admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-12-04 21:01:34 +00:00
parent c6b02a5a0d
commit 7a3cacd4a3
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
6 changed files with 172 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2017/2xxx/CVE-2017-2885.json
View File

@ -72,6 +72,11 @@
"name": "100258",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100258"
},
{
"refsource": "FULLDISC",
"name": "20201204 ProCaster LE-32F430 SmartTV RCE via libsoup/2.51.3 stack overflow (CVE-2017-2885)",
"url": "http://seclists.org/fulldisclosure/2020/Dec/3"
}
]
}

17
2020/10xxx/CVE-2020-10974.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered on Wavlink WL-WN579G3 - M79X3.V5030.180719 and WL-WN575A3 - RPT75A3.V4300.180801 devices, affecting a backup feature. A crafted POST request returns the current configuration of the device in cleartext, including the administrator password. No authentication is required."
"value": "An issue was discovered affecting a backup feature where a crafted POST request returns the current configuration of the device in cleartext, including the administrator password. No authentication is required. Affected devices: Wavlink WN575A3, Wavlink WN579G3, Wavlink WN531A6, Wavlink WN535G3, Wavlink WN530H4, Wavlink WN57X93, Wavlink WN572HG3, Wavlink WN575A4, Wavlink WN578A2, Wavlink WN579G3, Wavlink WN579X3, and Jetstream AC3000/ERAC3000"
}
]
},
@ -56,6 +56,21 @@
"refsource": "MISC",
"name": "https://github.com/sudo-jtcsec/CVE/blob/master/CVE-2020-10974",
"url": "https://github.com/sudo-jtcsec/CVE/blob/master/CVE-2020-10974"
},
{
"refsource": "MISC",
"name": "https://github.com/sudo-jtcsec/Nyra",
"url": "https://github.com/sudo-jtcsec/Nyra"
},
{
"refsource": "MISC",
"name": "https://github.com/Roni-Carta/nyra",
"url": "https://github.com/Roni-Carta/nyra"
},
{
"refsource": "MISC",
"name": "https://github.com/sudo-jtcsec/CVE/blob/master/CVE-2020-10974-affected_devices",
"url": "https://github.com/sudo-jtcsec/CVE/blob/master/CVE-2020-10974-affected_devices"
}
]
}

10
2020/13xxx/CVE-2020-13956.json
View File

@ -48,6 +48,16 @@
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r6dab7da30f8bf075f79ee189e33b45a197502e2676481bb8787fc0d7%40%3Cdev.hc.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r6dab7da30f8bf075f79ee189e33b45a197502e2676481bb8787fc0d7%40%3Cdev.hc.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[ranger-dev] 20201204 [jira] [Assigned] (RANGER-3100) Upgrade httpclient version from 4.5.6 to 4.5.13+ due to CVE-2020-13956",
"url": "https://lists.apache.org/thread.html/rf7ca60f78f05b772cc07d27e31bcd112f9910a05caf9095e38ee150f@%3Cdev.ranger.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[ranger-dev] 20201204 [jira] [Updated] (RANGER-3100) Upgrade httpclient version from 4.5.6 to 4.5.13+ due to CVE-2020-13956",
"url": "https://lists.apache.org/thread.html/rcced7ed3237c29cd19c1e9bf465d0038b8b2e967b99fc283db7ca553@%3Cdev.ranger.apache.org%3E"
}
]
},

50
2020/27xxx/CVE-2020-27774.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-27774",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "ImageMagick",
"version": {
"version_data": [
{
"version_value": "ImageMagick 7.0.9-0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-190"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1898296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898296"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of a too large shift for 64-bit type `ssize_t`. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0."
}
]
}

50
2020/27xxx/CVE-2020-27775.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-27775",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "ImageMagick",
"version": {
"version_data": [
{
"version_value": "ImageMagick 7.0.9-0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-190"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1898300",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898300"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned char. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0."
}
]
}

50
2020/27xxx/CVE-2020-27776.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-27776",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "ImageMagick",
"version": {
"version_data": [
{
"version_value": "ImageMagick 7.0.9-0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-190"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1898304",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898304"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned long. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0."
}
]
}