admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-08-03 17:01:22 +00:00
parent 4f2d2bdd64
commit bfc03336a0
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
21 changed files with 571 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2019/12xxx/CVE-2019-12380.json
View File

@ -101,6 +101,11 @@
"refsource": "UBUNTU",
"name": "USN-4414-1",
"url": "https://usn.ubuntu.com/4414-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4439-1",
"url": "https://usn.ubuntu.com/4439-1/"
}
]
}

10
2019/16xxx/CVE-2019-16089.json
View File

@ -76,6 +76,16 @@
"refsource": "UBUNTU",
"name": "USN-4414-1",
"url": "https://usn.ubuntu.com/4414-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4425-1",
"url": "https://usn.ubuntu.com/4425-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4439-1",
"url": "https://usn.ubuntu.com/4439-1/"
}
]
}

5
2019/19xxx/CVE-2019-19036.json
View File

@ -71,6 +71,11 @@
"refsource": "UBUNTU",
"name": "USN-4414-1",
"url": "https://usn.ubuntu.com/4414-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4439-1",
"url": "https://usn.ubuntu.com/4439-1/"
}
]
}

10
2019/19xxx/CVE-2019-19462.json
View File

@ -106,6 +106,16 @@
"refsource": "UBUNTU",
"name": "USN-4414-1",
"url": "https://usn.ubuntu.com/4414-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4425-1",
"url": "https://usn.ubuntu.com/4425-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4439-1",
"url": "https://usn.ubuntu.com/4439-1/"
}
]
}

5
2019/20xxx/CVE-2019-20810.json
View File

@ -71,6 +71,11 @@
"refsource": "UBUNTU",
"name": "USN-4427-1",
"url": "https://usn.ubuntu.com/4427-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4439-1",
"url": "https://usn.ubuntu.com/4439-1/"
}
]
}

10
2019/20xxx/CVE-2019-20908.json
View File

@ -96,6 +96,16 @@
"refsource": "MLIST",
"name": "[oss-security] 20200730 UEFI SecureBoot bypass fixes rolled out to kernels below radar",
"url": "http://www.openwall.com/lists/oss-security/2020/07/30/2"
},
{
"refsource": "UBUNTU",
"name": "USN-4439-1",
"url": "https://usn.ubuntu.com/4439-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4426-1",
"url": "https://usn.ubuntu.com/4426-1/"
}
]
}

5
2020/10xxx/CVE-2020-10732.json
View File

@ -93,6 +93,11 @@
"refsource": "UBUNTU",
"name": "USN-4427-1",
"url": "https://usn.ubuntu.com/4427-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4439-1",
"url": "https://usn.ubuntu.com/4439-1/"
}
]
},

10
2020/10xxx/CVE-2020-10757.json
View File

@ -88,6 +88,16 @@
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200702-0004/",
"url": "https://security.netapp.com/advisory/ntap-20200702-0004/"
},
{
"refsource": "UBUNTU",
"name": "USN-4439-1",
"url": "https://usn.ubuntu.com/4439-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4426-1",
"url": "https://usn.ubuntu.com/4426-1/"
}
]
},

61
2020/12xxx/CVE-2020-12739.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-12739",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-12739",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability in the Fanuc i Series CNC (0i-MD and 0i Mate-MD) could allow an unauthenticated, remote attacker to cause an affected CNC to become inaccessible to other devices. The vulnerability is due to improper design or implementation of the Ethernet communication modules of the CNC. An attacker could exploit this vulnerability by sending a series of malformed packets to port 8193/tcp, resulting in a denial of service (DoS) condition, where the affected device would require a manual power cycle of the CNC to recover."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.fanuc.co.jp/eindex.html",
"refsource": "MISC",
"name": "https://www.fanuc.co.jp/eindex.html"
},
{
"refsource": "MISC",
"name": "https://jvn.jp/en/jp/JVN84959128/index.html",
"url": "https://jvn.jp/en/jp/JVN84959128/index.html"
}
]
}

71
2020/13xxx/CVE-2020-13820.json
View File

@ -1,17 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-13820",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-13820",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Extreme Management Center 8.4.1.24 allows unauthenticated reflected XSS via a parameter in a GET request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://gtacknowledge.extremenetworks.com",
"refsource": "MISC",
"name": "https://gtacknowledge.extremenetworks.com"
},
{
"refsource": "MISC",
"name": "https://gtacknowledge.extremenetworks.com/articles/Solution/000051136",
"url": "https://gtacknowledge.extremenetworks.com/articles/Solution/000051136"
},
{
"refsource": "MISC",
"name": "https://documentation.extremenetworks.com/release_notes/netsight/XMC_8.5.0_Release_Notes.pdf",
"url": "https://documentation.extremenetworks.com/release_notes/netsight/XMC_8.5.0_Release_Notes.pdf"
},
{
"refsource": "MISC",
"name": "https://medium.com/@0x00crash/xss-reflected-in-extreme-management-center-8-4-1-24-cve-2020-13820-c6febe951219",
"url": "https://medium.com/@0x00crash/xss-reflected-in-extreme-management-center-8-4-1-24-cve-2020-13820-c6febe951219"
}
]
}

5
2020/13xxx/CVE-2020-13974.json
View File

@ -71,6 +71,11 @@
"refsource": "UBUNTU",
"name": "USN-4427-1",
"url": "https://usn.ubuntu.com/4427-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4439-1",
"url": "https://usn.ubuntu.com/4439-1/"
}
]
}

50
2020/14xxx/CVE-2020-14319.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-14319",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "AMQ-Online and EnMasse",
"version": {
"version_data": [
{
"version_value": "AMQ-Online prior to 1.5.2 and Enmasse versions 0.31.0-rc1 up until but not including 0.32.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1854373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1854373"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "It was found that the AMQ Online console is vulnerable to a Cross-Site Request Forgery (CSRF) which is exploitable in cases where preflight checks are not instigated or bypassed. For example authorised users using an older browser with Adobe Flash are vulnerable when targeted by an attacker. This flaw affects all versions of AMQ-Online prior to 1.5.2 and Enmasse versions 0.31.0-rc1 up until but not including 0.32.2."
}
]
}

15
2020/15xxx/CVE-2020-15780.json
View File

@ -91,6 +91,21 @@
"refsource": "MLIST",
"name": "[oss-security] 20200730 UEFI SecureBoot bypass fixes rolled out to kernels below radar",
"url": "http://www.openwall.com/lists/oss-security/2020/07/30/2"
},
{
"refsource": "UBUNTU",
"name": "USN-4425-1",
"url": "https://usn.ubuntu.com/4425-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4439-1",
"url": "https://usn.ubuntu.com/4439-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4426-1",
"url": "https://usn.ubuntu.com/4426-1/"
}
]
}

5
2020/15xxx/CVE-2020-15803.json
View File

@ -66,6 +66,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2020-02cf7850ca",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ZHHIUYIVA5GZYLKW6A5G6HRELPOBZFE/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20200803 [SECURITY] [DLA 2311-1] zabbix security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00007.html"
}
]
}

61
2020/16xxx/CVE-2020-16131.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-16131",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-16131",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Tiki before 21.2 allows XSS because [\\s\\/\"\\'] is not properly considered in lib/core/TikiFilter/PreventXss.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://gitlab.com/tikiwiki/tiki/-/commit/d12d6ea7b025d3b3f81c8a71063fe9f89e0c4bf1",
"refsource": "MISC",
"name": "https://gitlab.com/tikiwiki/tiki/-/commit/d12d6ea7b025d3b3f81c8a71063fe9f89e0c4bf1"
},
{
"url": "https://tiki.org/News",
"refsource": "MISC",
"name": "https://tiki.org/News"
}
]
}

18
2020/16xxx/CVE-2020-16270.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-16270",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

67
2020/16xxx/CVE-2020-16271.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16271",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SRP-6a implementation in Kee Vault KeePassRPC before 1.12.0 generates insufficiently random numbers, which allows remote attackers to read and modify data in the KeePass database via a WebSocket connection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://forum.kee.pm/t/a-critical-security-update-for-keepassrpc-is-available/3040",
"refsource": "MISC",
"name": "https://forum.kee.pm/t/a-critical-security-update-for-keepassrpc-is-available/3040"
},
{
"url": "https://danzinger.wien/exploiting-keepassrpc/",
"refsource": "MISC",
"name": "https://danzinger.wien/exploiting-keepassrpc/"
}
]
}
}

67
2020/16xxx/CVE-2020-16272.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16272",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SRP-6a implementation in Kee Vault KeePassRPC before 1.12.0 is missing validation for a client-provided parameter, which allows remote attackers to read and modify data in the KeePass database via an A=0 WebSocket connection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://forum.kee.pm/t/a-critical-security-update-for-keepassrpc-is-available/3040",
"refsource": "MISC",
"name": "https://forum.kee.pm/t/a-critical-security-update-for-keepassrpc-is-available/3040"
},
{
"url": "https://danzinger.wien/exploiting-keepassrpc/",
"refsource": "MISC",
"name": "https://danzinger.wien/exploiting-keepassrpc/"
}
]
}
}

18
2020/16xxx/CVE-2020-16273.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-16273",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

50
2020/8xxx/CVE-2020-8574.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8574",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-alert@netapp.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Active IQ Unified Manager for Linux 7.3 and above",
"version": {
"version_data": [
{
"version_value": "Versions through 9.6"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unauthorized Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20200803-0001/",
"url": "https://security.netapp.com/advisory/ntap-20200803-0001/"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Active IQ Unified Manager for Linux versions prior to 9.6 ship with the Java Management Extension Remote Method Invocation (JMX RMI) service enabled allowing unauthorized code execution to local users."
}
]
}

50
2020/8xxx/CVE-2020-8575.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8575",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-alert@netapp.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Active IQ Unified Manager for VMware vSphere and Windows 7.3 and above",
"version": {
"version_data": [
{
"version_value": "Versions prior to 9.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20200803-0002/",
"url": "https://security.netapp.com/advisory/ntap-20200803-0002/"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Active IQ Unified Manager for VMware vSphere and Windows versions prior to 9.5 are susceptible to a vulnerability which allows administrative users to cause Denial of Service (DoS)."
}
]
}