admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-02-25 19:01:09 +00:00
parent 2d82c81905
commit 61c33205b4
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
18 changed files with 509 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

66
2016/11xxx/CVE-2016-11020.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-11020",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2016-11020",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Kunena before 5.0.4 does not restrict avatar file extensions to gif, jpeg, jpg, and png. This can lead to XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.kunena.org/bugs/changelog",
"refsource": "MISC",
"name": "https://www.kunena.org/bugs/changelog"
},
{
"url": "https://github.com/Kunena/Kunena-Forum/pull/5028",
"refsource": "MISC",
"name": "https://github.com/Kunena/Kunena-Forum/pull/5028"
},
{
"refsource": "MISC",
"name": "https://www.kunena.org/blog/179-kunena-5-0-4-released",
"url": "https://www.kunena.org/blog/179-kunena-5-0-4-released"
}
]
}

5
2019/15xxx/CVE-2019-15604.json
View File

@ -93,6 +93,11 @@
"refsource": "REDHAT",
"name": "RHSA-2020:0598",
"url": "https://access.redhat.com/errata/RHSA-2020:0598"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0602",
"url": "https://access.redhat.com/errata/RHSA-2020:0602"
}
]
},

5
2019/15xxx/CVE-2019-15605.json
View File

@ -103,6 +103,11 @@
"refsource": "REDHAT",
"name": "RHSA-2020:0598",
"url": "https://access.redhat.com/errata/RHSA-2020:0598"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0602",
"url": "https://access.redhat.com/errata/RHSA-2020:0602"
}
]
},

5
2019/15xxx/CVE-2019-15606.json
View File

@ -93,6 +93,11 @@
"refsource": "REDHAT",
"name": "RHSA-2020:0598",
"url": "https://access.redhat.com/errata/RHSA-2020:0598"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0602",
"url": "https://access.redhat.com/errata/RHSA-2020:0602"
}
]
},

5
2019/16xxx/CVE-2019-16775.json
View File

@ -115,6 +115,11 @@
"refsource": "REDHAT",
"name": "RHSA-2020:0597",
"url": "https://access.redhat.com/errata/RHSA-2020:0597"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0602",
"url": "https://access.redhat.com/errata/RHSA-2020:0602"
}
]
},

5
2019/16xxx/CVE-2019-16776.json
View File

@ -115,6 +115,11 @@
"refsource": "REDHAT",
"name": "RHSA-2020:0597",
"url": "https://access.redhat.com/errata/RHSA-2020:0597"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0602",
"url": "https://access.redhat.com/errata/RHSA-2020:0602"
}
]
},

5
2019/16xxx/CVE-2019-16777.json
View File

@ -115,6 +115,11 @@
"refsource": "REDHAT",
"name": "RHSA-2020:0597",
"url": "https://access.redhat.com/errata/RHSA-2020:0597"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0602",
"url": "https://access.redhat.com/errata/RHSA-2020:0602"
}
]
},

5
2019/20xxx/CVE-2019-20444.json
View File

@ -221,6 +221,11 @@
"refsource": "MLIST",
"name": "[hadoop-common-issues] 20200225 [jira] [Commented] (HADOOP-16871) Upgrade Netty version to 4.1.45.Final to handle CVE-2019-20444,CVE-2019-16869",
"url": "https://lists.apache.org/thread.html/r0c3d49bfdbc62fd3915676433cc5899c5506d06da1c552ef1b7923a5@%3Ccommon-issues.hadoop.apache.org%3E"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0601",
"url": "https://access.redhat.com/errata/RHSA-2020:0601"
}
]
}

5
2019/20xxx/CVE-2019-20445.json
View File

@ -171,6 +171,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20200219 [SECURITY] [DLA 2110-1] netty-3.9 security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00018.html"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0601",
"url": "https://access.redhat.com/errata/RHSA-2020:0601"
}
]
}

58
2019/3xxx/CVE-2019-3999.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3999",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-3999",
"ASSIGNER": "vulnreport@tenable.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Druva inSync Windows Client",
"version": {
"version_data": [
{
"version_value": "6.5.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unauthenticated OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.tenable.com/security/research/tra-2020-12",
"url": "https://www.tenable.com/security/research/tra-2020-12"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper neutralization of special elements used in an OS command in Druva inSync Windows Client 6.5.0 allows a local, unauthenticated attacker to execute arbitrary operating system commands with SYSTEM privileges."
}
]
}

5
2020/7xxx/CVE-2020-7238.json
View File

@ -76,6 +76,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20200219 [SECURITY] [DLA 2110-1] netty-3.9 security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00018.html"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0601",
"url": "https://access.redhat.com/errata/RHSA-2020:0601"
}
]
}

61
2020/8xxx/CVE-2020-8809.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8809",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-8809",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Gurux GXDLMS Director prior to 8.5.1905.1301 downloads updates to add-ins and OBIS code over an unencrypted HTTP connection. A man-in-the-middle attacker can prompt the user to download updates by modifying the contents of gurux.fi/obis/files.xml and gurux.fi/updates/updates.xml. Then, the attacker can modify the contents of downloaded files. In the case of add-ins (if the user is using those), this will lead to code execution. In case of OBIS codes (which the user is always using as they are needed to communicate with the energy meters), this can lead to code execution when combined with CVE-2020-8810."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://seqred.pl/en/cve-gurux-gxdlms-director/",
"url": "https://seqred.pl/en/cve-gurux-gxdlms-director/"
},
{
"refsource": "MISC",
"name": "https://github.com/seqred-s-a/gxdlmsdirector-cve",
"url": "https://github.com/seqred-s-a/gxdlmsdirector-cve"
}
]
}

61
2020/8xxx/CVE-2020-8810.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8810",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-8810",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in Gurux GXDLMS Director through 8.5.1905.1301. When downloading OBIS codes, it does not verify that the downloaded files are actual OBIS codes and doesn't check for path traversal. This allows the attacker exploiting CVE-2020-8809 to send executable files and place them in an autorun directory, or to place DLLs inside the existing GXDLMS Director installation (run on next execution of GXDLMS Director). This can be used to achieve code execution even if the user doesn't have any add-ins installed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://seqred.pl/en/cve-gurux-gxdlms-director/",
"url": "https://seqred.pl/en/cve-gurux-gxdlms-director/"
},
{
"refsource": "MISC",
"name": "https://github.com/seqred-s-a/gxdlmsdirector-cve",
"url": "https://github.com/seqred-s-a/gxdlmsdirector-cve"
}
]
}

61
2020/9xxx/CVE-2020-9379.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-9379",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-9379",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Software Development Kit of the MiContact Center Business with Site Based Security 8.0 through 9.0.1.0 before KB496276 allows an authenticated user to access sensitive information. A successful exploit could allow unauthorized access to user conversations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.mitel.com/support/security-advisories",
"refsource": "MISC",
"name": "https://www.mitel.com/support/security-advisories"
},
{
"refsource": "CONFIRM",
"name": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-20-0003",
"url": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-20-0003"
}
]
}

18
2020/9xxx/CVE-2020-9392.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-9392",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

76
2020/9xxx/CVE-2020-9393.json Normal file
View File

@ -0,0 +1,76 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-9393",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. It allows XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wordpress.org/plugins/pricing-table-by-supsystic/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/pricing-table-by-supsystic/#developers"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:N/A:N/C:L/I:L/PR:N/S:C/UI:N",
"version": "3.0"
}
}
}

76
2020/9xxx/CVE-2020-9394.json Normal file
View File

@ -0,0 +1,76 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-9394",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. It allows CSRF."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wordpress.org/plugins/pricing-table-by-supsystic/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/pricing-table-by-supsystic/#developers"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:R",
"version": "3.0"
}
}
}

18
2020/9xxx/CVE-2020-9395.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-9395",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}