admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-01-13 18:02:01 +00:00
parent c265fe1e11
commit 6a6474b6e5
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
6 changed files with 260 additions and 180 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

174
2019/4xxx/CVE-2019-4160.json
View File

@ -1,90 +1,90 @@
{
"impact" : {
"cvssv3" : {
"BM" : {
"AC" : "H",
"C" : "H",
"A" : "N",
"UI" : "N",
"S" : "U",
"AV" : "N",
"PR" : "N",
"SCORE" : "5.900",
"I" : "N"
},
"TM" : {
"RL" : "O",
"E" : "U",
"RC" : "C"
}
}
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Guardium Data Encryption (GDE) 3.0.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 158577."
}
]
},
"data_version" : "4.0",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "3.0.0.2"
}
]
},
"product_name" : "Security Guardium Data Encryption"
}
]
},
"vendor_name" : "IBM"
"impact": {
"cvssv3": {
"BM": {
"AC": "H",
"C": "H",
"A": "N",
"UI": "N",
"S": "U",
"AV": "N",
"PR": "N",
"SCORE": "5.900",
"I": "N"
},
"TM": {
"RL": "O",
"E": "U",
"RC": "C"
}
]
}
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/pages/node/6403331",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/6403331",
"title" : "IBM Security Bulletin 6403331 (Security Guardium Data Encryption)"
},
{
"name" : "ibm-gde-cve20194160-info-disc (158577)",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/158577"
}
]
},
"data_type" : "CVE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Security Guardium Data Encryption (GDE) 3.0.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 158577."
}
]
},
"data_version": "4.0",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "3.0.0.2"
}
]
},
"product_name": "Security Guardium Data Encryption"
}
]
},
"vendor_name": "IBM"
}
]
}
]
},
"data_format" : "MITRE",
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"ID" : "CVE-2019-4160",
"DATE_PUBLIC" : "2021-01-12T00:00:00"
}
}
}
},
"references": {
"reference_data": [
{
"name": "https://www.ibm.com/support/pages/node/6403331",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/pages/node/6403331",
"title": "IBM Security Bulletin 6403331 (Security Guardium Data Encryption)"
},
{
"name": "ibm-gde-cve20194160-info-disc (158577)",
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/158577"
}
]
},
"data_type": "CVE",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Obtain Information",
"lang": "eng"
}
]
}
]
},
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC",
"ID": "CVE-2019-4160",
"DATE_PUBLIC": "2021-01-12T00:00:00"
}
}

172
2019/4xxx/CVE-2019-4687.json
View File

@ -1,90 +1,90 @@
{
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Guardium Data Encryption (GDE) 3.0.0.2 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 171823."
}
]
},
"data_version" : "4.0",
"affects" : {
"vendor" : {
"vendor_data" : [
"description": {
"description_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "3.0.0.2"
}
]
},
"product_name" : "Security Guardium Data Encryption"
}
]
}
"lang": "eng",
"value": "IBM Security Guardium Data Encryption (GDE) 3.0.0.2 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 171823."
}
]
}
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "H",
"C" : "L",
"AV" : "N",
"I" : "N",
"PR" : "N",
"SCORE" : "3.700",
"UI" : "N",
"S" : "U"
},
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
}
}
},
"data_type" : "CVE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
},
"data_version": "4.0",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "3.0.0.2"
}
]
},
"product_name": "Security Guardium Data Encryption"
}
]
}
}
]
}
]
},
"data_format" : "MITRE",
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2021-01-12T00:00:00",
"ID" : "CVE-2019-4687"
},
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6403331",
"url" : "https://www.ibm.com/support/pages/node/6403331",
"title" : "IBM Security Bulletin 6403331 (Security Guardium Data Encryption)"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/171823",
"title" : "X-Force Vulnerability Report",
"name" : "ibm-gde-cve20194687-info-disc (171823)",
"refsource" : "XF"
}
]
}
}
}
},
"impact": {
"cvssv3": {
"BM": {
"A": "N",
"AC": "H",
"C": "L",
"AV": "N",
"I": "N",
"PR": "N",
"SCORE": "3.700",
"UI": "N",
"S": "U"
},
"TM": {
"RC": "C",
"RL": "O",
"E": "U"
}
}
},
"data_type": "CVE",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Obtain Information",
"lang": "eng"
}
]
}
]
},
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC",
"DATE_PUBLIC": "2021-01-12T00:00:00",
"ID": "CVE-2019-4687"
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/pages/node/6403331",
"url": "https://www.ibm.com/support/pages/node/6403331",
"title": "IBM Security Bulletin 6403331 (Security Guardium Data Encryption)"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/171823",
"title": "X-Force Vulnerability Report",
"name": "ibm-gde-cve20194687-info-disc (171823)",
"refsource": "XF"
}
]
}
}

2
2020/15xxx/CVE-2020-15220.json
View File

@ -35,7 +35,7 @@
"description_data": [
{
"lang": "eng",
"value": "Combodo iTop is a web based IT Service Management tool. In iTop before versions 2.7.2 and 3.0.0, two cookies are created for the same session, which leads to a possibility to steal user session.\n\nThis is fixed in versions 2.7.2 and 3.0.0."
"value": "Combodo iTop is a web based IT Service Management tool. In iTop before versions 2.7.2 and 3.0.0, two cookies are created for the same session, which leads to a possibility to steal user session. This is fixed in versions 2.7.2 and 3.0.0."
}
]
},

56
2020/23xxx/CVE-2020-23653.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-23653",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-23653",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An insecure unserialize vulnerability was discovered in ThinkAdmin versions 4.x through 6.x in app/admin/controller/api/Update.php and app/wechat/controller/api/Push.php, which may lead to arbitrary remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/zoujingli/ThinkAdmin/issues/238",
"refsource": "MISC",
"name": "https://github.com/zoujingli/ThinkAdmin/issues/238"
}
]
}

18
2021/24xxx/CVE-2021-24001.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24001",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/24xxx/CVE-2021-24002.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24002",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}