admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-04-23 14:02:58 +00:00
parent dccba5cbb4
commit a4b013e667
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
10 changed files with 603 additions and 539 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2019/19xxx/CVE-2019-19232.json
View File

@ -136,6 +136,11 @@
"refsource": "MISC",
"name": "https://www.tenable.com/plugins/nessus/133936",
"url": "https://www.tenable.com/plugins/nessus/133936"
},
{
"refsource": "CONFIRM",
"name": "https://www.oracle.com/security-alerts/bulletinapr2020.html",
"url": "https://www.oracle.com/security-alerts/bulletinapr2020.html"
}
]
}

5
2019/19xxx/CVE-2019-19234.json
View File

@ -141,6 +141,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2020-7c1b270959",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6TKF36KOQUVJNBHSVJFA7BU3CCEYD2F/"
},
{
"refsource": "CONFIRM",
"name": "https://www.oracle.com/security-alerts/bulletinapr2020.html",
"url": "https://www.oracle.com/security-alerts/bulletinapr2020.html"
}
]
}

176
2019/4xxx/CVE-2019-4668.json
View File

@ -1,90 +1,90 @@
{
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"BM" : {
"AC" : "L",
"PR" : "N",
"SCORE" : "6.200",
"UI" : "N",
"A" : "N",
"C" : "H",
"I" : "N",
"AV" : "L",
"S" : "U"
},
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/pages/node/6195699",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/6195699",
"title" : "IBM Security Bulletin 6195699 (UrbanCode Deploy)"
},
{
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/171250",
"refsource" : "XF",
"name" : "ibm-ucd-cve20194668-info-disc (171250)"
}
]
},
"data_type" : "CVE",
"CVE_data_meta" : {
"DATE_PUBLIC" : "2020-04-21T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"ID" : "CVE-2019-4668"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "UrbanCode Deploy",
"version" : {
"version_data" : [
{
"version_value" : "7.0.4.0"
}
]
}
}
]
},
"vendor_name" : "IBM"
"data_format": "MITRE",
"impact": {
"cvssv3": {
"BM": {
"AC": "L",
"PR": "N",
"SCORE": "6.200",
"UI": "N",
"A": "N",
"C": "H",
"I": "N",
"AV": "L",
"S": "U"
},
"TM": {
"RC": "C",
"RL": "O",
"E": "U"
}
]
}
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM UrbanCode Deploy (UCD) 7.0.4.0 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 171250."
}
]
},
"data_version" : "4.0"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.ibm.com/support/pages/node/6195699",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/pages/node/6195699",
"title": "IBM Security Bulletin 6195699 (UrbanCode Deploy)"
},
{
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/171250",
"refsource": "XF",
"name": "ibm-ucd-cve20194668-info-disc (171250)"
}
]
},
"data_type": "CVE",
"CVE_data_meta": {
"DATE_PUBLIC": "2020-04-21T00:00:00",
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC",
"ID": "CVE-2019-4668"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UrbanCode Deploy",
"version": {
"version_data": [
{
"version_value": "7.0.4.0"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM UrbanCode Deploy (UCD) 7.0.4.0 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 171250."
}
]
},
"data_version": "4.0"
}

176
2019/4xxx/CVE-2019-4735.json
View File

@ -1,90 +1,90 @@
{
"impact" : {
"cvssv3" : {
"BM" : {
"PR" : "N",
"SCORE" : "2.400",
"AC" : "L",
"AV" : "P",
"S" : "U",
"C" : "L",
"A" : "N",
"I" : "N",
"UI" : "N"
},
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"data_format" : "MITRE",
"data_type" : "CVE",
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/pages/node/6151767",
"title" : "IBM Security Bulletin 6151767 (MaaS360)",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6151767"
},
{
"name" : "ibm-maas360-cve20194735-info-disc (172705)",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/172705"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "MaaS360",
"version" : {
"version_data" : [
{
"version_value" : "3.96.62"
}
]
}
}
]
}
"impact": {
"cvssv3": {
"BM": {
"PR": "N",
"SCORE": "2.400",
"AC": "L",
"AV": "P",
"S": "U",
"C": "L",
"A": "N",
"I": "N",
"UI": "N"
},
"TM": {
"RC": "C",
"RL": "O",
"E": "U"
}
]
}
},
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM MaaS360 3.96.62 for iOS could allow an attacker with physical access to the device to obtain sensitive information from the agent outside of the container. IBM X-Force ID: 172705."
}
]
},
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"ID" : "CVE-2019-4735",
"DATE_PUBLIC" : "2020-04-14T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com"
}
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Obtain Information",
"lang": "eng"
}
]
}
]
},
"data_format": "MITRE",
"data_type": "CVE",
"references": {
"reference_data": [
{
"url": "https://www.ibm.com/support/pages/node/6151767",
"title": "IBM Security Bulletin 6151767 (MaaS360)",
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/pages/node/6151767"
},
{
"name": "ibm-maas360-cve20194735-info-disc (172705)",
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/172705"
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "MaaS360",
"version": {
"version_data": [
{
"version_value": "3.96.62"
}
]
}
}
]
}
}
]
}
},
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM MaaS360 3.96.62 for iOS could allow an attacker with physical access to the device to obtain sensitive information from the agent outside of the container. IBM X-Force ID: 172705."
}
]
},
"CVE_data_meta": {
"STATE": "PUBLIC",
"ID": "CVE-2019-4735",
"DATE_PUBLIC": "2020-04-14T00:00:00",
"ASSIGNER": "psirt@us.ibm.com"
}
}

7
2020/12xxx/CVE-2020-12077.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "The mappress-google-maps-for-wordpress plugin before 2.53.9 for WordPress does not correctly implement AJAX functions with nonces."
"value": "The mappress-google-maps-for-wordpress plugin before 2.53.9 for WordPress does not correctly implement AJAX functions with nonces (or capability checks), leading to remote code execution."
}
]
},
@ -56,6 +56,11 @@
"url": "https://wordpress.org/plugins/mappress-google-maps-for-wordpress/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/mappress-google-maps-for-wordpress/#developers"
},
{
"refsource": "MISC",
"name": "https://www.wordfence.com/blog/2020/04/critical-vulnerabilities-patched-in-mappress-maps-plugin/",
"url": "https://www.wordfence.com/blog/2020/04/critical-vulnerabilities-patched-in-mappress-maps-plugin/"
}
]
}

182
2020/4xxx/CVE-2020-4202.json
View File

@ -1,93 +1,93 @@
{
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"BM" : {
"S" : "U",
"AV" : "N",
"UI" : "N",
"C" : "L",
"A" : "L",
"I" : "L",
"PR" : "L",
"SCORE" : "5.000",
"AC" : "H"
},
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Gain Privileges",
"lang" : "eng"
}
]
}
]
},
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"ID" : "CVE-2020-4202",
"DATE_PUBLIC" : "2020-04-21T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "UrbanCode Deploy",
"version" : {
"version_data" : [
{
"version_value" : "7.0.3.0"
},
{
"version_value" : "7.0.4.0"
}
]
}
}
]
}
"data_format": "MITRE",
"impact": {
"cvssv3": {
"BM": {
"S": "U",
"AV": "N",
"UI": "N",
"C": "L",
"A": "L",
"I": "L",
"PR": "L",
"SCORE": "5.000",
"AC": "H"
},
"TM": {
"RL": "O",
"RC": "C",
"E": "U"
}
]
}
},
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"value" : "IBM UrbanCode Deploy (UCD) 7.0.3.0 and 7.0.4.0 could allow an authenticated user to impersonate another user if the server is configured to enable Distributed Front End (DFE). IBM X-Force ID: 174955.",
"lang" : "eng"
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/pages/node/6195701",
"title" : "IBM Security Bulletin 6195701 (UrbanCode Deploy)",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6195701"
},
{
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/174955",
"name" : "ibm-ucd-cve20204202-priv-escalation (174955)"
}
]
},
"data_type" : "CVE"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Gain Privileges",
"lang": "eng"
}
]
}
]
},
"CVE_data_meta": {
"STATE": "PUBLIC",
"ID": "CVE-2020-4202",
"DATE_PUBLIC": "2020-04-21T00:00:00",
"ASSIGNER": "psirt@us.ibm.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "UrbanCode Deploy",
"version": {
"version_data": [
{
"version_value": "7.0.3.0"
},
{
"version_value": "7.0.4.0"
}
]
}
}
]
}
}
]
}
},
"data_version": "4.0",
"description": {
"description_data": [
{
"value": "IBM UrbanCode Deploy (UCD) 7.0.3.0 and 7.0.4.0 could allow an authenticated user to impersonate another user if the server is configured to enable Distributed Front End (DFE). IBM X-Force ID: 174955.",
"lang": "eng"
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.ibm.com/support/pages/node/6195701",
"title": "IBM Security Bulletin 6195701 (UrbanCode Deploy)",
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/pages/node/6195701"
},
{
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/174955",
"name": "ibm-ucd-cve20204202-priv-escalation (174955)"
}
]
},
"data_type": "CVE"
}

172
2020/4xxx/CVE-2020-4311.json
View File

@ -1,90 +1,90 @@
{
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/pages/node/6198358",
"url" : "https://www.ibm.com/support/pages/node/6198358",
"title" : "IBM Security Bulletin 6198358 (Tivoli Monitoring)",
"refsource" : "CONFIRM"
},
{
"name" : "ibm-tivoli-cve20204311-code-exec (177083)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/177083",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF"
}
]
},
"data_type" : "CVE",
"CVE_data_meta" : {
"DATE_PUBLIC" : "2020-04-22T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2020-4311",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"references": {
"reference_data": [
{
"product" : {
"product_data" : [
{
"product_name" : "Tivoli Monitoring",
"version" : {
"version_data" : [
{
"version_value" : "6.3.0"
}
]
}
}
]
},
"vendor_name" : "IBM"
"name": "https://www.ibm.com/support/pages/node/6198358",
"url": "https://www.ibm.com/support/pages/node/6198358",
"title": "IBM Security Bulletin 6198358 (Tivoli Monitoring)",
"refsource": "CONFIRM"
},
{
"name": "ibm-tivoli-cve20204311-code-exec (177083)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/177083",
"title": "X-Force Vulnerability Report",
"refsource": "XF"
}
]
}
},
"description" : {
"description_data" : [
{
"value" : "IBM Tivoli Monitoring 6.3.0 could allow a local attacker to execute arbitrary code on the system. By placing a specially crafted file, an attacker could exploit this vulnerability to load other DLL files located in the same directory and execute arbitrary code on the system. IBM X-Force ID: 177083.",
"lang" : "eng"
}
]
},
"data_version" : "4.0",
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
},
"BM" : {
"AV" : "L",
"S" : "U",
"UI" : "N",
"A" : "H",
"C" : "H",
"I" : "H",
"SCORE" : "7.400",
"PR" : "N",
"AC" : "H"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Privileges"
}
]
},
"data_type": "CVE",
"CVE_data_meta": {
"DATE_PUBLIC": "2020-04-22T00:00:00",
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2020-4311",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Tivoli Monitoring",
"version": {
"version_data": [
{
"version_value": "6.3.0"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
]
}
}
}
},
"description": {
"description_data": [
{
"value": "IBM Tivoli Monitoring 6.3.0 could allow a local attacker to execute arbitrary code on the system. By placing a specially crafted file, an attacker could exploit this vulnerability to load other DLL files located in the same directory and execute arbitrary code on the system. IBM X-Force ID: 177083.",
"lang": "eng"
}
]
},
"data_version": "4.0",
"data_format": "MITRE",
"impact": {
"cvssv3": {
"TM": {
"E": "U",
"RL": "O",
"RC": "C"
},
"BM": {
"AV": "L",
"S": "U",
"UI": "N",
"A": "H",
"C": "H",
"I": "H",
"SCORE": "7.400",
"PR": "N",
"AC": "H"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Privileges"
}
]
}
]
}
}

172
2020/4xxx/CVE-2020-4353.json
View File

@ -1,90 +1,90 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2020-04-14T00:00:00",
"STATE" : "PUBLIC",
"ID" : "CVE-2020-4353"
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM MaaS360 6.82 could allow a user with pysical access to the device to crash the application which may enable the user to access restricted applications and device settings. IBM X-Force ID: 178505."
}
]
},
"data_version" : "4.0",
"affects" : {
"vendor" : {
"vendor_data" : [
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2020-04-14T00:00:00",
"STATE": "PUBLIC",
"ID": "CVE-2020-4353"
},
"description": {
"description_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "MaaS360",
"version" : {
"version_data" : [
{
"version_value" : "6.82"
}
]
}
}
]
}
"lang": "eng",
"value": "IBM MaaS360 6.82 could allow a user with pysical access to the device to crash the application which may enable the user to access restricted applications and device settings. IBM X-Force ID: 178505."
}
]
}
},
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/pages/node/6151773",
"title" : "IBM Security Bulletin 6151773 (MaaS360)",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6151773"
},
{
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/178505",
"name" : "ibm-maas360-cve20204353-dos (178505)"
}
]
},
"data_type" : "CVE",
"data_format" : "MITRE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Denial of Service"
}
]
},
"data_version": "4.0",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "MaaS360",
"version": {
"version_data": [
{
"version_value": "6.82"
}
]
}
}
]
}
}
]
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"PR" : "N",
"SCORE" : "4.600",
"AC" : "L",
"AV" : "P",
"S" : "U",
"A" : "H",
"I" : "N",
"C" : "N",
"UI" : "N"
},
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
}
}
}
}
}
},
"references": {
"reference_data": [
{
"url": "https://www.ibm.com/support/pages/node/6151773",
"title": "IBM Security Bulletin 6151773 (MaaS360)",
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/pages/node/6151773"
},
{
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/178505",
"name": "ibm-maas360-cve20204353-dos (178505)"
}
]
},
"data_type": "CVE",
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"impact": {
"cvssv3": {
"BM": {
"PR": "N",
"SCORE": "4.600",
"AC": "L",
"AV": "P",
"S": "U",
"A": "H",
"I": "N",
"C": "N",
"UI": "N"
},
"TM": {
"RL": "O",
"RC": "C",
"E": "U"
}
}
}
}

192
2020/4xxx/CVE-2020-4415.json
View File

@ -1,99 +1,99 @@
{
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Gain Access",
"lang" : "eng"
}
]
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
},
"BM" : {
"PR" : "N",
"SCORE" : "9.800",
"AC" : "L",
"AV" : "N",
"S" : "U",
"I" : "H",
"A" : "H",
"C" : "H",
"UI" : "N"
}
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/pages/node/6195706",
"title" : "IBM Security Bulletin 6195706 (Spectrum Protect)",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6195706"
},
{
"name" : "ibm-spectrum-cve20204415-bo (179990)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/179990",
"title" : "X-Force Vulnerability Report"
}
]
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Spectrum Protect 7.1 and 8.1 server is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. This could allow a remote attacker to execute arbitrary code on the system with the privileges of an administrator or user associated with the Spectrum Protect server or cause the Spectrum Protect server to crash. IBM X-Force ID: 179990."
}
]
},
"data_version" : "4.0",
"affects" : {
"vendor" : {
"vendor_data" : [
"problemtype": {
"problemtype_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "7.1.0.0"
},
{
"version_value" : "7.1.10.0"
},
{
"version_value" : "8.1.0.0"
},
{
"version_value" : "8.1.9.200"
}
]
},
"product_name" : "Spectrum Protect"
}
]
}
"description": [
{
"value": "Gain Access",
"lang": "eng"
}
]
}
]
}
},
"CVE_data_meta" : {
"DATE_PUBLIC" : "2020-04-21T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"ID" : "CVE-2020-4415"
}
}
]
},
"impact": {
"cvssv3": {
"TM": {
"E": "U",
"RL": "O",
"RC": "C"
},
"BM": {
"PR": "N",
"SCORE": "9.800",
"AC": "L",
"AV": "N",
"S": "U",
"I": "H",
"A": "H",
"C": "H",
"UI": "N"
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"references": {
"reference_data": [
{
"url": "https://www.ibm.com/support/pages/node/6195706",
"title": "IBM Security Bulletin 6195706 (Spectrum Protect)",
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/pages/node/6195706"
},
{
"name": "ibm-spectrum-cve20204415-bo (179990)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/179990",
"title": "X-Force Vulnerability Report"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Spectrum Protect 7.1 and 8.1 server is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. This could allow a remote attacker to execute arbitrary code on the system with the privileges of an administrator or user associated with the Spectrum Protect server or cause the Spectrum Protect server to crash. IBM X-Force ID: 179990."
}
]
},
"data_version": "4.0",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "7.1.0.0"
},
{
"version_value": "7.1.10.0"
},
{
"version_value": "8.1.0.0"
},
{
"version_value": "8.1.9.200"
}
]
},
"product_name": "Spectrum Protect"
}
]
}
}
]
}
},
"CVE_data_meta": {
"DATE_PUBLIC": "2020-04-21T00:00:00",
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC",
"ID": "CVE-2020-4415"
}
}

55
2020/7xxx/CVE-2020-7643.json
View File

@ -4,14 +4,63 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-7643",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "report@snyk.io",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "paypal-adaptive",
"version": {
"version_data": [
{
"version_value": "All versions including 0.4.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/Ideame/paypal-adaptive-sdk-nodejs/blob/master/lib/paypal-adaptive.js#L31",
"url": "https://github.com/Ideame/paypal-adaptive-sdk-nodejs/blob/master/lib/paypal-adaptive.js#L31"
},
{
"refsource": "MISC",
"name": "https://snyk.io/vuln/SNYK-JS-PAYPALADAPTIVE-565089",
"url": "https://snyk.io/vuln/SNYK-JS-PAYPALADAPTIVE-565089"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "paypal-adaptive through 0.4.2 manipulation of JavaScript objects resulting in Prototype Pollution. The PayPal function could be tricked into adding or modifying properties of Object.prototype using a __proto__ payload."
}
]
}