admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-05-29 20:01:30 +00:00
parent 99bbcc9724
commit ce829afb10
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
18 changed files with 547 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2019/14xxx/CVE-2019-14868.json
View File

@ -58,6 +58,11 @@
"refsource": "CONFIRM",
"name": "https://support.apple.com/kb/HT211170",
"url": "https://support.apple.com/kb/HT211170"
},
{
"refsource": "FULLDISC",
"name": "20200529 APPLE-SA-2020-05-26-3 macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra",
"url": "http://seclists.org/fulldisclosure/2020/May/53"
}
]
},

15
2019/20xxx/CVE-2019-20044.json
View File

@ -111,6 +111,21 @@
"refsource": "FULLDISC",
"name": "20200529 APPLE-SA-2020-05-26-1 iOS 13.5 and iPadOS 13.5",
"url": "http://seclists.org/fulldisclosure/2020/May/49"
},
{
"refsource": "FULLDISC",
"name": "20200529 APPLE-SA-2020-05-26-5 watchOS 6.2.5",
"url": "http://seclists.org/fulldisclosure/2020/May/55"
},
{
"refsource": "FULLDISC",
"name": "20200529 APPLE-SA-2020-05-26-3 macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra",
"url": "http://seclists.org/fulldisclosure/2020/May/53"
},
{
"refsource": "FULLDISC",
"name": "20200529 APPLE-SA-2020-05-26-4 tvOS 13.4.5",
"url": "http://seclists.org/fulldisclosure/2020/May/59"
}
]
}

10
2019/20xxx/CVE-2019-20503.json
View File

@ -206,6 +206,16 @@
"refsource": "FULLDISC",
"name": "20200529 APPLE-SA-2020-05-26-7 Safari 13.1.1",
"url": "http://seclists.org/fulldisclosure/2020/May/52"
},
{
"refsource": "FULLDISC",
"name": "20200529 APPLE-SA-2020-05-26-5 watchOS 6.2.5",
"url": "http://seclists.org/fulldisclosure/2020/May/55"
},
{
"refsource": "FULLDISC",
"name": "20200529 APPLE-SA-2020-05-26-4 tvOS 13.4.5",
"url": "http://seclists.org/fulldisclosure/2020/May/59"
}
]
}

2
2020/11xxx/CVE-2020-11040.json
View File

@ -35,7 +35,7 @@
"description_data": [
{
"lang": "eng",
"value": "In FreeRDP less than or equal to 2.0.0, there is an out-of-bound data read from memory in clear_decompress_subcode_rlex, visualized on screen as color.\n\nThis has been patched in 2.1.0."
"value": "In FreeRDP less than or equal to 2.0.0, there is an out-of-bound data read from memory in clear_decompress_subcode_rlex, visualized on screen as color. This has been patched in 2.1.0."
}
]
},

2
2020/11xxx/CVE-2020-11043.json
View File

@ -35,7 +35,7 @@
"description_data": [
{
"lang": "eng",
"value": "In FreeRDP less than or equal to 2.0.0, there is an out-of-bounds read in rfx_process_message_tileset. Invalid data fed to RFX decoder results in garbage on screen (as colors).\n\nThis has been patched in 2.1.0."
"value": "In FreeRDP less than or equal to 2.0.0, there is an out-of-bounds read in rfx_process_message_tileset. Invalid data fed to RFX decoder results in garbage on screen (as colors). This has been patched in 2.1.0."
}
]
},

2
2020/11xxx/CVE-2020-11085.json
View File

@ -35,7 +35,7 @@
"description_data": [
{
"lang": "eng",
"value": "In FreeRDP before 2.1.0, there is an out-of-bounds read in cliprdr_read_format_list. Clipboard format data read (by client or server) might read data out-of-bounds. \n\nThis has been fixed in 2.1.0."
"value": "In FreeRDP before 2.1.0, there is an out-of-bounds read in cliprdr_read_format_list. Clipboard format data read (by client or server) might read data out-of-bounds. This has been fixed in 2.1.0."
}
]
},

2
2020/11xxx/CVE-2020-11086.json
View File

@ -35,7 +35,7 @@
"description_data": [
{
"lang": "eng",
"value": "In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_ntlm_v2_client_challenge that reads up to 28 bytes out-of-bound to an internal structure.\n\nThis has been fixed in 2.1.0."
"value": "In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_ntlm_v2_client_challenge that reads up to 28 bytes out-of-bound to an internal structure. This has been fixed in 2.1.0."
}
]
},

2
2020/11xxx/CVE-2020-11087.json
View File

@ -35,7 +35,7 @@
"description_data": [
{
"lang": "eng",
"value": "In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_AuthenticateMessage.\n\nThis has been fixed in 2.1.0."
"value": "In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_AuthenticateMessage. This has been fixed in 2.1.0."
}
]
},

18
2020/13xxx/CVE-2020-13700.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-13700",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

50
2020/1xxx/CVE-2020-1797.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-1797",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "HUAWEI",
"product": {
"product_data": [
{
"product_name": "HUAWEI Mate 20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.0.0.185(C00E74R3P8)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Authorization"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-03-smartphone-en",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-03-smartphone-en"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.185(C00E74R3P8) have an improper authorization vulnerability. The system does not properly restrict certain operation in ADB mode, successful exploit could allow certain user break the limit of digital balance function."
}
]
}

50
2020/1xxx/CVE-2020-1809.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-1809",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "HUAWEI",
"product": {
"product_data": [
{
"product_name": "HUAWEI Mate 10",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.0.0.143(C00E143R2P4)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-smartphone-en",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-smartphone-en"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "HUAWEI Mate 10 smartphones with versions earlier than 10.0.0.143(C00E143R2P4) have an information disclosure vulnerability. The attacker could wake up voice assistant then do a series of crafted voice operation, successful exploit could allow the attacker read certain files without unlock the phone leading to information disclosure."
}
]
}

53
2020/1xxx/CVE-2020-1832.json
View File

@ -4,14 +4,61 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-1832",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Huawei",
"product": {
"product_data": [
{
"product_name": "E6878-370",
"version": {
"version_data": [
{
"version_value": "10.0.3.1(H557SP27C233)"
},
{
"version_value": "10.0.3.1(H563SP1C00)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Stack Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-stack-en",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-stack-en"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "E6878-370 products with versions of 10.0.3.1(H557SP27C233) and 10.0.3.1(H563SP1C00) have a stack buffer overflow vulnerability. The program copies an input buffer to an output buffer without verification. An attacker in the adjacent network could send a crafted message, successful exploit could lead to stack buffer overflow which may cause malicious code execution."
}
]
}

50
2020/1xxx/CVE-2020-1833.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-1833",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Huawei",
"product": {
"product_data": [
{
"product_name": "Honor 9X",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.1.172(C00E170R8P1)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Authorization"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-05-smartphone-en",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-05-smartphone-en"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Honor 9X smartphones with versions earlier than 9.1.1.172(C00E170R8P1) have an improper authentication vulnerability. A logic error occurs when handling clock function, an attacker should do a series of crafted operations quickly before the phone is unlocked, successful exploit could allow the attacker to access clock information without unlock the phone."
}
]
}

69
2020/1xxx/CVE-2020-1870.json
View File

@ -4,14 +4,77 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-1870",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Huawei",
"product": {
"product_data": [
{
"product_name": "CloudEngine 12800",
"version": {
"version_data": [
{
"version_value": "V200R019C00"
},
{
"version_value": "V200R019C10SPC800"
},
{
"version_value": "V200R019C00SPC600"
},
{
"version_value": "V200R019C10"
}
]
}
},
{
"product_name": "CloudEngine 6800",
"version": {
"version_data": [
{
"version_value": "V200R019C00SPC800"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-dos-en",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-dos-en"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "CloudEngine 12800 products with versions of V200R019C00, V200R019C10SPC800, V200R019C00SPC600, V200R019C10; and CloudEngine 6800 products with versions of V200R019C00SPC800 have a denial of service vulnerability. Due to improper memory management, memory leakage may occur in some special cases. Attackers can perform a series of operations to exploit this vulnerability. Successful exploit may cause a denial of service."
}
]
}

30
2020/3xxx/CVE-2020-3878.json
View File

@ -137,6 +137,36 @@
"refsource": "FULLDISC",
"name": "20200529 APPLE-SA-2020-05-26-1 iOS 13.5 and iPadOS 13.5",
"url": "http://seclists.org/fulldisclosure/2020/May/49"
},
{
"refsource": "FULLDISC",
"name": "20200529 APPLE-SA-2020-05-26-5 watchOS 6.2.5",
"url": "http://seclists.org/fulldisclosure/2020/May/55"
},
{
"refsource": "FULLDISC",
"name": "20200529 APPLE-SA-2020-05-26-8 iTunes 12.10.7 for Windows",
"url": "http://seclists.org/fulldisclosure/2020/May/54"
},
{
"refsource": "FULLDISC",
"name": "20200529 APPLE-SA-2020-05-26-3 macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra",
"url": "http://seclists.org/fulldisclosure/2020/May/53"
},
{
"refsource": "FULLDISC",
"name": "20200529 APPLE-SA-2020-05-26-9 iCloud for Windows 11.2",
"url": "http://seclists.org/fulldisclosure/2020/May/56"
},
{
"refsource": "FULLDISC",
"name": "20200529 APPLE-SA-2020-05-26-10 iCloud for Windows 7.19",
"url": "http://seclists.org/fulldisclosure/2020/May/57"
},
{
"refsource": "FULLDISC",
"name": "20200529 APPLE-SA-2020-05-26-4 tvOS 13.4.5",
"url": "http://seclists.org/fulldisclosure/2020/May/59"
}
]
},

70
2020/3xxx/CVE-2020-3957.json
View File

@ -4,14 +4,78 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-3957",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@vmware.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "VMware",
"product": {
"product_data": [
{
"product_name": "VMware Fusion",
"version": {
"version_data": [
{
"version_value": "11.x before 11.5.5"
}
]
}
},
{
"product_name": "VMware Remote Console for Mac",
"version": {
"version_data": [
{
"version_value": "V11.x and prior"
}
]
}
},
{
"product_name": "VMware Horizon Client for Mac",
"version": {
"version_data": [
{
"version_value": "5.x and prior"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Local privilege escalation vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.vmware.com/security/advisories/VMSA-2020-0011.html",
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0011.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "VMware Fusion (11.x before 11.5.5), VMware Remote Console for Mac (11.x and prior) and VMware Horizon Client for Mac (5.x and prior) contain a local privilege escalation vulnerability due to a Time-of-check Time-of-use (TOCTOU) issue in the service opener. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to root on the system where Fusion, VMRC and Horizon Client are installed."
}
]
}

73
2020/3xxx/CVE-2020-3958.json
View File

@ -4,14 +4,81 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-3958",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@vmware.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "VMware",
"product": {
"product_data": [
{
"product_name": "VMware ESXi",
"version": {
"version_data": [
{
"version_value": "6.7 before ESXi670-202004101-SG"
},
{
"version_value": "6.5 before ESXi650-202005401-SG"
}
]
}
},
{
"product_name": "VMware Workstation",
"version": {
"version_data": [
{
"version_value": "15.x before 15.5.2"
}
]
}
},
{
"product_name": "VMware Fusion",
"version": {
"version_data": [
{
"version_value": "11.x before 11.5.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial-of-service vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.vmware.com/security/advisories/VMSA-2020-0011.html",
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0011.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "VMware ESXi (6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), VMware Workstation (15.x before 15.5.2) and VMware Fusion (11.x before 11.5.2) contain a denial-of-service vulnerability in the shader functionality. Successful exploitation of this issue may allow attackers with non-administrative access to a virtual machine to crash the virtual machine's vmx process leading to a denial of service condition."
}
]
}

73
2020/3xxx/CVE-2020-3959.json
View File

@ -4,14 +4,81 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-3959",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@vmware.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "VMware",
"product": {
"product_data": [
{
"product_name": "VMware ESXi",
"version": {
"version_data": [
{
"version_value": "6.7 before ESXi670-202004101-SG"
},
{
"version_value": "6.5 before ESXi650-202005401-SG"
}
]
}
},
{
"product_name": "VMware Workstation",
"version": {
"version_data": [
{
"version_value": "15.x before 15.1.0"
}
]
}
},
{
"product_name": "VMware Fusion",
"version": {
"version_data": [
{
"version_value": "11.x before 11.1.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial-of-service vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.vmware.com/security/advisories/VMSA-2020-0011.html",
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0011.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "VMware ESXi (6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), VMware Workstation (15.x before 15.1.0) and VMware Fusion (11.x before 11.1.0) contain a memory leak vulnerability in the VMCI module. A malicious actor with local non-administrative access to a virtual machine may be able to crash the virtual machine's vmx process leading to a partial denial of service."
}
]
}