admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-04-01 13:01:16 +00:00
parent 7a747229ab
commit 67e47f5ce6
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
8 changed files with 313 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
2019/19xxx/CVE-2019-19605.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "X-Plane 11.41 and earlier allows Arbitrary Memory Write via crafted network packets, which could cause a denial of service or arbitrary code execution."
"value": "X-Plane before 11.41 allows Arbitrary Memory Write via crafted network packets, which could cause a denial of service or arbitrary code execution."
}
]
},

2
2019/19xxx/CVE-2019-19606.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "X-Plane 11.41 and earlier has multiple improper path validations that could allow reading and writing files from/to arbitrary paths (or a leak of OS credentials to a remote system) via crafted network packets. This could be used to execute arbitrary commands on the system."
"value": "X-Plane before 11.41 has multiple improper path validations that could allow reading and writing files from/to arbitrary paths (or a leak of OS credentials to a remote system) via crafted network packets. This could be used to execute arbitrary commands on the system."
}
]
},

2
2020/11xxx/CVE-2020-11441.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "phpMyAdmin 5.0.2 allows CRLF injection, as demonstrated by %0D%0Astring%0D%0A inputs to login form fields causing CRLF sequences to be reflected on an error page."
"value": "** DISPUTED ** phpMyAdmin 5.0.2 allows CRLF injection, as demonstrated by %0D%0Astring%0D%0A inputs to login form fields causing CRLF sequences to be reflected on an error page. NOTE: the vendor states \"I don't see anything specifically exploitable.\""
}
]
},

66
2020/5xxx/CVE-2020-5391.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-5391",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-5391",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site request forgery (CSRF) vulnerabilities exist in the Auth0 plugin before 4.0.0 for WordPress via the domain field."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/auth0/wp-auth0/releases",
"refsource": "MISC",
"name": "https://github.com/auth0/wp-auth0/releases"
},
{
"refsource": "CONFIRM",
"name": "https://auth0.com/docs/security/bulletins/2020-03-31_wpauth0",
"url": "https://auth0.com/docs/security/bulletins/2020-03-31_wpauth0"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/auth0/wp-auth0/security/advisories/GHSA-59vf-cgfw-6h6v",
"url": "https://github.com/auth0/wp-auth0/security/advisories/GHSA-59vf-cgfw-6h6v"
}
]
}

66
2020/5xxx/CVE-2020-5392.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-5392",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-5392",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A stored cross-site scripting (XSS) vulnerability exists in the Auth0 plugin before 4.0.0 for WordPress via the settings page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/auth0/wp-auth0/releases",
"refsource": "MISC",
"name": "https://github.com/auth0/wp-auth0/releases"
},
{
"refsource": "CONFIRM",
"name": "https://auth0.com/docs/security/bulletins/2020-03-31_wpauth0",
"url": "https://auth0.com/docs/security/bulletins/2020-03-31_wpauth0"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/auth0/wp-auth0/security/advisories/GHSA-59vf-cgfw-6h6v",
"url": "https://github.com/auth0/wp-auth0/security/advisories/GHSA-59vf-cgfw-6h6v"
}
]
}

66
2020/6xxx/CVE-2020-6753.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-6753",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-6753",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Login by Auth0 plugin before 4.0.0 for WordPress allows stored XSS on multiple pages, a different issue than CVE-2020-5392."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/auth0/wp-auth0/releases",
"refsource": "MISC",
"name": "https://github.com/auth0/wp-auth0/releases"
},
{
"refsource": "CONFIRM",
"name": "https://auth0.com/docs/security/bulletins/2020-03-31_wpauth0",
"url": "https://auth0.com/docs/security/bulletins/2020-03-31_wpauth0"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/auth0/wp-auth0/security/advisories/GHSA-59vf-cgfw-6h6v",
"url": "https://github.com/auth0/wp-auth0/security/advisories/GHSA-59vf-cgfw-6h6v"
}
]
}

71
2020/7xxx/CVE-2020-7947.json
View File

@ -1,17 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-7947",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-7947",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in the Login by Auth0 plugin before 4.0.0 for WordPress. It has numerous fields that can contain data that is pulled from different sources. One issue with this is that the data isn't sanitized, and no input validation is performed, before the exporting of the user data. This can lead to (at least) CSV injection if a crafted Excel document is uploaded."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wordpress.org/plugins/auth0/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/auth0/#developers"
},
{
"url": "https://auth0.com/docs/cms/wordpress",
"refsource": "MISC",
"name": "https://auth0.com/docs/cms/wordpress"
},
{
"refsource": "CONFIRM",
"name": "https://auth0.com/docs/security/bulletins/2020-03-31_wpauth0",
"url": "https://auth0.com/docs/security/bulletins/2020-03-31_wpauth0"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/auth0/wp-auth0/security/advisories/GHSA-59vf-cgfw-6h6v",
"url": "https://github.com/auth0/wp-auth0/security/advisories/GHSA-59vf-cgfw-6h6v"
}
]
}

71
2020/7xxx/CVE-2020-7948.json
View File

@ -1,17 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-7948",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-7948",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in the Login by Auth0 plugin before 4.0.0 for WordPress. A user can perform an insecure direct object reference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wordpress.org/plugins/auth0/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/auth0/#developers"
},
{
"url": "https://auth0.com/docs/cms/wordpress",
"refsource": "MISC",
"name": "https://auth0.com/docs/cms/wordpress"
},
{
"refsource": "CONFIRM",
"name": "https://auth0.com/docs/security/bulletins/2020-03-31_wpauth0",
"url": "https://auth0.com/docs/security/bulletins/2020-03-31_wpauth0"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/auth0/wp-auth0/security/advisories/GHSA-59vf-cgfw-6h6v",
"url": "https://github.com/auth0/wp-auth0/security/advisories/GHSA-59vf-cgfw-6h6v"
}
]
}