admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-04-21 22:01:13 +00:00
parent 36d0b8bc42
commit 47ec255fed
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
26 changed files with 428 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2018/12xxx/CVE-2018-12641.json
View File

@ -76,6 +76,11 @@
"refsource": "REDHAT",
"name": "RHSA-2019:2075",
"url": "https://access.redhat.com/errata/RHSA-2019:2075"
},
{
"refsource": "UBUNTU",
"name": "USN-4326-1",
"url": "https://usn.ubuntu.com/4326-1/"
}
]
}

5
2018/12xxx/CVE-2018-12697.json
View File

@ -81,6 +81,11 @@
"refsource": "REDHAT",
"name": "RHSA-2019:2075",
"url": "https://access.redhat.com/errata/RHSA-2019:2075"
},
{
"refsource": "UBUNTU",
"name": "USN-4326-1",
"url": "https://usn.ubuntu.com/4326-1/"
}
]
}

5
2018/12xxx/CVE-2018-12698.json
View File

@ -76,6 +76,11 @@
"refsource": "GENTOO",
"name": "GLSA-201908-01",
"url": "https://security.gentoo.org/glsa/201908-01"
},
{
"refsource": "UBUNTU",
"name": "USN-4326-1",
"url": "https://usn.ubuntu.com/4326-1/"
}
]
}

5
2018/12xxx/CVE-2018-12934.json
View File

@ -66,6 +66,11 @@
"name": "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763101",
"refsource": "MISC",
"url": "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763101"
},
{
"refsource": "UBUNTU",
"name": "USN-4326-1",
"url": "https://usn.ubuntu.com/4326-1/"
}
]
}

5
2018/17xxx/CVE-2018-17794.json
View File

@ -56,6 +56,11 @@
"name": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87350",
"refsource": "MISC",
"url": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87350"
},
{
"refsource": "UBUNTU",
"name": "USN-4326-1",
"url": "https://usn.ubuntu.com/4326-1/"
}
]
}

5
2018/17xxx/CVE-2018-17985.json
View File

@ -66,6 +66,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:2432",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html"
},
{
"refsource": "UBUNTU",
"name": "USN-4326-1",
"url": "https://usn.ubuntu.com/4326-1/"
}
]
}

5
2018/18xxx/CVE-2018-18483.json
View File

@ -76,6 +76,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:2432",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html"
},
{
"refsource": "UBUNTU",
"name": "USN-4326-1",
"url": "https://usn.ubuntu.com/4326-1/"
}
]
}

5
2018/18xxx/CVE-2018-18484.json
View File

@ -71,6 +71,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:2432",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html"
},
{
"refsource": "UBUNTU",
"name": "USN-4326-1",
"url": "https://usn.ubuntu.com/4326-1/"
}
]
}

5
2018/18xxx/CVE-2018-18700.json
View File

@ -56,6 +56,11 @@
"name": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87681",
"refsource": "MISC",
"url": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87681"
},
{
"refsource": "UBUNTU",
"name": "USN-4326-1",
"url": "https://usn.ubuntu.com/4326-1/"
}
]
}

5
2018/18xxx/CVE-2018-18701.json
View File

@ -56,6 +56,11 @@
"name": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87675",
"refsource": "MISC",
"url": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87675"
},
{
"refsource": "UBUNTU",
"name": "USN-4326-1",
"url": "https://usn.ubuntu.com/4326-1/"
}
]
}

70
2018/21xxx/CVE-2018-21145.json
View File

@ -1,18 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-21145",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2018-21145",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D7800 before 1.0.1.34, DM200 before 1.0.0.50, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, and WNR2000v5 before 1.0.0.64."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://kb.netgear.com/000059488/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Gateways-and-Routers-PSV-2017-3160",
"url": "https://kb.netgear.com/000059488/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Gateways-and-Routers-PSV-2017-3160"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:U/UI:N",
"version": "3.0"
}
}
}

70
2018/21xxx/CVE-2018-21146.json
View File

@ -1,18 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-21146",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2018-21146",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.34, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WNDR4300v2 before 1.0.0.54, and WNDR4500v3 before 1.0.0.54."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://kb.netgear.com/000059487/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Gateways-and-Routers-PSV-2017-3159",
"url": "https://kb.netgear.com/000059487/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Gateways-and-Routers-PSV-2017-3159"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:U/UI:N",
"version": "3.0"
}
}
}

70
2018/21xxx/CVE-2018-21147.json
View File

@ -1,18 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-21147",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2018-21147",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D7800 before 1.0.1.34, R7500v2 before 1.0.3.26, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WNDR4300v2 before 1.0.0.54, and WNDR4500v3 before 1.0.0.54."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://kb.netgear.com/000059486/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Gateways-and-Routers-PSV-2017-3158",
"url": "https://kb.netgear.com/000059486/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Gateways-and-Routers-PSV-2017-3158"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:U/UI:N",
"version": "3.0"
}
}
}

70
2018/21xxx/CVE-2018-21148.json
View File

@ -1,18 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-21148",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2018-21148",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D7800 before 1.0.1.34, DM200 before 1.0.0.50, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7500v2 before 1.0.3.26, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, and WNR2000v5 before 1.0.0.64."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://kb.netgear.com/000059485/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Gateways-and-Routers-PSV-2017-3157",
"url": "https://kb.netgear.com/000059485/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Gateways-and-Routers-PSV-2017-3157"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:U/UI:N",
"version": "3.0"
}
}
}

5
2018/9xxx/CVE-2018-9138.json
View File

@ -56,6 +56,11 @@
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=23008",
"refsource": "MISC",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=23008"
},
{
"refsource": "UBUNTU",
"name": "USN-4326-1",
"url": "https://usn.ubuntu.com/4326-1/"
}
]
}

5
2019/14xxx/CVE-2019-14250.json
View File

@ -81,6 +81,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:2365",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html"
},
{
"refsource": "UBUNTU",
"name": "USN-4326-1",
"url": "https://usn.ubuntu.com/4326-1/"
}
]
}

5
2019/9xxx/CVE-2019-9070.json
View File

@ -76,6 +76,11 @@
"refsource": "CONFIRM",
"name": "https://support.f5.com/csp/article/K13534168",
"url": "https://support.f5.com/csp/article/K13534168"
},
{
"refsource": "UBUNTU",
"name": "USN-4326-1",
"url": "https://usn.ubuntu.com/4326-1/"
}
]
}

5
2019/9xxx/CVE-2019-9071.json
View File

@ -76,6 +76,11 @@
"refsource": "CONFIRM",
"name": "https://support.f5.com/csp/article/K02884135",
"url": "https://support.f5.com/csp/article/K02884135"
},
{
"refsource": "UBUNTU",
"name": "USN-4326-1",
"url": "https://usn.ubuntu.com/4326-1/"
}
]
}

67
2020/12xxx/CVE-2020-12051.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12051",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The CentralAuth extension through REL1_34 for MediaWiki allows remote attackers to obtain sensitive hidden account information via an api.php?action=query&meta=globaluserinfo&guiuser= request. In other words, the information can be retrieved via the action API even though access would be denied when simply visiting wiki/Special:CentralAuth in a web browser."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://phabricator.wikimedia.org/T250594",
"refsource": "MISC",
"name": "https://phabricator.wikimedia.org/T250594"
},
{
"url": "https://gerrit.wikimedia.org/r/#/q/I3c80641dc1202df7428714f0ca44717a51ff6021",
"refsource": "MISC",
"name": "https://gerrit.wikimedia.org/r/#/q/I3c80641dc1202df7428714f0ca44717a51ff6021"
}
]
}
}

5
2020/3xxx/CVE-2020-3153.json
View File

@ -77,6 +77,11 @@
"refsource": "FULLDISC",
"name": "20200421 Cisco AnyConnect elevation of privileges due to insecure handling of path names",
"url": "http://seclists.org/fulldisclosure/2020/Apr/43"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/157340/Cisco-AnyConnect-Secure-Mobility-Client-4.8.01090-Privilege-Escalation.html",
"url": "http://packetstormsecurity.com/files/157340/Cisco-AnyConnect-Secure-Mobility-Client-4.8.01090-Privilege-Escalation.html"
}
]
},

5
2020/4xxx/CVE-2020-4269.json
View File

@ -90,6 +90,11 @@
"refsource": "FULLDISC",
"name": "20200421 Unauthorized access to QRadar configuration sets via default password",
"url": "http://seclists.org/fulldisclosure/2020/Apr/34"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/157328/QRadar-Community-Edition-7.3.1.6-Default-Credentials.html",
"url": "http://packetstormsecurity.com/files/157328/QRadar-Community-Edition-7.3.1.6-Default-Credentials.html"
}
]
},

5
2020/4xxx/CVE-2020-4270.json
View File

@ -97,6 +97,11 @@
"refsource": "FULLDISC",
"name": "20200421 Local privilege escalation in QRadar due to run-result-reader.sh insecure file permissions",
"url": "http://seclists.org/fulldisclosure/2020/Apr/38"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/157335/QRadar-Community-Edition-7.3.1.6-Insecure-File-Permissions.html",
"url": "http://packetstormsecurity.com/files/157335/QRadar-Community-Edition-7.3.1.6-Insecure-File-Permissions.html"
}
]
},

5
2020/4xxx/CVE-2020-4271.json
View File

@ -32,6 +32,11 @@
"refsource": "FULLDISC",
"name": "20200421 PHP object injection vulnerability in QRadar Forensics web application",
"url": "http://seclists.org/fulldisclosure/2020/Apr/39"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/157336/QRadar-Community-Edition-7.3.1.6-PHP-Object-Injection.html",
"url": "http://packetstormsecurity.com/files/157336/QRadar-Community-Edition-7.3.1.6-PHP-Object-Injection.html"
}
]
},

5
2020/4xxx/CVE-2020-4272.json
View File

@ -89,6 +89,11 @@
"refsource": "FULLDISC",
"name": "20200421 Arbitrary class instantiation & local file inclusion vulnerability in QRadar Forensics web application",
"url": "http://seclists.org/fulldisclosure/2020/Apr/40"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/157337/QRadar-Community-Edition-7.3.1.6-Arbitrary-Object-Instantiation.html",
"url": "http://packetstormsecurity.com/files/157337/QRadar-Community-Edition-7.3.1.6-Arbitrary-Object-Instantiation.html"
}
]
},

5
2020/4xxx/CVE-2020-4274.json
View File

@ -77,6 +77,11 @@
"refsource": "FULLDISC",
"name": "20200421 Authorization bypass in QRadar Forensics web application",
"url": "http://seclists.org/fulldisclosure/2020/Apr/41"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/157338/QRadar-Community-Edition-7.3.1.6-Authorization-Bypass.html",
"url": "http://packetstormsecurity.com/files/157338/QRadar-Community-Edition-7.3.1.6-Authorization-Bypass.html"
}
]
},

5
2020/4xxx/CVE-2020-4294.json
View File

@ -77,6 +77,11 @@
"refsource": "FULLDISC",
"name": "20200421 QRadar RssFeedItem Server-Side Request Forgery vulnerability",
"url": "http://seclists.org/fulldisclosure/2020/Apr/35"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/157329/QRadar-Community-Edition-7.3.1.6-Server-Side-Request-Forgery.html",
"url": "http://packetstormsecurity.com/files/157329/QRadar-Community-Edition-7.3.1.6-Server-Side-Request-Forgery.html"
}
]
},