admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-04-02 21:01:17 +00:00
parent b65e731d3c
commit ae1c64041f
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
9 changed files with 427 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

62
2020/11xxx/CVE-2020-11494.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-11494",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel through 5.6.2. It allows attackers to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL, aka CID-b9258a2cece4."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/torvalds/linux/commit/b9258a2cece4ec1f020715fe3554bc2e360f6264",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/b9258a2cece4ec1f020715fe3554bc2e360f6264"
}
]
}
}

18
2020/11xxx/CVE-2020-11495.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-11495",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/11xxx/CVE-2020-11496.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-11496",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/11xxx/CVE-2020-11497.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-11497",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

55
2020/7xxx/CVE-2020-7619.json
View File

@ -4,14 +4,63 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-7619",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "report@snyk.io",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "get-git-data",
"version": {
"version_data": [
{
"version_value": "All versions including 1.3.1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/chardos/get-git-data/blob/master/index.js#L7,",
"url": "https://github.com/chardos/get-git-data/blob/master/index.js#L7,"
},
{
"refsource": "MISC",
"name": "https://snyk.io/vuln/SNYK-JS-GETGITDATA-564222",
"url": "https://snyk.io/vuln/SNYK-JS-GETGITDATA-564222"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "get-git-data through 1.3.1 is vulnerable to Command Injection. It is possible to inject arbitrary commands as part of the arguments provided to get-git-data."
}
]
}

55
2020/7xxx/CVE-2020-7620.json
View File

@ -4,14 +4,63 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-7620",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "report@snyk.io",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "pomelo-monitor",
"version": {
"version_data": [
{
"version_value": "All versions including 0.3.7"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/halfblood369/monitor/blob/900b5cadf59edcccac4754e5706a22719925ddb9/lib/processMonitor.js,",
"url": "https://github.com/halfblood369/monitor/blob/900b5cadf59edcccac4754e5706a22719925ddb9/lib/processMonitor.js,"
},
{
"refsource": "MISC",
"name": "https://snyk.io/vuln/SNYK-JS-POMELOMONITOR-173695",
"url": "https://snyk.io/vuln/SNYK-JS-POMELOMONITOR-173695"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "pomelo-monitor through 0.3.7 is vulnerable to Command Injection.It allows injection of arbitrary commands as part of 'pomelo-monitor' params."
}
]
}

55
2020/7xxx/CVE-2020-7621.json
View File

@ -4,14 +4,63 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-7621",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "report@snyk.io",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "strong-nginx-controller",
"version": {
"version_data": [
{
"version_value": "All versions including 1.0.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/strongloop/strong-nginx-controller/blob/master/lib/server.js#L65,",
"url": "https://github.com/strongloop/strong-nginx-controller/blob/master/lib/server.js#L65,"
},
{
"refsource": "MISC",
"name": "https://snyk.io/vuln/SNYK-JS-STRONGNGINXCONTROLLER-564248",
"url": "https://snyk.io/vuln/SNYK-JS-STRONGNGINXCONTROLLER-564248"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "strong-nginx-controller through 1.0.2 is vulnerable to Command Injection. It allows execution of arbitrary command as part of the '_nginxCmd()' function."
}
]
}

55
2020/7xxx/CVE-2020-7623.json
View File

@ -4,14 +4,63 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-7623",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "report@snyk.io",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "jscover",
"version": {
"version_data": [
{
"version_value": "All versions including 1.0.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/node-modules/jscover/blob/master/lib/jscover.js#L59,",
"url": "https://github.com/node-modules/jscover/blob/master/lib/jscover.js#L59,"
},
{
"refsource": "MISC",
"name": "https://snyk.io/vuln/SNYK-JS-JSCOVER-564250",
"url": "https://snyk.io/vuln/SNYK-JS-JSCOVER-564250"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "jscover through 1.0.0 is vulnerable to Command Injection. It allows execution of arbitrary command via the source argument."
}
]
}

106
2020/9xxx/CVE-2020-9067.json
View File

@ -4,14 +4,114 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-9067",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "SmartAX MA5600T",
"version": {
"version_data": [
{
"version_value": "V800R013C10"
},
{
"version_value": "V800R015C00"
},
{
"version_value": "V800R015C10"
},
{
"version_value": "V800R017C00"
},
{
"version_value": "V800R017C10"
},
{
"version_value": "V800R018C00"
},
{
"version_value": "V800R018C10"
}
]
}
},
{
"product_name": "SmartAX MA5800",
"version": {
"version_data": [
{
"version_value": "V100R017C00"
},
{
"version_value": "V100R017C10"
},
{
"version_value": "V100R018C00"
},
{
"version_value": "V100R018C10"
},
{
"version_value": "V100R019C10"
}
]
}
},
{
"product_name": "SmartAX EA5800",
"version": {
"version_data": [
{
"version_value": "V100R018C00"
},
{
"version_value": "V100R018C10"
},
{
"version_value": "V100R019C10"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200401-01-overflow-en",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200401-01-overflow-en"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is a buffer overflow vulnerability in some Huawei products. The vulnerability can be exploited by an attacker to perform remote code execution on the affected products when the affected product functions as an optical line terminal (OLT). Affected product versions include:SmartAX MA5600T versions V800R013C10, V800R015C00, V800R015C10, V800R017C00, V800R017C10, V800R018C00, V800R018C10; SmartAX MA5800 versions V100R017C00, V100R017C10, V100R018C00, V100R018C10, V100R019C10; SmartAX EA5800 versions V100R018C00, V100R018C10, V100R019C10."
}
]
}