admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-07-15 20:01:35 +00:00
parent d2fd8551f1
commit a407a5249c
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
16 changed files with 797 additions and 184 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
2019/14xxx/CVE-2019-14899.json
View File

@ -53,6 +53,21 @@
"url": "https://openvpn.net/security-advisory/no-flaws-found-in-openvpn-software/",
"refsource": "MISC",
"name": "https://openvpn.net/security-advisory/no-flaws-found-in-openvpn-software/"
},
{
"refsource": "CONFIRM",
"name": "https://support.apple.com/kb/HT211288",
"url": "https://support.apple.com/kb/HT211288"
},
{
"refsource": "CONFIRM",
"name": "https://support.apple.com/kb/HT211290",
"url": "https://support.apple.com/kb/HT211290"
},
{
"refsource": "CONFIRM",
"name": "https://support.apple.com/kb/HT211289",
"url": "https://support.apple.com/kb/HT211289"
}
]
},

10
2019/19xxx/CVE-2019-19906.json
View File

@ -91,6 +91,16 @@
"refsource": "FEDORA",
"name": "FEDORA-2020-bf829f9a84",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OB4GSVOJ6ESHQNT5GSV63OX5D4KPSTGT/"
},
{
"refsource": "CONFIRM",
"name": "https://support.apple.com/kb/HT211288",
"url": "https://support.apple.com/kb/HT211288"
},
{
"refsource": "CONFIRM",
"name": "https://support.apple.com/kb/HT211289",
"url": "https://support.apple.com/kb/HT211289"
}
]
}

5
2019/20xxx/CVE-2019-20807.json
View File

@ -66,6 +66,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0794",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00018.html"
},
{
"refsource": "CONFIRM",
"name": "https://support.apple.com/kb/HT211289",
"url": "https://support.apple.com/kb/HT211289"
}
]
}

66
2020/11xxx/CVE-2020-11436.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-11436",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-11436",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "LibreHealth EMR v2.0.0 is vulnerable to XSS that results in the ability to force arbitrary actions on behalf of other users including administrators."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://know.bishopfox.com/advisories",
"refsource": "MISC",
"name": "https://know.bishopfox.com/advisories"
},
{
"url": "https://librehealth.io/",
"refsource": "MISC",
"name": "https://librehealth.io/"
},
{
"refsource": "MISC",
"name": "https://labs.bishopfox.com/advisories/librehealth-version-2.0.0-0",
"url": "https://labs.bishopfox.com/advisories/librehealth-version-2.0.0-0"
}
]
}

66
2020/11xxx/CVE-2020-11437.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-11437",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-11437",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "LibreHealth EMR v2.0.0 is affected by SQL injection allowing low-privilege authenticated users to enumerate the database."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://know.bishopfox.com/advisories",
"refsource": "MISC",
"name": "https://know.bishopfox.com/advisories"
},
{
"url": "https://librehealth.io/",
"refsource": "MISC",
"name": "https://librehealth.io/"
},
{
"refsource": "MISC",
"name": "https://labs.bishopfox.com/advisories/librehealth-version-2.0.0-0",
"url": "https://labs.bishopfox.com/advisories/librehealth-version-2.0.0-0"
}
]
}

66
2020/11xxx/CVE-2020-11438.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-11438",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-11438",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "LibreHealth EMR v2.0.0 is affected by systemic CSRF."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://know.bishopfox.com/advisories",
"refsource": "MISC",
"name": "https://know.bishopfox.com/advisories"
},
{
"url": "https://librehealth.io/",
"refsource": "MISC",
"name": "https://librehealth.io/"
},
{
"refsource": "MISC",
"name": "https://labs.bishopfox.com/advisories/librehealth-version-2.0.0-0",
"url": "https://labs.bishopfox.com/advisories/librehealth-version-2.0.0-0"
}
]
}

66
2020/11xxx/CVE-2020-11439.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-11439",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-11439",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "LibreHealth EMR v2.0.0 is affected by a Local File Inclusion issue allowing arbitrary PHP to be included and executed within the EMR application."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://know.bishopfox.com/advisories",
"refsource": "MISC",
"name": "https://know.bishopfox.com/advisories"
},
{
"url": "https://librehealth.io/",
"refsource": "MISC",
"name": "https://librehealth.io/"
},
{
"refsource": "MISC",
"name": "https://labs.bishopfox.com/advisories/librehealth-version-2.0.0-0",
"url": "https://labs.bishopfox.com/advisories/librehealth-version-2.0.0-0"
}
]
}

61
2020/12xxx/CVE-2020-12684.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-12684",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-12684",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "XXE injection can occur in i-net Clear Reports 2019 19.0.287 (Designer), as used in i-net HelpDesk and other products, when XML input containing a reference to an external entity is processed by a weakly configured XML parser."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.inetsoftware.de/documentation/clear-reports/release-notes/releases",
"refsource": "MISC",
"name": "https://www.inetsoftware.de/documentation/clear-reports/release-notes/releases"
},
{
"refsource": "CONFIRM",
"name": "https://www.inetsoftware.de/documentation/clear-reports/release-notes/releases/changes_20.4",
"url": "https://www.inetsoftware.de/documentation/clear-reports/release-notes/releases/changes_20.4"
}
]
}

61
2020/12xxx/CVE-2020-12854.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-12854",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-12854",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A remote code execution vulnerability was identified in SecZetta NEProfile 3.3.11. Authenticated remote adversaries can invoke code execution upon uploading a carefully crafted JPEG file as part of the profile avatar."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://seczetta.com",
"refsource": "MISC",
"name": "https://seczetta.com"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/158434/SecZetta-NEProfile-3.3.11-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/158434/SecZetta-NEProfile-3.3.11-Remote-Code-Execution.html"
}
]
}

61
2020/14xxx/CVE-2020-14064.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-14064",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-14064",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "IceWarp Email Server 12.3.0.1 has Incorrect Access Control for user accounts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.icewarp.com/download-premise/server/",
"refsource": "MISC",
"name": "https://www.icewarp.com/download-premise/server/"
},
{
"refsource": "MISC",
"name": "https://github.com/networksecure/Icewarp_incorrect_access_control",
"url": "https://github.com/networksecure/Icewarp_incorrect_access_control"
}
]
}

61
2020/14xxx/CVE-2020-14065.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-14065",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-14065",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "IceWarp Email Server 12.3.0.1 allows remote attackers to upload files and consume disk space."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.icewarp.com/download-premise/server/",
"refsource": "MISC",
"name": "https://www.icewarp.com/download-premise/server/"
},
{
"refsource": "MISC",
"name": "https://github.com/networksecure/icewarp_unlimited_file_upload",
"url": "https://github.com/networksecure/icewarp_unlimited_file_upload"
}
]
}

61
2020/14xxx/CVE-2020-14066.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-14066",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-14066",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "IceWarp Email Server 12.3.0.1 allows remote attackers to upload JavaScript files that are dangerous for clients to access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.icewarp.com/download-premise/server/",
"refsource": "MISC",
"name": "https://www.icewarp.com/download-premise/server/"
},
{
"refsource": "MISC",
"name": "https://github.com/networksecure/icewarp_insecure_permissions",
"url": "https://github.com/networksecure/icewarp_insecure_permissions"
}
]
}

66
2020/15xxx/CVE-2020-15366.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-15366",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-15366",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in ajv.validate() in Ajv (aka Another JSON Schema Validator) 6.12.2. A carefully crafted JSON schema could be provided that allows execution of other code by prototype pollution. (While untrusted schemas are recommended against, the worst case of an untrusted schema should be a denial of service, not execution of code.)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://hackerone.com/bugs?subject=user&report_id=894259",
"refsource": "MISC",
"name": "https://hackerone.com/bugs?subject=user&report_id=894259"
},
{
"url": "https://github.com/ajv-validator/ajv/tags",
"refsource": "MISC",
"name": "https://github.com/ajv-validator/ajv/tags"
},
{
"refsource": "MISC",
"name": "https://github.com/ajv-validator/ajv/releases/tag/v6.12.3",
"url": "https://github.com/ajv-validator/ajv/releases/tag/v6.12.3"
}
]
}

120
2020/15xxx/CVE-2020-15602.json
View File

@ -1,60 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@trendmicro.com",
"ID" : "CVE-2020-15602",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Trend Micro Security (Consumer)",
"version" : {
"version_data" : [
{
"version_value" : "2020 (v16)"
}
]
}
}
]
},
"vendor_name" : "Trend Micro"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An untrusted search path remote code execution (RCE) vulnerability in the Trend Micro Secuity 2020 (v16.0.0.1146 and below) consumer family of products could allow an attacker to run arbitrary code on a vulnerable system. As the Trend Micro installer tries to load DLL files from its current directory, an arbitrary DLL could also be loaded with the same privileges as the installer if run as Administrator.\r\n\r\nUser interaction is required to exploit the vulnerbaility in that the target must open a malicious directory or device."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Untrusted Search Patch RCE"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://helpcenter.trendmicro.com/en-us/article/TMKA-09644"
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2020-15602",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Security (Consumer)",
"version": {
"version_data": [
{
"version_value": "2020 (v16)"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An untrusted search path remote code execution (RCE) vulnerability in the Trend Micro Secuity 2020 (v16.0.0.1146 and below) consumer family of products could allow an attacker to run arbitrary code on a vulnerable system. As the Trend Micro installer tries to load DLL files from its current directory, an arbitrary DLL could also be loaded with the same privileges as the installer if run as Administrator. User interaction is required to exploit the vulnerbaility in that the target must open a malicious directory or device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Untrusted Search Patch RCE"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-09644",
"refsource": "MISC",
"name": "https://helpcenter.trendmicro.com/en-us/article/TMKA-09644"
}
]
}
}

120
2020/15xxx/CVE-2020-15603.json
View File

@ -1,60 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@trendmicro.com",
"ID" : "CVE-2020-15603",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Trend Micro Security (Consumer)",
"version" : {
"version_data" : [
{
"version_value" : "2020 (v16)"
}
]
}
}
]
},
"vendor_name" : "Trend Micro"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An invalid memory read vulnerability in a Trend Micro Secuity 2020 (v16.0.0.1302 and below) consumer family of products' driver could allow an attacker to manipulate the specific driver to do a system call operation with an invalid address, resulting in a potential system crash."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Invalid Memory Read"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://helpcenter.trendmicro.com/en-us/article/TMKA-09645"
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2020-15603",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Security (Consumer)",
"version": {
"version_data": [
{
"version_value": "2020 (v16)"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An invalid memory read vulnerability in a Trend Micro Secuity 2020 (v16.0.0.1302 and below) consumer family of products' driver could allow an attacker to manipulate the specific driver to do a system call operation with an invalid address, resulting in a potential system crash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Invalid Memory Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-09645",
"refsource": "MISC",
"name": "https://helpcenter.trendmicro.com/en-us/article/TMKA-09645"
}
]
}
}

76
2020/15xxx/CVE-2020-15718.json
View File

@ -1,17 +1,81 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-15718",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-15718",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "RosarioSIS 6.7.2 is vulnerable to XSS, caused by improper validation of user-supplied input by the PrintSchedules.php script. A remote attacker could exploit this vulnerability using the include_inactive parameter in a crafted URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://gitlab.com/francoisjacquet/rosariosis/-/blob/mobile/CHANGES.md",
"refsource": "MISC",
"name": "https://gitlab.com/francoisjacquet/rosariosis/-/blob/mobile/CHANGES.md"
},
{
"url": "https://gitlab.com/francoisjacquet/rosariosis/-/issues/291",
"refsource": "MISC",
"name": "https://gitlab.com/francoisjacquet/rosariosis/-/issues/291"
},
{
"url": "https://gitlab.com/francoisjacquet/rosariosis/-/tags/v6.8-beta",
"refsource": "MISC",
"name": "https://gitlab.com/francoisjacquet/rosariosis/-/tags/v6.8-beta"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/184944",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/184944"
},
{
"refsource": "CONFIRM",
"name": "https://gitlab.com/francoisjacquet/rosariosis/-/commit/89ae9de732024e3a2e99262aa98b400a1aa6975a",
"url": "https://gitlab.com/francoisjacquet/rosariosis/-/commit/89ae9de732024e3a2e99262aa98b400a1aa6975a"
}
]
}