admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-01-31 20:01:21 +00:00
parent 321a307730
commit d376001e57
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
8 changed files with 416 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

63
2016/2xxx/CVE-2016-2031.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-2031",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,43 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Multiple vulnerabilities exists in Aruba Instate before 4.1.3.0 and 4.2.3.1 due to insufficient validation of user-supplied input and insufficient checking of parameters, which could allow a malicious user to bypass security restrictions, obtain sensitive information, perform unauthorized actions and execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://packetstormsecurity.com/files/136997/Aruba-Authentication-Bypass-Insecure-Transport-Tons-Of-Issues.html",
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/136997/Aruba-Authentication-Bypass-Insecure-Transport-Tons-Of-Issues.html"
},
{
"url": "http://seclists.org/fulldisclosure/2016/May/19",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2016/May/19"
},
{
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2016-004.txt",
"refsource": "MISC",
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2016-004.txt"
},
{
"refsource": "MISC",
"name": "https://www.securityfocus.com/bid/90207",
"url": "https://www.securityfocus.com/bid/90207"
}
]
}

63
2016/2xxx/CVE-2016-2032.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-2032",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,43 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability exists in the Aruba AirWave Management Platform 8.x prior to 8.2 in the management interface of an underlying system component called RabbitMQ, which could let a malicious user obtain sensitive information. This interface listens on TCP port 15672 and 55672"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://packetstormsecurity.com/files/136997/Aruba-Authentication-Bypass-Insecure-Transport-Tons-Of-Issues.html",
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/136997/Aruba-Authentication-Bypass-Insecure-Transport-Tons-Of-Issues.html"
},
{
"url": "http://seclists.org/fulldisclosure/2016/May/19",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2016/May/19"
},
{
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2016-005.txt",
"refsource": "MISC",
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2016-005.txt"
},
{
"refsource": "MISC",
"name": "https://www.google.com/about/appsecurity/research/",
"url": "https://www.google.com/about/appsecurity/research/"
}
]
}

67
2019/12xxx/CVE-2019-12998.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-12998",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "c-lightning before 0.7.1 allows attackers to trigger loss of funds because of Incorrect Access Control. NOTE: README.md states \"It can be used for testing, but it should not be used for real funds.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/ElementsProject/lightning/commits/master",
"refsource": "MISC",
"name": "https://github.com/ElementsProject/lightning/commits/master"
},
{
"refsource": "CONFIRM",
"name": "https://lists.linuxfoundation.org/pipermail/lightning-dev/2019-September/002174.html",
"url": "https://lists.linuxfoundation.org/pipermail/lightning-dev/2019-September/002174.html"
}
]
}
}

72
2019/12xxx/CVE-2019-12999.json Normal file
View File

@ -0,0 +1,72 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-12999",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Lightning Network Daemon (lnd) before 0.7 allows attackers to trigger loss of funds because of Incorrect Access Control."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/lightningnetwork/lnd/commits/master",
"refsource": "MISC",
"name": "https://github.com/lightningnetwork/lnd/commits/master"
},
{
"url": "https://github.com/lightningnetwork/lnd/releases/tag/v0.7.0-beta",
"refsource": "MISC",
"name": "https://github.com/lightningnetwork/lnd/releases/tag/v0.7.0-beta"
},
{
"refsource": "CONFIRM",
"name": "https://lists.linuxfoundation.org/pipermail/lightning-dev/2019-September/002174.html",
"url": "https://lists.linuxfoundation.org/pipermail/lightning-dev/2019-September/002174.html"
}
]
}
}

72
2019/13xxx/CVE-2019-13000.json Normal file
View File

@ -0,0 +1,72 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-13000",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Eclair through 0.3 allows attackers to trigger loss of funds because of Incorrect Access Control. NOTE: README.md states \"it is beta-quality software and don't put too much money in it.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/ACINQ/eclair/commits/master",
"refsource": "MISC",
"name": "https://github.com/ACINQ/eclair/commits/master"
},
{
"url": "https://github.com/ACINQ/eclair/releases",
"refsource": "MISC",
"name": "https://github.com/ACINQ/eclair/releases"
},
{
"refsource": "CONFIRM",
"name": "https://lists.linuxfoundation.org/pipermail/lightning-dev/2019-September/002174.html",
"url": "https://lists.linuxfoundation.org/pipermail/lightning-dev/2019-September/002174.html"
}
]
}
}

5
2019/3xxx/CVE-2019-3016.json
View File

@ -66,13 +66,14 @@
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1792167",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1792167",
"refsource": "CONFIRM"
} ]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. This problem is limit to the host running linux kernel 4.10 with a guest running linux kernel 4.16 or later. The problem mainly affects AMD processors but Intel CPUs cannot be ruled out."
"value": "In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. This problem is limit to the host running linux kernel 4.10 with a guest running linux kernel 4.16 or later. The problem mainly affects AMD processors but Intel CPUs cannot be ruled out."
}
]
},

18
2020/8xxx/CVE-2020-8502.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8502",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

62
2020/8xxx/CVE-2020-8503.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-8503",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Biscom Secure File Transfer (SFT) 5.0.1050 through 5.1.1067 and 6.0.1000 through 6.0.1003 allows Insecure Direct Object Reference (IDOR) by an authenticated sender because of an error in a file-upload feature. This is fixed in 5.1.1068 and 6.0.1004."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://cve.biscom.com/bis-sft-cv-0008",
"refsource": "MISC",
"name": "https://cve.biscom.com/bis-sft-cv-0008"
}
]
}
}