admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 02:32:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-11-16 19:01:35 +00:00
parent 049ae037eb
commit 538ddd2e36
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
7 changed files with 179 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2018/16xxx/CVE-2018-16763.json
View File

@ -71,6 +71,11 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/153696/fuelCMS-1.4.1-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/153696/fuelCMS-1.4.1-Remote-Code-Execution.html"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/160080/Fuel-CMS-1.4-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/160080/Fuel-CMS-1.4-Remote-Code-Execution.html"
}
]
}

2
2018/1xxx/CVE-2018-1311.json
View File

@ -70,7 +70,7 @@
"description_data": [
{
"lang": "eng",
"value": "The Apache Xerces-C 3.0.0 to 3.2.2 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library and has no current mitigation other than to disable DTD processing. This can be accomplished via the DOM using a standard parser feature, or via SAX using the XERCES_DISABLE_DTD environment variable."
"value": "The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library and has no current mitigation other than to disable DTD processing. This can be accomplished via the DOM using a standard parser feature, or via SAX using the XERCES_DISABLE_DTD environment variable."
}
]
}

56
2020/26xxx/CVE-2020-26508.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-26508",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-26508",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The WebTools component on Canon Oce ColorWave 3500 5.1.1.0 devices allows attackers to retrieve stored SMB credentials via the export feature, even though these are intentionally inaccessible in the UI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.syss.de/pentest-blog/",
"refsource": "MISC",
"name": "https://www.syss.de/pentest-blog/"
}
]
}

56
2020/26xxx/CVE-2020-26509.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-26509",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-26509",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Airleader Master and Easy <= 6.21 devices have default credentials that can be used for a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2020-033.txt",
"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2020-033.txt"
}
]
}

56
2020/26xxx/CVE-2020-26510.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-26510",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-26510",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Airleader Master <= 6.21 devices have default credentials that can be used to access the exposed Tomcat Manager for deployment of a new .war file, with resultant remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2020-033.txt",
"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2020-033.txt"
}
]
}

18
2020/28xxx/CVE-2020-28890.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-28890",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

5
2020/6xxx/CVE-2020-6506.json
View File

@ -79,6 +79,11 @@
"refsource": "MLIST",
"name": "[cordova-issues] 20201007 [GitHub] [cordova-plugin-inappbrowser] carlpoole opened a new pull request #792: fix(android): Add mitigation strategy for CVE-2020-6506",
"url": "https://lists.apache.org/thread.html/rc0ebe639927fa09e222aa56bf5ad6e700218f334ecc6ba9da4397728@%3Cissues.cordova.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cordova-issues] 20201116 [GitHub] [cordova-plugin-inappbrowser] NiklasMerz commented on pull request #792: fix(android): Add mitigation strategy for CVE-2020-6506",
"url": "https://lists.apache.org/thread.html/ra58733fbb88d5c513b3f14a14850083d506b9129103e0ab433c3f680@%3Cissues.cordova.apache.org%3E"
}
]
},