admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-05 18:28:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-02-06 00:00:55 +00:00
parent fc5fa3629b
commit 3d648306b1
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
7 changed files with 290 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
2020/11xxx/CVE-2020-11836.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-11836",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@oppo.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "OPPO Android Phone with MTK chipset",
"version": {
"version_data": [
{
"version_value": "OPPO Mobile phones with mtk chipset and Android 8.1/9/10/11 versions"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Leak"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-1357213888449617920",
"url": "https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-1357213888449617920"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "OPPO Android Phone with MTK chipset and Android 8.1/9/10/11 versions have an information leak vulnerability. The \u201cadb shell getprop ro.vendor.aee.enforcing\u201d or \u201cadb shell getprop ro.vendor.aee.enforcing\u201d return no."
}
]
}

53
2020/14xxx/CVE-2020-14312.json
View File

@ -4,14 +4,61 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-14312",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "dnsmasq",
"version": {
"version_data": [
{
"version_value": "Fedora version prior to 31"
},
{
"version_value": "all RHEL versions"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1851342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851342"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A flaw was found in the default configuration of dnsmasq, as shipped with Fedora versions prior to 31 and in all versions Red Hat Enterprise Linux, where it listens on any interface and accepts queries from addresses outside of its local subnet. In particular, the option `local-service` is not enabled. Running dnsmasq in this manner may inadvertently make it an open resolver accessible from any address on the internet. This flaw allows an attacker to conduct a Distributed Denial of Service (DDoS) against other systems."
}
]
}

5
2020/15xxx/CVE-2020-15999.json
View File

@ -84,6 +84,11 @@
"refsource": "DEBIAN",
"name": "DSA-4824",
"url": "https://www.debian.org/security/2021/dsa-4824"
},
{
"refsource": "MISC",
"name": "https://googleprojectzero.blogspot.com/p/rca-cve-2020-15999.html",
"url": "https://googleprojectzero.blogspot.com/p/rca-cve-2020-15999.html"
}
]
},

50
2020/5xxx/CVE-2020-5812.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-5812",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "vulnreport@tenable.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Tenable Nessus AMI",
"version": {
"version_data": [
{
"version_value": "8.12.0 and earlier"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Certificate Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.tenable.com/security/tns-2021-01",
"url": "https://www.tenable.com/security/tns-2021-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Nessus AMI versions 8.12.0 and earlier were found to either not validate, or incorrectly validate, a certificate which could allow an attacker to spoof a trusted entity by using a man-in-the-middle (MITM) attack."
}
]
}

50
2021/20xxx/CVE-2021-20176.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20176",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "ImageMagick",
"version": {
"version_data": [
{
"version_value": "ImageMagick - 7.0.10-29"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-369: Divide By Zero"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/ImageMagick/ImageMagick/issues/3077",
"url": "https://github.com/ImageMagick/ImageMagick/issues/3077"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A flaw was found in ImageMagick in MagickCore/gem.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.10-56."
}
]
}

50
2021/22xxx/CVE-2021-22301.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-22301",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "HUAWEI Mate 30",
"version": {
"version_data": [
{
"version_value": "10.0.0.203(C00E201R7P2)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210127-01-buffer-en",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210127-01-buffer-en"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Mate 30 10.0.0.203(C00E201R7P2) have a buffer overflow vulnerability. After obtaining the root permission, an attacker can exploit the vulnerability to cause buffer overflow."
}
]
}

50
2021/22xxx/CVE-2021-22307.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-22307",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "HUAWEI Mate 30",
"version": {
"version_data": [
{
"version_value": "10.0.0.203(C00E201R7P2)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Weak Algorithms"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210127-06-smartphone-en",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210127-06-smartphone-en"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is a weak algorithm vulnerability in Mate 3010.0.0.203(C00E201R7P2). The protection is insufficient for the modules that should be protected. Local attackers can exploit this vulnerability to affect the integrity of certain module."
}
]
}