mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-06-21 05:40:25 +00:00
"-Synchronized-Data."
This commit is contained in:
CVE Team
parent
184292ba4e
commit
7fdd3c920a
@ -4,14 +4,58 @@
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2019-11999",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "security-alert@hpe.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "HPE OC Media Platform (OCMP)",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "OCMP 4.4.8 RP 805,OCMP 4.5.x"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "remote arbitrary file download; remote cross-site scripting (xss)"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03984en_us",
|
||||
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03984en_us"
|
||||
}
|
||||
]
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Potential security vulnerabilities have been identified in HPE OpenCall Media Platform (OCMP) resulting in remote arbitrary file download and cross site scripting. HPE has made the following updates available to resolve the vulnerability in the impacted versions of OCMP. * For OCMP version 4.4.X - please upgrade to OCMP 4.4.8 and then install RP806 * For OCMP 4.5.x please contact HPE Technical Support to obtain the necessary software updates."
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,61 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2019-19394",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2019-19394",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Northern.tech CFEngine Enterprise before 3.10.7, 3.11.x and 3.12.x before 3.12.3, 3.13.x, and 3.14.x allows XSS. This is fixed in 3.10.7, 3.12.3, and 3.15.0."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://cfengine.com/company/blog-detail/cve-2019-19394-mission-portal-javascript-injection-vulnerability/",
|
||||
"url": "https://cfengine.com/company/blog-detail/cve-2019-19394-mission-portal-javascript-injection-vulnerability/"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -207,11 +207,6 @@
|
||||
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.oracle.com/security-alerts/cpuapr2020.html"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://security.netapp.com/advisory/ntap-20200416-0003/",
|
||||
"url": "https://security.netapp.com/advisory/ntap-20200416-0003/"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,18 +1,76 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2019-20724",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2019-20724",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D6100 before 1.0.0.63, D7800 before 1.0.1.44, R7500v2 before 1.0.3.38, R7800 before 1.0.2.52, R8900 before 1.0.4.2, R9000 before 1.0.4.2, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, RBS40 before 2.3.0.28, WNDR3700v4 before 1.0.2.102, WNDR4300v1 before 1.0.2.104, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, WNR2000v5 before 1.0.0.68, and XR500 before 2.3.2.32."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://kb.netgear.com/000061204/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-Gateways-and-WiFi-Systems-PSV-2018-0144",
|
||||
"url": "https://kb.netgear.com/000061204/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-Gateways-and-WiFi-Systems-PSV-2018-0144"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": {
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "ADJACENT",
|
||||
"availabilityImpact": "HIGH",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"privilegesRequired": "HIGH",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:U/UI:N",
|
||||
"version": "3.0"
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -1,18 +1,76 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2019-20725",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2019-20725",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D6100 before 1.0.0.63, R7800 before 1.0.2.52, R8900 before 1.0.4.2, R9000 before 1.0.4.2, WNDR3700v4 before 1.0.2.102, WNDR4300v1 before 1.0.2.104, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, WNR2000v5 before 1.0.0.68, and XR500 before 2.3.2.32."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://kb.netgear.com/000061203/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-Gateways-PSV-2018-0143",
|
||||
"url": "https://kb.netgear.com/000061203/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-Gateways-PSV-2018-0143"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": {
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "ADJACENT",
|
||||
"availabilityImpact": "HIGH",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"privilegesRequired": "HIGH",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:U/UI:N",
|
||||
"version": "3.0"
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -1,18 +1,76 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2019-20726",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2019-20726",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D6100 before 1.0.0.63, R7800 before 1.0.2.52, R8900 before 1.0.4.2, R9000 before 1.0.4.2, WNDR3700v4 before 1.0.2.102, WNDR4300v1 before 1.0.2.104, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, WNR2000v5 before 1.0.0.68, and XR500 before 2.3.2.32."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://kb.netgear.com/000061202/Security-Advisory-for-Post-Authentication-Command-on-Some-Routers-and-Gateways-PSV-2018-0141",
|
||||
"url": "https://kb.netgear.com/000061202/Security-Advisory-for-Post-Authentication-Command-on-Some-Routers-and-Gateways-PSV-2018-0141"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": {
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "ADJACENT",
|
||||
"availabilityImpact": "HIGH",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"privilegesRequired": "HIGH",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:U/UI:N",
|
||||
"version": "3.0"
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -48,6 +48,11 @@
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-105-03",
|
||||
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-105-03"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-549/",
|
||||
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-549/"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -48,6 +48,11 @@
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-105-03",
|
||||
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-105-03"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-548/",
|
||||
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-548/"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -48,6 +48,11 @@
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-105-03",
|
||||
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-105-03"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-547/",
|
||||
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-547/"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -5,13 +5,13 @@
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2020-10707",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"STATE": "REJECT"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-11612. Reason: This candidate is a reservation duplicate of CVE-2020-11612. Notes: All CVE users should reference CVE-2020-11612 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -35,7 +35,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "In Shopizer before version 2.11.0, using API or Controller based versions negative quantity is not adequately validated\nhence creating incorrect shopping cart and order total. This vulnerability makes it possible to create a negative total\nin the shopping cart.\n\nThis has been patched in version 2.11.0."
|
||||
"value": "In Shopizer before version 2.11.0, using API or Controller based versions negative quantity is not adequately validated hence creating incorrect shopping cart and order total. This vulnerability makes it possible to create a negative total in the shopping cart. This has been patched in version 2.11.0."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -1,17 +1,61 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2020-11811",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2020-11811",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "In qdPM 9.1, an attacker can upload a malicious .php file to the server by exploiting the Add Profile Photo capability with a crafted content-type value. After that, the attacker can execute an arbitrary command on the server using this malicious file."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://fatihhcelik.blogspot.com/2020/01/qdpm-web-based-project-management.html",
|
||||
"url": "https://fatihhcelik.blogspot.com/2020/01/qdpm-web-based-project-management.html"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,66 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2020-11812",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2020-11812",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Rukovoditel 2.5.2 is affected by a SQL injection vulnerability because of improper handling of the filters[0][value] or filters[1][value] parameter."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://fatihhcelik.blogspot.com/2020/01/rukovoditel-sql-injection-filters0value.html",
|
||||
"refsource": "MISC",
|
||||
"name": "https://fatihhcelik.blogspot.com/2020/01/rukovoditel-sql-injection-filters0value.html"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://fatihhcelik.blogspot.com/2020/01/rukovoditel-sql-injection-filters1value.html",
|
||||
"url": "https://fatihhcelik.blogspot.com/2020/01/rukovoditel-sql-injection-filters1value.html"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,61 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2020-11813",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2020-11813",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "In Rukovoditel 2.5.2, there is a stored XSS vulnerability on the configuration page via the copyright text input. Thus, an attacker can inject a malicious script to steal all users' valuable data. This copyright text is on every page so this attack vector can be very dangerous."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://fatihhcelik.blogspot.com/2020/01/rukovoditel-stored-xss.html",
|
||||
"refsource": "MISC",
|
||||
"name": "https://fatihhcelik.blogspot.com/2020/01/rukovoditel-stored-xss.html"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,61 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2020-11814",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2020-11814",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A Host Header Injection vulnerability in qdPM 9.1 may allow an attacker to spoof a particular header and redirect users to malicious websites."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://fatihhcelik.blogspot.com/2020/01/qdpm-web-based-project-management_11.html",
|
||||
"refsource": "MISC",
|
||||
"name": "https://fatihhcelik.blogspot.com/2020/01/qdpm-web-based-project-management_11.html"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,61 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2020-11816",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2020-11816",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Rukovoditel 2.5.2 is affected by a SQL injection vulnerability because of improper handling of the reports_id (POST) parameter."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://fatihhcelik.blogspot.com/2020/01/rukovoditel-sql-injection-reportsid-post.html",
|
||||
"refsource": "MISC",
|
||||
"name": "https://fatihhcelik.blogspot.com/2020/01/rukovoditel-sql-injection-reportsid-post.html"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,61 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2020-11823",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2020-11823",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "In Dolibarr 10.0.6, if USER_LOGIN_FAILED is active, there is a stored XSS vulnerability on the admin tools --> audit page. This may lead to stealing of the admin account."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://fatihhcelik.blogspot.com/2020/04/dolibarr-stored-xss.html",
|
||||
"url": "https://fatihhcelik.blogspot.com/2020/04/dolibarr-stored-xss.html"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,61 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2020-11825",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2020-11825",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "In Dolibarr 10.0.6, forms are protected with a CSRF token against CSRF attacks. The problem is any CSRF token in any user's session can be used in another user's session. CSRF tokens should not be valid in this situation."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://fatihhcelik.blogspot.com/2020/04/dolibarr-csrf.html",
|
||||
"url": "https://fatihhcelik.blogspot.com/2020/04/dolibarr-csrf.html"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,61 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2020-11826",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2020-11826",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Users can lock their notes with a password in Memono version 3.8. Thus, users needs to know a password to read notes. However, these notes are stored in a database without encryption and an attacker can read the password-protected notes without having the password. Notes are stored in the ZENTITY table in the memono.sqlite database."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://fatihhcelik.blogspot.com/2020/02/memono-insecure-data-storage-ios.html",
|
||||
"refsource": "MISC",
|
||||
"name": "https://fatihhcelik.blogspot.com/2020/02/memono-insecure-data-storage-ios.html"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -63,6 +63,11 @@
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200311-01-integrity-en",
|
||||
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200311-01-integrity-en"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200415-02-dos-en",
|
||||
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200415-02-dos-en"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -219,6 +219,11 @@
|
||||
"refsource": "MLIST",
|
||||
"name": "[tomcat-users] 20200413 RE: Alternatives for AJP",
|
||||
"url": "https://lists.apache.org/thread.html/r43faacf64570b1d9a4bada407a5af3b2738b0c007b905f1b6b608c65@%3Cusers.tomcat.apache.org%3E"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "http://support.blackberry.com/kb/articleDetail?articleNumber=000062739",
|
||||
"url": "http://support.blackberry.com/kb/articleDetail?articleNumber=000062739"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -1,7 +1,8 @@
|
||||
{
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2020-2177",
|
||||
"ASSIGNER": "jenkinsci-cert@googlegroups.com"
|
||||
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
@ -56,6 +57,11 @@
|
||||
"name": "https://jenkins.io/security/advisory/2020-04-16/#SECURITY-1556",
|
||||
"url": "https://jenkins.io/security/advisory/2020-04-16/#SECURITY-1556",
|
||||
"refsource": "CONFIRM"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20200416 Multiple vulnerabilities in Jenkins plugins",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2020/04/16/4"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,7 +1,8 @@
|
||||
{
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2020-2178",
|
||||
"ASSIGNER": "jenkinsci-cert@googlegroups.com"
|
||||
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
@ -56,6 +57,11 @@
|
||||
"name": "https://jenkins.io/security/advisory/2020-04-16/#SECURITY-1753",
|
||||
"url": "https://jenkins.io/security/advisory/2020-04-16/#SECURITY-1753",
|
||||
"refsource": "CONFIRM"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20200416 Multiple vulnerabilities in Jenkins plugins",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2020/04/16/4"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,7 +1,8 @@
|
||||
{
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2020-2179",
|
||||
"ASSIGNER": "jenkinsci-cert@googlegroups.com"
|
||||
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
@ -56,6 +57,11 @@
|
||||
"name": "https://jenkins.io/security/advisory/2020-04-16/#SECURITY-1825",
|
||||
"url": "https://jenkins.io/security/advisory/2020-04-16/#SECURITY-1825",
|
||||
"refsource": "CONFIRM"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20200416 Multiple vulnerabilities in Jenkins plugins",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2020/04/16/4"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,7 +1,8 @@
|
||||
{
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2020-2180",
|
||||
"ASSIGNER": "jenkinsci-cert@googlegroups.com"
|
||||
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
@ -56,6 +57,11 @@
|
||||
"name": "https://jenkins.io/security/advisory/2020-04-16/#SECURITY-1736",
|
||||
"url": "https://jenkins.io/security/advisory/2020-04-16/#SECURITY-1736",
|
||||
"refsource": "CONFIRM"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20200416 Multiple vulnerabilities in Jenkins plugins",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2020/04/16/4"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -72,6 +72,11 @@
|
||||
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.oracle.com/security-alerts/cpuapr2020.html"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-506/",
|
||||
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-506/"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -72,6 +72,11 @@
|
||||
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.oracle.com/security-alerts/cpuapr2020.html"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-507/",
|
||||
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-507/"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -68,6 +68,11 @@
|
||||
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.oracle.com/security-alerts/cpuapr2020.html"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-502/",
|
||||
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-502/"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -76,6 +76,11 @@
|
||||
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.oracle.com/security-alerts/cpuapr2020.html"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-504/",
|
||||
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-504/"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -72,6 +72,11 @@
|
||||
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.oracle.com/security-alerts/cpuapr2020.html"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-497/",
|
||||
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-497/"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -77,11 +77,6 @@
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-509/",
|
||||
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-509/"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-510/",
|
||||
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-510/"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -72,6 +72,11 @@
|
||||
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.oracle.com/security-alerts/cpuapr2020.html"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-501/",
|
||||
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-501/"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -72,6 +72,11 @@
|
||||
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.oracle.com/security-alerts/cpuapr2020.html"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-508/",
|
||||
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-508/"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -76,6 +76,11 @@
|
||||
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.oracle.com/security-alerts/cpuapr2020.html"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-505/",
|
||||
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-505/"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -71,6 +71,11 @@
|
||||
"name": "20200415 Multiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big Data",
|
||||
"refsource": "CISCO",
|
||||
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsd-mult-vulns-UNfpdW4E"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-539/",
|
||||
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-539/"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -71,6 +71,11 @@
|
||||
"name": "20200415 Multiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big Data",
|
||||
"refsource": "CISCO",
|
||||
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsd-mult-vulns-UNfpdW4E"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-542/",
|
||||
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-542/"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -71,6 +71,11 @@
|
||||
"name": "20200415 Multiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big Data",
|
||||
"refsource": "CISCO",
|
||||
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsd-mult-vulns-UNfpdW4E"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-540/",
|
||||
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-540/"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -71,6 +71,11 @@
|
||||
"name": "20200415 Multiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big Data",
|
||||
"refsource": "CISCO",
|
||||
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsd-mult-vulns-UNfpdW4E"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-541/",
|
||||
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-541/"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -71,6 +71,11 @@
|
||||
"name": "20200415 Multiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big Data",
|
||||
"refsource": "CISCO",
|
||||
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsd-mult-vulns-UNfpdW4E"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-543/",
|
||||
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-543/"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -71,6 +71,11 @@
|
||||
"name": "20200415 Multiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big Data",
|
||||
"refsource": "CISCO",
|
||||
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsd-mult-vulns-UNfpdW4E"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-544/",
|
||||
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-544/"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -71,6 +71,11 @@
|
||||
"name": "20200415 Multiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big Data",
|
||||
"refsource": "CISCO",
|
||||
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsd-mult-vulns-UNfpdW4E"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-538/",
|
||||
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-538/"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -135,6 +135,11 @@
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20200415 Re: CVE-2020-5260: Git: malicious URLs may cause Git to present stored credentials to the wrong server",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2020/04/15/6"
|
||||
},
|
||||
{
|
||||
"refsource": "SUSE",
|
||||
"name": "openSUSE-SU-2020:0524",
|
||||
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00027.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user