admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-01-02 18:01:01 +00:00
parent ffd6da8f91
commit 630b31cd8a
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
24 changed files with 371 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

70
2013/3xxx/CVE-2013-3619.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2013-3619",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Supermicro",
"product": {
"product_data": [
{
"product_name": "IPMI",
"version": {
"version_data": [
{
"version_value": "before SMT_X9_317 and before SMT X8 312"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,48 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Intelligent Platform Management Interface (IPMI) with firmware for Supermicro X9 generation motherboards before SMT_X9_317 and firmware for Supermicro X8 generation motherboards before SMT X8 312 contain harcoded private encryption keys for the (1) Lighttpd web server SSL interface and the (2) Dropbear SSH daemon."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://support.citrix.com/article/CTX216642",
"url": "https://support.citrix.com/article/CTX216642"
},
{
"refsource": "CONFIRM",
"name": "http://support.citrix.com/article/CTX216642",
"url": "http://support.citrix.com/article/CTX216642"
},
{
"url": "https://community.rapid7.com/community/metasploit/blog/2013/11/05/supermicro-ipmi-firmware-vulnerabilities",
"refsource": "MISC",
"name": "https://community.rapid7.com/community/metasploit/blog/2013/11/05/supermicro-ipmi-firmware-vulnerabilities"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89044",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89044"
},
{
"refsource": "CONFIRM",
"name": "https://www.supermicro.com/products/nfo/files/IPMI/CVE_Update.pdf",
"url": "https://www.supermicro.com/products/nfo/files/IPMI/CVE_Update.pdf"
}
]
}

70
2013/3xxx/CVE-2013-3620.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2013-3620",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Supermicro",
"product": {
"product_data": [
{
"product_name": "IPMI",
"version": {
"version_data": [
{
"version_value": "before 3.15 (SMT_X9_315) and before SMT X8 312"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,48 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Hardcoded WSMan credentials in Intelligent Platform Management Interface (IPMI) with firmware for Supermicro X9 generation motherboards before 3.15 (SMT_X9_315) and firmware for Supermicro X8 generation motherboards before SMT X8 312."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://support.citrix.com/article/CTX216642",
"url": "https://support.citrix.com/article/CTX216642"
},
{
"refsource": "CONFIRM",
"name": "http://support.citrix.com/article/CTX216642",
"url": "http://support.citrix.com/article/CTX216642"
},
{
"url": "https://community.rapid7.com/community/metasploit/blog/2013/11/05/supermicro-ipmi-firmware-vulnerabilities",
"refsource": "MISC",
"name": "https://community.rapid7.com/community/metasploit/blog/2013/11/05/supermicro-ipmi-firmware-vulnerabilities"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89045",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89045"
},
{
"refsource": "CONFIRM",
"name": "https://www.supermicro.com/products/nfo/files/IPMI/CVE_Update.pdf",
"url": "https://www.supermicro.com/products/nfo/files/IPMI/CVE_Update.pdf"
}
]
}

14
2013/3xxx/CVE-2013-3621.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3621",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2013-3621",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-3607. Reason: This candidate is a reservation duplicate of CVE-2013-3607. Notes: All CVE users should reference CVE-2013-3607 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}

18
2013/7xxx/CVE-2013-7485.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2013-7485",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2013/7xxx/CVE-2013-7486.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2013-7486",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

55
2014/0xxx/CVE-2014-0161.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0161",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "ovirt-engine-sdk-python",
"product": {
"product_data": [
{
"product_name": "ovirt-engine-sdk-python",
"version": {
"version_data": [
{
"version_value": "before 3.4.0.7 and 3.5.0.4"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "ovirt-engine-sdk-python before 3.4.0.7 and 3.5.0.4 does not verify that the hostname of the remote endpoint matches the Common Name (CN) or subjectAltName as specified by its x.509 certificate in a TLS/SSL session. This could allow man-in-the-middle attackers to spoof remote endpoints via an arbitrary valid certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "does not verify that the remote endpoint's hostname matches a domain name in the subject's CN or subjectAltName field of the x.509 certificate"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0161",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0161"
},
{
"url": "https://access.redhat.com/security/cve/cve-2014-0161",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2014-0161"
}
]
}

5
2019/17xxx/CVE-2019-17631.json
View File

@ -66,6 +66,11 @@
"refsource": "REDHAT",
"name": "RHSA-2019:4115",
"url": "https://access.redhat.com/errata/RHSA-2019:4115"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0006",
"url": "https://access.redhat.com/errata/RHSA-2020:0006"
}
]
}

5
2019/2xxx/CVE-2019-2945.json
View File

@ -156,6 +156,11 @@
"refsource": "UBUNTU",
"name": "USN-4223-1",
"url": "https://usn.ubuntu.com/4223-1/"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0006",
"url": "https://access.redhat.com/errata/RHSA-2020:0006"
}
]
}

5
2019/2xxx/CVE-2019-2962.json
View File

@ -156,6 +156,11 @@
"refsource": "UBUNTU",
"name": "USN-4223-1",
"url": "https://usn.ubuntu.com/4223-1/"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0006",
"url": "https://access.redhat.com/errata/RHSA-2020:0006"
}
]
}

5
2019/2xxx/CVE-2019-2964.json
View File

@ -156,6 +156,11 @@
"refsource": "UBUNTU",
"name": "USN-4223-1",
"url": "https://usn.ubuntu.com/4223-1/"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0006",
"url": "https://access.redhat.com/errata/RHSA-2020:0006"
}
]
}

5
2019/2xxx/CVE-2019-2973.json
View File

@ -156,6 +156,11 @@
"refsource": "UBUNTU",
"name": "USN-4223-1",
"url": "https://usn.ubuntu.com/4223-1/"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0006",
"url": "https://access.redhat.com/errata/RHSA-2020:0006"
}
]
}

5
2019/2xxx/CVE-2019-2975.json
View File

@ -131,6 +131,11 @@
"refsource": "UBUNTU",
"name": "USN-4223-1",
"url": "https://usn.ubuntu.com/4223-1/"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0006",
"url": "https://access.redhat.com/errata/RHSA-2020:0006"
}
]
}

5
2019/2xxx/CVE-2019-2978.json
View File

@ -156,6 +156,11 @@
"refsource": "UBUNTU",
"name": "USN-4223-1",
"url": "https://usn.ubuntu.com/4223-1/"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0006",
"url": "https://access.redhat.com/errata/RHSA-2020:0006"
}
]
}

5
2019/2xxx/CVE-2019-2981.json
View File

@ -156,6 +156,11 @@
"refsource": "UBUNTU",
"name": "USN-4223-1",
"url": "https://usn.ubuntu.com/4223-1/"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0006",
"url": "https://access.redhat.com/errata/RHSA-2020:0006"
}
]
}

5
2019/2xxx/CVE-2019-2983.json
View File

@ -156,6 +156,11 @@
"refsource": "UBUNTU",
"name": "USN-4223-1",
"url": "https://usn.ubuntu.com/4223-1/"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0006",
"url": "https://access.redhat.com/errata/RHSA-2020:0006"
}
]
}

5
2019/2xxx/CVE-2019-2988.json
View File

@ -156,6 +156,11 @@
"refsource": "UBUNTU",
"name": "USN-4223-1",
"url": "https://usn.ubuntu.com/4223-1/"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0006",
"url": "https://access.redhat.com/errata/RHSA-2020:0006"
}
]
}

5
2019/2xxx/CVE-2019-2989.json
View File

@ -156,6 +156,11 @@
"refsource": "UBUNTU",
"name": "USN-4223-1",
"url": "https://usn.ubuntu.com/4223-1/"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0006",
"url": "https://access.redhat.com/errata/RHSA-2020:0006"
}
]
}

5
2019/2xxx/CVE-2019-2992.json
View File

@ -156,6 +156,11 @@
"refsource": "UBUNTU",
"name": "USN-4223-1",
"url": "https://usn.ubuntu.com/4223-1/"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0006",
"url": "https://access.redhat.com/errata/RHSA-2020:0006"
}
]
}

5
2019/2xxx/CVE-2019-2996.json
View File

@ -76,6 +76,11 @@
"refsource": "REDHAT",
"name": "RHSA-2019:4115",
"url": "https://access.redhat.com/errata/RHSA-2019:4115"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0006",
"url": "https://access.redhat.com/errata/RHSA-2020:0006"
}
]
}

5
2019/2xxx/CVE-2019-2999.json
View File

@ -152,6 +152,11 @@
"refsource": "UBUNTU",
"name": "USN-4223-1",
"url": "https://usn.ubuntu.com/4223-1/"
},
{
"refsource": "REDHAT",
"name": "RHSA-2020:0006",
"url": "https://access.redhat.com/errata/RHSA-2020:0006"
}
]
}

18
2020/5xxx/CVE-2020-5194.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-5194",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/5xxx/CVE-2020-5195.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-5195",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/5xxx/CVE-2020-5196.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-5196",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/5xxx/CVE-2020-5197.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-5197",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}