"-Synchronized-Data."

This commit is contained in:
CVE Team 2020-09-01 16:01:27 +00:00
parent 3cebf79342
commit b4d8b13d89
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
5 changed files with 287 additions and 23 deletions

View File

@ -1,18 +1,96 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"STATE": "PUBLIC",
"ID": "CVE-2012-3336",
"STATE": "RESERVED"
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2012-09-14T00:00:00"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "8.0"
},
{
"version_value": "8.01"
},
{
"version_value": "8.2"
}
]
},
"product_name": "InfoSphere Guardium"
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Data Manipulation"
}
]
}
]
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "IBM InfoSphere Guardium 8.0, 8.01, and 8.2 is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL statements to multiple scripts, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 78282."
}
]
},
"data_format": "MITRE",
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21611130",
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21611130",
"title": "IBM Security Bulletin 1611130"
},
{
"title": "X-Force Vulnerability Report",
"name": "infosphereguardium-multiple-sql-injection (78282)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78282",
"refsource": "XF"
}
]
},
"data_version": "4.0",
"impact": {
"cvssv3": {
"BM": {
"A": "L",
"AC": "L",
"SCORE": "6.300",
"I": "L",
"UI": "N",
"AV": "N",
"PR": "L",
"S": "U",
"C": "L"
},
"TM": {
"E": "U",
"RL": "O",
"RC": "C"
}
}
}
}

View File

@ -1,17 +1,95 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-3337",
"STATE": "RESERVED"
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "8.0"
},
{
"version_value": "8.01"
},
{
"version_value": "8.2"
}
]
},
"product_name": "InfoSphere Guardium"
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"CVE_data_meta": {
"ID": "CVE-2012-3337",
"STATE": "PUBLIC",
"DATE_PUBLIC": "2012-09-14T00:00:00",
"ASSIGNER": "psirt@us.ibm.com"
},
"data_version": "4.0",
"impact": {
"cvssv3": {
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
},
"BM": {
"A": "N",
"AC": "L",
"SCORE": "5.300",
"I": "N",
"S": "U",
"PR": "N",
"C": "L",
"UI": "N",
"AV": "N"
}
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "IBM InfoSphere Guardium 8.0, 8.01, and 8.2 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to download arbitrary files on the system. IBM X-Force ID: 78284."
}
]
},
"data_format": "MITRE",
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21611129",
"title": "IBM Security Bulletin 1611129",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21611129",
"refsource": "CONFIRM"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78284",
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"name": "infosphereguardium-dir-traversal (78284)"
}
]
}

View File

@ -211,6 +211,16 @@
"refsource": "MLIST",
"name": "[tomcat-dev] 20200213 svn commit: r1873980 [29/34] - /tomcat/site/trunk/docs/",
"url": "https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cassandra-dev] 20200901 CVE-2020-13946 Apache Cassandra RMI Rebind Vulnerability",
"url": "https://lists.apache.org/thread.html/rcd7544b24d8fc32b7950ec4c117052410b661babaa857fb1fc641152@%3Cdev.cassandra.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cassandra-user] 20200901 CVE-2020-13946 Apache Cassandra RMI Rebind Vulnerability",
"url": "https://lists.apache.org/thread.html/rcd7544b24d8fc32b7950ec4c117052410b661babaa857fb1fc641152@%3Cuser.cassandra.apache.org%3E"
}
]
}

View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-23450",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-23450",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Spiceworks Version <= 7.5.00107 is affected by XSS. Any name typed on Custom Groups function is vulnerable to stored XSS as they displayed on http://127.0.0.1/inventory/groups/ without output sanitization."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://spiceworks.com",
"refsource": "MISC",
"name": "http://spiceworks.com"
},
{
"url": "https://abuyv.com",
"refsource": "MISC",
"name": "https://abuyv.com"
},
{
"refsource": "MISC",
"name": "https://abuyv.com/cve/spiceworks-stored-xss",
"url": "https://abuyv.com/cve/spiceworks-stored-xss"
}
]
}

View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-23971",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-23971",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "gmapfp.org Joomla Component GMapFP J3.30pro is affected by Insecure Permissions. An attacker can access the upload function without authenticating to the application and also can upload files due the issues of unrestricted file uploads which can be bypassed by changing the content-type and name file too double extensions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://packetstormsecurity.com/files/156889/Joomla-GMapFP-3.30-Arbitrary-File-Upload.html",
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/156889/Joomla-GMapFP-3.30-Arbitrary-File-Upload.html"
}
]
}