admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-07-23 20:01:22 +00:00
parent c96394b2d5
commit 3b777e706d
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
6 changed files with 302 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

72
2019/18xxx/CVE-2019-18834.json Normal file
View File

@ -0,0 +1,72 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18834",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Persistent XSS in the WooCommerce Subscriptions plugin before 2.6.3 for WordPress allows remote attackers to execute arbitrary JavaScript because Billing Details are mishandled in WCS_Admin_Post_Types in class-wcs-admin-post-types.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.precursorsecurity.com/blog",
"refsource": "MISC",
"name": "https://www.precursorsecurity.com/blog"
},
{
"url": "https://woocommerce.com/products/woocommerce-subscriptions/",
"refsource": "MISC",
"name": "https://woocommerce.com/products/woocommerce-subscriptions/"
},
{
"refsource": "MISC",
"name": "https://www.precursorsecurity.com/blog/woocommerce-subscriptions-persistent-xss-cve-2019-18834",
"url": "https://www.precursorsecurity.com/blog/woocommerce-subscriptions-persistent-xss-cve-2019-18834"
}
]
}
}

56
2020/11xxx/CVE-2020-11623.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-11623",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-11623",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in AvertX Auto focus Night Vision HD Indoor/Outdoor IP Dome Camera HD838 and Night Vision HD Indoor/Outdoor Mini IP Bullet Camera HD438. An attacker with physical access to the UART interface could access additional diagnostic and configuration functionalities as well as the camera's bootloader. Successful exploitation could compromise confidentiality, integrity, and availability of the affected system. It could even render the device inoperable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://unit42.paloaltonetworks.com/avertx-ip-cameras-vulnerabilities/",
"url": "https://unit42.paloaltonetworks.com/avertx-ip-cameras-vulnerabilities/"
}
]
}

61
2020/15xxx/CVE-2020-15391.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-15391",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-15391",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The UI in DevSpace 4.13.0 allows web sites to execute actions on pods (on behalf of a victim) because of a lack of authentication for the WebSocket protocol. This leads to remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/devspace-cloud/devspace/tags",
"refsource": "MISC",
"name": "https://github.com/devspace-cloud/devspace/tags"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/devspace-cloud/devspace/releases/tag/v4.14.0",
"url": "https://github.com/devspace-cloud/devspace/releases/tag/v4.14.0"
}
]
}

61
2020/15xxx/CVE-2020-15477.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-15477",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-15477",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The WebControl in RaspberryTortoise through 2012-10-28 is vulnerable to remote code execution via shell metacharacters in a URI. The file nodejs/raspberryTortoise.js has no validation on the parameter incomingString before passing it to the child_process.exec function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/raspberrytorte/tortoise/tree/master/nodejs",
"refsource": "MISC",
"name": "https://github.com/raspberrytorte/tortoise/tree/master/nodejs"
},
{
"refsource": "MISC",
"name": "https://gist.github.com/PreethamBomma/e7b6d220790f95555dc2c5ac1d7d2f85",
"url": "https://gist.github.com/PreethamBomma/e7b6d220790f95555dc2c5ac1d7d2f85"
}
]
}

71
2020/15xxx/CVE-2020-15492.json
View File

@ -1,17 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-15492",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-15492",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in INNEO Startup TOOLS 2017 M021 12.0.66.3784 through 2018 M040 13.0.70.3804. The sut_srv.exe web application (served on TCP port 85) includes user input into a filesystem access without any further validation. This might allow an unauthenticated attacker to read files on the server via Directory Traversal, or possibly have unspecified other impact."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.inneo.co.uk/en/product-development/inneo-in-house-products/startup-tools.html",
"refsource": "MISC",
"name": "https://www.inneo.co.uk/en/product-development/inneo-in-house-products/startup-tools.html"
},
{
"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2020-028.txt",
"refsource": "MISC",
"name": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2020-028.txt"
},
{
"refsource": "MISC",
"name": "https://www.syss.de/pentest-blog/2020/syss-2020-028-sicherheitsschwachstelle-in-inneo-startup-tools-2017-und-2018/",
"url": "https://www.syss.de/pentest-blog/2020/syss-2020-028-sicherheitsschwachstelle-in-inneo-startup-tools-2017-und-2018/"
},
{
"refsource": "CONFIRM",
"name": "https://www.inneo.de/files/content/Produktentwicklung/Tools-und-Erweiterungen/Startup-TOOLS/INNEO-SA-SUT-2020-01.pdf",
"url": "https://www.inneo.de/files/content/Produktentwicklung/Tools-und-Erweiterungen/Startup-TOOLS/INNEO-SA-SUT-2020-01.pdf"
}
]
}

5
2020/6xxx/CVE-2020-6102.json
View File

@ -44,6 +44,11 @@
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1042",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1042"
},
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1042\"",