com/4285-1/"
}
]
},

5
2019/16xxx/CVE-2019-16229.json
View File

@ -66,6 +66,11 @@
"refsource": "MISC",
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1150469#c3",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1150469#c3"
},
{
"refsource": "UBUNTU",
"name": "USN-4285-1",
"url": "https://usn.ubuntu.com/4285-1/"
}
]
}

5
2019/16xxx/CVE-2019-16232.json
View File

@ -81,6 +81,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-124a241044",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YWWOOJKZ4NQYN4RMFIVJ3ZIXKJJI3MKP/"
},
{
"refsource": "UBUNTU",
"name": "USN-4285-1",
"url": "https://usn.ubuntu.com/4285-1/"
}
]
}

2
2019/18xxx/CVE-2019-18193.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "In Unisys Stealth (core) 3.4.108.0, 3.4.209.x, 4.0.027.x and 4.0.114, key material inadvertently logged under certain conditions. Fixed included in Fixed included in 3.4.109, 4.0.027.13, 4.0.125 and 5.0.013.0."
"value": "In Unisys Stealth (core) 3.4.108.0, 3.4.209.x, 4.0.027.x and 4.0.114, key material inadvertently logged under certain conditions. Fixed included in 3.4.109, 4.0.027.13, 4.0.125 and 5.0.013.0."
}
]
},

5
2019/18xxx/CVE-2019-18786.json
View File

@ -56,6 +56,11 @@
"url": "https://patchwork.linuxtv.org/patch/59542/",
"refsource": "MISC",
"name": "https://patchwork.linuxtv.org/patch/59542/"
},
{
"refsource": "UBUNTU",
"name": "USN-4285-1",
"url": "https://usn.ubuntu.com/4285-1/"
}
]
}

5
2019/18xxx/CVE-2019-18809.json
View File

@ -76,6 +76,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:2675",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html"
},
{
"refsource": "UBUNTU",
"name": "USN-4285-1",
"url": "https://usn.ubuntu.com/4285-1/"
}
]
}

5
2019/19xxx/CVE-2019-19057.json
View File

@ -101,6 +101,11 @@
"refsource": "UBUNTU",
"name": "USN-4254-2",
"url": "https://usn.ubuntu.com/4254-2/"
},
{
"refsource": "UBUNTU",
"name": "USN-4285-1",
"url": "https://usn.ubuntu.com/4285-1/"
}
]
}

5
2019/19xxx/CVE-2019-19063.json
View File

@ -96,6 +96,11 @@
"refsource": "UBUNTU",
"name": "USN-4254-2",
"url": "https://usn.ubuntu.com/4254-2/"
},
{
"refsource": "UBUNTU",
"name": "USN-4285-1",
"url": "https://usn.ubuntu.com/4285-1/"
}
]
}

5
2019/19xxx/CVE-2019-19947.json
View File

@ -71,6 +71,11 @@
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200204-0002/",
"url": "https://security.netapp.com/advisory/ntap-20200204-0002/"
},
{
"refsource": "UBUNTU",
"name": "USN-4285-1",
"url": "https://usn.ubuntu.com/4285-1/"
}
]
}

5
2019/19xxx/CVE-2019-19965.json
View File

@ -66,6 +66,11 @@
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200204-0002/",
"url": "https://security.netapp.com/advisory/ntap-20200204-0002/"
},
{
"refsource": "UBUNTU",
"name": "USN-4285-1",
"url": "https://usn.ubuntu.com/4285-1/"
}
]
}

5
2019/20xxx/CVE-2019-20096.json
View File

@ -66,6 +66,11 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/156455/Kernel-Live-Patch-Security-Notice-LSN-0063-1.html",
"url": "http://packetstormsecurity.com/files/156455/Kernel-Live-Patch-Security-Notice-LSN-0063-1.html"
},
{
"refsource": "UBUNTU",
"name": "USN-4285-1",
"url": "https://usn.ubuntu.com/4285-1/"
}
]
}

5
2019/5xxx/CVE-2019-5108.json
View File

@ -63,6 +63,11 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/156455/Kernel-Live-Patch-Security-Notice-LSN-0063-1.html",
"url": "http://packetstormsecurity.com/files/156455/Kernel-Live-Patch-Security-Notice-LSN-0063-1.html"
},
{
"refsource": "UBUNTU",
"name": "USN-4285-1",
"url": "https://usn.ubuntu.com/4285-1/"
}
]
},

5
2020/1xxx/CVE-2020-1711.json
View File

@ -58,6 +58,11 @@
"url": "https://www.openwall.com/lists/oss-security/2020/01/23/3",
"name": "https://www.openwall.com/lists/oss-security/2020/01/23/3",
"refsource": "MISC"
},
{
"refsource": "UBUNTU",
"name": "USN-4283-1",
"url": "https://usn.ubuntu.com/4283-1/"
}
]
},

4
2020/5xxx/CVE-2020-5244.json
View File

@ -35,7 +35,7 @@
"description_data": [
{
"lang": "eng",
"value": "In BuddyPress before 5.1.2, requests to a certain REST API endpoint can result in private user data getting exposed. Authentication is not needed.\n\nThis has been patched in version 5.1.2."
"value": "In BuddyPress before 5.1.2, requests to a certain REST API endpoint can result in private user data getting exposed. Authentication is not needed. This has been patched in version 5.1.2."
}
]
},
@ -90,4 +90,4 @@
"advisory": "GHSA-3j78-7m59-r7gv",
"discovery": "UNKNOWN"
}
}
}

4
2020/5xxx/CVE-2020-5245.json
View File

@ -38,7 +38,7 @@
"description_data": [
{
"lang": "eng",
"value": "Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature.\n\nThe issue has been fixed in dropwizard-validation 1.3.19 and 2.0.2."
"value": "Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature. The issue has been fixed in dropwizard-validation 1.3.19 and 2.0.2."
}
]
},
@ -113,4 +113,4 @@
"advisory": "GHSA-3mcp-9wr4-cjqf",
"discovery": "UNKNOWN"
}
}
}

5
2020/7xxx/CVE-2020-7039.json
View File

@ -96,6 +96,11 @@
"refsource": "REDHAT",
"name": "RHSA-2020:0348",
"url": "https://access.redhat.com/errata/RHSA-2020:0348"
},
{
"refsource": "UBUNTU",
"name": "USN-4283-1",
"url": "https://usn.ubuntu.com/4283-1/"
}
]
}

5
2020/7xxx/CVE-2020-7053.json
View File

@ -91,6 +91,11 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/156455/Kernel-Live-Patch-Security-Notice-LSN-0063-1.html",
"url": "http://packetstormsecurity.com/files/156455/Kernel-Live-Patch-Security-Notice-LSN-0063-1.html"
},
{
"refsource": "UBUNTU",
"name": "USN-4285-1",
"url": "https://usn.ubuntu.com/4285-1/"
}
]
}

5
2020/8xxx/CVE-2020-8608.json
View File

@ -66,6 +66,11 @@
"refsource": "MISC",
"name": "https://gitlab.freedesktop.org/slirp/libslirp/-/tags/v4.1.0",
"url": "https://gitlab.freedesktop.org/slirp/libslirp/-/tags/v4.1.0"
},
{
"refsource": "UBUNTU",
"name": "USN-4283-1",
"url": "https://usn.ubuntu.com/4283-1/"
}
]
}

67
2020/9xxx/CVE-2020-9369.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-9369",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sympa 6.2.38 through 6.2.52 allows remote attackers to cause a denial of service (disk consumption from temporary files, and a flood of notifications to listmasters) via a series of requests with malformed parameters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://sympa-community.github.io/security/2020-001.html",
"refsource": "MISC",
"name": "https://sympa-community.github.io/security/2020-001.html"
},
{
"url": "https://github.com/sympa-community/sympa/issues/886",
"refsource": "MISC",
"name": "https://github.com/sympa-community/sympa/issues/886"
}
]
}
}

18
2020/9xxx/CVE-2020-9370.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-9370",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}