admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-21 05:40:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-01-08 20:01:21 +00:00
parent f6994f828d
commit 69f3c99f5c
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
27 changed files with 908 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2017/14xxx/CVE-2017-14165.json
View File

@ -66,6 +66,11 @@
"name": "http://hg.code.sf.net/p/graphicsmagick/code/rev/493da54370aa",
"refsource": "MISC",
"url": "http://hg.code.sf.net/p/graphicsmagick/code/rev/493da54370aa"
},
{
"refsource": "UBUNTU",
"name": "USN-4232-1",
"url": "https://usn.ubuntu.com/4232-1/"
}
]
}

5
2017/14xxx/CVE-2017-14314.json
View File

@ -71,6 +71,11 @@
"name": "https://sourceforge.net/p/graphicsmagick/bugs/448/",
"refsource": "CONFIRM",
"url": "https://sourceforge.net/p/graphicsmagick/bugs/448/"
},
{
"refsource": "UBUNTU",
"name": "USN-4232-1",
"url": "https://usn.ubuntu.com/4232-1/"
}
]
}

5
2017/14xxx/CVE-2017-14504.json
View File

@ -91,6 +91,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-425a1aa7c9",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/"
},
{
"refsource": "UBUNTU",
"name": "USN-4232-1",
"url": "https://usn.ubuntu.com/4232-1/"
}
]
}

5
2017/14xxx/CVE-2017-14649.json
View File

@ -81,6 +81,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-425a1aa7c9",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/"
},
{
"refsource": "UBUNTU",
"name": "USN-4232-1",
"url": "https://usn.ubuntu.com/4232-1/"
}
]
}

5
2017/14xxx/CVE-2017-14733.json
View File

@ -81,6 +81,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-425a1aa7c9",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/"
},
{
"refsource": "UBUNTU",
"name": "USN-4232-1",
"url": "https://usn.ubuntu.com/4232-1/"
}
]
}

5
2017/14xxx/CVE-2017-14994.json
View File

@ -91,6 +91,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-425a1aa7c9",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/"
},
{
"refsource": "UBUNTU",
"name": "USN-4232-1",
"url": "https://usn.ubuntu.com/4232-1/"
}
]
}

5
2017/14xxx/CVE-2017-14997.json
View File

@ -91,6 +91,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-425a1aa7c9",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/"
},
{
"refsource": "UBUNTU",
"name": "USN-4232-1",
"url": "https://usn.ubuntu.com/4232-1/"
}
]
}

5
2017/15xxx/CVE-2017-15277.json
View File

@ -91,6 +91,11 @@
"name": "https://github.com/ImageMagick/ImageMagick/commit/9fd10cf630832b36a588c1545d8736539b2f1fb5",
"refsource": "MISC",
"url": "https://github.com/ImageMagick/ImageMagick/commit/9fd10cf630832b36a588c1545d8736539b2f1fb5"
},
{
"refsource": "UBUNTU",
"name": "USN-4232-1",
"url": "https://usn.ubuntu.com/4232-1/"
}
]
}

5
2017/15xxx/CVE-2017-15930.json
View File

@ -91,6 +91,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-425a1aa7c9",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/"
},
{
"refsource": "UBUNTU",
"name": "USN-4232-1",
"url": "https://usn.ubuntu.com/4232-1/"
}
]
}

5
2017/16xxx/CVE-2017-16352.json
View File

@ -91,6 +91,11 @@
"name": "ftp://ftp.graphicsmagick.org/pub/GraphicsMagick/snapshots/ChangeLog.txt",
"refsource": "MISC",
"url": "ftp://ftp.graphicsmagick.org/pub/GraphicsMagick/snapshots/ChangeLog.txt"
},
{
"refsource": "UBUNTU",
"name": "USN-4232-1",
"url": "https://usn.ubuntu.com/4232-1/"
}
]
}

5
2017/16xxx/CVE-2017-16353.json
View File

@ -91,6 +91,11 @@
"name": "ftp://ftp.graphicsmagick.org/pub/GraphicsMagick/snapshots/ChangeLog.txt",
"refsource": "MISC",
"url": "ftp://ftp.graphicsmagick.org/pub/GraphicsMagick/snapshots/ChangeLog.txt"
},
{
"refsource": "UBUNTU",
"name": "USN-4232-1",
"url": "https://usn.ubuntu.com/4232-1/"
}
]
}

5
2019/10xxx/CVE-2019-10219.json
View File

@ -48,6 +48,11 @@
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10219",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10219",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[accumulo-notifications] 20200108 [GitHub] [accumulo] milleruntime opened a new pull request #1469: Update hibernate-validator. Fixes CVE-2019-10219",
"url": "https://lists.apache.org/thread.html/r87b7e2d22982b4ca9f88f5f4f22a19b394d2662415b233582ed22ebf@%3Cnotifications.accumulo.apache.org%3E"
}
]
},

85
2019/11xxx/CVE-2019-11745.json
View File

@ -4,14 +4,93 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-11745",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@mozilla.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mozilla",
"product": {
"product_data": [
{
"product_name": "Thunderbird",
"version": {
"version_data": [
{
"version_value": "before 68.3"
}
]
}
},
{
"product_name": "Firefox ESR",
"version": {
"version_data": [
{
"version_value": "before 68.3"
}
]
}
},
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_value": "before 71"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out of bounds write in NSS when encrypting with a block cipher"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.mozilla.org/security/advisories/mfsa2019-36/",
"url": "https://www.mozilla.org/security/advisories/mfsa2019-36/"
},
{
"refsource": "CONFIRM",
"name": "https://www.mozilla.org/security/advisories/mfsa2019-38/",
"url": "https://www.mozilla.org/security/advisories/mfsa2019-38/"
},
{
"refsource": "CONFIRM",
"name": "https://www.mozilla.org/security/advisories/mfsa2019-37/",
"url": "https://www.mozilla.org/security/advisories/mfsa2019-37/"
},
{
"refsource": "CONFIRM",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1586176",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1586176"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71."
}
]
}

55
2019/11xxx/CVE-2019-11756.json
View File

@ -4,14 +4,63 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-11756",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@mozilla.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mozilla",
"product": {
"product_data": [
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_value": "before 71"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use-after-free of SFTKSession object"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.mozilla.org/security/advisories/mfsa2019-36/",
"url": "https://www.mozilla.org/security/advisories/mfsa2019-36/"
},
{
"refsource": "CONFIRM",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1508776",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1508776"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper refcounting of soft token session objects could cause a use-after-free and crash (likely limited to a denial of service). This vulnerability affects Firefox < 71."
}
]
}

85
2019/11xxx/CVE-2019-11757.json
View File

@ -4,14 +4,93 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-11757",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@mozilla.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mozilla",
"product": {
"product_data": [
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_value": "before 70"
}
]
}
},
{
"product_name": "Thunderbird",
"version": {
"version_data": [
{
"version_value": "before 68.2"
}
]
}
},
{
"product_name": "Firefox ESR",
"version": {
"version_data": [
{
"version_value": "before 68.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use-after-free when creating index updates in IndexedDB"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.mozilla.org/security/advisories/mfsa2019-35/",
"url": "https://www.mozilla.org/security/advisories/mfsa2019-35/"
},
{
"refsource": "CONFIRM",
"name": "https://www.mozilla.org/security/advisories/mfsa2019-33/",
"url": "https://www.mozilla.org/security/advisories/mfsa2019-33/"
},
{
"refsource": "CONFIRM",
"name": "https://www.mozilla.org/security/advisories/mfsa2019-34/",
"url": "https://www.mozilla.org/security/advisories/mfsa2019-34/"
},
{
"refsource": "CONFIRM",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1577107",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1577107"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "When following the value's prototype chain, it was possible to retain a reference to a locale, delete it, and subsequently reference it. This resulted in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2."
}
]
}

85
2019/11xxx/CVE-2019-11758.json
View File

@ -4,14 +4,93 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-11758",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@mozilla.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mozilla",
"product": {
"product_data": [
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_value": "before 69"
}
]
}
},
{
"product_name": "Thunderbird",
"version": {
"version_data": [
{
"version_value": "before 68.2"
}
]
}
},
{
"product_name": "Firefox ESR",
"version": {
"version_data": [
{
"version_value": "before 68.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Potentially exploitable crash due to 360 Total Security"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.mozilla.org/security/advisories/mfsa2019-25/",
"url": "https://www.mozilla.org/security/advisories/mfsa2019-25/"
},
{
"refsource": "CONFIRM",
"name": "https://www.mozilla.org/security/advisories/mfsa2019-35/",
"url": "https://www.mozilla.org/security/advisories/mfsa2019-35/"
},
{
"refsource": "CONFIRM",
"name": "https://www.mozilla.org/security/advisories/mfsa2019-33/",
"url": "https://www.mozilla.org/security/advisories/mfsa2019-33/"
},
{
"refsource": "CONFIRM",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1536227",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1536227"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Mozilla community member Philipp reported a memory safety bug present in Firefox 68 when 360 Total Security was installed. This bug showed evidence of memory corruption in the accessibility engine and we presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox < 69, Thunderbird < 68.2, and Firefox ESR < 68.2."
}
]
}

85
2019/11xxx/CVE-2019-11759.json
View File

@ -4,14 +4,93 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-11759",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@mozilla.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mozilla",
"product": {
"product_data": [
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_value": "before 70"
}
]
}
},
{
"product_name": "Thunderbird",
"version": {
"version_data": [
{
"version_value": "before 68.2"
}
]
}
},
{
"product_name": "Firefox ESR",
"version": {
"version_data": [
{
"version_value": "before 68.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Stack buffer overflow in HKDF output"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.mozilla.org/security/advisories/mfsa2019-35/",
"url": "https://www.mozilla.org/security/advisories/mfsa2019-35/"
},
{
"refsource": "CONFIRM",
"name": "https://www.mozilla.org/security/advisories/mfsa2019-33/",
"url": "https://www.mozilla.org/security/advisories/mfsa2019-33/"
},
{
"refsource": "CONFIRM",
"name": "https://www.mozilla.org/security/advisories/mfsa2019-34/",
"url": "https://www.mozilla.org/security/advisories/mfsa2019-34/"
},
{
"refsource": "CONFIRM",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1577953",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1577953"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An attacker could have caused 4 bytes of HMAC output to be written past the end of a buffer stored on the stack. This could be used by an attacker to execute arbitrary code or more likely lead to a crash. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2."
}
]
}

85
2019/11xxx/CVE-2019-11760.json
View File

@ -4,14 +4,93 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-11760",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@mozilla.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mozilla",
"product": {
"product_data": [
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_value": "before 70"
}
]
}
},
{
"product_name": "Thunderbird",
"version": {
"version_data": [
{
"version_value": "before 68.2"
}
]
}
},
{
"product_name": "Firefox ESR",
"version": {
"version_data": [
{
"version_value": "before 68.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Stack buffer overflow in WebRTC networking"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.mozilla.org/security/advisories/mfsa2019-35/",
"url": "https://www.mozilla.org/security/advisories/mfsa2019-35/"
},
{
"refsource": "CONFIRM",
"name": "https://www.mozilla.org/security/advisories/mfsa2019-33/",
"url": "https://www.mozilla.org/security/advisories/mfsa2019-33/"
},
{
"refsource": "CONFIRM",
"name": "https://www.mozilla.org/security/advisories/mfsa2019-34/",
"url": "https://www.mozilla.org/security/advisories/mfsa2019-34/"
},
{
"refsource": "CONFIRM",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1577719",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1577719"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A fixed-size stack buffer could overflow in nrappkit when doing WebRTC signaling. This resulted in a potentially exploitable crash in some instances. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2."
}
]
}

85
2019/11xxx/CVE-2019-11761.json
View File

@ -4,14 +4,93 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-11761",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@mozilla.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mozilla",
"product": {
"product_data": [
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_value": "before 70"
}
]
}
},
{
"product_name": "Thunderbird",
"version": {
"version_data": [
{
"version_value": "before 68.2"
}
]
}
},
{
"product_name": "Firefox ESR",
"version": {
"version_data": [
{
"version_value": "before 68.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unintended access to a privileged JSONView object"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.mozilla.org/security/advisories/mfsa2019-35/",
"url": "https://www.mozilla.org/security/advisories/mfsa2019-35/"
},
{
"refsource": "CONFIRM",
"name": "https://www.mozilla.org/security/advisories/mfsa2019-33/",
"url": "https://www.mozilla.org/security/advisories/mfsa2019-33/"
},
{
"refsource": "CONFIRM",
"name": "https://www.mozilla.org/security/advisories/mfsa2019-34/",
"url": "https://www.mozilla.org/security/advisories/mfsa2019-34/"
},
{
"refsource": "CONFIRM",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1561502",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1561502"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "By using a form with a data URI it was possible to gain access to the privileged JSONView object that had been cloned into content. Impact from exposing this object appears to be minimal, however it was a bypass of existing defense in depth mechanisms. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2."
}
]
}

85
2019/11xxx/CVE-2019-11762.json
View File

@ -4,14 +4,93 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-11762",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@mozilla.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mozilla",
"product": {
"product_data": [
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_value": "before 70"
}
]
}
},
{
"product_name": "Thunderbird",
"version": {
"version_data": [
{
"version_value": "before 68.2"
}
]
}
},
{
"product_name": "Firefox ESR",
"version": {
"version_data": [
{
"version_value": "before 68.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "document.domain-based origin isolation has same-origin-property violation"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.mozilla.org/security/advisories/mfsa2019-35/",
"url": "https://www.mozilla.org/security/advisories/mfsa2019-35/"
},
{
"refsource": "CONFIRM",
"name": "https://www.mozilla.org/security/advisories/mfsa2019-33/",
"url": "https://www.mozilla.org/security/advisories/mfsa2019-33/"
},
{
"refsource": "CONFIRM",
"name": "https://www.mozilla.org/security/advisories/mfsa2019-34/",
"url": "https://www.mozilla.org/security/advisories/mfsa2019-34/"
},
{
"refsource": "CONFIRM",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1582857",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1582857"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "If two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2."
}
]
}

85
2019/11xxx/CVE-2019-11763.json
View File

@ -4,14 +4,93 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-11763",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@mozilla.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mozilla",
"product": {
"product_data": [
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_value": "before 70"
}
]
}
},
{
"product_name": "Thunderbird",
"version": {
"version_data": [
{
"version_value": "before 68.2"
}
]
}
},
{
"product_name": "Firefox ESR",
"version": {
"version_data": [
{
"version_value": "before 68.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Incorrect HTML parsing results in XSS bypass technique"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.mozilla.org/security/advisories/mfsa2019-35/",
"url": "https://www.mozilla.org/security/advisories/mfsa2019-35/"
},
{
"refsource": "CONFIRM",
"name": "https://www.mozilla.org/security/advisories/mfsa2019-33/",
"url": "https://www.mozilla.org/security/advisories/mfsa2019-33/"
},
{
"refsource": "CONFIRM",
"name": "https://www.mozilla.org/security/advisories/mfsa2019-34/",
"url": "https://www.mozilla.org/security/advisories/mfsa2019-34/"
},
{
"refsource": "CONFIRM",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1584216",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1584216"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Failure to correctly handle null bytes when processing HTML entities resulted in Firefox incorrectly parsing these entities. This could have led to HTML comment text being treated as HTML which could have led to XSS in a web application under certain conditions. It could have also led to HTML entities being masked from filters - enabling the use of entities to mask the actual characters of interest from filters. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2."
}
]
}

56
2020/6xxx/CVE-2020-6583.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-6583",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-6583",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "BigProf Online Invoicing System (OIS) through 2.6 has XSS that can be leveraged for session hijacking. An attacker can exploit the XSS vulnerability, retrieve the session cookie from the administrator login, and take over the administrator account via the Name field in an Add New Client action."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.sevenlayers.com/index.php/282-online-invoicing-system-2-6-xss-session-hijack",
"refsource": "MISC",
"name": "https://www.sevenlayers.com/index.php/282-online-invoicing-system-2-6-xss-session-hijack"
}
]
}

18
2020/6xxx/CVE-2020-6584.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-6584",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/6xxx/CVE-2020-6585.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-6585",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/6xxx/CVE-2020-6586.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-6586",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/6xxx/CVE-2020-6587.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-6587",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/6xxx/CVE-2020-6588.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-6588",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}