admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-05-24 13:00:40 +00:00
parent c014ad4f91
commit b954003b1f
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
19 changed files with 955 additions and 102 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
2020/25xxx/CVE-2020-25408.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-25408",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-25408",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Cross-Site Request Forgery (CSRF) vulnerability exists in ProjectWorlds College Management System Php 1.0 that allows a remote attacker to modify, delete, or make a new entry of the student, faculty, teacher, subject, scores, location, and article data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/olotieno/College-Management-System-Php/",
"refsource": "MISC",
"name": "https://github.com/olotieno/College-Management-System-Php/"
},
{
"refsource": "MISC",
"name": "https://nikhilkumar01.medium.com/cve-2020-25408-97eb7bcc23a6",
"url": "https://nikhilkumar01.medium.com/cve-2020-25408-97eb7bcc23a6"
}
]
}

61
2020/25xxx/CVE-2020-25409.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-25409",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-25409",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Projectsworlds College Management System Php 1.0 is vulnerable to SQL injection issues over multiple parameters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/olotieno/College-Management-System-Php/tree/master/College-Management-System%20in%20Php_5.5/College-Management-System%20in%20Php_5.5",
"refsource": "MISC",
"name": "https://github.com/olotieno/College-Management-System-Php/tree/master/College-Management-System%20in%20Php_5.5/College-Management-System%20in%20Php_5.5"
},
{
"refsource": "MISC",
"name": "https://nikhilkumar01.medium.com/cve-2020-25409-5ecbe735c004",
"url": "https://nikhilkumar01.medium.com/cve-2020-25409-5ecbe735c004"
}
]
}

61
2020/25xxx/CVE-2020-25411.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-25411",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-25411",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Projectworlds Online Examination System 1.0 is vulnerable to CSRF, which allows a remote attacker to delete the existing user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/projectworldsofficial/online-examination-systen-in-php",
"refsource": "MISC",
"name": "https://github.com/projectworldsofficial/online-examination-systen-in-php"
},
{
"refsource": "MISC",
"name": "https://nikhilkumar01.medium.com/cve-2020-25411-a245bdf88fb5",
"url": "https://nikhilkumar01.medium.com/cve-2020-25411-a245bdf88fb5"
}
]
}

61
2020/26xxx/CVE-2020-26006.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-26006",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-26006",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Project Worlds Online Examination System 1.0 is affected by Cross Site Scripting (XSS) via account.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/projectworldsofficial/online-examination-systen-in-php/archive/master.zip",
"refsource": "MISC",
"name": "https://github.com/projectworldsofficial/online-examination-systen-in-php/archive/master.zip"
},
{
"refsource": "MISC",
"name": "https://nikhilkumar01.medium.com/cve-2020-26006-31f847e16019",
"url": "https://nikhilkumar01.medium.com/cve-2020-26006-31f847e16019"
}
]
}

5
2020/28xxx/CVE-2020-28648.json
View File

@ -56,6 +56,11 @@
"url": "https://www.nagios.com/downloads/nagios-xi/change-log/",
"refsource": "MISC",
"name": "https://www.nagios.com/downloads/nagios-xi/change-log/"
},
{
"refsource": "MISC",
"name": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/",
"url": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/"
}
]
}

61
2020/28xxx/CVE-2020-28900.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-28900",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-28900",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient Verification of Data Authenticity in Nagios Fusion 4.1.8 and earlier and Nagios XI 5.7.5 and earlier allows for Escalation of Privileges or Code Execution as root via vectors related to an untrusted update package to upgrade_to_latest.sh."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.nagios.com/downloads/nagios-xi/change-log/",
"refsource": "MISC",
"name": "https://www.nagios.com/downloads/nagios-xi/change-log/"
},
{
"refsource": "MISC",
"name": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/",
"url": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/"
}
]
}

61
2020/28xxx/CVE-2020-28901.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-28901",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-28901",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Command Injection in Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation or Code Execution as root via vectors related to corrupt component installation in cmd_subsys.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.nagios.com/downloads/nagios-xi/change-log/",
"refsource": "MISC",
"name": "https://www.nagios.com/downloads/nagios-xi/change-log/"
},
{
"refsource": "MISC",
"name": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/",
"url": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/"
}
]
}

61
2020/28xxx/CVE-2020-28902.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-28902",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-28902",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Command Injection in Nagios Fusion 4.1.8 and earlier allows Privilege Escalation from apache to root in cmd_subsys.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.nagios.com/downloads/nagios-xi/change-log/",
"refsource": "MISC",
"name": "https://www.nagios.com/downloads/nagios-xi/change-log/"
},
{
"refsource": "MISC",
"name": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/",
"url": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/"
}
]
}

61
2020/28xxx/CVE-2020-28903.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-28903",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-28903",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper input validation in Nagios Fusion 4.1.8 and earlier allows a remote attacker with control over a fused server to inject arbitrary HTML, aka XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.nagios.com/downloads/nagios-xi/change-log/",
"refsource": "MISC",
"name": "https://www.nagios.com/downloads/nagios-xi/change-log/"
},
{
"refsource": "MISC",
"name": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/",
"url": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/"
}
]
}

61
2020/28xxx/CVE-2020-28904.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-28904",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-28904",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Execution with Unnecessary Privileges in Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation as nagios via installation of a malicious component containing PHP code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.nagios.com/downloads/nagios-xi/change-log/",
"refsource": "MISC",
"name": "https://www.nagios.com/downloads/nagios-xi/change-log/"
},
{
"refsource": "MISC",
"name": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/",
"url": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/"
}
]
}

61
2020/28xxx/CVE-2020-28905.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-28905",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-28905",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper Input Validation in Nagios Fusion 4.1.8 and earlier allows an authenticated attacker to execute remote code via table pagination."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.nagios.com/downloads/nagios-xi/change-log/",
"refsource": "MISC",
"name": "https://www.nagios.com/downloads/nagios-xi/change-log/"
},
{
"refsource": "MISC",
"name": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/",
"url": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/"
}
]
}

61
2020/28xxx/CVE-2020-28906.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-28906",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-28906",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Incorrect File Permissions in Nagios XI 5.7.5 and earlier and Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation to root. Low-privileged users are able to modify files that are included (aka sourced) by scripts executed by root."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.nagios.com/downloads/nagios-xi/change-log/",
"refsource": "MISC",
"name": "https://www.nagios.com/downloads/nagios-xi/change-log/"
},
{
"refsource": "MISC",
"name": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/",
"url": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/"
}
]
}

61
2020/28xxx/CVE-2020-28907.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-28907",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-28907",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Incorrect SSL certificate validation in Nagios Fusion 4.1.8 and earlier allows for Escalation of Privileges or Code Execution as root via vectors related to download of an untrusted update package in upgrade_to_latest.sh."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.nagios.com/downloads/nagios-xi/change-log/",
"refsource": "MISC",
"name": "https://www.nagios.com/downloads/nagios-xi/change-log/"
},
{
"refsource": "MISC",
"name": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/",
"url": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/"
}
]
}

61
2020/28xxx/CVE-2020-28908.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-28908",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-28908",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Command Injection in Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation to nagios."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.nagios.com/downloads/nagios-xi/change-log/",
"refsource": "MISC",
"name": "https://www.nagios.com/downloads/nagios-xi/change-log/"
},
{
"refsource": "MISC",
"name": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/",
"url": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/"
}
]
}

61
2020/28xxx/CVE-2020-28909.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-28909",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-28909",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Incorrect File Permissions in Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation to root via modification of scripts. Low-privileges users are able to modify files that can be executed by sudo."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.nagios.com/downloads/nagios-xi/change-log/",
"refsource": "MISC",
"name": "https://www.nagios.com/downloads/nagios-xi/change-log/"
},
{
"refsource": "MISC",
"name": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/",
"url": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/"
}
]
}

61
2020/28xxx/CVE-2020-28910.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-28910",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-28910",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Creation of a Temporary Directory with Insecure Permissions in Nagios XI 5.7.5 and earlier allows for Privilege Escalation via creation of symlinks, which are mishandled in getprofile.sh."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.nagios.com/downloads/nagios-xi/change-log/",
"refsource": "MISC",
"name": "https://www.nagios.com/downloads/nagios-xi/change-log/"
},
{
"refsource": "MISC",
"name": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/",
"url": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/"
}
]
}

61
2020/28xxx/CVE-2020-28911.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-28911",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-28911",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Incorrect Access Control in Nagios Fusion 4.1.8 and earlier allows low-privileged authenticated users to extract passwords used to manage fused servers via the test_server command in ajaxhelper.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.nagios.com/downloads/nagios-xi/change-log/",
"refsource": "MISC",
"name": "https://www.nagios.com/downloads/nagios-xi/change-log/"
},
{
"refsource": "MISC",
"name": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/",
"url": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/"
}
]
}

5
2020/29xxx/CVE-2020-29205.json
View File

@ -61,6 +61,11 @@
"url": "https://www.exploit-db.com/exploits/48969",
"refsource": "MISC",
"name": "https://www.exploit-db.com/exploits/48969"
},
{
"refsource": "MISC",
"name": "https://nikhilkumar01.medium.com/cve-2020-29205-a7ab5cbcd156",
"url": "https://nikhilkumar01.medium.com/cve-2020-29205-a7ab5cbcd156"
}
]
}

71
2021/32xxx/CVE-2021-32075.json
View File

@ -1,17 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-32075",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-32075",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Re-Logic Terraria before 1.4.2.3 performs Insecure Deserialization."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://twitter.com/relogicgames",
"refsource": "MISC",
"name": "https://twitter.com/relogicgames"
},
{
"refsource": "MISC",
"name": "https://vuln.ryotak.me/advisories/42",
"url": "https://vuln.ryotak.me/advisories/42"
},
{
"refsource": "MISC",
"name": "https://store.steampowered.com/news/app/105600/view/3062989030626131236",
"url": "https://store.steampowered.com/news/app/105600/view/3062989030626131236"
},
{
"refsource": "MISC",
"name": "https://terraria.fandom.com/wiki/1.4.2.3",
"url": "https://terraria.fandom.com/wiki/1.4.2.3"
}
]
}