admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #275 from CVEProject/master

Browse Source 
XFA Rebase
This commit is contained in:
Scott Moore 2020-06-02 09:38:57 -04:00 committed by GitHub
commit 38a81c0483
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
259 changed files with 7067 additions and 587 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2014/1xxx/CVE-2014-1972.json
View File

@ -96,6 +96,11 @@
"refsource": "MLIST",
"name": "[tapestry-commits] 20200111 svn commit: r1055136 [2/2] - in /websites/production/tapestry/content: cache/main.pageCache component-rendering.html content-type-and-markup.html dom.html https.html request-processing.html response-compression.html security.html url-rewriting.html",
"url": "https://lists.apache.org/thread.html/r87523dd07886223aa086edc25fe9b8ddb9c1090f7db25b068dc30843@%3Ccommits.tapestry.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[tapestry-commits] 20200531 svn commit: r1061326 [4/4] - in /websites/production/tapestry/content: ./ cache/",
"url": "https://lists.apache.org/thread.html/r7d9c54beb1dc97dcccc58d9b5d31f0f7166f9a25ad1beba5f8091e0c@%3Ccommits.tapestry.apache.org%3E"
}
]
}

12
2014/5xxx/CVE-2014-5455.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "Unquoted Windows search path vulnerability in the ptservice service in PrivateTunnel 2.3.8, as bundled in OpenVPN 2.1.28.0 allows local users to gain privileges via a crafted program.exe file in the %SYSTEMDRIVE% folder."
"value": "Unquoted Windows search path vulnerability in the ptservice service prior to PrivateTunnel version 3.0 (Windows) and OpenVPN Connect version 3.1 (Windows) allows local users to gain privileges via a crafted program.exe file in the %SYSTEMDRIVE% folder."
}
]
},
@ -76,6 +76,16 @@
"name": "109007",
"refsource": "OSVDB",
"url": "http://osvdb.org/show/osvdb/109007"
},
{
"refsource": "MISC",
"name": "https://github.com/CVEProject/cvelist/pull/3909/commits/ace34f1cf94602f31760d3eb7ae68e17df8f914d",
"url": "https://github.com/CVEProject/cvelist/pull/3909/commits/ace34f1cf94602f31760d3eb7ae68e17df8f914d"
},
{
"refsource": "MISC",
"name": "https://github.com/CVEProject/cvelist/pull/3909",
"url": "https://github.com/CVEProject/cvelist/pull/3909"
}
]
}

48
2014/7xxx/CVE-2014-7173.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-7173",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "FarLinX X25 Gateway through 2014-09-25 allows command injection via shell metacharacters to sysSaveMonitorData.php, fsx25MonProxy.php, syseditdate.php, iframeupload.php, or sysRestoreX25Cplt.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.justanotherhacker.com/2016/09/jahx164_-_farlinx_x25_gateway_multiple_vulnerabilities.html",
"refsource": "MISC",
"name": "https://www.justanotherhacker.com/2016/09/jahx164_-_farlinx_x25_gateway_multiple_vulnerabilities.html"
}
]
}

48
2014/7xxx/CVE-2014-7174.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-7174",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "FarLinX X25 Gateway through 2014-09-25 allows directory traversal via the log-handling feature."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.justanotherhacker.com/2016/09/jahx164_-_farlinx_x25_gateway_multiple_vulnerabilities.html",
"refsource": "MISC",
"name": "https://www.justanotherhacker.com/2016/09/jahx164_-_farlinx_x25_gateway_multiple_vulnerabilities.html"
}
]
}

48
2014/7xxx/CVE-2014-7175.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-7175",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "FarLinX X25 Gateway through 2014-09-25 allows attackers to write arbitrary data to fsUI.xyz via fsSaveUIPersistence.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.justanotherhacker.com/2016/09/jahx164_-_farlinx_x25_gateway_multiple_vulnerabilities.html",
"refsource": "MISC",
"name": "https://www.justanotherhacker.com/2016/09/jahx164_-_farlinx_x25_gateway_multiple_vulnerabilities.html"
}
]
}

48
2014/8xxx/CVE-2014-8937.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8937",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Lexiglot through 2014-11-20 allows denial of service because api/update.php launches svn update operations that use a great deal of resources."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.justanotherhacker.com/2018/05/jahx181_-_piwigo_lexiglot_multiple_vulnerabilities.html",
"refsource": "MISC",
"name": "https://www.justanotherhacker.com/2018/05/jahx181_-_piwigo_lexiglot_multiple_vulnerabilities.html"
}
]
}

48
2014/8xxx/CVE-2014-8938.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8938",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Lexiglot through 2014-11-20 allows local users to obtain sensitive information by listing a process because the username and password are on the command line."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.justanotherhacker.com/2018/05/jahx181_-_piwigo_lexiglot_multiple_vulnerabilities.html",
"refsource": "MISC",
"name": "https://www.justanotherhacker.com/2018/05/jahx181_-_piwigo_lexiglot_multiple_vulnerabilities.html"
}
]
}

48
2014/8xxx/CVE-2014-8939.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8939",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Lexiglot through 2014-11-20 allows remote attackers to obtain sensitive information (full path) via an include/smarty/plugins/modifier.date_format.php request if PHP has a non-recommended configuration that produces warning messages."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.justanotherhacker.com/2018/05/jahx181_-_piwigo_lexiglot_multiple_vulnerabilities.html",
"refsource": "MISC",
"name": "https://www.justanotherhacker.com/2018/05/jahx181_-_piwigo_lexiglot_multiple_vulnerabilities.html"
}
]
}

48
2014/8xxx/CVE-2014-8940.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8940",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Lexiglot through 2014-11-20 allows remote attackers to obtain sensitive information (names and details of projects) by visiting the /update.log URI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.justanotherhacker.com/2018/05/jahx181_-_piwigo_lexiglot_multiple_vulnerabilities.html",
"refsource": "MISC",
"name": "https://www.justanotherhacker.com/2018/05/jahx181_-_piwigo_lexiglot_multiple_vulnerabilities.html"
}
]
}

48
2014/8xxx/CVE-2014-8941.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8941",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Lexiglot through 2014-11-20 allows SQL injection via an admin.php?page=users&from_id= or admin.php?page=history&limit= URI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.justanotherhacker.com/2018/05/jahx181_-_piwigo_lexiglot_multiple_vulnerabilities.html",
"refsource": "MISC",
"name": "https://www.justanotherhacker.com/2018/05/jahx181_-_piwigo_lexiglot_multiple_vulnerabilities.html"
}
]
}

48
2014/8xxx/CVE-2014-8942.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8942",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Lexiglot through 2014-11-20 allows CSRF."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.justanotherhacker.com/2018/05/jahx181_-_piwigo_lexiglot_multiple_vulnerabilities.html",
"refsource": "MISC",
"name": "https://www.justanotherhacker.com/2018/05/jahx181_-_piwigo_lexiglot_multiple_vulnerabilities.html"
}
]
}

48
2014/8xxx/CVE-2014-8943.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8943",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Lexiglot through 2014-11-20 allows SSRF via the admin.php?page=projects svn_url parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.justanotherhacker.com/2018/05/jahx181_-_piwigo_lexiglot_multiple_vulnerabilities.html",
"refsource": "MISC",
"name": "https://www.justanotherhacker.com/2018/05/jahx181_-_piwigo_lexiglot_multiple_vulnerabilities.html"
}
]
}

48
2014/8xxx/CVE-2014-8944.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8944",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Lexiglot through 2014-11-20 allows XSS (Reflected) via the username, or XSS (Stored) via the admin.php?page=config install_name, intro_message, or new_file_content parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.justanotherhacker.com/2018/05/jahx181_-_piwigo_lexiglot_multiple_vulnerabilities.html",
"refsource": "MISC",
"name": "https://www.justanotherhacker.com/2018/05/jahx181_-_piwigo_lexiglot_multiple_vulnerabilities.html"
}
]
}

48
2014/8xxx/CVE-2014-8945.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8945",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "admin.php?page=projects in Lexiglot through 2014-11-20 allows command injection via username and password fields."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.justanotherhacker.com/2018/05/jahx181_-_piwigo_lexiglot_multiple_vulnerabilities.html",
"refsource": "MISC",
"name": "https://www.justanotherhacker.com/2018/05/jahx181_-_piwigo_lexiglot_multiple_vulnerabilities.html"
}
]
}

48
2014/9xxx/CVE-2014-9702.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9702",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "system/classes/DbPDO.php in Cmfive through 2015-03-15, when database connectivity malfunctions, allows remote attackers to obtain sensitive information (username and password) via any request, such as a password reset request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.justanotherhacker.com/2016/09/jahx161_-_cmfive_database_credential_disclosure.html",
"refsource": "MISC",
"name": "https://www.justanotherhacker.com/2016/09/jahx161_-_cmfive_database_credential_disclosure.html"
}
]
}

10
2015/8xxx/CVE-2015-8854.json
View File

@ -66,6 +66,16 @@
"refsource": "CONFIRM",
"name": "https://support.f5.com/csp/article/K05052081?utm_source=f5support&utm_medium=RSS",
"url": "https://support.f5.com/csp/article/K05052081?utm_source=f5support&utm_medium=RSS"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-d714c08261",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BO2RMVVZVV6NFTU46B5RYRK7ZCXYARZS/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-5eca570e16",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M6BJG6RGDH7ZWVVAUFBFI5L32RSMQN2S/"
}
]
}

5
2015/8xxx/CVE-2015-8872.json
View File

@ -91,6 +91,11 @@
"name": "90311",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90311"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20200530 [SECURITY] [DLA 2224-1] dosfstools security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00028.html"
}
]
}

5
2016/10xxx/CVE-2016-10198.json
View File

@ -91,6 +91,11 @@
"name": "[oss-security] 20170201 Multiple memory access issues in gstreamer",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/02/01/7"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20200530 [SECURITY] [DLA 2225-1] gst-plugins-good0.10 security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00029.html"
}
]
}

5
2016/4xxx/CVE-2016-4804.json
View File

@ -91,6 +91,11 @@
"name": "https://github.com/dosfstools/dosfstools/commit/e8eff147e9da1185f9afd5b25948153a3b97cf52",
"refsource": "CONFIRM",
"url": "https://github.com/dosfstools/dosfstools/commit/e8eff147e9da1185f9afd5b25948153a3b97cf52"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20200530 [SECURITY] [DLA 2224-1] dosfstools security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00028.html"
}
]
}

10
2017/1000xxx/CVE-2017-1000427.json
View File

@ -56,6 +56,16 @@
"name": "https://snyk.io/vuln/npm:marked:20170112",
"refsource": "MISC",
"url": "https://snyk.io/vuln/npm:marked:20170112"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-d714c08261",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BO2RMVVZVV6NFTU46B5RYRK7ZCXYARZS/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-5eca570e16",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M6BJG6RGDH7ZWVVAUFBFI5L32RSMQN2S/"
}
]
}

5
2017/5xxx/CVE-2017-5840.json
View File

@ -91,6 +91,11 @@
"name": "[oss-security] 20170201 Multiple memory access issues in gstreamer",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/02/01/7"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20200530 [SECURITY] [DLA 2225-1] gst-plugins-good0.10 security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00029.html"
}
]
}

5
2017/5xxx/CVE-2017-5846.json
View File

@ -86,6 +86,11 @@
"name": "[oss-security] 20170201 Multiple memory access issues in gstreamer",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/02/01/7"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20200530 [SECURITY] [DLA 2226-1] gst-plugins-ugly0.10 security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00030.html"
}
]
}

5
2017/5xxx/CVE-2017-5847.json
View File

@ -86,6 +86,11 @@
"name": "[oss-security] 20170201 Multiple memory access issues in gstreamer",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/02/01/7"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20200530 [SECURITY] [DLA 2226-1] gst-plugins-ugly0.10 security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00030.html"
}
]
}

5
2018/18xxx/CVE-2018-18405.json
View File

@ -66,6 +66,11 @@
"refsource": "MISC",
"name": "https://gitter.im/jquery/jquery?at=5ea844a05cd4fe50a3d7ddc9",
"url": "https://gitter.im/jquery/jquery?at=5ea844a05cd4fe50a3d7ddc9"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-11be4b36d4",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOE7P7APPRQKD4FGNHBKJPDY6FFCOH3W/"
}
]
}

7
2018/20xxx/CVE-2018-20225.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in pip (all versions) because it installs the version with the highest version number, even if the user had intended to obtain a private package from a private index. This only affects use of the --extra-index-url option, and exploitation requires that the package does not already exist in the public index (and thus the attacker can put the package there with an arbitrary version number)."
"value": "** DISPUTED ** An issue was discovered in pip (all versions) because it installs the version with the highest version number, even if the user had intended to obtain a private package from a private index. This only affects use of the --extra-index-url option, and exploitation requires that the package does not already exist in the public index (and thus the attacker can put the package there with an arbitrary version number). NOTE: it has been reported that this is intended functionality and the user is responsible for using --extra-index-url securely."
}
]
},
@ -66,6 +66,11 @@
"refsource": "MLIST",
"name": "[arrow-github] 20200527 [GitHub] [arrow] BinduAggarwal opened a new pull request #7294: upgrading pip/wheel/setuptools",
"url": "https://lists.apache.org/thread.html/rb1adce798445facd032870d644eb39c4baaf9c4a7dd5477d12bb6ab2@%3Cgithub.arrow.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1835736",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1835736"
}
]
}

5
2019/0xxx/CVE-2019-0195.json
View File

@ -63,6 +63,11 @@
"refsource": "MLIST",
"name": "[tapestry-commits] 20200111 svn commit: r1055136 [2/2] - in /websites/production/tapestry/content: cache/main.pageCache component-rendering.html content-type-and-markup.html dom.html https.html request-processing.html response-compression.html security.html url-rewriting.html",
"url": "https://lists.apache.org/thread.html/r87523dd07886223aa086edc25fe9b8ddb9c1090f7db25b068dc30843@%3Ccommits.tapestry.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[tapestry-commits] 20200531 svn commit: r1061326 [4/4] - in /websites/production/tapestry/content: ./ cache/",
"url": "https://lists.apache.org/thread.html/r7d9c54beb1dc97dcccc58d9b5d31f0f7166f9a25ad1beba5f8091e0c@%3Ccommits.tapestry.apache.org%3E"
}
]
},

5
2019/0xxx/CVE-2019-0207.json
View File

@ -58,6 +58,11 @@
"refsource": "MLIST",
"name": "[tapestry-commits] 20200111 svn commit: r1055136 [2/2] - in /websites/production/tapestry/content: cache/main.pageCache component-rendering.html content-type-and-markup.html dom.html https.html request-processing.html response-compression.html security.html url-rewriting.html",
"url": "https://lists.apache.org/thread.html/r87523dd07886223aa086edc25fe9b8ddb9c1090f7db25b068dc30843@%3Ccommits.tapestry.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[tapestry-commits] 20200531 svn commit: r1061326 [4/4] - in /websites/production/tapestry/content: ./ cache/",
"url": "https://lists.apache.org/thread.html/r7d9c54beb1dc97dcccc58d9b5d31f0f7166f9a25ad1beba5f8091e0c@%3Ccommits.tapestry.apache.org%3E"
}
]
},

5
2019/10xxx/CVE-2019-10071.json
View File

@ -63,6 +63,11 @@
"refsource": "MLIST",
"name": "[tapestry-commits] 20200111 svn commit: r1055136 [2/2] - in /websites/production/tapestry/content: cache/main.pageCache component-rendering.html content-type-and-markup.html dom.html https.html request-processing.html response-compression.html security.html url-rewriting.html",
"url": "https://lists.apache.org/thread.html/r87523dd07886223aa086edc25fe9b8ddb9c1090f7db25b068dc30843@%3Ccommits.tapestry.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[tapestry-commits] 20200531 svn commit: r1061326 [4/4] - in /websites/production/tapestry/content: ./ cache/",
"url": "https://lists.apache.org/thread.html/r7d9c54beb1dc97dcccc58d9b5d31f0f7166f9a25ad1beba5f8091e0c@%3Ccommits.tapestry.apache.org%3E"
}
]
},

5
2019/11xxx/CVE-2019-11048.json
View File

@ -123,6 +123,11 @@
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200528-0006/",
"url": "https://security.netapp.com/advisory/ntap-20200528-0006/"
},
{
"refsource": "UBUNTU",
"name": "USN-4375-1",
"url": "https://usn.ubuntu.com/4375-1/"
}
]
},

2
2019/11xxx/CVE-2019-11081.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "A default username and password in Dentsply Sirona Sidexis 4.2 and possibly others allows an attacker to gain administrative access to the application server."
"value": "A default username and password in Dentsply Sirona Sidexis 4.3.1 and earlier allows an attacker to gain administrative access to the application server."
}
]
},

4
2019/12xxx/CVE-2019-12003.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2019-12003",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

4
2019/12xxx/CVE-2019-12004.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2019-12004",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

4
2019/12xxx/CVE-2019-12005.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2019-12005",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

4
2019/12xxx/CVE-2019-12006.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2019-12006",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

4
2019/12xxx/CVE-2019-12007.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2019-12007",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

4
2019/12xxx/CVE-2019-12008.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2019-12008",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

4
2019/12xxx/CVE-2019-12009.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2019-12009",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

4
2019/12xxx/CVE-2019-12010.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2019-12010",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

4
2019/12xxx/CVE-2019-12011.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2019-12011",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

4
2019/12xxx/CVE-2019-12012.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2019-12012",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

4
2019/12xxx/CVE-2019-12013.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2019-12013",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

4
2019/12xxx/CVE-2019-12014.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2019-12014",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

4
2019/12xxx/CVE-2019-12015.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2019-12015",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

4
2019/12xxx/CVE-2019-12016.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2019-12016",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

4
2019/12xxx/CVE-2019-12018.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2019-12018",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

4
2019/12xxx/CVE-2019-12019.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2019-12019",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

4
2019/12xxx/CVE-2019-12020.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2019-12020",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

4
2019/12xxx/CVE-2019-12021.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2019-12021",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

4
2019/12xxx/CVE-2019-12022.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2019-12022",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

4
2019/12xxx/CVE-2019-12023.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2019-12023",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

4
2019/12xxx/CVE-2019-12024.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2019-12024",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

4
2019/12xxx/CVE-2019-12025.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2019-12025",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

4
2019/12xxx/CVE-2019-12026.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2019-12026",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

4
2019/12xxx/CVE-2019-12027.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2019-12027",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

4
2019/12xxx/CVE-2019-12028.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2019-12028",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

4
2019/12xxx/CVE-2019-12029.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2019-12029",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

4
2019/12xxx/CVE-2019-12030.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2019-12030",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

4
2019/12xxx/CVE-2019-12031.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2019-12031",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

4
2019/12xxx/CVE-2019-12032.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2019-12032",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

4
2019/12xxx/CVE-2019-12033.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2019-12033",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

4
2019/12xxx/CVE-2019-12034.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2019-12034",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

4
2019/12xxx/CVE-2019-12035.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2019-12035",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

4
2019/12xxx/CVE-2019-12036.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2019-12036",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

4
2019/12xxx/CVE-2019-12037.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2019-12037",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

4
2019/12xxx/CVE-2019-12038.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2019-12038",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

4
2019/12xxx/CVE-2019-12039.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2019-12039",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

4
2019/12xxx/CVE-2019-12040.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2019-12040",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

5
2019/13xxx/CVE-2019-13508.json
View File

@ -56,6 +56,11 @@
"refsource": "MISC",
"name": "https://usn.ubuntu.com/4173-1/",
"url": "https://usn.ubuntu.com/4173-1/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0741",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00067.html"
}
]
}

5
2019/14xxx/CVE-2019-14868.json
View File

@ -58,6 +58,11 @@
"refsource": "CONFIRM",
"name": "https://support.apple.com/kb/HT211170",
"url": "https://support.apple.com/kb/HT211170"
},
{
"refsource": "FULLDISC",
"name": "20200529 APPLE-SA-2020-05-26-3 macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra",
"url": "http://seclists.org/fulldisclosure/2020/May/53"
}
]
},

62
2019/15xxx/CVE-2019-15709.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-15709",
"ASSIGNER": "psirt@fortinet.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Fortinet FortiAP-S/W2, FortiAP-U",
"version": {
"version_data": [
{
"version_value": "FortiAP-S/W2 6.2.0 to 6.2.2, 6.0.5 and below, FortiAP-U 6.0.1 and below"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Execute unauthorized code or commands"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://fortiguard.com/psirt/FG-IR-19-298",
"url": "https://fortiguard.com/psirt/FG-IR-19-298"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "An improper input validation in FortiAP-S/W2 6.2.0 to 6.2.2, 6.0.5 and below, FortiAP-U 6.0.1 and below CLI admin console may allow unauthorized administrators to overwrite system files via specially crafted tcpdump commands in the CLI."
}
]
}
}

5
2019/17xxx/CVE-2019-17571.json
View File

@ -333,6 +333,11 @@
"refsource": "DEBIAN",
"name": "DSA-4686",
"url": "https://www.debian.org/security/2020/dsa-4686"
},
{
"refsource": "MLIST",
"name": "[kafka-jira] 20200529 [GitHub] [kafka] ijuma commented on pull request #7898: KAFKA-9366: please consider upgrade log4j to log4j2 due to critical security problem CVE-2019-17571",
"url": "https://lists.apache.org/thread.html/rf9c19bcc2f7a98a880fa3e3456c003d331812b55836b34ef648063c9@%3Cjira.kafka.apache.org%3E"
}
]
},

5
2019/18xxx/CVE-2019-18898.json
View File

@ -104,6 +104,11 @@
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1157651",
"refsource": "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1157651"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0744",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00066.html"
}
]
},

5
2019/19xxx/CVE-2019-19377.json
View File

@ -66,6 +66,11 @@
"refsource": "UBUNTU",
"name": "USN-4367-1",
"url": "https://usn.ubuntu.com/4367-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4369-1",
"url": "https://usn.ubuntu.com/4369-1/"
}
]
}

5
2019/19xxx/CVE-2019-19769.json
View File

@ -76,6 +76,11 @@
"refsource": "UBUNTU",
"name": "USN-4368-1",
"url": "https://usn.ubuntu.com/4368-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4369-1",
"url": "https://usn.ubuntu.com/4369-1/"
}
]
}

20
2019/20xxx/CVE-2019-20044.json
View File

@ -106,6 +106,26 @@
"refsource": "CONFIRM",
"name": "https://support.apple.com/kb/HT211168",
"url": "https://support.apple.com/kb/HT211168"
},
{
"refsource": "FULLDISC",
"name": "20200529 APPLE-SA-2020-05-26-1 iOS 13.5 and iPadOS 13.5",
"url": "http://seclists.org/fulldisclosure/2020/May/49"
},
{
"refsource": "FULLDISC",
"name": "20200529 APPLE-SA-2020-05-26-5 watchOS 6.2.5",
"url": "http://seclists.org/fulldisclosure/2020/May/55"
},
{
"refsource": "FULLDISC",
"name": "20200529 APPLE-SA-2020-05-26-3 macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra",
"url": "http://seclists.org/fulldisclosure/2020/May/53"
},
{
"refsource": "FULLDISC",
"name": "20200529 APPLE-SA-2020-05-26-4 tvOS 13.4.5",
"url": "http://seclists.org/fulldisclosure/2020/May/59"
}
]
}

20
2019/20xxx/CVE-2019-20503.json
View File

@ -196,6 +196,26 @@
"refsource": "CONFIRM",
"name": "https://support.apple.com/kb/HT211177",
"url": "https://support.apple.com/kb/HT211177"
},
{
"refsource": "FULLDISC",
"name": "20200529 APPLE-SA-2020-05-26-1 iOS 13.5 and iPadOS 13.5",
"url": "http://seclists.org/fulldisclosure/2020/May/49"
},
{
"refsource": "FULLDISC",
"name": "20200529 APPLE-SA-2020-05-26-7 Safari 13.1.1",
"url": "http://seclists.org/fulldisclosure/2020/May/52"
},
{
"refsource": "FULLDISC",
"name": "20200529 APPLE-SA-2020-05-26-5 watchOS 6.2.5",
"url": "http://seclists.org/fulldisclosure/2020/May/55"
},
{
"refsource": "FULLDISC",
"name": "20200529 APPLE-SA-2020-05-26-4 tvOS 13.4.5",
"url": "http://seclists.org/fulldisclosure/2020/May/59"
}
]
}

61
2019/20xxx/CVE-2019-20805.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-20805",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-20805",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "p_lx_elf.cpp in UPX before 3.96 has an integer overflow during unpacking via crafted values in a PT_DYNAMIC segment."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/upx/upx/commit/8be9da8280dfa69d5df4417d4d81bda1cab78010",
"refsource": "MISC",
"name": "https://github.com/upx/upx/commit/8be9da8280dfa69d5df4417d4d81bda1cab78010"
},
{
"url": "https://github.com/upx/upx/issues/317",
"refsource": "MISC",
"name": "https://github.com/upx/upx/issues/317"
}
]
}

18
2019/20xxx/CVE-2019-20809.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-20809",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

10
2019/5xxx/CVE-2019-5068.json
View File

@ -63,6 +63,16 @@
"refsource": "UBUNTU",
"name": "USN-4271-1",
"url": "https://usn.ubuntu.com/4271-1/"
},
{
"refsource": "MISC",
"name": "https://lists.freedesktop.org/pipermail/mesa-dev/2019-October/223704.html",
"url": "https://lists.freedesktop.org/pipermail/mesa-dev/2019-October/223704.html"
},
{
"refsource": "MISC",
"name": "https://gitlab.freedesktop.org/mesa/mesa/-/commit/02c3dad0f3b4d26e0faa5cc51d06bc50d693dcdc",
"url": "https://gitlab.freedesktop.org/mesa/mesa/-/commit/02c3dad0f3b4d26e0faa5cc51d06bc50d693dcdc"
}
]
},

14
2019/5xxx/CVE-2019-5324.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5324",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5324",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

14
2019/5xxx/CVE-2019-5327.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5327",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5327",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

14
2019/5xxx/CVE-2019-5328.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5328",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5328",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

14
2019/5xxx/CVE-2019-5329.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5329",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5329",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

14
2019/5xxx/CVE-2019-5330.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5330",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5330",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

14
2019/5xxx/CVE-2019-5331.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5331",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5331",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

14
2019/5xxx/CVE-2019-5332.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5332",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5332",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

14
2019/5xxx/CVE-2019-5333.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5333",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5333",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

14
2019/5xxx/CVE-2019-5334.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5334",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5334",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

14
2019/5xxx/CVE-2019-5335.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5335",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5335",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

14
2019/5xxx/CVE-2019-5336.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5336",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5336",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

14
2019/5xxx/CVE-2019-5337.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5337",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5337",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

14
2019/5xxx/CVE-2019-5409.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5409",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5409",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

14
2019/5xxx/CVE-2019-5410.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5410",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5410",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

14
2019/5xxx/CVE-2019-5411.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5411",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5411",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

14
2019/5xxx/CVE-2019-5412.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5412",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5412",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
}
]
}

136
2020/10xxx/CVE-2020-10136.json
View File

@ -1,18 +1,124 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-10136",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"generator": {
"engine": "Vulnogram 0.0.9"
},
"CVE_data_meta": {
"ID": "CVE-2020-10136",
"ASSIGNER": "cert@cert.org",
"DATE_PUBLIC": "2020-06-01T00:00:00.000Z",
"TITLE": "Decapsulation and routing of unidentified IP-in-IP traffic allows a remote, unauthenticated attacker to route arbitrary network traffic",
"AKA": "",
"STATE": "PUBLIC"
},
"source": {
"defect": [
"VU#636397"
],
"advisory": "VU#636397",
"discovery": "EXTERNAL"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IETF",
"product": {
"product_data": [
{
"product_name": "RFC2003 - IP Encapsulation within IP",
"version": {
"version_data": [
{
"version_name": "STD 1",
"version_affected": "=",
"version_value": "STD 1",
"platform": ""
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-19 Data Processing Errors"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple products that implement the IP Encapsulation within IP standard (RFC 2003, STD 1) decapsulate and route IP-in-IP traffic without any validation, which could allow an unauthenticated remote attacker to route arbitrary traffic via an exposed network interface and lead to spoofing, access control bypass, and other unexpected network behaviors."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CERT-VN",
"url": "https://kb.cert.org/vuls/id/636397/",
"name": "VU#636397"
},
{
"refsource": "MISC",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ipip-dos-kCT9X4",
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ipip-dos-kCT9X4"
},
{
"refsource": "MISC",
"url": "https://www.digi.com/resources/security",
"name": "https://www.digi.com/resources/security"
}
]
},
"configuration": [],
"impact": {
"cvss": {
"version": "3.1",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
},
"exploit": [],
"work_around": [
{
"lang": "eng",
"value": "Users can block IP-in-IP packets by filtering IP protocol number 4. Note this filtering is for the IPv4 Protocol (or IPv6 Next Header) field value of 4 and not IP protocol version 4 (IPv4)."
}
],
"solution": [
{
"lang": "eng",
"value": "Customers should apply the latest patch provided by the affected vendor that addresses this issue and prevents unspecified IP-in-IP packets from being processed. Devices manufacturers are urged to disable IP-in-IP in their default configuration and require their customers to explicitly configure IP-in-IP as and when needed."
}
],
"credit": [
{
"lang": "eng",
"value": "Thanks to Yannay Livneh for reporting this issue."
}
]
}

80
2020/10xxx/CVE-2020-10703.json
View File

@ -4,15 +4,89 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-10703",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "libvirt",
"product": {
"product_data": [
{
"product_name": "libvirt",
"version": {
"version_data": [
{
"version_value": ">= 3.10.0, < 6.0.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-476"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10703",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10703",
"refsource": "CONFIRM"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1790725",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1790725",
"refsource": "REDHAT"
},
{
"url": "https://libvirt.org/git/?p=libvirt.git;a=commit;h=dfff16a7c261f8d28e3abe60a47165f845fa952f",
"name": "https://libvirt.org/git/?p=libvirt.git;a=commit;h=dfff16a7c261f8d28e3abe60a47165f845fa952f",
"refsource": "CONFIRM"
},
{
"url": "https://libvirt.org/git/?p=libvirt.git;a=commit;h=5d5c732d748d644ec14626bce448e84bdc4bd93e",
"name": "https://libvirt.org/git/?p=libvirt.git;a=commit;h=5d5c732d748d644ec14626bce448e84bdc4bd93e",
"refsource": "CONFIRM"
},
{
"url": "https://libvirt.org/git/?p=libvirt.git;a=commit;h=7aa0e8c0cb8a6293d0c6f7e3d29c13b96dec2129",
"name": "https://libvirt.org/git/?p=libvirt.git;a=commit;h=7aa0e8c0cb8a6293d0c6f7e3d29c13b96dec2129",
"refsource": "CONFIRM"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A NULL pointer dereference was found in the libvirt API responsible introduced in upstream version 3.10.0, and fixed in libvirt 6.0.0, for fetching a storage pool based on its target path. In more detail, this flaw affects storage pools created without a target path such as network-based pools like gluster and RBD. Unprivileged users with a read-only connection could abuse this flaw to crash the libvirt daemon, resulting in a potential denial of service."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "6.5/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
]
]
}
}

73
2020/10xxx/CVE-2020-10739.json
View File

@ -4,15 +4,82 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-10739",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "istio.io",
"product": {
"product_data": [
{
"product_name": "istio/envoy",
"version": {
"version_data": [
{
"version_value": ">= 1.4.0, < 1.4.9"
},
{
"version_value": ">= 1.5.0, < 1.5.4"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-476"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10739",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10739",
"refsource": "CONFIRM"
},
{
"url": "https://istio.io/news/security/istio-security-2020-005/",
"name": "https://istio.io/news/security/istio-security-2020-005/",
"refsource": "CONFIRM"
},
{
"url": "https://github.com/istio/envoy/commit/8788a3cf255b647fd14e6b5e2585abaaedb28153#diff-fcf2cf5dd389b5285f882ba4a8708633",
"name": "https://github.com/istio/envoy/commit/8788a3cf255b647fd14e6b5e2585abaaedb28153#diff-fcf2cf5dd389b5285f882ba4a8708633",
"refsource": "MISC"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Istio 1.4.x before 1.4.9 and Istio 1.5.x before 1.5.4 contain the following vulnerability when telemetry v2 is enabled: by sending a specially crafted packet, an attacker could trigger a Null Pointer Exception resulting in a Denial of Service. This could be sent to the ingress gateway or a sidecar, triggering a null pointer exception which results in a denial of service. This also affects servicemesh-proxy where a null pointer exception flaw was found in servicemesh-proxy. When running Telemetry v2 (not on by default in version 1.4.x), an attacker could send a specially crafted packet to the ingress gateway or proxy sidecar, triggering a denial of service."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "7.5/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
]
]
}
}

5
2020/10xxx/CVE-2020-10936.json
View File

@ -66,6 +66,11 @@
"refsource": "MISC",
"name": "https://sysdream.com/news/lab/2020-05-25-cve-2020-10936-sympa-privileges-escalation-to-root/",
"url": "https://sysdream.com/news/lab/2020-05-25-cve-2020-10936-sympa-privileges-escalation-to-root/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-9b6c969aac",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3J4NZLGAF4ZYK52XEBQDTBNHLGBEPXXN/"
}
]
}

77
2020/11xxx/CVE-2020-11017.json
View File

@ -1,18 +1,83 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2020-11017",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Double free in cliprdr_server_receive_capabilities in FreeRDP"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FreeRDP",
"version": {
"version_data": [
{
"version_value": "<= 2.0.0"
}
]
}
}
]
},
"vendor_name": "FreeRDP"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In FreeRDP less than or equal to 2.0.0, by providing manipulated input a malicious client can create a double free condition and crash the server. This is fixed in version 2.1.0."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-415: Double Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-q5c8-fm29-q57c",
"refsource": "CONFIRM",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-q5c8-fm29-q57c"
}
]
},
"source": {
"advisory": "GHSA-q5c8-fm29-q57c",
"discovery": "UNKNOWN"
}
}

Some files were not shown because too many files have changed in this diff Show More