admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-04-01 22:01:22 +00:00
parent dbb9daa1fe
commit a5e82a90f0
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
48 changed files with 560 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2017/12xxx/CVE-2017-12481.json
View File

@ -66,6 +66,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1895",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00029.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-202004-05",
"url": "https://security.gentoo.org/glsa/202004-05"
}
]
}

5
2017/12xxx/CVE-2017-12482.json
View File

@ -66,6 +66,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1895",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00029.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-202004-05",
"url": "https://security.gentoo.org/glsa/202004-05"
}
]
}

5
2017/2xxx/CVE-2017-2807.json
View File

@ -72,6 +72,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1895",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00029.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-202004-05",
"url": "https://security.gentoo.org/glsa/202004-05"
}
]
}

5
2017/2xxx/CVE-2017-2808.json
View File

@ -72,6 +72,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1895",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00029.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-202004-05",
"url": "https://security.gentoo.org/glsa/202004-05"
}
]
}

58
2018/11xxx/CVE-2018-11802.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-11802",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-11802",
"ASSIGNER": "security@apache.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apache",
"product": {
"product_data": [
{
"product_name": "Apache Solr",
"version": {
"version_data": [
{
"version_value": "before 7.7"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authorization bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2019/04/24/1",
"url": "https://www.openwall.com/lists/oss-security/2019/04/24/1"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In Apache Solr, the cluster can be partitioned into multiple collections and only a subset of nodes actually host any given collection. However, if a node receives a request for a collection it does not host, it proxies the request to a relevant node and serves the request. Solr bypasses all authorization settings for such requests. This affects all Solr versions prior to 7.7 that use the default authorization mechanism of Solr (RuleBasedAuthorizationPlugin)."
}
]
}

5
2019/10xxx/CVE-2019-10216.json
View File

@ -53,6 +53,11 @@
"url": "http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=5b85ddd19",
"name": "http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=5b85ddd19",
"refsource": "CONFIRM"
},
{
"refsource": "GENTOO",
"name": "GLSA-202004-03",
"url": "https://security.gentoo.org/glsa/202004-03"
}
]
},

7
2019/13xxx/CVE-2019-13720.json
View File

@ -4,7 +4,7 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-13720",
"ASSIGNER": "security@google.com",
"ASSIGNER": "chrome-cve-admin@google.com",
"STATE": "PUBLIC"
},
"affects": {
@ -59,6 +59,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:2664",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00022.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-202004-04",
"url": "https://security.gentoo.org/glsa/202004-04"
}
]
},

5
2019/14xxx/CVE-2019-14811.json
View File

@ -98,6 +98,11 @@
"refsource": "REDHAT",
"name": "RHBA-2019:2824",
"url": "https://access.redhat.com/errata/RHBA-2019:2824"
},
{
"refsource": "GENTOO",
"name": "GLSA-202004-03",
"url": "https://security.gentoo.org/glsa/202004-03"
}
]
},

5
2019/14xxx/CVE-2019-14812.json
View File

@ -68,6 +68,11 @@
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701444",
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=701444",
"refsource": "CONFIRM"
},
{
"refsource": "GENTOO",
"name": "GLSA-202004-03",
"url": "https://security.gentoo.org/glsa/202004-03"
}
]
},

5
2019/14xxx/CVE-2019-14813.json
View File

@ -103,6 +103,11 @@
"refsource": "REDHAT",
"name": "RHBA-2019:2824",
"url": "https://access.redhat.com/errata/RHBA-2019:2824"
},
{
"refsource": "GENTOO",
"name": "GLSA-202004-03",
"url": "https://security.gentoo.org/glsa/202004-03"
}
]
},

5
2019/14xxx/CVE-2019-14817.json
View File

@ -103,6 +103,11 @@
"refsource": "REDHAT",
"name": "RHBA-2019:2824",
"url": "https://access.redhat.com/errata/RHBA-2019:2824"
},
{
"refsource": "GENTOO",
"name": "GLSA-202004-03",
"url": "https://security.gentoo.org/glsa/202004-03"
}
]
},

68
2019/17xxx/CVE-2019-17564.json Normal file
View File

@ -0,0 +1,68 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-17564",
"ASSIGNER": "security@apache.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apache",
"product": {
"product_data": [
{
"product_name": "Apache Dubbo",
"version": {
"version_data": [
{
"version_value": "2.7.0 to 2.7.4"
},
{
"version_value": "2.6.0 to 2.6.7"
},
{
"version_value": "all 2.5.x versions"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unsafe deserialization"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r13f7a58fa5d61d729e538a378687118e00c3e229903ba1e7b3a807a2%40%3Cdev.dubbo.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r13f7a58fa5d61d729e538a378687118e00c3e229903ba1e7b3a807a2%40%3Cdev.dubbo.apache.org%3E"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unsafe deserialization occurs within a Dubbo application which has HTTP remoting enabled. An attacker may submit a POST request with a Java object in it to completely compromise a Provider instance of Apache Dubbo, if this instance enables HTTP. This issue affected Apache Dubbo 2.7.0 to 2.7.4, 2.6.0 to 2.6.7, and all 2.5.x versions."
}
]
}
}

5
2019/2xxx/CVE-2019-2926.json
View File

@ -61,6 +61,11 @@
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-202004-02",
"url": "https://security.gentoo.org/glsa/202004-02"
}
]
}

5
2019/2xxx/CVE-2019-2944.json
View File

@ -61,6 +61,11 @@
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-202004-02",
"url": "https://security.gentoo.org/glsa/202004-02"
}
]
}

5
2019/2xxx/CVE-2019-2984.json
View File

@ -61,6 +61,11 @@
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-202004-02",
"url": "https://security.gentoo.org/glsa/202004-02"
}
]
}

5
2019/3xxx/CVE-2019-3002.json
View File

@ -61,6 +61,11 @@
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-202004-02",
"url": "https://security.gentoo.org/glsa/202004-02"
}
]
}

5
2019/3xxx/CVE-2019-3005.json
View File

@ -61,6 +61,11 @@
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-202004-02",
"url": "https://security.gentoo.org/glsa/202004-02"
}
]
}

5
2019/3xxx/CVE-2019-3017.json
View File

@ -66,6 +66,11 @@
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-19-916/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-916/"
},
{
"refsource": "GENTOO",
"name": "GLSA-202004-02",
"url": "https://security.gentoo.org/glsa/202004-02"
}
]
}

5
2019/3xxx/CVE-2019-3021.json
View File

@ -61,6 +61,11 @@
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-202004-02",
"url": "https://security.gentoo.org/glsa/202004-02"
}
]
}

5
2019/3xxx/CVE-2019-3026.json
View File

@ -66,6 +66,11 @@
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-19-917/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-917/"
},
{
"refsource": "GENTOO",
"name": "GLSA-202004-02",
"url": "https://security.gentoo.org/glsa/202004-02"
}
]
}

5
2019/3xxx/CVE-2019-3028.json
View File

@ -61,6 +61,11 @@
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-202004-02",
"url": "https://security.gentoo.org/glsa/202004-02"
}
]
}

5
2019/3xxx/CVE-2019-3031.json
View File

@ -66,6 +66,11 @@
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-19-918/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-918/"
},
{
"refsource": "GENTOO",
"name": "GLSA-202004-02",
"url": "https://security.gentoo.org/glsa/202004-02"
}
]
}

5
2019/3xxx/CVE-2019-3835.json
View File

@ -118,6 +118,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:2223",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00088.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-202004-03",
"url": "https://security.gentoo.org/glsa/202004-03"
}
]
},

5
2019/3xxx/CVE-2019-3838.json
View File

@ -113,6 +113,11 @@
"refsource": "REDHAT",
"name": "RHSA-2019:0971",
"url": "https://access.redhat.com/errata/RHSA-2019:0971"
},
{
"refsource": "GENTOO",
"name": "GLSA-202004-03",
"url": "https://security.gentoo.org/glsa/202004-03"
}
]
},

5
2019/6xxx/CVE-2019-6116.json
View File

@ -156,6 +156,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-ebd6c4f15a",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6AATIHU32MYKUOXQDJQU4X4DDVL7NAY3/"
},
{
"refsource": "GENTOO",
"name": "GLSA-202004-03",
"url": "https://security.gentoo.org/glsa/202004-03"
}
]
}

5
2020/10xxx/CVE-2020-10174.json
View File

@ -86,6 +86,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2020-1050d60507",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAOFXT64CEUMJE3723JDJWTEQWQUCYMD/"
},
{
"refsource": "UBUNTU",
"name": "USN-4312-1",
"url": "https://usn.ubuntu.com/4312-1/"
}
]
}

18
2020/11xxx/CVE-2020-11469.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-11469",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

76
2020/11xxx/CVE-2020-11470.json Normal file
View File

@ -0,0 +1,76 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-11470",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Zoom Client for Meetings through 4.6.8 on macOS has the disable-library-validation entitlement, which allows a local process (with the user's privileges) to obtain unprompted microphone and camera access by loading a crafted library and thereby inheriting Zoom Client's microphone and camera access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://objective-see.com/blog/blog_0x56.html",
"refsource": "MISC",
"name": "https://objective-see.com/blog/blog_0x56.html"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AC:H/AV:L/A:N/C:L/I:N/PR:H/S:C/UI:R",
"version": "3.0"
}
}
}

50
2020/1xxx/CVE-2020-1958.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-1958",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@apache.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apache",
"product": {
"product_data": [
{
"product_name": "Apache Druid",
"version": {
"version_data": [
{
"version_value": "0.17.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unauthorized access and information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r9d437371793b410f8a8e18f556d52d4bb68e18c537962f6a97f4945e%40%3Cdev.druid.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r9d437371793b410f8a8e18f556d52d4bb68e18c537962f6a97f4945e%40%3Cdev.druid.apache.org%3E"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "When LDAP authentication is enabled in Apache Druid 0.17.0, callers of Druid APIs with a valid set of LDAP credentials can bypass the credentialsValidator.userSearch filter barrier that determines if a valid LDAP user is allowed to authenticate with Druid. They are still subject to role-based authorization checks, if configured. Callers of Druid APIs can also retrieve any LDAP attribute values of users that exist on the LDAP server, so long as that information is visible to the Druid server. This information disclosure does not require the caller itself to be a valid LDAP user."
}
]
}

6
2020/2xxx/CVE-2020-2674.json
View File

@ -1,4 +1,3 @@
{
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
@ -73,6 +72,11 @@
"url": "https://www.oracle.com/security-alerts/cpujan2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-202004-02",
"url": "https://security.gentoo.org/glsa/202004-02"
}
]
}

6
2020/2xxx/CVE-2020-2678.json
View File

@ -1,4 +1,3 @@
{
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
@ -73,6 +72,11 @@
"url": "https://www.oracle.com/security-alerts/cpujan2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-202004-02",
"url": "https://security.gentoo.org/glsa/202004-02"
}
]
}

6
2020/2xxx/CVE-2020-2681.json
View File

@ -1,4 +1,3 @@
{
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
@ -73,6 +72,11 @@
"url": "https://www.oracle.com/security-alerts/cpujan2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-202004-02",
"url": "https://security.gentoo.org/glsa/202004-02"
}
]
}

6
2020/2xxx/CVE-2020-2682.json
View File

@ -1,4 +1,3 @@
{
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
@ -73,6 +72,11 @@
"url": "https://www.oracle.com/security-alerts/cpujan2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-202004-02",
"url": "https://security.gentoo.org/glsa/202004-02"
}
]
}

6
2020/2xxx/CVE-2020-2689.json
View File

@ -1,4 +1,3 @@
{
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
@ -73,6 +72,11 @@
"url": "https://www.oracle.com/security-alerts/cpujan2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-202004-02",
"url": "https://security.gentoo.org/glsa/202004-02"
}
]
}

6
2020/2xxx/CVE-2020-2690.json
View File

@ -1,4 +1,3 @@
{
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
@ -73,6 +72,11 @@
"url": "https://www.oracle.com/security-alerts/cpujan2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-202004-02",
"url": "https://security.gentoo.org/glsa/202004-02"
}
]
}

6
2020/2xxx/CVE-2020-2691.json
View File

@ -1,4 +1,3 @@
{
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
@ -73,6 +72,11 @@
"url": "https://www.oracle.com/security-alerts/cpujan2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-202004-02",
"url": "https://security.gentoo.org/glsa/202004-02"
}
]
}

6
2020/2xxx/CVE-2020-2692.json
View File

@ -1,4 +1,3 @@
{
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
@ -73,6 +72,11 @@
"url": "https://www.oracle.com/security-alerts/cpujan2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-202004-02",
"url": "https://security.gentoo.org/glsa/202004-02"
}
]
}

6
2020/2xxx/CVE-2020-2693.json
View File

@ -1,4 +1,3 @@
{
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
@ -73,6 +72,11 @@
"url": "https://www.oracle.com/security-alerts/cpujan2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-202004-02",
"url": "https://security.gentoo.org/glsa/202004-02"
}
]
}

6
2020/2xxx/CVE-2020-2698.json
View File

@ -1,4 +1,3 @@
{
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
@ -73,6 +72,11 @@
"url": "https://www.oracle.com/security-alerts/cpujan2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-202004-02",
"url": "https://security.gentoo.org/glsa/202004-02"
}
]
}

6
2020/2xxx/CVE-2020-2702.json
View File

@ -1,4 +1,3 @@
{
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
@ -73,6 +72,11 @@
"url": "https://www.oracle.com/security-alerts/cpujan2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-202004-02",
"url": "https://security.gentoo.org/glsa/202004-02"
}
]
}

6
2020/2xxx/CVE-2020-2703.json
View File

@ -1,4 +1,3 @@
{
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
@ -69,6 +68,11 @@
"url": "https://www.oracle.com/security-alerts/cpujan2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-202004-02",
"url": "https://security.gentoo.org/glsa/202004-02"
}
]
}

6
2020/2xxx/CVE-2020-2704.json
View File

@ -1,4 +1,3 @@
{
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
@ -73,6 +72,11 @@
"url": "https://www.oracle.com/security-alerts/cpujan2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-202004-02",
"url": "https://security.gentoo.org/glsa/202004-02"
}
]
}

6
2020/2xxx/CVE-2020-2705.json
View File

@ -1,4 +1,3 @@
{
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
@ -73,6 +72,11 @@
"url": "https://www.oracle.com/security-alerts/cpujan2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-202004-02",
"url": "https://security.gentoo.org/glsa/202004-02"
}
]
}

6
2020/2xxx/CVE-2020-2725.json
View File

@ -1,4 +1,3 @@
{
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
@ -73,6 +72,11 @@
"url": "https://www.oracle.com/security-alerts/cpujan2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-202004-02",
"url": "https://security.gentoo.org/glsa/202004-02"
}
]
}

6
2020/2xxx/CVE-2020-2726.json
View File

@ -1,4 +1,3 @@
{
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
@ -73,6 +72,11 @@
"url": "https://www.oracle.com/security-alerts/cpujan2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-202004-02",
"url": "https://security.gentoo.org/glsa/202004-02"
}
]
}

6
2020/2xxx/CVE-2020-2727.json
View File

@ -1,4 +1,3 @@
{
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
@ -73,6 +72,11 @@
"url": "https://www.oracle.com/security-alerts/cpujan2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-202004-02",
"url": "https://security.gentoo.org/glsa/202004-02"
}
]
}

50
2020/6xxx/CVE-2020-6009.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-6009",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@checkpoint.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "LearnDash Wordpress Plugin",
"version": {
"version_data": [
{
"version_value": "< 3.1.6"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://learndash.releasenotes.io/release/YBfaq-version-316",
"url": "https://learndash.releasenotes.io/release/YBfaq-version-316"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "LearnDash Wordpress plugin version below 3.1.6 is vulnerable to Unauthenticated SQL Injection."
}
]
}

50
2020/6xxx/CVE-2020-6096.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-6096",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "talos-cna@cisco.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "GNU glibc",
"version": {
"version_data": [
{
"version_value": "2.30.9000"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "unsigned conversion error"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=25620",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=25620"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data."
}
]
}