admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-03-12 22:01:10 +00:00
parent fbf59f2d8c
commit cb22b44503
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
16 changed files with 511 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2019/10xxx/CVE-2019-10129.json
View File

@ -53,6 +53,11 @@
"url": "https://www.postgresql.org/about/news/1939/",
"refsource": "MISC",
"name": "https://www.postgresql.org/about/news/1939/"
},
{
"refsource": "GENTOO",
"name": "GLSA-202003-03",
"url": "https://security.gentoo.org/glsa/202003-03"
}
]
},

5
2019/10xxx/CVE-2019-10130.json
View File

@ -62,6 +62,11 @@
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10130",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10130",
"refsource": "CONFIRM"
},
{
"refsource": "GENTOO",
"name": "GLSA-202003-03",
"url": "https://security.gentoo.org/glsa/202003-03"
}
]
},

5
2019/10xxx/CVE-2019-10164.json
View File

@ -71,6 +71,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-e43f49b428",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TTKEHXGDXYYD6WYDIIQJP4GDQJSENDJK/"
},
{
"refsource": "GENTOO",
"name": "GLSA-202003-03",
"url": "https://security.gentoo.org/glsa/202003-03"
}
]
},

61
2019/12xxx/CVE-2019-12278.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-12278",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-12278",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Opera through 53 on Android allows Address Bar Spoofing. Characters from several languages are displayed in Right-to-Left order, due to mishandling of several Unicode characters. The rendering mechanism, in conjunction with the \"first strong character\" concept, may improperly operate on a numerical IP address or an alphabetic string, leading to a spoofed URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://help.opera.com/en/latest/security-and-privacy/",
"refsource": "MISC",
"name": "https://help.opera.com/en/latest/security-and-privacy/"
},
{
"refsource": "MISC",
"name": "https://medium.com/bugbountywriteup/opera-android-address-bar-spoofing-cve-2019-12278-9ffcfd6c508c",
"url": "https://medium.com/bugbountywriteup/opera-android-address-bar-spoofing-cve-2019-12278-9ffcfd6c508c"
}
]
}

68
2019/16xxx/CVE-2019-16156.json Normal file
View File

@ -0,0 +1,68 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-16156",
"ASSIGNER": "psirt@fortinet.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Fortinet",
"product": {
"product_data": [
{
"product_name": "Fortinet FortiWeb",
"version": {
"version_data": [
{
"version_value": "6.0.5"
},
{
"version_value": "6.2.0"
},
{
"version_value": "6.1.1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Execute unauthorized code or commands"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://fortiguard.com/advisory/FG-IR-19-265",
"url": "https://fortiguard.com/advisory/FG-IR-19-265"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Improper Neutralization of Input vulnerability in the Anomaly Detection Parameter Name in Fortinet FortiWeb 6.0.5, 6.2.0, and 6.1.1 may allow a remote unauthenticated attacker to perform a Cross Site Scripting attack (XSS)."
}
]
}
}

62
2019/17xxx/CVE-2019-17658.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-17658",
"ASSIGNER": "psirt@fortinet.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Fortinet",
"product": {
"product_data": [
{
"product_name": "Fortinet FortiClientWindows",
"version": {
"version_data": [
{
"version_value": "6.2.2 and prior"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://fortiguard.com/advisory/FG-IR-19-281",
"url": "https://fortiguard.com/advisory/FG-IR-19-281"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "An unquoted service path vulnerability in the FortiClient FortiTray component of FortiClientWindows v6.2.2 and prior allow an attacker to gain elevated privileges via the FortiClientConsole executable service path."
}
]
}
}

62
2020/0xxx/CVE-2020-0550.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0550",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Intel",
"product": {
"product_data": [
{
"product_name": "Snoop Assisted L1D Sampling Advisory",
"version": {
"version_data": [
{
"version_value": "See advisory https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00330.html"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00330.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00330.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper data forwarding in some data cache for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. The list of affected products is provided in intel-sa-00330: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00330.html"
}
]
}
}

62
2020/0xxx/CVE-2020-0551.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0551",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Intel",
"product": {
"product_data": [
{
"product_name": "Intel(R) Processors Load Value Injection",
"version": {
"version_data": [
{
"version_value": "See advisory https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00334.html"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00334.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00334.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Load value injection in some Intel(R) Processors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. The list of affected products is provided in intel-sa-00334: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00334.html"
}
]
}
}

68
2020/0xxx/CVE-2020-0583.json Normal file
View File

@ -0,0 +1,68 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0583",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Intel",
"product": {
"product_data": [
{
"product_name": "Intel\u00ae Smart Sound Technology",
"version": {
"version_data": [
{
"version_value": "before 10th Generation Intel\u00ae Core\u2122 i7 Processors - version 3431"
},
{
"version_value": "before 8th Generation Intel\u00ae Core\u2122 Processors - version 3349"
},
{
"version_value": "See advisory https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00354.html"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00354.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00354.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper access control in the subsystem for Intel(R) Smart Sound Technology may allow an authenticated user to potentially enable escalation of privilege via local access. This affects Intel\u00ae Smart Sound Technology before versions: 10th Generation Intel\u00ae Core\u2122 i7 Processors, version 3431 and 8th Generation Intel\u00ae Core\u2122 Processors, version 3349."
}
]
}
}

5
2020/0xxx/CVE-2020-0618.json
View File

@ -112,6 +112,11 @@
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0618",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0618"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/156707/SQL-Server-Reporting-Services-SSRS-ViewState-Deserialization.html",
"url": "http://packetstormsecurity.com/files/156707/SQL-Server-Reporting-Services-SSRS-ViewState-Deserialization.html"
}
]
}

5
2020/10xxx/CVE-2020-10220.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/v1k1ngfr/exploits-rconfig/blob/master/rconfig_sqli.py",
"refsource": "MISC",
"name": "https://github.com/v1k1ngfr/exploits-rconfig/blob/master/rconfig_sqli.py"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/156688/rConfig-3.9-SQL-Injection.html",
"url": "http://packetstormsecurity.com/files/156688/rConfig-3.9-SQL-Injection.html"
}
]
}

5
2020/10xxx/CVE-2020-10221.json
View File

@ -61,6 +61,11 @@
"url": "https://github.com/EnginDemirbilek/EnginDemirbilek.github.io/blob/master/rconfig-3.93-rce.html",
"refsource": "MISC",
"name": "https://github.com/EnginDemirbilek/EnginDemirbilek.github.io/blob/master/rconfig-3.93-rce.html"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/156687/rConfig-3.93-Authenticated-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/156687/rConfig-3.93-Authenticated-Remote-Code-Execution.html"
}
]
}

50
2020/6xxx/CVE-2020-6643.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-6643",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@fortinet.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Fortinet",
"product": {
"product_data": [
{
"product_name": "Fortinet FortiIsolator",
"version": {
"version_data": [
{
"version_value": "1.2.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Execute unauthorized code or commands"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://fortiguard.com/advisory/FG-IR-19-270",
"url": "https://fortiguard.com/advisory/FG-IR-19-270"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An improper neutralization of input vulnerability in the URL Description in Fortinet FortiIsolator version 1.2.2 allows a remote authenticated attacker to perform a cross site scripting attack (XSS)."
}
]
}

50
2020/9xxx/CVE-2020-9064.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-9064",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Huawei",
"product": {
"product_data": [
{
"product_name": "Honor V30",
"version": {
"version_data": [
{
"version_value": "Versions earlier than OxfordS-AN00A 10.0.1.167(C00E166R4P1)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-202003116-01-smartphone-en",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-202003116-01-smartphone-en"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Huawei smartphone Honor V30 with versions earlier than OxfordS-AN00A 10.0.1.167(C00E166R4P1) have an improper authentication vulnerability. Authentication to target component is improper when device performs an operation. Attackers exploit this vulnerability to obtain some information by loading malicious application, leading to information leak."
}
]
}

5
2020/9xxx/CVE-2020-9371.json
View File

@ -71,6 +71,11 @@
"refsource": "MISC",
"name": "https://wpvulndb.com/vulnerabilities/10110",
"url": "https://wpvulndb.com/vulnerabilities/10110"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/156694/WordPress-Appointment-Booking-Calendar-1.3.34-CSV-Injection.html",
"url": "http://packetstormsecurity.com/files/156694/WordPress-Appointment-Booking-Calendar-1.3.34-CSV-Injection.html"
}
]
}

5
2020/9xxx/CVE-2020-9372.json
View File

@ -66,6 +66,11 @@
"refsource": "MISC",
"name": "https://www.hotdreamweaver.com/support/view.php?id=815925",
"url": "https://www.hotdreamweaver.com/support/view.php?id=815925"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/156694/WordPress-Appointment-Booking-Calendar-1.3.34-CSV-Injection.html",
"url": "http://packetstormsecurity.com/files/156694/WordPress-Appointment-Booking-Calendar-1.3.34-CSV-Injection.html"
}
]
}