admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 10:41:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-01-31 16:01:22 +00:00
parent 54b380a7e3
commit c7194b19f5
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
7 changed files with 346 additions and 108 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

67
2014/4xxx/CVE-2014-4859.json
View File

@ -1,8 +1,8 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-4859",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,68 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Integer overflow in the Drive Execution Environment (DXE) phase in the Capsule Update feature in the UEFI implementation in EDK2 allows physically proximate attackers to bypass intended access restrictions via crafted data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Integer Overflow"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Phoenix Technologies Ltd.",
"product": {
"product_data": [
{
"product_name": "SCT3",
"version": {
"version_data": [
{
"version_value": "before 5/23/2014"
}
]
}
}
]
}
},
{
"vendor_name": "American Megatrends Incorporated (AMI)",
"product": {
"product_data": [
{
"product_name": "BIOS",
"version": {
"version_data": [
{
"version_value": "unknown"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://www.kb.cert.org/vuls/id/552286",
"url": "http://www.kb.cert.org/vuls/id/552286"
}
]
}

67
2014/4xxx/CVE-2014-4860.json
View File

@ -1,8 +1,8 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-4860",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,68 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Multiple integer overflows in the Pre-EFI Initialization (PEI) boot phase in the Capsule Update feature in the UEFI implementation in EDK2 allow physically proximate attackers to bypass intended access restrictions by providing crafted data that is not properly handled during the coalescing phase."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Phoenix Technologies Ltd.",
"product": {
"product_data": [
{
"product_name": "SCT3",
"version": {
"version_data": [
{
"version_value": "before 5/23/2014"
}
]
}
}
]
}
},
{
"vendor_name": "American Megatrends Incorporated (AMI)",
"product": {
"product_data": [
{
"product_name": "BIOS",
"version": {
"version_data": [
{
"version_value": "unknown"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://www.kb.cert.org/vuls/id/552286",
"url": "http://www.kb.cert.org/vuls/id/552286"
}
]
}

5
2019/18xxx/CVE-2019-18634.json
View File

@ -76,6 +76,11 @@
"refsource": "MLIST",
"name": "[oss-security] 20200130 CVE-2019-18634: buffer overflow in sudo when pwfeedback is enabled",
"url": "http://www.openwall.com/lists/oss-security/2020/01/30/6"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200131 Re: CVE-2019-18634: buffer overflow in sudo when pwfeedback is enabled",
"url": "http://www.openwall.com/lists/oss-security/2020/01/31/1"
}
]
}

30
2019/19xxx/CVE-2019-19232.json
View File

@ -66,6 +66,36 @@
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200103-0004/",
"url": "https://security.netapp.com/advisory/ntap-20200103-0004/"
},
{
"refsource": "MISC",
"name": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58812",
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58812"
},
{
"refsource": "MISC",
"name": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58979",
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58979"
},
{
"refsource": "MISC",
"name": "https://www.bsi.bund.de/SharedDocs/Warnmeldungen/DE/CB/2019/12/warnmeldung_cb-k20-0001.html",
"url": "https://www.bsi.bund.de/SharedDocs/Warnmeldungen/DE/CB/2019/12/warnmeldung_cb-k20-0001.html"
},
{
"refsource": "MISC",
"name": "https://support2.windriver.com/index.php?page=defects&on=view&id=LIN1018-5506",
"url": "https://support2.windriver.com/index.php?page=defects&on=view&id=LIN1018-5506"
},
{
"refsource": "MISC",
"name": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58103",
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58103"
},
{
"refsource": "CONFIRM",
"name": "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-19232",
"url": "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-19232"
}
]
}

192
2019/4xxx/CVE-2019-4720.json
View File

@ -1,99 +1,99 @@
{
"CVE_data_meta" : {
"ID" : "CVE-2019-4720",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2020-01-30T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com"
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Denial of Service",
"lang" : "eng"
}
]
}
]
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume all available memory. IBM X-Force ID: 172125."
}
]
},
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
},
"BM" : {
"AC" : "L",
"C" : "N",
"I" : "N",
"PR" : "N",
"A" : "H",
"SCORE" : "7.500",
"AV" : "N",
"UI" : "N",
"S" : "U"
}
}
},
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/1285372",
"url" : "https://www.ibm.com/support/pages/node/1285372",
"title" : "IBM Security Bulletin 1285372 (WebSphere Application Server)"
},
{
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/172125",
"name" : "ibm-websphere-cve20194720-dos (172125)"
}
]
},
"data_format" : "MITRE",
"affects" : {
"vendor" : {
"vendor_data" : [
"CVE_data_meta": {
"ID": "CVE-2019-4720",
"STATE": "PUBLIC",
"DATE_PUBLIC": "2020-01-30T00:00:00",
"ASSIGNER": "psirt@us.ibm.com"
},
"problemtype": {
"problemtype_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "7.0"
},
{
"version_value" : "8.0"
},
{
"version_value" : "8.5"
},
{
"version_value" : "9.0"
}
]
},
"product_name" : "WebSphere Application Server"
}
]
}
"description": [
{
"value": "Denial of Service",
"lang": "eng"
}
]
}
]
}
},
"data_version" : "4.0"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume all available memory. IBM X-Force ID: 172125."
}
]
},
"data_type": "CVE",
"impact": {
"cvssv3": {
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
},
"BM": {
"AC": "L",
"C": "N",
"I": "N",
"PR": "N",
"A": "H",
"SCORE": "7.500",
"AV": "N",
"UI": "N",
"S": "U"
}
}
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/pages/node/1285372",
"url": "https://www.ibm.com/support/pages/node/1285372",
"title": "IBM Security Bulletin 1285372 (WebSphere Application Server)"
},
{
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/172125",
"name": "ibm-websphere-cve20194720-dos (172125)"
}
]
},
"data_format": "MITRE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "7.0"
},
{
"version_value": "8.0"
},
{
"version_value": "8.5"
},
{
"version_value": "9.0"
}
]
},
"product_name": "WebSphere Application Server"
}
]
}
}
]
}
},
"data_version": "4.0"
}

75
2020/8xxx/CVE-2020-8422.json
View File

@ -1,18 +1,81 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8422",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-8422",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An authorization issue was discovered in the Credential Manager feature in Zoho ManageEngine Remote Access Plus before 10.0.450. A user with the Guest role can extract the collection of all defined credentials of remote machines: the credential name, credential type, user name, domain/workgroup name, and description (but not the password)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://excellium-services.com/cert-xlm-advisory/CVE-2020-8422",
"refsource": "MISC",
"name": "https://excellium-services.com/cert-xlm-advisory/CVE-2020-8422"
},
{
"refsource": "MISC",
"name": "https://excellium-services.com/cert-xlm-advisory/cve-2020-8422/",
"url": "https://excellium-services.com/cert-xlm-advisory/cve-2020-8422/"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:N/A:N/C:L/I:N/PR:L/S:U/UI:N",
"version": "3.0"
}
}
}

18
2020/8xxx/CVE-2020-8501.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8501",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}