admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-11-16 16:01:35 +00:00
parent 5c1f160199
commit 500daa731b
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
21 changed files with 655 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
2020/13xxx/CVE-2020-13769.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-13769",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-13769",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "LDMS/alert_log.aspx in Ivanti Endpoint Manager through 2020.1 allows SQL Injection via a /remotecontrolauth/api/device request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://forums.ivanti.com/s/",
"refsource": "MISC",
"name": "https://forums.ivanti.com/s/"
},
{
"refsource": "MISC",
"name": "https://labs.jumpsec.com/advisory-cve-2020-13769-ivanti-uem-sql-injection/",
"url": "https://labs.jumpsec.com/advisory-cve-2020-13769-ivanti-uem-sql-injection/"
}
]
}

61
2020/13xxx/CVE-2020-13772.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-13772",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-13772",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In /ldclient/ldprov.cgi in Ivanti Endpoint Manager through 2020.1.1, an attacker is able to disclose information about the server operating system, local pathnames, and environment variables with no authentication required."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://forums.ivanti.com/s/",
"refsource": "MISC",
"name": "https://forums.ivanti.com/s/"
},
{
"refsource": "MISC",
"name": "https://labs.jumpsec.com/cve-2020-13772-ivanti-uem-system-information-disclosure/",
"url": "https://labs.jumpsec.com/cve-2020-13772-ivanti-uem-system-information-disclosure/"
}
]
}

61
2020/13xxx/CVE-2020-13773.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-13773",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-13773",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Ivanti Endpoint Manager through 2020.1.1 allows XSS via /LDMS/frm_splitfrm.aspx, /LDMS/licensecheck.aspx, /LDMS/frm_splitcollapse.aspx, /LDMS/alert_log.aspx, /LDMS/ServerList.aspx, /LDMS/frm_coremainfrm.aspx, /LDMS/frm_findfrm.aspx, /LDMS/frm_taskfrm.aspx, and /LDMS/query_browsecomp.aspx."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://forums.ivanti.com/s/",
"refsource": "MISC",
"name": "https://forums.ivanti.com/s/"
},
{
"refsource": "MISC",
"name": "https://labs.jumpsec.com/cve-2020-13773-ivanti-uem-reflected-xss/",
"url": "https://labs.jumpsec.com/cve-2020-13773-ivanti-uem-reflected-xss/"
}
]
}

5
2020/24xxx/CVE-2020-24366.json
View File

@ -56,6 +56,11 @@
"url": "https://blog.jetbrains.com",
"refsource": "MISC",
"name": "https://blog.jetbrains.com"
},
{
"refsource": "CONFIRM",
"name": "https://blog.jetbrains.com/2020/11/16/jetbrains-security-bulletin-q3-2020/",
"url": "https://blog.jetbrains.com/2020/11/16/jetbrains-security-bulletin-q3-2020/"
}
]
}

5
2020/24xxx/CVE-2020-24618.json
View File

@ -61,6 +61,11 @@
"refsource": "MISC",
"name": "https://youtrack.jetbrains.com/issue/JT-59265",
"url": "https://youtrack.jetbrains.com/issue/JT-59265"
},
{
"refsource": "CONFIRM",
"name": "https://blog.jetbrains.com/2020/11/16/jetbrains-security-bulletin-q3-2020/",
"url": "https://blog.jetbrains.com/2020/11/16/jetbrains-security-bulletin-q3-2020/"
}
]
}

5
2020/25xxx/CVE-2020-25013.json
View File

@ -56,6 +56,11 @@
"url": "https://blog.jetbrains.com",
"refsource": "MISC",
"name": "https://blog.jetbrains.com"
},
{
"refsource": "CONFIRM",
"name": "https://blog.jetbrains.com/2020/11/16/jetbrains-security-bulletin-q3-2020/",
"url": "https://blog.jetbrains.com/2020/11/16/jetbrains-security-bulletin-q3-2020/"
}
]
}

5
2020/25xxx/CVE-2020-25207.json
View File

@ -56,6 +56,11 @@
"url": "https://blog.jetbrains.com",
"refsource": "MISC",
"name": "https://blog.jetbrains.com"
},
{
"refsource": "CONFIRM",
"name": "https://blog.jetbrains.com/2020/11/16/jetbrains-security-bulletin-q3-2020/",
"url": "https://blog.jetbrains.com/2020/11/16/jetbrains-security-bulletin-q3-2020/"
}
]
}

5
2020/25xxx/CVE-2020-25209.json
View File

@ -56,6 +56,11 @@
"url": "https://blog.jetbrains.com",
"refsource": "MISC",
"name": "https://blog.jetbrains.com"
},
{
"refsource": "CONFIRM",
"name": "https://blog.jetbrains.com/2020/11/16/jetbrains-security-bulletin-q3-2020/",
"url": "https://blog.jetbrains.com/2020/11/16/jetbrains-security-bulletin-q3-2020/"
}
]
}

5
2020/25xxx/CVE-2020-25210.json
View File

@ -56,6 +56,11 @@
"url": "https://blog.jetbrains.com",
"refsource": "MISC",
"name": "https://blog.jetbrains.com"
},
{
"refsource": "CONFIRM",
"name": "https://blog.jetbrains.com/2020/11/16/jetbrains-security-bulletin-q3-2020/",
"url": "https://blog.jetbrains.com/2020/11/16/jetbrains-security-bulletin-q3-2020/"
}
]
}

66
2020/25xxx/CVE-2020-25952.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-25952",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-25952",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "SQL injection vulnerability in PHPGurukul User Registration & Login and User Management System With admin panel 2.1 allows remote attackers to execute arbitrary SQL commands and bypass authentication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://phpgurukul.com/",
"refsource": "MISC",
"name": "https://phpgurukul.com/"
},
{
"refsource": "MISC",
"name": "https://www.exploit-db.com/exploits/49052",
"url": "https://www.exploit-db.com/exploits/49052"
},
{
"refsource": "MISC",
"name": "https://th3cyb3rc0p.medium.com/cve-2020-25952-f60fff8ffac",
"url": "https://th3cyb3rc0p.medium.com/cve-2020-25952-f60fff8ffac"
}
]
}

61
2020/26xxx/CVE-2020-26129.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-26129",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-26129",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In JetBrains Ktor before 1.4.1, HTTP request smuggling was possible."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://blog.jetbrains.com",
"refsource": "MISC",
"name": "https://blog.jetbrains.com"
},
{
"refsource": "CONFIRM",
"name": "https://blog.jetbrains.com/2020/11/16/jetbrains-security-bulletin-q3-2020/",
"url": "https://blog.jetbrains.com/2020/11/16/jetbrains-security-bulletin-q3-2020/"
}
]
}

61
2020/27xxx/CVE-2020-27191.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-27191",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-27191",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "LionWiki before 3.2.12 allows an unauthenticated user to read files as the web server user via crafted string in the index.php f1 variable, aka Local File Inclusion. NOTE: This vulnerability only affects products that are no longer supported by the maintainer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://lionwiki.0o.cz/index.php?page=Main+page",
"refsource": "MISC",
"name": "http://lionwiki.0o.cz/index.php?page=Main+page"
},
{
"refsource": "MISC",
"name": "https://www.junebug.site/blog/cve-2020-27191-lionwiki-3-2-11-lfi",
"url": "https://www.junebug.site/blog/cve-2020-27191-lionwiki-3-2-11-lfi"
}
]
}

61
2020/27xxx/CVE-2020-27422.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-27422",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-27422",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In Anuko Time Tracker v1.19.23.5311, the password reset link emailed to the user doesn't expire once used, allowing an attacker to use the same link to takeover the account."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.anuko.com/time-tracker/index.htm",
"refsource": "MISC",
"name": "https://www.anuko.com/time-tracker/index.htm"
},
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/160051/Anuko-Time-Tracker-1.19.23.5311-Password-Reset.html",
"url": "https://packetstormsecurity.com/files/160051/Anuko-Time-Tracker-1.19.23.5311-Password-Reset.html"
}
]
}

56
2020/27xxx/CVE-2020-27423.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-27423",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-27423",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Anuko Time Tracker v1.19.23.5311 lacks rate limit on the password reset module which allows attacker to perform Denial of Service attack on any legitimate user's mailbox"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/160052/Anuko-Time-Tracker-1.19.23.5311-Missing-Rate-Limiting.html",
"url": "https://packetstormsecurity.com/files/160052/Anuko-Time-Tracker-1.19.23.5311-Missing-Rate-Limiting.html"
}
]
}

61
2020/27xxx/CVE-2020-27622.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-27622",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-27622",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In JetBrains IntelliJ IDEA before 2020.2, the built-in web server could expose information about the IDE version."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://blog.jetbrains.com",
"refsource": "MISC",
"name": "https://blog.jetbrains.com"
},
{
"refsource": "CONFIRM",
"name": "https://blog.jetbrains.com/2020/11/16/jetbrains-security-bulletin-q3-2020/",
"url": "https://blog.jetbrains.com/2020/11/16/jetbrains-security-bulletin-q3-2020/"
}
]
}

61
2020/27xxx/CVE-2020-27623.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-27623",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-27623",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "JetBrains IdeaVim before version 0.58 might have caused an information leak in limited circumstances."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://blog.jetbrains.com",
"refsource": "MISC",
"name": "https://blog.jetbrains.com"
},
{
"refsource": "CONFIRM",
"name": "https://blog.jetbrains.com/2020/11/16/jetbrains-security-bulletin-q3-2020/",
"url": "https://blog.jetbrains.com/2020/11/16/jetbrains-security-bulletin-q3-2020/"
}
]
}

5
2020/27xxx/CVE-2020-27624.json
View File

@ -56,6 +56,11 @@
"url": "https://blog.jetbrains.com",
"refsource": "MISC",
"name": "https://blog.jetbrains.com"
},
{
"refsource": "CONFIRM",
"name": "https://blog.jetbrains.com/2020/11/16/jetbrains-security-bulletin-q3-2020/",
"url": "https://blog.jetbrains.com/2020/11/16/jetbrains-security-bulletin-q3-2020/"
}
]
}

5
2020/27xxx/CVE-2020-27626.json
View File

@ -56,6 +56,11 @@
"url": "https://blog.jetbrains.com",
"refsource": "MISC",
"name": "https://blog.jetbrains.com"
},
{
"refsource": "CONFIRM",
"name": "https://blog.jetbrains.com/2020/11/16/jetbrains-security-bulletin-q3-2020/",
"url": "https://blog.jetbrains.com/2020/11/16/jetbrains-security-bulletin-q3-2020/"
}
]
}

61
2020/27xxx/CVE-2020-27627.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-27627",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-27627",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "JetBrains TeamCity before 2020.1.2 was vulnerable to URL injection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://blog.jetbrains.com",
"refsource": "MISC",
"name": "https://blog.jetbrains.com"
},
{
"refsource": "CONFIRM",
"name": "https://blog.jetbrains.com/2020/11/16/jetbrains-security-bulletin-q3-2020/",
"url": "https://blog.jetbrains.com/2020/11/16/jetbrains-security-bulletin-q3-2020/"
}
]
}

5
2020/27xxx/CVE-2020-27628.json
View File

@ -56,6 +56,11 @@
"url": "https://blog.jetbrains.com",
"refsource": "MISC",
"name": "https://blog.jetbrains.com"
},
{
"refsource": "CONFIRM",
"name": "https://blog.jetbrains.com/2020/11/16/jetbrains-security-bulletin-q3-2020/",
"url": "https://blog.jetbrains.com/2020/11/16/jetbrains-security-bulletin-q3-2020/"
}
]
}

5
2020/27xxx/CVE-2020-27629.json
View File

@ -56,6 +56,11 @@
"url": "https://blog.jetbrains.com",
"refsource": "MISC",
"name": "https://blog.jetbrains.com"
},
{
"refsource": "CONFIRM",
"name": "https://blog.jetbrains.com/2020/11/16/jetbrains-security-bulletin-q3-2020/",
"url": "https://blog.jetbrains.com/2020/11/16/jetbrains-security-bulletin-q3-2020/"
}
]
}