admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-05-18 00:01:16 +00:00
parent 04aa1c5f59
commit 63e92cfef2
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
7 changed files with 489 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

72
2019/20xxx/CVE-2019-20797.json Normal file
View File

@ -0,0 +1,72 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-20797",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in e6y prboom-plus 2.5.1.5. There is a buffer overflow in client and server code responsible for handling received UDP packets, as demonstrated by I_SendPacket or I_SendPacketTo in i_network.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://sourceforge.net/p/prboom-plus/bugs/252/",
"refsource": "MISC",
"name": "https://sourceforge.net/p/prboom-plus/bugs/252/"
},
{
"url": "https://sourceforge.net/p/prboom-plus/bugs/253/",
"refsource": "MISC",
"name": "https://sourceforge.net/p/prboom-plus/bugs/253/"
},
{
"url": "https://logicaltrust.net/blog/2019/10/prboom1.html",
"refsource": "MISC",
"name": "https://logicaltrust.net/blog/2019/10/prboom1.html"
}
]
}
}

67
2019/20xxx/CVE-2019-20798.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-20798",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An XSS issue was discovered in handler_server_info.c in Cherokee through 1.2.104. The requested URL is improperly displayed on the About page in the default configuration of the web server and its administrator panel. The XSS in the administrator panel can be used to reconfigure the server and execute arbitrary commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://logicaltrust.net/blog/2019/11/cherokee.html",
"refsource": "MISC",
"name": "https://logicaltrust.net/blog/2019/11/cherokee.html"
},
{
"url": "https://github.com/cherokee/webserver/issues/1227",
"refsource": "MISC",
"name": "https://github.com/cherokee/webserver/issues/1227"
}
]
}
}

82
2019/20xxx/CVE-2019-20799.json Normal file
View File

@ -0,0 +1,82 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-20799",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Cherokee through 1.2.104, multiple memory corruption errors may be used by a remote attacker to destabilize the work of a server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://logicaltrust.net/blog/2019/11/cherokee.html",
"refsource": "MISC",
"name": "https://logicaltrust.net/blog/2019/11/cherokee.html"
},
{
"url": "https://github.com/cherokee/webserver/issues/1226",
"refsource": "MISC",
"name": "https://github.com/cherokee/webserver/issues/1226"
},
{
"url": "https://github.com/cherokee/webserver/issues/1225",
"refsource": "MISC",
"name": "https://github.com/cherokee/webserver/issues/1225"
},
{
"url": "https://github.com/cherokee/webserver/issues/1222",
"refsource": "MISC",
"name": "https://github.com/cherokee/webserver/issues/1222"
},
{
"url": "https://github.com/cherokee/webserver/issues/1221",
"refsource": "MISC",
"name": "https://github.com/cherokee/webserver/issues/1221"
}
]
}
}

67
2019/20xxx/CVE-2019-20800.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-20800",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Cherokee through 1.2.104, remote attackers can trigger an out-of-bounds write in cherokee_handler_cgi_add_env_pair in handler_cgi.c by sending many request headers, as demonstrated by a GET request with many \"Host: 127.0.0.1\" headers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://logicaltrust.net/blog/2019/11/cherokee.html",
"refsource": "MISC",
"name": "https://logicaltrust.net/blog/2019/11/cherokee.html"
},
{
"url": "https://github.com/cherokee/webserver/issues/1224",
"refsource": "MISC",
"name": "https://github.com/cherokee/webserver/issues/1224"
}
]
}
}

67
2019/20xxx/CVE-2019-20801.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-20801",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the Readdle Documents app before 6.9.7 for iOS. The application's file-transfer web server allows for cross-origin requests from any domain, and the WebSocket server lacks authorization control. Any web site can execute JavaScript code (that accesses a user's data) via cross-origin requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://apps.apple.com/us/app/documents-by-readdle/id364901807",
"refsource": "MISC",
"name": "https://apps.apple.com/us/app/documents-by-readdle/id364901807"
},
{
"url": "https://logicaltrust.net/blog/2019/12/documents.html#authorization",
"refsource": "MISC",
"name": "https://logicaltrust.net/blog/2019/12/documents.html#authorization"
}
]
}
}

67
2019/20xxx/CVE-2019-20802.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-20802",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the Readdle Documents app before 6.9.7 for iOS. The application's file-transfer web server improperly displays directory names, leading to Stored XSS, which may be used to steal a user's data. This requires user interaction because there is no known direct way for an attacker to create a crafted directory name on a victim's device. However, a crafted directory name can occur if a victim extracts a ZIP archive that was provided by an attacker."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://apps.apple.com/us/app/documents-by-readdle/id364901807",
"refsource": "MISC",
"name": "https://apps.apple.com/us/app/documents-by-readdle/id364901807"
},
{
"url": "https://logicaltrust.net/blog/2019/12/documents.html#xss",
"refsource": "MISC",
"name": "https://logicaltrust.net/blog/2019/12/documents.html#xss"
}
]
}
}

67
2020/13xxx/CVE-2020-13128.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-13128",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Manolo GWTUpload 1.0.3. server/UploadServlet.java (the servlet for handling file upload) accepts a delay parameter that causes a thread to sleep. It can be abused to cause all of a server's threads to sleep, leading to denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/manolo/gwtupload/issues/33",
"refsource": "MISC",
"name": "https://github.com/manolo/gwtupload/issues/33"
},
{
"url": "https://logicaltrust.net/blog/2020/02/gwt-upload.html",
"refsource": "MISC",
"name": "https://logicaltrust.net/blog/2020/02/gwt-upload.html"
}
]
}
}