admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-08-31 16:01:39 +00:00
parent 6879c2b60a
commit b81164465f
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
37 changed files with 1052 additions and 153 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
2017/7xxx/CVE-2017-7876.json
View File

@ -1,6 +1,6 @@
{
"CVE_data_meta": {
"ASSIGNER": "security@qnap.com",
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-7876",
"STATE": "PUBLIC"
},
@ -11,25 +11,18 @@
"product": {
"product_data": [
{
"product_name": "QTS",
"product_name": "n/a",
"version": {
"version_data": [
{
"platform": "build 20170517",
"version_affected": "<",
"version_value": "4.2.6"
},
{
"platform": "build 20170516",
"version_affected": "<",
"version_value": "4.3.3"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "QNAP Systems Inc."
"vendor_name": "n/a"
}
]
}
@ -41,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "This command injection vulnerability in authLogout.cgi allows attackers to run arbitrary commands in the compromised application. We have already fixed the issue in QTS 4.2.6 build 20170517, QTS 4.3.3 build 20170516 and later versions. Recommendation: To fix the vulnerability, we strongly recommend updating QTS to the latest version. Installing the QTS Update: Log on to QTS as administrator. Go to Control Panel > System > Firmware Update. Under Live Update, click Check for Update. Tip: You can also download the update from the QNAP website. Go to Support > Download and then perform a manual update.\n"
"value": "This command injection vulnerability in authLogout.cgi allows attackers to run arbitrary commands in the compromised application. We have already fixed the issue in QTS 4.2.6 build 20170517, QTS 4.3.3 build 20170516 and later versions. Recommendation: To fix the vulnerability, we strongly recommend updating QTS to the latest version. Installing the QTS Update: Log on to QTS as administrator. Go to Control Panel > System > Firmware Update. Under Live Update, click Check for Update. Tip: You can also download the update from the QNAP website. Go to Support > Download and then perform a manual update."
}
]
},
@ -70,7 +63,7 @@
"description": [
{
"lang": "eng",
"value": "CWE-78 OS Command Injection"
"value": "n/a"
}
]
}
@ -79,8 +72,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.qnap.com/en-us/release-notes/qts/4.2.6/20170517"
"refsource": "MISC",
"url": "https://www.qnap.com/en-us/release-notes/qts/4.2.6/20170517",
"name": "https://www.qnap.com/en-us/release-notes/qts/4.2.6/20170517"
}
]
},

5
2019/18xxx/CVE-2019-18571.json
View File

@ -63,8 +63,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://community.rsa.com/docs/DOC-109310"
"refsource": "MISC",
"url": "https://community.rsa.com/docs/DOC-109310",
"name": "https://community.rsa.com/docs/DOC-109310"
}
]
}

5
2019/18xxx/CVE-2019-18572.json
View File

@ -63,8 +63,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://community.rsa.com/docs/DOC-109310"
"refsource": "MISC",
"url": "https://community.rsa.com/docs/DOC-109310",
"name": "https://community.rsa.com/docs/DOC-109310"
}
]
}

5
2019/18xxx/CVE-2019-18573.json
View File

@ -63,8 +63,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://community.rsa.com/docs/DOC-109310"
"refsource": "MISC",
"url": "https://community.rsa.com/docs/DOC-109310",
"name": "https://community.rsa.com/docs/DOC-109310"
}
]
}

5
2019/3xxx/CVE-2019-3756.json
View File

@ -62,8 +62,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://community.rsa.com/docs/DOC-106759"
"refsource": "MISC",
"url": "https://community.rsa.com/docs/DOC-106759",
"name": "https://community.rsa.com/docs/DOC-106759"
}
]
}

5
2019/3xxx/CVE-2019-3758.json
View File

@ -62,8 +62,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://community.rsa.com/docs/DOC-106759"
"refsource": "MISC",
"url": "https://community.rsa.com/docs/DOC-106759",
"name": "https://community.rsa.com/docs/DOC-106759"
}
]
}

5
2019/3xxx/CVE-2019-3759.json
View File

@ -97,8 +97,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://community.rsa.com/docs/DOC-106943"
"refsource": "MISC",
"url": "https://community.rsa.com/docs/DOC-106943",
"name": "https://community.rsa.com/docs/DOC-106943"
},
{
"refsource": "MISC",

5
2019/3xxx/CVE-2019-3760.json
View File

@ -97,8 +97,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://community.rsa.com/docs/DOC-106943"
"refsource": "MISC",
"url": "https://community.rsa.com/docs/DOC-106943",
"name": "https://community.rsa.com/docs/DOC-106943"
}
]
},

5
2019/3xxx/CVE-2019-3761.json
View File

@ -97,8 +97,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://community.rsa.com/docs/DOC-106943"
"refsource": "MISC",
"url": "https://community.rsa.com/docs/DOC-106943",
"name": "https://community.rsa.com/docs/DOC-106943"
}
]
},

5
2019/3xxx/CVE-2019-3763.json
View File

@ -97,8 +97,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://community.rsa.com/docs/DOC-106943"
"refsource": "MISC",
"url": "https://community.rsa.com/docs/DOC-106943",
"name": "https://community.rsa.com/docs/DOC-106943"
}
]
},

5
2020/10xxx/CVE-2020-10289.json
View File

@ -83,11 +83,6 @@
"name": "https://github.com/ros/actionlib/pull/171",
"refsource": "CONFIRM",
"url": "https://github.com/ros/actionlib/pull/171"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20200830 [SECURITY] [DLA 2357-1] ros-actionlib security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00055.html"
}
]
},

62
2020/13xxx/CVE-2020-13463.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-13463",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-13463",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The flash memory readout protection in Apex Microelectronics APM32F103 devices allows physical attackers to extract firmware via the debug interface and exception handling."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.usenix.org/system/files/woot20-paper-obermaier.pdf",
"url": "https://www.usenix.org/system/files/woot20-paper-obermaier.pdf"
}
]
}

62
2020/13xxx/CVE-2020-13464.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-13464",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-13464",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The flash memory readout protection in China Key Systems & Integrated Circuit CKS32F103 devices allows physical attackers to extract firmware via the debug interface by utilizing the CPU or DMA module."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.usenix.org/system/files/woot20-paper-obermaier.pdf",
"url": "https://www.usenix.org/system/files/woot20-paper-obermaier.pdf"
}
]
}

62
2020/13xxx/CVE-2020-13465.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-13465",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-13465",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The security protection in Gigadevice GD32F103 devices allows physical attackers to redirect the control flow and execute arbitrary code via the debug interface."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.usenix.org/system/files/woot20-paper-obermaier.pdf",
"url": "https://www.usenix.org/system/files/woot20-paper-obermaier.pdf"
}
]
}

62
2020/13xxx/CVE-2020-13466.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-13466",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-13466",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "STMicroelectronics STM32F103 devices through 2020-05-20 allow physical attackers to execute arbitrary code via a power glitch and a specific flash patch/breakpoint unit configuration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.usenix.org/system/files/woot20-paper-obermaier.pdf",
"url": "https://www.usenix.org/system/files/woot20-paper-obermaier.pdf"
}
]
}

62
2020/13xxx/CVE-2020-13467.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-13467",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-13467",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The flash memory readout protection in China Key Systems & Integrated Circuit CKS32F103 devices allows physical attackers to extract firmware via the debug interface and exception handling."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.usenix.org/system/files/woot20-paper-obermaier.pdf",
"url": "https://www.usenix.org/system/files/woot20-paper-obermaier.pdf"
}
]
}

62
2020/13xxx/CVE-2020-13468.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-13468",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-13468",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Gigadevice GD32F130 devices allow physical attackers to escalate their debug interface permissions via fault injection into inter-IC bonding wires (which have insufficient physical protection)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.usenix.org/system/files/woot20-paper-obermaier.pdf",
"url": "https://www.usenix.org/system/files/woot20-paper-obermaier.pdf"
}
]
}

62
2020/13xxx/CVE-2020-13469.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-13469",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-13469",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The flash memory readout protection in Gigadevice GD32VF103 devices allows physical attackers to extract firmware via the debug interface by utilizing the CPU."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.usenix.org/system/files/woot20-paper-obermaier.pdf",
"url": "https://www.usenix.org/system/files/woot20-paper-obermaier.pdf"
}
]
}

62
2020/13xxx/CVE-2020-13470.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-13470",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-13470",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Gigadevice GD32F103 and GD32F130 devices allow physical attackers to extract data via the probing of easily accessible bonding wires and de-obfuscation of the observed data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.usenix.org/system/files/woot20-paper-obermaier.pdf",
"url": "https://www.usenix.org/system/files/woot20-paper-obermaier.pdf"
}
]
}

62
2020/13xxx/CVE-2020-13471.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-13471",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-13471",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apex Microelectronics APM32F103 devices allow physical attackers to execute arbitrary code via a power glitch and a specific flash patch/breakpoint unit configuration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.usenix.org/system/files/woot20-paper-obermaier.pdf",
"url": "https://www.usenix.org/system/files/woot20-paper-obermaier.pdf"
}
]
}

62
2020/13xxx/CVE-2020-13472.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-13472",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-13472",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The flash memory readout protection in Gigadevice GD32F103 devices allows physical attackers to extract firmware via the debug interface by utilizing the DMA module."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.usenix.org/system/files/woot20-paper-obermaier.pdf",
"url": "https://www.usenix.org/system/files/woot20-paper-obermaier.pdf"
}
]
}

62
2020/13xxx/CVE-2020-13828.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-13828",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-13828",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dolibarr 11.0.4 is affected by multiple stored Cross-Site Scripting (XSS) vulnerabilities that could allow remote authenticated attackers to inject arbitrary web script or HTML via ticket/card.php?action=create with the subject, message, or address parameter; adherents/card.php with the societe or address parameter; product/card.php with the label or customcode parameter; or societe/card.php with the alias or barcode parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.wizlynxgroup.com/security-research-advisories/vuln/WLX-2020-002",
"refsource": "MISC",
"name": "https://www.wizlynxgroup.com/security-research-advisories/vuln/WLX-2020-002"
}
]
}

72
2020/15xxx/CVE-2020-15687.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-15687",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-15687",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Missing access control restrictions in the Hypervisor component of the ACRN Project (v2.0 and v1.6.1) allow a malicious entity, with root access in the Service VM userspace, to abuse the PCIe assign/de-assign Hypercalls via crafted ioctls and payloads. This attack results in a corrupt state and Denial of Service (DoS) for previously assigned PCIe devices to the Service VM at runtime."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://projectacrn.github.io/latest/",
"refsource": "MISC",
"name": "https://projectacrn.github.io/latest/"
},
{
"url": "https://projectacrn.github.io/latest/developer-guides/hld/split-dm.html",
"refsource": "MISC",
"name": "https://projectacrn.github.io/latest/developer-guides/hld/split-dm.html"
},
{
"refsource": "MISC",
"name": "https://projectacrn.github.io/2.1/asa.html#addressed-in-acrn-v2-1",
"url": "https://projectacrn.github.io/2.1/asa.html#addressed-in-acrn-v2-1"
}
]
}

67
2020/17xxx/CVE-2020-17465.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-17465",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-17465",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dashboards and progressiveProfileForms in ForgeRock Identity Manager before 7.0.0 are vulnerable to stored XSS. The vulnerability affects versions 6.5.0.4, 6.0.0.6."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.nccgroup.com/us/our-research/?research=Technical+advisories",
"refsource": "MISC",
"name": "https://www.nccgroup.com/us/our-research/?research=Technical+advisories"
},
{
"refsource": "MISC",
"name": "https://gist.github.com/gajendkmr/261f45e06c41656131a651c920c7f406",
"url": "https://gist.github.com/gajendkmr/261f45e06c41656131a651c920c7f406"
}
]
}

5
2020/1xxx/CVE-2020-1082.json
View File

@ -194,6 +194,11 @@
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1082",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1082"
},
{
"refsource": "MISC",
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1082",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1082"
}
]
}

62
2020/20xxx/CVE-2020-20625.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-20625",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-20625",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sliced Invoices plugin for WordPress 3.8.2 and earlier allows unauthenticated information disclosure and authenticated SQL injection via core/class-sliced.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://blog.nintechnet.com/multiple-vulnerabilities-in-sliced-invoices-plugin/",
"url": "https://blog.nintechnet.com/multiple-vulnerabilities-in-sliced-invoices-plugin/"
}
]
}

62
2020/20xxx/CVE-2020-20626.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-20626",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-20626",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "lara-google-analytics.php in Lara Google Analytics plugin through 2.0.4 for WordPress allows authenticated stored XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://blog.nintechnet.com/zero-day-vulnerability-exploited-in-wordpress-lara-google-analytics-plugin/",
"url": "https://blog.nintechnet.com/zero-day-vulnerability-exploited-in-wordpress-lara-google-analytics-plugin/"
}
]
}

62
2020/20xxx/CVE-2020-20627.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-20627",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-20627",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The includes/gateways/stripe/includes/admin/admin-actions.php in GiveWP plugin through 2.5.9 for WordPress allows unauthenticated settings change."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://blog.nintechnet.com/multiple-vulnerabilities-fixed-in-wordpress-givewp-plugin/",
"url": "https://blog.nintechnet.com/multiple-vulnerabilities-fixed-in-wordpress-givewp-plugin/"
}
]
}

72
2020/24xxx/CVE-2020-24363.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-24363",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-24363",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TP-Link TL-WA855RE V5 20200415-rel37464 devices allow an unauthenticated attacker (on the same network) to submit a TDDP_RESET POST request for a factory reset and reboot. The attacker can then obtain incorrect access control by setting a new administrative password."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.tp-link.com/us/support/download/tl-wa855re/#Firmware",
"refsource": "MISC",
"name": "https://www.tp-link.com/us/support/download/tl-wa855re/#Firmware"
},
{
"refsource": "MISC",
"name": "http://malwrforensics.com/en/2020/08/31/cve-2020-24363-tl-wa855re-v5-advisory/",
"url": "http://malwrforensics.com/en/2020/08/31/cve-2020-24363-tl-wa855re-v5-advisory/"
},
{
"refsource": "MISC",
"name": "https://pastebin.com/VjHM4UiA",
"url": "https://pastebin.com/VjHM4UiA"
}
]
}

67
2020/24xxx/CVE-2020-24699.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-24699",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-24699",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Chamber Dashboard Business Directory plugin 3.2.8 for WordPress allows XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wordpress.org/plugins/chamber-dashboard-business-directory/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/chamber-dashboard-business-directory/#developers"
},
{
"refsource": "MISC",
"name": "https://l0l.xyz/sec/2020/08/31/1-wordpress-crm-xss.html",
"url": "https://l0l.xyz/sec/2020/08/31/1-wordpress-crm-xss.html"
}
]
}

18
2020/25xxx/CVE-2020-25035.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-25035",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/25xxx/CVE-2020-25036.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-25036",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/25xxx/CVE-2020-25037.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-25037",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/25xxx/CVE-2020-25038.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-25038",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

5
2020/5xxx/CVE-2020-5339.json
View File

@ -63,8 +63,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://community.rsa.com/docs/DOC-111092"
"refsource": "MISC",
"url": "https://community.rsa.com/docs/DOC-111092",
"name": "https://community.rsa.com/docs/DOC-111092"
}
]
}

6
2020/5xxx/CVE-2020-5340.json
View File

@ -63,9 +63,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://community.rsa.com/docs/DOC-111092"
"refsource": "MISC",
"url": "https://community.rsa.com/docs/DOC-111092",
"name": "https://community.rsa.com/docs/DOC-111092"
}
]
}

5
2020/5xxx/CVE-2020-5346.json
View File

@ -63,8 +63,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://community.rsa.com/docs/DOC-111347"
"refsource": "MISC",
"url": "https://community.rsa.com/docs/DOC-111347",
"name": "https://community.rsa.com/docs/DOC-111347"
}
]
}