admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-05 10:18:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-01-18 00:01:13 +00:00
parent e2d702495c
commit b56ec8daff
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
7 changed files with 382 additions and 260 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

144
2019/15xxx/CVE-2019-15625.json
View File

@ -1,69 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@trendmicro.com",
"ID" : "CVE-2019-15625",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Trend Micro Password Manager",
"version" : {
"version_data" : [
{
"version_value" : "3.8.0.1103 and below "
}
]
}
}
]
},
"vendor_name" : "Trend Micro"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A memory usage vulnerability exists in Trend Micro Password Manager 3.8 that could allow an attacker with access and permissions to the victim's memory processes to extract sensitive information. "
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Memory Usage"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://esupport.trendmicro.com/en-us/home/pages/technical-support/1123595.aspx"
},
{
"url" : "https://jvn.jp/en/jp/JVN49593434/index.html"
},
{
"url" : "https://esupport.trendmicro.com/support/pwm/solution/ja-jp/1123614.aspx"
},
{
"url" : "https://jvn.jp/jp/JVN49593434/index.html"
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2019-15625",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Password Manager",
"version": {
"version_data": [
{
"version_value": "3.8.0.1103 and below "
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A memory usage vulnerability exists in Trend Micro Password Manager 3.8 that could allow an attacker with access and permissions to the victim's memory processes to extract sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Usage"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://esupport.trendmicro.com/en-us/home/pages/technical-support/1123595.aspx",
"refsource": "MISC",
"name": "https://esupport.trendmicro.com/en-us/home/pages/technical-support/1123595.aspx"
},
{
"url": "https://jvn.jp/en/jp/JVN49593434/index.html",
"refsource": "MISC",
"name": "https://jvn.jp/en/jp/JVN49593434/index.html"
},
{
"url": "https://esupport.trendmicro.com/support/pwm/solution/ja-jp/1123614.aspx",
"refsource": "MISC",
"name": "https://esupport.trendmicro.com/support/pwm/solution/ja-jp/1123614.aspx"
},
{
"url": "https://jvn.jp/jp/JVN49593434/index.html",
"refsource": "MISC",
"name": "https://jvn.jp/jp/JVN49593434/index.html"
}
]
}
}

144
2019/19xxx/CVE-2019-19696.json
View File

@ -1,69 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@trendmicro.com",
"ID" : "CVE-2019-19696",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Trend Micro Password Manager",
"version" : {
"version_data" : [
{
"version_value" : "5.0.0.1076 and below (Windows) and 5.0.1047 and below (Mac)"
}
]
}
}
]
},
"vendor_name" : "Trend Micro"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A RootCA vulnerability found in Trend Micro Password Manager for Windows and macOS exists where the localhost.key of RootCA.crt might be improperly accessed by an unauthorized party and could be used to create malicious self-signed SSL certificates, allowing an attacker to misdirect a user to phishing sites. "
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "RootCA Access"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://esupport.trendmicro.com/en-us/home/pages/technical-support/1124092.aspx"
},
{
"url" : "https://jvn.jp/en/jp/JVN37183636/index.html"
},
{
"url" : "https://esupport.trendmicro.com/support/pwm/solution/ja-jp/1124091.aspx"
},
{
"url" : "https://jvn.jp/jp/JVN37183636/index.html"
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2019-19696",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Password Manager",
"version": {
"version_data": [
{
"version_value": "5.0.0.1076 and below (Windows) and 5.0.1047 and below (Mac)"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A RootCA vulnerability found in Trend Micro Password Manager for Windows and macOS exists where the localhost.key of RootCA.crt might be improperly accessed by an unauthorized party and could be used to create malicious self-signed SSL certificates, allowing an attacker to misdirect a user to phishing sites."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "RootCA Access"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://esupport.trendmicro.com/en-us/home/pages/technical-support/1124092.aspx",
"refsource": "MISC",
"name": "https://esupport.trendmicro.com/en-us/home/pages/technical-support/1124092.aspx"
},
{
"url": "https://jvn.jp/en/jp/JVN37183636/index.html",
"refsource": "MISC",
"name": "https://jvn.jp/en/jp/JVN37183636/index.html"
},
{
"url": "https://esupport.trendmicro.com/support/pwm/solution/ja-jp/1124091.aspx",
"refsource": "MISC",
"name": "https://esupport.trendmicro.com/support/pwm/solution/ja-jp/1124091.aspx"
},
{
"url": "https://jvn.jp/jp/JVN37183636/index.html",
"refsource": "MISC",
"name": "https://jvn.jp/jp/JVN37183636/index.html"
}
]
}
}

128
2019/19xxx/CVE-2019-19697.json
View File

@ -1,63 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@trendmicro.com",
"ID" : "CVE-2019-19697",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Trend Micro Security (Consumer)",
"version" : {
"version_data" : [
{
"version_value" : "2019 (v15) "
}
]
}
}
]
},
"vendor_name" : "Trend Micro"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. An attacker must already have administrator privileges on the target machine in order to exploit the vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Arbitrary Code Execution"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://esupport.trendmicro.com/en-us/home/pages/technical-support/1124090.aspx"
},
{
"url" : "http://hyp3rlinx.altervista.org/advisories/TREND-MICRO-SECURITY-CONSUMER-SECURITY-BYPASS-PROTECTED-SERVICE-TAMPERING.txt"
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2019-19697",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Security (Consumer)",
"version": {
"version_data": [
{
"version_value": "2019 (v15) "
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. An attacker must already have administrator privileges on the target machine in order to exploit the vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Arbitrary Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://esupport.trendmicro.com/en-us/home/pages/technical-support/1124090.aspx",
"refsource": "MISC",
"name": "https://esupport.trendmicro.com/en-us/home/pages/technical-support/1124090.aspx"
},
{
"url": "http://hyp3rlinx.altervista.org/advisories/TREND-MICRO-SECURITY-CONSUMER-SECURITY-BYPASS-PROTECTED-SERVICE-TAMPERING.txt",
"refsource": "MISC",
"name": "http://hyp3rlinx.altervista.org/advisories/TREND-MICRO-SECURITY-CONSUMER-SECURITY-BYPASS-PROTECTED-SERVICE-TAMPERING.txt"
}
]
}
}

128
2019/20xxx/CVE-2019-20357.json
View File

@ -1,63 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@trendmicro.com",
"ID" : "CVE-2019-20357",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Trend Micro Security (Consumer)",
"version" : {
"version_data" : [
{
"version_value" : "2019 (v15) and 2020 (v16) "
}
]
}
}
]
},
"vendor_name" : "Trend Micro"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vulnerable system."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Persistent Arbitrary Code Execution"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://esupport.trendmicro.com/en-us/home/pages/technical-support/1124099.aspx"
},
{
"url" : "http://hyp3rlinx.altervista.org/advisories/TREND-MICRO-SECURITY-CONSUMER-PERSISTENT-ARBITRARY-CODE-EXECUTION.txt"
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2019-20357",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Security (Consumer)",
"version": {
"version_data": [
{
"version_value": "2019 (v15) and 2020 (v16) "
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vulnerable system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Persistent Arbitrary Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://esupport.trendmicro.com/en-us/home/pages/technical-support/1124099.aspx",
"refsource": "MISC",
"name": "https://esupport.trendmicro.com/en-us/home/pages/technical-support/1124099.aspx"
},
{
"url": "http://hyp3rlinx.altervista.org/advisories/TREND-MICRO-SECURITY-CONSUMER-PERSISTENT-ARBITRARY-CODE-EXECUTION.txt",
"refsource": "MISC",
"name": "http://hyp3rlinx.altervista.org/advisories/TREND-MICRO-SECURITY-CONSUMER-PERSISTENT-ARBITRARY-CODE-EXECUTION.txt"
}
]
}
}

18
2020/7xxx/CVE-2020-7221.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-7221",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

62
2020/7xxx/CVE-2020-7222.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-7222",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Amcrest Web Server 2.520.AC00.18.R 2017-06-29 WEB 3.2.1.453504. The login page responds with JavaScript when one tries to authenticate. An attacker who changes the result parameter (to true) in this JavaScript code can bypass authentication and achieve limited privileges (ability to see every option but not modify them)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://sku11army.blogspot.com/2020/01/amcrest-2520ac0018r-login-bypass.html",
"refsource": "MISC",
"name": "https://sku11army.blogspot.com/2020/01/amcrest-2520ac0018r-login-bypass.html"
}
]
}
}

18
2020/7xxx/CVE-2020-7223.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-7223",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}