admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-09-18 19:01:48 +00:00
parent cdedd3626d
commit 8bb4657a39
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
23 changed files with 251 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2007/3xxx/CVE-2007-3378.json
View File

@ -271,6 +271,11 @@
"refsource": "MLIST",
"name": "[oss-security] 20200917 Apache + PHP <= 7.4.10 open_basedir bypass",
"url": "http://www.openwall.com/lists/oss-security/2020/09/17/3"
},
{
"refsource": "FULLDISC",
"name": "20200918 Apache + PHP <= 7.4.10 open_basedir bypass",
"url": "http://seclists.org/fulldisclosure/2020/Sep/34"
}
]
}

5
2017/11xxx/CVE-2017-11104.json
View File

@ -91,6 +91,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1112",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00089.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1232",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00049.html"
}
]
}

5
2017/11xxx/CVE-2017-11468.json
View File

@ -66,6 +66,11 @@
"name": "https://github.com/docker/distribution/pull/2340",
"refsource": "CONFIRM",
"url": "https://github.com/docker/distribution/pull/2340"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1433",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00047.html"
}
]
}

5
2017/7xxx/CVE-2017-7615.json
View File

@ -76,6 +76,11 @@
"name": "http://hyp3rlinx.altervista.org/advisories/MANTIS-BUG-TRACKER-PRE-AUTH-REMOTE-PASSWORD-RESET.txt",
"refsource": "MISC",
"url": "http://hyp3rlinx.altervista.org/advisories/MANTIS-BUG-TRACKER-PRE-AUTH-REMOTE-PASSWORD-RESET.txt"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/159219/Mantis-Bug-Tracker-2.3.0-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/159219/Mantis-Bug-Tracker-2.3.0-Remote-Code-Execution.html"
}
]
}

5
2019/15xxx/CVE-2019-15715.json
View File

@ -86,6 +86,11 @@
"refsource": "CONFIRM",
"name": "https://github.com/mantisbt/mantisbt/commit/cebfb9acb3686e8904d80bd4bc80720b54ba08e5",
"url": "https://github.com/mantisbt/mantisbt/commit/cebfb9acb3686e8904d80bd4bc80720b54ba08e5"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/159219/Mantis-Bug-Tracker-2.3.0-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/159219/Mantis-Bug-Tracker-2.3.0-Remote-Code-Execution.html"
}
]
}

5
2020/11xxx/CVE-2020-11699.json
View File

@ -71,6 +71,11 @@
"refsource": "MISC",
"name": "https://sensepost.com/blog/2020/clash-of-the-spamtitan/",
"url": "https://sensepost.com/blog/2020/clash-of-the-spamtitan/"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/159218/SpamTitan-7.07-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/159218/SpamTitan-7.07-Remote-Code-Execution.html"
}
]
}

5
2020/11xxx/CVE-2020-11700.json
View File

@ -71,6 +71,11 @@
"refsource": "MISC",
"name": "https://sensepost.com/blog/2020/clash-of-the-spamtitan/",
"url": "https://sensepost.com/blog/2020/clash-of-the-spamtitan/"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/159218/SpamTitan-7.07-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/159218/SpamTitan-7.07-Remote-Code-Execution.html"
}
]
}

5
2020/11xxx/CVE-2020-11803.json
View File

@ -71,6 +71,11 @@
"refsource": "MISC",
"name": "https://sensepost.com/blog/2020/clash-of-the-spamtitan/",
"url": "https://sensepost.com/blog/2020/clash-of-the-spamtitan/"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/159218/SpamTitan-7.07-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/159218/SpamTitan-7.07-Remote-Code-Execution.html"
}
]
}

5
2020/11xxx/CVE-2020-11804.json
View File

@ -71,6 +71,11 @@
"refsource": "MISC",
"name": "https://sensepost.com/blog/2020/clash-of-the-spamtitan/",
"url": "https://sensepost.com/blog/2020/clash-of-the-spamtitan/"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/159218/SpamTitan-7.07-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/159218/SpamTitan-7.07-Remote-Code-Execution.html"
}
]
}

5
2020/12xxx/CVE-2020-12109.json
View File

@ -66,6 +66,11 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/157531/TP-LINK-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html",
"url": "http://packetstormsecurity.com/files/157531/TP-LINK-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/159222/TP-Link-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html",
"url": "http://packetstormsecurity.com/files/159222/TP-Link-Cloud-Cameras-NCXXX-Bonjour-Command-Injection.html"
}
]
}

5
2020/13xxx/CVE-2020-13845.json
View File

@ -71,6 +71,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1037",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00059.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1100",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00053.html"
}
]
}

5
2020/13xxx/CVE-2020-13846.json
View File

@ -71,6 +71,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1037",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00059.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1100",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00053.html"
}
]
}

5
2020/13xxx/CVE-2020-13847.json
View File

@ -71,6 +71,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1037",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00059.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1100",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00053.html"
}
]
}

5
2020/14xxx/CVE-2020-14352.json
View File

@ -53,6 +53,11 @@
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00072.html",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00072.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1428",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00055.html"
}
]
},

10
2020/15xxx/CVE-2020-15182.json
View File

@ -82,15 +82,15 @@
"refsource": "CONFIRM",
"url": "https://github.com/inunosinsi/soycms/security/advisories/GHSA-j2qw-747j-mfv4"
},
{
"name": "https://github.com/inunosinsi/soycms/pull/15",
"refsource": "MISC",
"url": "https://github.com/inunosinsi/soycms/pull/15"
},
{
"name": "https://youtu.be/ffvKH3gwyRE",
"refsource": "MISC",
"url": "https://youtu.be/ffvKH3gwyRE"
},
{
"name": "https://github.com/inunosinsi/soycms/pull/15",
"refsource": "MISC",
"url": "https://github.com/inunosinsi/soycms/pull/15"
}
]
},

5
2020/15xxx/CVE-2020-15396.json
View File

@ -91,6 +91,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1231",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00046.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1438",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00054.html"
}
]
}

5
2020/15xxx/CVE-2020-15397.json
View File

@ -91,6 +91,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1231",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00046.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1438",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00054.html"
}
]
}

5
2020/15xxx/CVE-2020-15917.json
View File

@ -91,6 +91,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1269",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00060.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1192",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00051.html"
}
]
}

50
2020/16xxx/CVE-2020-16230.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-16230",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "HMS Networks Ewon Flexy and Cosy",
"version": {
"version_data": [
{
"version_value": "All versions prior to 14.1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "PERMISSIVE CROSS-DOMAIN POLICY WITH UNTRUSTED DOMAINS"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-254-03",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-254-03"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "All version of Ewon Flexy and Cosy prior to 14.1 use wildcards such as (*) under which domains can request resources. An attacker with local access and high privileges could inject scripts into the Cross-origin Resource Sharing (CORS) configuration that could abuse this vulnerability, allowing the attacker to retrieve limited confidential information through sniffing."
}
]
}

5
2020/25xxx/CVE-2020-25032.json
View File

@ -71,6 +71,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1423",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00039.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1446",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00048.html"
}
]
}

60
2020/25xxx/CVE-2020-25633.json
View File

@ -4,15 +4,69 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-25633",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "resteasy-client",
"version": {
"version_data": [
{
"version_value": "through 4.5.6 "
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-209"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25633",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25633",
"refsource": "CONFIRM"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A flaw was found in RESTEasy client in all versions of RESTEasy up to 4.5.6.Final. It may allow client users to obtain the server's potentially sensitive information when the server got WebApplicationException from the RESTEasy client call. The highest threat from this vulnerability is to data confidentiality."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "5.3/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
]
]
}
}

50
2020/9xxx/CVE-2020-9084.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-9084",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Taurus-AN00B",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.1.0.156(C00E155R7P2)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use-after-free"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200916-01-smartphone-en",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200916-01-smartphone-en"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have a use-after-free (UAF) vulnerability. An authenticated, local attacker may perform specific operations to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege and compromise the service."
}
]
}

5
2020/9xxx/CVE-2020-9773.json
View File

@ -102,6 +102,11 @@
"refsource": "CONFIRM",
"name": "https://support.apple.com/kb/HT211850",
"url": "https://support.apple.com/kb/HT211850"
},
{
"refsource": "FULLDISC",
"name": "20200918 APPLE-SA-2020-09-16-1 iOS 14.0 and iPadOS 14.0",
"url": "http://seclists.org/fulldisclosure/2020/Sep/36"
}
]
},