admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-09-01 18:01:38 +00:00
parent d6886e44ed
commit 95e2214153
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
26 changed files with 264 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2017/16xxx/CVE-2017-16544.json
View File

@ -116,6 +116,11 @@
"refsource": "FULLDISC",
"name": "20200827 SEC Consult SA-20200827-0 :: Multiple Vulnerabilities in ZTE mobile Hotspot MS910S",
"url": "http://seclists.org/fulldisclosure/2020/Aug/20"
},
{
"refsource": "MISC",
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-240-01",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-240-01"
}
]
}

5
2020/10xxx/CVE-2020-10700.json
View File

@ -84,6 +84,11 @@
"refsource": "GENTOO",
"name": "GLSA-202007-15",
"url": "https://security.gentoo.org/glsa/202007-15"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1313",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00002.html"
}
]
},

5
2020/10xxx/CVE-2020-10704.json
View File

@ -79,6 +79,11 @@
"refsource": "GENTOO",
"name": "GLSA-202007-15",
"url": "https://security.gentoo.org/glsa/202007-15"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1313",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00002.html"
}
]
},

5
2020/10xxx/CVE-2020-10730.json
View File

@ -78,6 +78,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1121",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00000.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1313",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00002.html"
}
]
},

5
2020/10xxx/CVE-2020-10745.json
View File

@ -73,6 +73,11 @@
"refsource": "GENTOO",
"name": "GLSA-202007-15",
"url": "https://security.gentoo.org/glsa/202007-15"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1313",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00002.html"
}
]
},

5
2020/10xxx/CVE-2020-10760.json
View File

@ -78,6 +78,11 @@
"refsource": "GENTOO",
"name": "GLSA-202007-15",
"url": "https://security.gentoo.org/glsa/202007-15"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1313",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00002.html"
}
]
},

5
2020/14xxx/CVE-2020-14303.json
View File

@ -88,6 +88,11 @@
"refsource": "UBUNTU",
"name": "USN-4454-1",
"url": "https://usn.ubuntu.com/4454-1/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1313",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00002.html"
}
]
},

5
2020/14xxx/CVE-2020-14349.json
View File

@ -73,6 +73,11 @@
"refsource": "UBUNTU",
"name": "USN-4472-1",
"url": "https://usn.ubuntu.com/4472-1/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1312",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00003.html"
}
]
},

5
2020/14xxx/CVE-2020-14350.json
View File

@ -83,6 +83,11 @@
"refsource": "UBUNTU",
"name": "USN-4472-1",
"url": "https://usn.ubuntu.com/4472-1/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1312",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00003.html"
}
]
},

61
2020/24xxx/CVE-2020-24034.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-24034",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-24034",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Sagemcom F@ST 5280 routers using firmware version 1.150.61 have insecure deserialization that allows any authenticated user to perform a privilege escalation to any other user. By making a request with valid sess_id, nonce, and ha1 values inside of the serialized session cookie, an attacker may alter the user value inside of this cookie, and assume the role and permissions of the user specified. By assuming the role of the user internal, which is inaccessible to end users by default, the attacker gains the permissions of the internal account, which includes the ability to flash custom firmware to the router, allowing the attacker to achieve a complete compromise."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://support.sagemcom.com/fr/haut-debit",
"refsource": "MISC",
"name": "https://support.sagemcom.com/fr/haut-debit"
},
{
"refsource": "MISC",
"name": "https://seclists.org/fulldisclosure/2020/Sep/3",
"url": "https://seclists.org/fulldisclosure/2020/Sep/3"
}
]
}

5
2020/2xxx/CVE-2020-2238.json
View File

@ -57,6 +57,11 @@
"name": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1884",
"url": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1884",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200901 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/09/01/3"
}
]
}

5
2020/2xxx/CVE-2020-2239.json
View File

@ -57,6 +57,11 @@
"name": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1625",
"url": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1625",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200901 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/09/01/3"
}
]
}

5
2020/2xxx/CVE-2020-2240.json
View File

@ -57,6 +57,11 @@
"name": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1023",
"url": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1023",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200901 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/09/01/3"
}
]
}

5
2020/2xxx/CVE-2020-2241.json
View File

@ -57,6 +57,11 @@
"name": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1024",
"url": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1024",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200901 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/09/01/3"
}
]
}

5
2020/2xxx/CVE-2020-2242.json
View File

@ -57,6 +57,11 @@
"name": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1024",
"url": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1024",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200901 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/09/01/3"
}
]
}

5
2020/2xxx/CVE-2020-2243.json
View File

@ -57,6 +57,11 @@
"name": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1936",
"url": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1936",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200901 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/09/01/3"
}
]
}

5
2020/2xxx/CVE-2020-2244.json
View File

@ -57,6 +57,11 @@
"name": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1770",
"url": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1770",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200901 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/09/01/3"
}
]
}

5
2020/2xxx/CVE-2020-2245.json
View File

@ -61,6 +61,11 @@
"name": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1829",
"url": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1829",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200901 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/09/01/3"
}
]
}

5
2020/2xxx/CVE-2020-2246.json
View File

@ -61,6 +61,11 @@
"name": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1830",
"url": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1830",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200901 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/09/01/3"
}
]
}

5
2020/2xxx/CVE-2020-2247.json
View File

@ -61,6 +61,11 @@
"name": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1831",
"url": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1831",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200901 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/09/01/3"
}
]
}

5
2020/2xxx/CVE-2020-2248.json
View File

@ -61,6 +61,11 @@
"name": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1905",
"url": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1905",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200901 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/09/01/3"
}
]
}

5
2020/2xxx/CVE-2020-2249.json
View File

@ -61,6 +61,11 @@
"name": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1506",
"url": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1506",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200901 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/09/01/3"
}
]
}

5
2020/2xxx/CVE-2020-2250.json
View File

@ -57,6 +57,11 @@
"name": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1631%20(1)",
"url": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1631%20(1)",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200901 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/09/01/3"
}
]
}

5
2020/2xxx/CVE-2020-2251.json
View File

@ -61,6 +61,11 @@
"name": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1631%20(2)",
"url": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1631%20(2)",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200901 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/09/01/3"
}
]
}

50
2020/6xxx/CVE-2020-6136.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-6136",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "talos-cna@cisco.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "OS4Ed",
"version": {
"version_data": [
{
"version_value": "OS4Ed openSIS 7.3"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "SQL injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1079",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1079"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An exploitable SQL injection vulnerability exists in the DownloadWindow.php functionality of OS4Ed openSIS 7.3. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability."
}
]
}

50
2020/6xxx/CVE-2020-6141.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-6141",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "talos-cna@cisco.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "OS4Ed",
"version": {
"version_data": [
{
"version_value": "OS4Ed openSIS 7.3"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "SQL injection\""
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1081",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1081"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An exploitable SQL injection vulnerability exists in the login functionality of OS4Ed openSIS 7.3. A specially crafted HTTP request can lead to SQL injection. An attacker can send an HTTP request to trigger this vulnerability."
}
]
}