admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-07-17 23:01:22 +00:00
parent b1bdd01cc6
commit 875082211d
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
17 changed files with 508 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2020/13xxx/CVE-2020-13753.json
View File

@ -61,6 +61,11 @@
"refsource": "CONFIRM",
"name": "https://www.openwall.com/lists/oss-security/2020/07/10/1",
"url": "https://www.openwall.com/lists/oss-security/2020/07/10/1"
},
{
"refsource": "DEBIAN",
"name": "DSA-4724",
"url": "https://www.debian.org/security/2020/dsa-4724"
}
]
}

5
2020/14xxx/CVE-2020-14928.json
View File

@ -86,6 +86,11 @@
"refsource": "CONFIRM",
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1173910",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1173910"
},
{
"refsource": "DEBIAN",
"name": "DSA-4725",
"url": "https://www.debian.org/security/2020/dsa-4725"
}
]
}

16
2020/8xxx/CVE-2020-8573.json
View File

@ -11,15 +11,21 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"vendor_name": "NetApp",
"product": {
"product_data": [
{
"product_name": "NetApp HCI Baseboard Management Controller (BMC) - H610S",
"product_name": "NetApp HCI Baseboard Management Controller (BMC) HCI H610C, NetApp HCI Baseboard Management Controller (BMC) HCI H615C, NetApp HCI Baseboard Management Controller (BMC) HCI H610S",
"version": {
"version_data": [
{
"version_value": "Element OS versions 11.8 and 12.0"
"version_value": "Element OS v11.8"
},
{
"version_value": "Element OS v12.0"
},
{
"version_value": "Compute Firmware Bundle v12.2.92"
}
]
}
@ -45,7 +51,7 @@
"references": {
"reference_data": [
{
"refsource": "MISC",
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200626-0001/",
"url": "https://security.netapp.com/advisory/ntap-20200626-0001/"
}
@ -55,7 +61,7 @@
"description_data": [
{
"lang": "eng",
"value": "The NetApp HCI H610S Baseboard Management Controller (BMC) is shipped with a documented default account and password that should be changed during the initial node setup. During upgrades to Element 11.8 and 12.0 the H610S BMC account password is reset to the default documented value which allows remote attackers to cause a Denial of Service (DoS)."
"value": "The NetApp HCI H610C, H615C and H610S Baseboard Management Controllers (BMC) are shipped with a documented default account and password that should be changed during the initial node setup. During upgrades to Element 11.8 and 12.0 or the Compute Firmware Bundle 12.2.92 the BMC account password on the H610C, H615C and H610S platforms is reset to the default documented value which could allow remote attackers to cause a Denial of Service (DoS)."
}
]
}

131
2020/9xxx/CVE-2020-9102.json
View File

@ -4,14 +4,139 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-9102",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Huawei",
"product": {
"product_data": [
{
"product_name": "CloudEngine 12800",
"version": {
"version_data": [
{
"version_value": "V200R002C50SPC800"
},
{
"version_value": "V200R003C00SPC810"
},
{
"version_value": "V200R005C00SPC800"
},
{
"version_value": "V200R005C10SPC800"
},
{
"version_value": "V200R019C00SPC800"
}
]
}
},
{
"product_name": "CloudEngine 5800",
"version": {
"version_data": [
{
"version_value": "V200R002C50SPC800"
},
{
"version_value": "V200R003C00SPC810"
},
{
"version_value": "V200R005C00SPC800"
},
{
"version_value": "V200R005C10SPC800"
},
{
"version_value": "V200R019C00SPC800"
}
]
}
},
{
"product_name": "CloudEngine 6800",
"version": {
"version_data": [
{
"version_value": "V200R002C50SPC800"
},
{
"version_value": "V200R003C00SPC810"
},
{
"version_value": "V200R005C00SPC800"
},
{
"version_value": "V200R005C10SPC800"
},
{
"version_value": "V200R005C20SPC800"
},
{
"version_value": "V200R019C00SPC800"
}
]
}
},
{
"product_name": "CloudEngine 7800",
"version": {
"version_data": [
{
"version_value": "V200R002C50SPC800"
},
{
"version_value": "V200R003C00SPC810"
},
{
"version_value": "V200R005C00SPC800"
},
{
"version_value": "V200R005C10SPC800"
},
{
"version_value": "V200R019C00SPC800"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-03-informationleak-en",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-03-informationleak-en"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is a information leak vulnerability in some Huawei products, and it could allow a local attacker to get information. The vulnerability is due to the improper management of the username. An attacker with the ability to access the device and cause the username information leak. Affected product versions include: CloudEngine 12800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R019C00SPC800; CloudEngine 5800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R019C00SPC800; CloudEngine 6800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R005C20SPC800, V200R019C00SPC800; CloudEngine 7800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R019C00SPC800"
}
]
}

50
2020/9xxx/CVE-2020-9227.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-9227",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Huawei",
"product": {
"product_data": [
{
"product_name": "Moana-AL00B",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.1.0.166"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Missing Initialization of Resource"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-09-smartphone-en",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-09-smartphone-en"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Huawei Smart Phones Moana-AL00B with versions earlier than 10.1.0.166 have a missing initialization of resource vulnerability. An attacker tricks the user into installing then running a crafted application. Due to improper initialization of specific parameters, successful exploit of this vulnerability may cause device exceptions."
}
]
}

80
2020/9xxx/CVE-2020-9252.json
View File

@ -4,14 +4,88 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-9252",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "HUAWEI Mate 20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.1.0.160(C00E160R3P8)"
}
]
}
},
{
"product_name": "HUAWEI Mate 20 X",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.1.0.135(C00E135R2P8)"
}
]
}
},
{
"product_name": "HUAWEI Mate 20 RS",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.1.0.160(C786E160R3P8)"
}
]
}
},
{
"product_name": "Honor Magic2",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.1.0.160(C00E160R2P11)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Path Traversal"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-07-smartphone-en",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-07-smartphone-en"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "HUAWEI Mate 20 versions earlier than 10.1.0.160(C00E160R3P8), HUAWEI Mate 20 X versions earlier than 10.1.0.135(C00E135R2P8), HUAWEI Mate 20 RS versions earlier than 10.1.0.160(C786E160R3P8), and Honor Magic2 smartphones versions earlier than 10.1.0.160(C00E160R2P11) have a path traversal vulnerability. The system does not sufficiently validate certain pathname from certain process, successful exploit could allow the attacker write files to a crafted path."
}
]
}

56
2020/9xxx/CVE-2020-9254.json
View File

@ -4,14 +4,64 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-9254",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Huawei",
"product": {
"product_data": [
{
"product_name": "HUAWEI P30 Pro",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.1.0.123(C432E19R2P5patch02)"
},
{
"version_value": "Versions earlier than 10.1.0.126(C10E11R5P1)"
},
{
"version_value": "Versions earlier than 10.1.0.160(C00E160R2P8)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Logic Check Error"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-04-smartphone-en",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-04-smartphone-en"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E19R2P5patch02), versions earlier than 10.1.0.126(C10E11R5P1), and versions earlier than 10.1.0.160(C00E160R2P8) have a logic check error vulnerability. A logic error occurs when the software checking the size of certain parameter, the attacker should trick the user into installing a malicious application, successful exploit may cause code execution."
}
]
}

50
2020/9xxx/CVE-2020-9255.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-9255",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Huawei",
"product": {
"product_data": [
{
"product_name": "Honor 10",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.0.0.178(C00E178R1P4)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-06-smartphone-en",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-06-smartphone-en"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Huawei Honor 10 smartphones with versions earlier than 10.0.0.178(C00E178R1P4) have a denial of service vulnerability. Certain service in the system does not sufficiently validate certain parameter which is received, the attacker should trick the user into installing a malicious application, successful exploit could cause a denial of service condition."
}
]
}

56
2020/9xxx/CVE-2020-9257.json
View File

@ -4,14 +4,64 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-9257",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Huawei",
"product": {
"product_data": [
{
"product_name": "HUAWEI P30 Pro",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.1.0.123(C432E19R2P5patch02)"
},
{
"version_value": "Versions earlier than 10.1.0.126(C10E11R5P1)"
},
{
"version_value": "Versions earlier than 10.1.0.160(C00E160R2P8)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-03-smartphone-en",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-03-smartphone-en"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E19R2P5patch02), versions earlier than 10.1.0.126(C10E11R5P1), and versions earlier than 10.1.0.160(C00E160R2P8) have a buffer overflow vulnerability. The software access data past the end, or before the beginning, of the intended buffer when handling certain operations of certificate, the attacker should trick the user into installing a malicious application, successful exploit may cause code execution."
}
]
}

50
2020/9xxx/CVE-2020-9259.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-9259",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Huawei",
"product": {
"product_data": [
{
"product_name": "Honor V30",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.1.0.212(C00E210R5P1)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-02-smartphone-en",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-02-smartphone-en"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Huawei Honor V30 smartphones with versions earlier than 10.1.0.212(C00E210R5P1) have an improper authentication vulnerability. The system does not sufficiently validate certain parameter passed from the bottom level, the attacker should trick the user into installing a malicious application and control the bottom level, successful exploit could cause information disclosure."
}
]
}

5
2020/9xxx/CVE-2020-9802.json
View File

@ -155,6 +155,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2020-ab074c6cdf",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDBXQ2XA6X4DP4YTPXBOMKSLWUED2KAR/"
},
{
"refsource": "DEBIAN",
"name": "DSA-4724",
"url": "https://www.debian.org/security/2020/dsa-4724"
}
]
},

5
2020/9xxx/CVE-2020-9803.json
View File

@ -155,6 +155,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2020-ab074c6cdf",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDBXQ2XA6X4DP4YTPXBOMKSLWUED2KAR/"
},
{
"refsource": "DEBIAN",
"name": "DSA-4724",
"url": "https://www.debian.org/security/2020/dsa-4724"
}
]
},

5
2020/9xxx/CVE-2020-9805.json
View File

@ -155,6 +155,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2020-ab074c6cdf",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDBXQ2XA6X4DP4YTPXBOMKSLWUED2KAR/"
},
{
"refsource": "DEBIAN",
"name": "DSA-4724",
"url": "https://www.debian.org/security/2020/dsa-4724"
}
]
},

5
2020/9xxx/CVE-2020-9806.json
View File

@ -155,6 +155,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2020-ab074c6cdf",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDBXQ2XA6X4DP4YTPXBOMKSLWUED2KAR/"
},
{
"refsource": "DEBIAN",
"name": "DSA-4724",
"url": "https://www.debian.org/security/2020/dsa-4724"
}
]
},

5
2020/9xxx/CVE-2020-9807.json
View File

@ -155,6 +155,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2020-ab074c6cdf",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDBXQ2XA6X4DP4YTPXBOMKSLWUED2KAR/"
},
{
"refsource": "DEBIAN",
"name": "DSA-4724",
"url": "https://www.debian.org/security/2020/dsa-4724"
}
]
},

5
2020/9xxx/CVE-2020-9843.json
View File

@ -155,6 +155,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2020-ab074c6cdf",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDBXQ2XA6X4DP4YTPXBOMKSLWUED2KAR/"
},
{
"refsource": "DEBIAN",
"name": "DSA-4724",
"url": "https://www.debian.org/security/2020/dsa-4724"
}
]
},

5
2020/9xxx/CVE-2020-9850.json
View File

@ -155,6 +155,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2020-ab074c6cdf",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDBXQ2XA6X4DP4YTPXBOMKSLWUED2KAR/"
},
{
"refsource": "DEBIAN",
"name": "DSA-4724",
"url": "https://www.debian.org/security/2020/dsa-4724"
}
]
},