admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-02-21 15:01:14 +00:00
parent eb2e02e011
commit 47a8eb2fb4
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
6 changed files with 112 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2019/16xxx/CVE-2019-16775.json
View File

@ -95,6 +95,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2020-595ce5e3cc",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z36UKPO5F3PQ3Q2POMF5LEKXWAH5RUFP/"
},
{
"refsource": "REDHAT",
"name": "RHEA-2020:0330",
"url": "https://access.redhat.com/errata/RHEA-2020:0330"
}
]
},

5
2019/16xxx/CVE-2019-16776.json
View File

@ -95,6 +95,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2020-595ce5e3cc",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z36UKPO5F3PQ3Q2POMF5LEKXWAH5RUFP/"
},
{
"refsource": "REDHAT",
"name": "RHEA-2020:0330",
"url": "https://access.redhat.com/errata/RHEA-2020:0330"
}
]
},

5
2019/16xxx/CVE-2019-16777.json
View File

@ -95,6 +95,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2020-595ce5e3cc",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z36UKPO5F3PQ3Q2POMF5LEKXWAH5RUFP/"
},
{
"refsource": "REDHAT",
"name": "RHEA-2020:0330",
"url": "https://access.redhat.com/errata/RHEA-2020:0330"
}
]
},

61
2019/19xxx/CVE-2019-19452.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-19452",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-19452",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A buffer overflow was found in Patriot Viper RGB through 1.1 when processing IoControlCode 0x80102040. Local attackers (including low integrity processes) can exploit this to gain NT AUTHORITY\\SYSTEM privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.viper.patriotmemory.com",
"refsource": "MISC",
"name": "https://www.viper.patriotmemory.com"
},
{
"refsource": "MISC",
"name": "https://www.coresecurity.com/advisories/viper-rgb-driver-multiple-vulnerabilities",
"url": "https://www.coresecurity.com/advisories/viper-rgb-driver-multiple-vulnerabilities"
}
]
}

41
2020/5xxx/CVE-2020-5324.json
View File

@ -1,10 +1,10 @@
{
"CVE_data_meta": {
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2020-02-18",
"ID": "CVE-2020-5324",
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2020-02-18",
"ID": "CVE-2020-5324",
"STATE": "PUBLIC"
},
},
"affects": {
"vendor": {
"vendor_data": [
@ -12,7 +12,7 @@
"product": {
"product_data": [
{
"product_name": "Dell Client Consumer and Commercial Platforms",
"product_name": "Dell Client Consumer and Commercial Platforms",
"version": {
"version_data": [
{
@ -22,48 +22,49 @@
}
}
]
},
},
"vendor_name": "Dell"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"lang": "eng",
"value": "Dell Client Consumer and Commercial Platforms contain an Arbitrary File Overwrite Vulnerability. The vulnerability is limited to the Dell Firmware Update Utility during the time window while being executed by an administrator. During this time window, a locally authenticated low-privileged malicious user could exploit this vulnerability by tricking an administrator into overwriting arbitrary files via a symlink attack. The vulnerability does not affect the actual binary payload that the update utility delivers."
}
]
},
},
"impact": {
"cvss": {
"baseScore": 7.1,
"baseSeverity": "High",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"baseScore": 7.1,
"baseSeverity": "High",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
},
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"lang": "eng",
"value": "CWE-427: Uncontrolled Search Path Element"
}
]
}
]
},
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.dell.com/support/article/SLN320348"
"refsource": "MISC",
"url": "https://www.dell.com/support/article/SLN320348",
"name": "https://www.dell.com/support/article/SLN320348"
}
]
}

41
2020/5xxx/CVE-2020-5326.json
View File

@ -1,10 +1,10 @@
{
"CVE_data_meta": {
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2020-02-18",
"ID": "CVE-2020-5326",
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2020-02-18",
"ID": "CVE-2020-5326",
"STATE": "PUBLIC"
},
},
"affects": {
"vendor": {
"vendor_data": [
@ -12,7 +12,7 @@
"product": {
"product_data": [
{
"product_name": "Dell Client Consumer and Commercial Platforms",
"product_name": "Dell Client Consumer and Commercial Platforms",
"version": {
"version_data": [
{
@ -22,48 +22,49 @@
}
}
]
},
},
"vendor_name": "Dell"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"lang": "eng",
"value": "Affected Dell Client platforms contain a BIOS Setup configuration authentication bypass vulnerability in the pre-boot Intel Rapid Storage Response Technology (iRST) Manager menu. An attacker with physical access to the system could perform unauthorized changes to the BIOS Setup configuration settings without requiring the BIOS Admin password by selecting the Optimized Defaults option in the pre-boot iRST Manager."
}
]
},
},
"impact": {
"cvss": {
"baseScore": 6.1,
"baseSeverity": "Medium",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:H",
"baseScore": 6.1,
"baseSeverity": "Medium",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:H",
"version": "3.1"
}
},
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"lang": "eng",
"value": "CWE-306: Missing Authentication for Critical Function"
}
]
}
]
},
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.dell.com/support/article/SLN320337"
"refsource": "MISC",
"url": "https://www.dell.com/support/article/SLN320337",
"name": "https://www.dell.com/support/article/SLN320337"
}
]
}