mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-05-06 02:32:02 +00:00
"-Synchronized-Data."
This commit is contained in:
CVE Team
parent
02f0e3eaa3
commit
565263181f
@ -2,7 +2,30 @@
|
|||||||
"CVE_data_meta": {
|
"CVE_data_meta": {
|
||||||
"ASSIGNER": "cve@mitre.org",
|
"ASSIGNER": "cve@mitre.org",
|
||||||
"ID": "CVE-2018-8956",
|
"ID": "CVE-2018-8956",
|
||||||
"STATE": "RESERVED"
|
"STATE": "PUBLIC"
|
||||||
|
},
|
||||||
|
"affects": {
|
||||||
|
"vendor": {
|
||||||
|
"vendor_data": [
|
||||||
|
{
|
||||||
|
"product": {
|
||||||
|
"product_data": [
|
||||||
|
{
|
||||||
|
"product_name": "n/a",
|
||||||
|
"version": {
|
||||||
|
"version_data": [
|
||||||
|
{
|
||||||
|
"version_value": "n/a"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"vendor_name": "n/a"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
},
|
},
|
||||||
"data_format": "MITRE",
|
"data_format": "MITRE",
|
||||||
"data_type": "CVE",
|
"data_type": "CVE",
|
||||||
@ -11,7 +34,43 @@
|
|||||||
"description_data": [
|
"description_data": [
|
||||||
{
|
{
|
||||||
"lang": "eng",
|
"lang": "eng",
|
||||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
"value": "ntpd in ntp 4.2.8p10, 4.2.8p11, 4.2.8p12 and 4.2.8p13 allow remote attackers to prevent a broadcast client from synchronizing its clock with a broadcast NTP server via soofed mode 3 and mode 5 packets. The attacker must either be a part of the same broadcast network or control a slave in that broadcast network that can capture certain required packets on the attacker's behalf and send them to the attacker."
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"problemtype": {
|
||||||
|
"problemtype_data": [
|
||||||
|
{
|
||||||
|
"description": [
|
||||||
|
{
|
||||||
|
"lang": "eng",
|
||||||
|
"value": "n/a"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"references": {
|
||||||
|
"reference_data": [
|
||||||
|
{
|
||||||
|
"url": "http://www.ntp.org/",
|
||||||
|
"refsource": "MISC",
|
||||||
|
"name": "http://www.ntp.org/"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"url": "https://tools.ietf.org/html/rfc5905",
|
||||||
|
"refsource": "MISC",
|
||||||
|
"name": "https://tools.ietf.org/html/rfc5905"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"refsource": "MISC",
|
||||||
|
"name": "https://nikhiltripathi.in/NTP_attack.pdf",
|
||||||
|
"url": "https://nikhiltripathi.in/NTP_attack.pdf"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"refsource": "MISC",
|
||||||
|
"name": "https://arxiv.org/abs/2005.01783",
|
||||||
|
"url": "https://arxiv.org/abs/2005.01783"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|||||||
@ -250,6 +250,11 @@
|
|||||||
"refsource": "MISC",
|
"refsource": "MISC",
|
||||||
"name": "http://packetstormsecurity.com/files/156373/Microsoft-Windows-10-MSI-Privilege-Escalation.html",
|
"name": "http://packetstormsecurity.com/files/156373/Microsoft-Windows-10-MSI-Privilege-Escalation.html",
|
||||||
"url": "http://packetstormsecurity.com/files/156373/Microsoft-Windows-10-MSI-Privilege-Escalation.html"
|
"url": "http://packetstormsecurity.com/files/156373/Microsoft-Windows-10-MSI-Privilege-Escalation.html"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"refsource": "MISC",
|
||||||
|
"name": "https://github.com/nu11secur1ty/Windows10Exploits/blob/master/Undefined/CVE-2020-0683/README.md",
|
||||||
|
"url": "https://github.com/nu11secur1ty/Windows10Exploits/blob/master/Undefined/CVE-2020-0683/README.md"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|||||||
@ -34,7 +34,7 @@
|
|||||||
"description_data": [
|
"description_data": [
|
||||||
{
|
{
|
||||||
"lang": "eng",
|
"lang": "eng",
|
||||||
"value": "airhost.exe in Zoom Client for Meetings 4.6.11 uses the SHA-256 hash of 0123425234234fsdfsdr3242 for initialization of an OpenSSL EVP AES-256 CBC context."
|
"value": "** DISPUTED ** airhost.exe in Zoom Client for Meetings 4.6.11 uses the SHA-256 hash of 0123425234234fsdfsdr3242 for initialization of an OpenSSL EVP AES-256 CBC context. NOTE: the vendor states that this initialization only occurs within unreachable code."
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
|
|||||||
@ -34,7 +34,7 @@
|
|||||||
"description_data": [
|
"description_data": [
|
||||||
{
|
{
|
||||||
"lang": "eng",
|
"lang": "eng",
|
||||||
"value": "airhost.exe in Zoom Client for Meetings 4.6.11 uses 3423423432325249 as the Initialization Vector (IV) for AES-256 CBC encryption."
|
"value": "** DISPUTED ** airhost.exe in Zoom Client for Meetings 4.6.11 uses 3423423432325249 as the Initialization Vector (IV) for AES-256 CBC encryption. NOTE: the vendor states that this IV is used only within unreachable code."
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
|
|||||||
@ -1,17 +1,66 @@
|
|||||||
{
|
{
|
||||||
"data_type": "CVE",
|
|
||||||
"data_format": "MITRE",
|
|
||||||
"data_version": "4.0",
|
|
||||||
"CVE_data_meta": {
|
"CVE_data_meta": {
|
||||||
"ID": "CVE-2020-12669",
|
|
||||||
"ASSIGNER": "cve@mitre.org",
|
"ASSIGNER": "cve@mitre.org",
|
||||||
"STATE": "RESERVED"
|
"ID": "CVE-2020-12669",
|
||||||
|
"STATE": "PUBLIC"
|
||||||
},
|
},
|
||||||
|
"affects": {
|
||||||
|
"vendor": {
|
||||||
|
"vendor_data": [
|
||||||
|
{
|
||||||
|
"product": {
|
||||||
|
"product_data": [
|
||||||
|
{
|
||||||
|
"product_name": "n/a",
|
||||||
|
"version": {
|
||||||
|
"version_data": [
|
||||||
|
{
|
||||||
|
"version_value": "n/a"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"vendor_name": "n/a"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"data_format": "MITRE",
|
||||||
|
"data_type": "CVE",
|
||||||
|
"data_version": "4.0",
|
||||||
"description": {
|
"description": {
|
||||||
"description_data": [
|
"description_data": [
|
||||||
{
|
{
|
||||||
"lang": "eng",
|
"lang": "eng",
|
||||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
"value": "core/get_menudiv.php in Dolibarr before 11.0.4 allows remote authenticated attackers to bypass intended access restrictions via a non-alphanumeric menu parameter."
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"problemtype": {
|
||||||
|
"problemtype_data": [
|
||||||
|
{
|
||||||
|
"description": [
|
||||||
|
{
|
||||||
|
"lang": "eng",
|
||||||
|
"value": "n/a"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"references": {
|
||||||
|
"reference_data": [
|
||||||
|
{
|
||||||
|
"url": "https://github.com/Dolibarr/dolibarr/commit/c1b530f58f6f01081ddbeaa2092ef308c3ec2727",
|
||||||
|
"refsource": "MISC",
|
||||||
|
"name": "https://github.com/Dolibarr/dolibarr/commit/c1b530f58f6f01081ddbeaa2092ef308c3ec2727"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"refsource": "MISC",
|
||||||
|
"name": "https://sourceforge.net/projects/dolibarr/files/Dolibarr%20ERP-CRM/11.0.4/",
|
||||||
|
"url": "https://sourceforge.net/projects/dolibarr/files/Dolibarr%20ERP-CRM/11.0.4/"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|||||||
@ -176,6 +176,11 @@
|
|||||||
"name": "FEDORA-2020-b2a2c830cf",
|
"name": "FEDORA-2020-b2a2c830cf",
|
||||||
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MOCTR2SEHCPSCOVUQJAGFPGKFMI2VE6V/"
|
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MOCTR2SEHCPSCOVUQJAGFPGKFMI2VE6V/"
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
"refsource": "UBUNTU",
|
||||||
|
"name": "USN-4329-1",
|
||||||
|
"url": "https://usn.ubuntu.com/4329-1/"
|
||||||
|
},
|
||||||
{
|
{
|
||||||
"refsource": "FEDORA",
|
"refsource": "FEDORA",
|
||||||
"name": "FEDORA-2020-4e093619bb",
|
"name": "FEDORA-2020-4e093619bb",
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user