admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-05-19 15:01:27 +00:00
parent 97daea89e6
commit bf5ceae1ee
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
13 changed files with 112 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2019/20xxx/CVE-2019-20795.json
View File

@ -61,6 +61,11 @@
"refsource": "MISC",
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1171452",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1171452"
},
{
"refsource": "UBUNTU",
"name": "USN-4357-1",
"url": "https://usn.ubuntu.com/4357-1/"
}
]
}

50
2020/11xxx/CVE-2020-11845.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-11845",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@suse.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Service Manager.",
"version": {
"version_data": [
{
"version_value": "9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross Site Scripting."
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://softwaresupport.softwaregrp.com/doc/KM03640285",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03640285"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross Site Scripting vulnerability in Micro Focus Service Manager product. Affecting versions 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The vulnerability could be exploited to allow remote attackers to inject arbitrary web script or HTML."
}
]
}

5
2020/12xxx/CVE-2020-12244.json
View File

@ -56,6 +56,11 @@
"refsource": "CONFIRM",
"name": "https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2020-02.html",
"url": "https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2020-02.html"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200519 PowerDNS Recursor 4.3.1, 4.2.2. and 4.1.16 released fixing multiple vulnerabilities",
"url": "http://www.openwall.com/lists/oss-security/2020/05/19/3"
}
]
}

5
2020/12xxx/CVE-2020-12662.json
View File

@ -61,6 +61,11 @@
"refsource": "MISC",
"name": "http://www.nxnsattack.com",
"url": "http://www.nxnsattack.com"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200519 Unbound - CVE-2020-12662, CVE-2020-12663",
"url": "http://www.openwall.com/lists/oss-security/2020/05/19/5"
}
]
}

5
2020/12xxx/CVE-2020-12663.json
View File

@ -56,6 +56,11 @@
"refsource": "CONFIRM",
"name": "https://nlnetlabs.nl/downloads/unbound/CVE-2020-12662_2020-12663.txt",
"url": "https://nlnetlabs.nl/downloads/unbound/CVE-2020-12662_2020-12663.txt"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200519 Unbound - CVE-2020-12662, CVE-2020-12663",
"url": "http://www.openwall.com/lists/oss-security/2020/05/19/5"
}
]
}

5
2020/12xxx/CVE-2020-12667.json
View File

@ -66,6 +66,11 @@
"refsource": "CONFIRM",
"name": "https://www.knot-resolver.cz/2020-05-19-knot-resolver-5.1.1.html",
"url": "https://www.knot-resolver.cz/2020-05-19-knot-resolver-5.1.1.html"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200519 [CVE-2020-12667] Knot Resolver 5.1.1 NXNSAttack mitigation",
"url": "http://www.openwall.com/lists/oss-security/2020/05/19/2"
}
]
}

5
2020/12xxx/CVE-2020-12888.json
View File

@ -61,6 +61,11 @@
"url": "https://lore.kernel.org/kvm/158871401328.15589.17598154478222071285.stgit@gimli.home/",
"refsource": "MISC",
"name": "https://lore.kernel.org/kvm/158871401328.15589.17598154478222071285.stgit@gimli.home/"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200519 CVE-2020-12888 Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario",
"url": "http://www.openwall.com/lists/oss-security/2020/05/19/6"
}
]
}

3
2020/1xxx/CVE-2020-1695.json
View File

@ -4,7 +4,8 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-1695",
"ASSIGNER": "mrehak@redhat.com"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {

10
2020/7xxx/CVE-2020-7454.json
View File

@ -53,6 +53,16 @@
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200518-0005/",
"url": "https://security.netapp.com/advisory/ntap-20200518-0005/"
},
{
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-660/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-660/"
},
{
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-659/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-659/"
}
]
},

5
2020/7xxx/CVE-2020-7455.json
View File

@ -53,6 +53,11 @@
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200518-0005/",
"url": "https://security.netapp.com/advisory/ntap-20200518-0005/"
},
{
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-661/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-661/"
}
]
},

6
2020/8xxx/CVE-2020-8021.json
View File

@ -1,6 +1,6 @@
{
"CVE_data_meta": {
"ASSIGNER": "security@suse.de",
"ASSIGNER": "security@suse.com",
"DATE_PUBLIC": "2020-05-19T00:00:00.000Z",
"ID": "CVE-2020-8021",
"STATE": "PUBLIC",
@ -34,7 +34,7 @@
"credit": [
{
"lang": "eng",
"value": "Marcus Hüwe"
"value": "Marcus H\u00fcwe"
}
],
"data_format": "MITRE",
@ -44,7 +44,7 @@
"description_data": [
{
"lang": "eng",
"value": "a Improper Access Control vulnerability in of Open Build Service allows remote attackers to read files of an OBS package where the sourceaccess/access is disabled\nThis issue affects:\nOpen Build Service versions prior to 2.10.5."
"value": "a Improper Access Control vulnerability in of Open Build Service allows remote attackers to read files of an OBS package where the sourceaccess/access is disabled This issue affects: Open Build Service versions prior to 2.10.5."
}
]
},

7
2020/8xxx/CVE-2020-8616.json
View File

@ -44,7 +44,7 @@
"description_data": [
{
"lang": "eng",
"value": "A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral.\n\nThis has at least two potential effects:\n\n The performance of the recursing server can potentially be degraded by the additional work required to perform these fetches, and\n The attacker can exploit this behavior to use the recursing server as a reflector in a reflection attack with a high amplification factor."
"value": "A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral. This has at least two potential effects: The performance of the recursing server can potentially be degraded by the additional work required to perform these fetches, and The attacker can exploit this behavior to use the recursing server as a reflector in a reflection attack with a high amplification factor."
}
]
},
@ -90,6 +90,11 @@
"name": "http://www.nxnsattack.com",
"refsource": "MISC",
"url": "http://www.nxnsattack.com"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200519 Two vulnerabilities disclosed in BIND (CVE-2020-8616 and CVE-2020-8617)",
"url": "http://www.openwall.com/lists/oss-security/2020/05/19/4"
}
]
},

7
2020/8xxx/CVE-2020-8617.json
View File

@ -37,7 +37,7 @@
"description_data": [
{
"lang": "eng",
"value": "Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server.\n\nSince BIND, by default, configures a local session key even on servers whose configuration does not otherwise make use of it, almost all current BIND servers are vulnerable.\n\nIn releases of BIND dating from March 2018 and after, an assertion check in tsig.c detects this inconsistent state and deliberately exits. Prior to the introduction of the check the server would continue operating in an inconsistent state, with potentially harmful results."
"value": "Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration does not otherwise make use of it, almost all current BIND servers are vulnerable. In releases of BIND dating from March 2018 and after, an assertion check in tsig.c detects this inconsistent state and deliberately exits. Prior to the introduction of the check the server would continue operating in an inconsistent state, with potentially harmful results."
}
]
},
@ -78,6 +78,11 @@
"name": "https://kb.isc.org/docs/cve-2020-8617",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/docs/cve-2020-8617"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200519 Two vulnerabilities disclosed in BIND (CVE-2020-8616 and CVE-2020-8617)",
"url": "http://www.openwall.com/lists/oss-security/2020/05/19/4"
}
]
},