admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-10-20 22:01:54 +00:00
parent 0a26c30bad
commit d7408218fc
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
87 changed files with 1553 additions and 532 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2010/1xxx/CVE-2010-1870.json
View File

@ -106,6 +106,11 @@
"refsource": "FULLDISC", "refsource": "FULLDISC",
"name": "20201020 LISTSERV Maestro Remote Code Execution Vulnerability", "name": "20201020 LISTSERV Maestro Remote Code Execution Vulnerability",
"url": "http://seclists.org/fulldisclosure/2020/Oct/23" "url": "http://seclists.org/fulldisclosure/2020/Oct/23"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/159643/LISTSERV-Maestro-9.0-8-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/159643/LISTSERV-Maestro-9.0-8-Remote-Code-Execution.html"
} }
] ]
} }

5
2013/2xxx/CVE-2013-2251.json
View File

@ -126,6 +126,11 @@
"name": "[oss-security] 20140114 Re: CVE Request: Apache Archiva Remote Command Execution 0day", "name": "[oss-security] 20140114 Re: CVE Request: Apache Archiva Remote Command Execution 0day",
"refsource": "MLIST", "refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2014/q1/89" "url": "http://seclists.org/oss-sec/2014/q1/89"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/159629/Apache-Struts-2-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/159629/Apache-Struts-2-Remote-Code-Execution.html"
} }
] ]
} }

24
2013/7xxx/CVE-2013-7285.json
View File

@ -67,16 +67,6 @@
"name": "[xstream-user] 20130718 Re: Is it possible to unregister the DynamicProxyConverter using the SpringOXM wrapper", "name": "[xstream-user] 20130718 Re: Is it possible to unregister the DynamicProxyConverter using the SpringOXM wrapper",
"url": "https://www.mail-archive.com/user@xstream.codehaus.org/msg00607.html" "url": "https://www.mail-archive.com/user@xstream.codehaus.org/msg00607.html"
}, },
{
"refsource": "MISC",
"name": "http://blog.diniscruz.com/2013/12/xstream-remote-code-execution-exploit.html",
"url": "http://blog.diniscruz.com/2013/12/xstream-remote-code-execution-exploit.html"
},
{
"refsource": "CONFIRM",
"name": "https://x-stream.github.io/CVE-2013-7285.html",
"url": "https://x-stream.github.io/CVE-2013-7285.html"
},
{ {
"refsource": "MLIST", "refsource": "MLIST",
"name": "[activemq-issues] 20190718 [jira] [Updated] (AMQ-7236) SEV-1 Security vulnerability in spring-expression-4.3.11.RELEASE.jar (spring framework) and xstream-1.4.10.jar", "name": "[activemq-issues] 20190718 [jira] [Updated] (AMQ-7236) SEV-1 Security vulnerability in spring-expression-4.3.11.RELEASE.jar (spring framework) and xstream-1.4.10.jar",
@ -88,7 +78,19 @@
"url": "https://lists.apache.org/thread.html/6d3d34adcf3dfc48e36342aa1f18ce3c20bb8e4c458a97508d5bfed1@%3Cissues.activemq.apache.org%3E" "url": "https://lists.apache.org/thread.html/6d3d34adcf3dfc48e36342aa1f18ce3c20bb8e4c458a97508d5bfed1@%3Cissues.activemq.apache.org%3E"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "refsource": "MISC",
"name": "http://blog.diniscruz.com/2013/12/xstream-remote-code-execution-exploit.html",
"url": "http://blog.diniscruz.com/2013/12/xstream-remote-code-execution-exploit.html"
},
{
"refsource": "CONFIRM",
"name": "https://x-stream.github.io/CVE-2013-7285.html",
"url": "https://x-stream.github.io/CVE-2013-7285.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
} }

54
2015/1xxx/CVE-2015-1832.json
View File

@ -52,41 +52,16 @@
}, },
"references": { "references": {
"reference_data": [ "reference_data": [
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource": "CONFIRM",
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"name": "https://issues.apache.org/jira/browse/DERBY-6807",
"refsource": "CONFIRM",
"url": "https://issues.apache.org/jira/browse/DERBY-6807"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21990100",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21990100"
},
{ {
"name": "93132", "name": "93132",
"refsource": "BID", "refsource": "BID",
"url": "http://www.securityfocus.com/bid/93132" "url": "http://www.securityfocus.com/bid/93132"
}, },
{
"name": "https://svn.apache.org/viewvc?view=revision&revision=1691461",
"refsource": "CONFIRM",
"url": "https://svn.apache.org/viewvc?view=revision&revision=1691461"
},
{ {
"refsource": "MLIST", "refsource": "MLIST",
"name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report", "name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report",
"url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E" "url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E"
}, },
{
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
"refsource": "MISC",
"name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{ {
"refsource": "MLIST", "refsource": "MLIST",
"name": "[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities", "name": "[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities",
@ -113,7 +88,34 @@
"name": "https://www.oracle.com/security-alerts/cpuapr2020.html" "name": "https://www.oracle.com/security-alerts/cpuapr2020.html"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource": "CONFIRM",
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
"refsource": "MISC",
"name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"name": "https://issues.apache.org/jira/browse/DERBY-6807",
"refsource": "CONFIRM",
"url": "https://issues.apache.org/jira/browse/DERBY-6807"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21990100",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21990100"
},
{
"name": "https://svn.apache.org/viewvc?view=revision&revision=1691461",
"refsource": "CONFIRM",
"url": "https://svn.apache.org/viewvc?view=revision&revision=1691461"
} }
] ]
} }

5
2017/11xxx/CVE-2017-11317.json
View File

@ -66,6 +66,11 @@
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0006", "name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0006",
"refsource": "CONFIRM", "refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0006" "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0006"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/159653/Telerik-UI-ASP.NET-AJAX-RadAsyncUpload-Deserialization.html",
"url": "http://packetstormsecurity.com/files/159653/Telerik-UI-ASP.NET-AJAX-RadAsyncUpload-Deserialization.html"
} }
] ]
} }

5
2019/10xxx/CVE-2019-10692.json
View File

@ -66,6 +66,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "http://www.rapid7.com/db/modules/auxiliary/admin/http/wp_google_maps_sqli", "name": "http://www.rapid7.com/db/modules/auxiliary/admin/http/wp_google_maps_sqli",
"url": "http://www.rapid7.com/db/modules/auxiliary/admin/http/wp_google_maps_sqli" "url": "http://www.rapid7.com/db/modules/auxiliary/admin/http/wp_google_maps_sqli"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/159640/WordPress-Rest-Google-Maps-SQL-Injection.html",
"url": "http://packetstormsecurity.com/files/159640/WordPress-Rest-Google-Maps-SQL-Injection.html"
} }
] ]
} }

5
2019/18xxx/CVE-2019-18935.json
View File

@ -91,6 +91,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://www.telerik.com/support/whats-new/aspnet-ajax/release-history/ui-for-asp-net-ajax-r1-2020-(version-2020-1-114)", "name": "https://www.telerik.com/support/whats-new/aspnet-ajax/release-history/ui-for-asp-net-ajax-r1-2020-(version-2020-1-114)",
"url": "https://www.telerik.com/support/whats-new/aspnet-ajax/release-history/ui-for-asp-net-ajax-r1-2020-(version-2020-1-114)" "url": "https://www.telerik.com/support/whats-new/aspnet-ajax/release-history/ui-for-asp-net-ajax-r1-2020-(version-2020-1-114)"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/159653/Telerik-UI-ASP.NET-AJAX-RadAsyncUpload-Deserialization.html",
"url": "http://packetstormsecurity.com/files/159653/Telerik-UI-ASP.NET-AJAX-RadAsyncUpload-Deserialization.html"
} }
] ]
} }

4
2020/11xxx/CVE-2020-11022.json
View File

@ -155,7 +155,9 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/" "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
}, },

4
2020/11xxx/CVE-2020-11023.json
View File

@ -235,7 +235,9 @@
"url": "https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679@%3Ccommits.nifi.apache.org%3E" "url": "https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679@%3Ccommits.nifi.apache.org%3E"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
}, },

4
2020/11xxx/CVE-2020-11080.json
View File

@ -105,7 +105,9 @@
"url": "https://github.com/nghttp2/nghttp2/commit/f8da73bd042f810f34d19f9eae02b46d870af394" "url": "https://github.com/nghttp2/nghttp2/commit/f8da73bd042f810f34d19f9eae02b46d870af394"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
}, },

4
2020/11xxx/CVE-2020-11111.json
View File

@ -78,7 +78,9 @@
"name": "https://github.com/FasterXML/jackson-databind/issues/2664" "name": "https://github.com/FasterXML/jackson-databind/issues/2664"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
} }

4
2020/11xxx/CVE-2020-11112.json
View File

@ -78,7 +78,9 @@
"name": "https://github.com/FasterXML/jackson-databind/issues/2666" "name": "https://github.com/FasterXML/jackson-databind/issues/2666"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
} }

4
2020/11xxx/CVE-2020-11113.json
View File

@ -78,7 +78,9 @@
"name": "https://github.com/FasterXML/jackson-databind/issues/2670" "name": "https://github.com/FasterXML/jackson-databind/issues/2670"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
} }

4
2020/11xxx/CVE-2020-11619.json
View File

@ -83,7 +83,9 @@
"url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E" "url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
} }

4
2020/11xxx/CVE-2020-11620.json
View File

@ -83,7 +83,9 @@
"url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E" "url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
} }

4
2020/11xxx/CVE-2020-11655.json
View File

@ -98,7 +98,9 @@
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html" "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
} }

4
2020/11xxx/CVE-2020-11656.json
View File

@ -83,7 +83,9 @@
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:22.sqlite.asc" "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:22.sqlite.asc"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
} }

14
2020/11xxx/CVE-2020-11971.json
View File

@ -44,11 +44,6 @@
}, },
"references": { "references": {
"reference_data": [ "reference_data": [
{
"refsource": "MISC",
"name": "https://camel.apache.org/security/CVE-2020-11971.html",
"url": "https://camel.apache.org/security/CVE-2020-11971.html"
},
{ {
"refsource": "MLIST", "refsource": "MLIST",
"name": "[oss-security] 20200514 [SECURITY] New security advisory CVE-2020-11971 released for Apache Camel", "name": "[oss-security] 20200514 [SECURITY] New security advisory CVE-2020-11971 released for Apache Camel",
@ -85,7 +80,14 @@
"url": "https://lists.apache.org/thread.html/r8988311eb2481fd8a87e69cf17ffb8dc81bfeba5503021537f72db0a@%3Cissues.activemq.apache.org%3E" "url": "https://lists.apache.org/thread.html/r8988311eb2481fd8a87e69cf17ffb8dc81bfeba5503021537f72db0a@%3Cissues.activemq.apache.org%3E"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"refsource": "MISC",
"name": "https://camel.apache.org/security/CVE-2020-11971.html",
"url": "https://camel.apache.org/security/CVE-2020-11971.html"
} }
] ]
}, },

14
2020/11xxx/CVE-2020-11972.json
View File

@ -44,11 +44,6 @@
}, },
"references": { "references": {
"reference_data": [ "reference_data": [
{
"refsource": "MISC",
"name": "https://camel.apache.org/security/CVE-2020-11972.html",
"url": "https://camel.apache.org/security/CVE-2020-11972.html"
},
{ {
"refsource": "MLIST", "refsource": "MLIST",
"name": "[oss-security] 20200514 [SECURITY] New security advisory CVE-2020-11972 released for Apache Camel", "name": "[oss-security] 20200514 [SECURITY] New security advisory CVE-2020-11972 released for Apache Camel",
@ -60,7 +55,14 @@
"url": "http://www.openwall.com/lists/oss-security/2020/05/14/10" "url": "http://www.openwall.com/lists/oss-security/2020/05/14/10"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"refsource": "MISC",
"name": "https://camel.apache.org/security/CVE-2020-11972.html",
"url": "https://camel.apache.org/security/CVE-2020-11972.html"
} }
] ]
}, },

14
2020/11xxx/CVE-2020-11973.json
View File

@ -44,18 +44,20 @@
}, },
"references": { "references": {
"reference_data": [ "reference_data": [
{
"refsource": "MISC",
"name": "https://camel.apache.org/security/CVE-2020-11973.html",
"url": "https://camel.apache.org/security/CVE-2020-11973.html"
},
{ {
"refsource": "MLIST", "refsource": "MLIST",
"name": "[oss-security] 20200514 [SECURITY] New security advisory CVE-2020-11973 released for Apache Camel", "name": "[oss-security] 20200514 [SECURITY] New security advisory CVE-2020-11973 released for Apache Camel",
"url": "http://www.openwall.com/lists/oss-security/2020/05/14/9" "url": "http://www.openwall.com/lists/oss-security/2020/05/14/9"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"refsource": "MISC",
"name": "https://camel.apache.org/security/CVE-2020-11973.html",
"url": "https://camel.apache.org/security/CVE-2020-11973.html"
} }
] ]
}, },

24
2020/11xxx/CVE-2020-11984.json
View File

@ -89,11 +89,6 @@
"name": "[httpd-dev] 20200811 Re: Which version fixed the CVE-2020-9490, CVE-2020-11984 and CVE-2020-11993 vulnerabilities?", "name": "[httpd-dev] 20200811 Re: Which version fixed the CVE-2020-9490, CVE-2020-11984 and CVE-2020-11993 vulnerabilities?",
"url": "https://lists.apache.org/thread.html/r623de9b2b2433a87f3f3a15900419fc9c00c77b26936dfea4060f672@%3Cdev.httpd.apache.org%3E" "url": "https://lists.apache.org/thread.html/r623de9b2b2433a87f3f3a15900419fc9c00c77b26936dfea4060f672@%3Cdev.httpd.apache.org%3E"
}, },
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200814-0005/",
"url": "https://security.netapp.com/advisory/ntap-20200814-0005/"
},
{ {
"refsource": "MLIST", "refsource": "MLIST",
"name": "[oss-security] 20200817 Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow", "name": "[oss-security] 20200817 Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow",
@ -114,11 +109,6 @@
"name": "openSUSE-SU-2020:1293", "name": "openSUSE-SU-2020:1293",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00071.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00071.html"
}, },
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/159009/Apache2-mod_proxy_uwsgi-Incorrect-Request-Handling.html",
"url": "http://packetstormsecurity.com/files/159009/Apache2-mod_proxy_uwsgi-Incorrect-Request-Handling.html"
},
{ {
"refsource": "FEDORA", "refsource": "FEDORA",
"name": "FEDORA-2020-189a1e6c3e", "name": "FEDORA-2020-189a1e6c3e",
@ -140,7 +130,19 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/" "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200814-0005/",
"url": "https://security.netapp.com/advisory/ntap-20200814-0005/"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/159009/Apache2-mod_proxy_uwsgi-Incorrect-Request-Handling.html",
"url": "http://packetstormsecurity.com/files/159009/Apache2-mod_proxy_uwsgi-Incorrect-Request-Handling.html"
} }
] ]
}, },

14
2020/11xxx/CVE-2020-11993.json
View File

@ -69,11 +69,6 @@
"name": "[httpd-dev] 20200811 Re: Which version fixed the CVE-2020-9490, CVE-2020-11984 and CVE-2020-11993 vulnerabilities?", "name": "[httpd-dev] 20200811 Re: Which version fixed the CVE-2020-9490, CVE-2020-11984 and CVE-2020-11993 vulnerabilities?",
"url": "https://lists.apache.org/thread.html/r623de9b2b2433a87f3f3a15900419fc9c00c77b26936dfea4060f672@%3Cdev.httpd.apache.org%3E" "url": "https://lists.apache.org/thread.html/r623de9b2b2433a87f3f3a15900419fc9c00c77b26936dfea4060f672@%3Cdev.httpd.apache.org%3E"
}, },
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200814-0005/",
"url": "https://security.netapp.com/advisory/ntap-20200814-0005/"
},
{ {
"refsource": "UBUNTU", "refsource": "UBUNTU",
"name": "USN-4458-1", "name": "USN-4458-1",
@ -105,7 +100,14 @@
"url": "https://www.debian.org/security/2020/dsa-4757" "url": "https://www.debian.org/security/2020/dsa-4757"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200814-0005/",
"url": "https://security.netapp.com/advisory/ntap-20200814-0005/"
} }
] ]
}, },

14
2020/11xxx/CVE-2020-11996.json
View File

@ -120,11 +120,6 @@
"name": "[ofbiz-notifications] 20200703 [jira] [Commented] (OFBIZ-11848) Upgrade Tomcat from 9.0.34 to 9.0.36 (CVE-2020-11996)", "name": "[ofbiz-notifications] 20200703 [jira] [Commented] (OFBIZ-11848) Upgrade Tomcat from 9.0.34 to 9.0.36 (CVE-2020-11996)",
"url": "https://lists.apache.org/thread.html/r3ea96d8f36dd404acce83df8aeb22a9e807d6c13ca9c5dec72f872cd@%3Cnotifications.ofbiz.apache.org%3E" "url": "https://lists.apache.org/thread.html/r3ea96d8f36dd404acce83df8aeb22a9e807d6c13ca9c5dec72f872cd@%3Cnotifications.ofbiz.apache.org%3E"
}, },
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200709-0002/",
"url": "https://security.netapp.com/advisory/ntap-20200709-0002/"
},
{ {
"refsource": "MLIST", "refsource": "MLIST",
"name": "[debian-lts-announce] 20200712 [SECURITY] [DLA 2279-1] tomcat8 security update", "name": "[debian-lts-announce] 20200712 [SECURITY] [DLA 2279-1] tomcat8 security update",
@ -151,7 +146,14 @@
"url": "https://lists.apache.org/thread.html/r2529016c311ce9485e6f173446d469600fdfbb94dccadfcd9dfdac79@%3Cusers.tomcat.apache.org%3E" "url": "https://lists.apache.org/thread.html/r2529016c311ce9485e6f173446d469600fdfbb94dccadfcd9dfdac79@%3Cusers.tomcat.apache.org%3E"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200709-0002/",
"url": "https://security.netapp.com/advisory/ntap-20200709-0002/"
} }
] ]
}, },

48
2020/12xxx/CVE-2020-12243.json
View File

@ -52,21 +52,6 @@
}, },
"references": { "references": {
"reference_data": [ "reference_data": [
{
"url": "https://bugs.openldap.org/show_bug.cgi?id=9202",
"refsource": "MISC",
"name": "https://bugs.openldap.org/show_bug.cgi?id=9202"
},
{
"refsource": "CONFIRM",
"name": "https://git.openldap.org/openldap/openldap/-/blob/OPENLDAP_REL_ENG_2_4/CHANGES",
"url": "https://git.openldap.org/openldap/openldap/-/blob/OPENLDAP_REL_ENG_2_4/CHANGES"
},
{
"refsource": "CONFIRM",
"name": "https://git.openldap.org/openldap/openldap/-/commit/98464c11df8247d6a11b52e294ba5dd4f0380440",
"url": "https://git.openldap.org/openldap/openldap/-/commit/98464c11df8247d6a11b52e294ba5dd4f0380440"
},
{ {
"refsource": "DEBIAN", "refsource": "DEBIAN",
"name": "DSA-4666", "name": "DSA-4666",
@ -82,11 +67,6 @@
"name": "USN-4352-2", "name": "USN-4352-2",
"url": "https://usn.ubuntu.com/4352-2/" "url": "https://usn.ubuntu.com/4352-2/"
}, },
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200511-0003/",
"url": "https://security.netapp.com/advisory/ntap-20200511-0003/"
},
{ {
"refsource": "SUSE", "refsource": "SUSE",
"name": "openSUSE-SU-2020:0647", "name": "openSUSE-SU-2020:0647",
@ -97,13 +77,35 @@
"name": "USN-4352-1", "name": "USN-4352-1",
"url": "https://usn.ubuntu.com/4352-1/" "url": "https://usn.ubuntu.com/4352-1/"
}, },
{
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"url": "https://bugs.openldap.org/show_bug.cgi?id=9202",
"refsource": "MISC",
"name": "https://bugs.openldap.org/show_bug.cgi?id=9202"
},
{
"refsource": "CONFIRM",
"name": "https://git.openldap.org/openldap/openldap/-/blob/OPENLDAP_REL_ENG_2_4/CHANGES",
"url": "https://git.openldap.org/openldap/openldap/-/blob/OPENLDAP_REL_ENG_2_4/CHANGES"
},
{
"refsource": "CONFIRM",
"name": "https://git.openldap.org/openldap/openldap/-/commit/98464c11df8247d6a11b52e294ba5dd4f0380440",
"url": "https://git.openldap.org/openldap/openldap/-/commit/98464c11df8247d6a11b52e294ba5dd4f0380440"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200511-0003/",
"url": "https://security.netapp.com/advisory/ntap-20200511-0003/"
},
{ {
"refsource": "CONFIRM", "refsource": "CONFIRM",
"name": "https://support.apple.com/kb/HT211289", "name": "https://support.apple.com/kb/HT211289",
"url": "https://support.apple.com/kb/HT211289" "url": "https://support.apple.com/kb/HT211289"
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
} }

64
2020/12xxx/CVE-2020-12723.json
View File

@ -52,36 +52,6 @@
}, },
"references": { "references": {
"reference_data": [ "reference_data": [
{
"url": "https://github.com/Perl/perl5/issues/16947",
"refsource": "MISC",
"name": "https://github.com/Perl/perl5/issues/16947"
},
{
"url": "https://github.com/Perl/perl5/issues/17743",
"refsource": "MISC",
"name": "https://github.com/Perl/perl5/issues/17743"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3",
"url": "https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod",
"url": "https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/perl/perl5/commit/66bbb51b93253a3f87d11c2695cfb7bdb782184a",
"url": "https://github.com/perl/perl5/commit/66bbb51b93253a3f87d11c2695cfb7bdb782184a"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200611-0001/",
"url": "https://security.netapp.com/advisory/ntap-20200611-0001/"
},
{ {
"refsource": "GENTOO", "refsource": "GENTOO",
"name": "GLSA-202006-03", "name": "GLSA-202006-03",
@ -98,7 +68,39 @@
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.html"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3",
"url": "https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod",
"url": "https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200611-0001/",
"url": "https://security.netapp.com/advisory/ntap-20200611-0001/"
},
{
"url": "https://github.com/Perl/perl5/issues/16947",
"refsource": "MISC",
"name": "https://github.com/Perl/perl5/issues/16947"
},
{
"url": "https://github.com/Perl/perl5/issues/17743",
"refsource": "MISC",
"name": "https://github.com/Perl/perl5/issues/17743"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/perl/perl5/commit/66bbb51b93253a3f87d11c2695cfb7bdb782184a",
"url": "https://github.com/perl/perl5/commit/66bbb51b93253a3f87d11c2695cfb7bdb782184a"
} }
] ]
} }

4
2020/13xxx/CVE-2020-13630.json
View File

@ -98,7 +98,9 @@
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html" "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
} }

4
2020/13xxx/CVE-2020-13631.json
View File

@ -93,7 +93,9 @@
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:22.sqlite.asc" "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:22.sqlite.asc"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
} }

4
2020/13xxx/CVE-2020-13632.json
View File

@ -98,7 +98,9 @@
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html" "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
} }

4
2020/13xxx/CVE-2020-13920.json
View File

@ -55,7 +55,9 @@
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00013.html" "url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00013.html"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
}, },

14
2020/13xxx/CVE-2020-13934.json
View File

@ -59,11 +59,6 @@
"name": "[debian-lts-announce] 20200722 [SECURITY] [DLA 2286-1] tomcat8 security update", "name": "[debian-lts-announce] 20200722 [SECURITY] [DLA 2286-1] tomcat8 security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00017.html" "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00017.html"
}, },
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200724-0003/",
"url": "https://security.netapp.com/advisory/ntap-20200724-0003/"
},
{ {
"refsource": "SUSE", "refsource": "SUSE",
"name": "openSUSE-SU-2020:1102", "name": "openSUSE-SU-2020:1102",
@ -80,7 +75,14 @@
"url": "https://lists.apache.org/thread.html/ra072b1f786e7d139e86f1d1145572e0ff71cef38a96d9c6f5362aac8@%3Cdev.tomcat.apache.org%3E" "url": "https://lists.apache.org/thread.html/ra072b1f786e7d139e86f1d1145572e0ff71cef38a96d9c6f5362aac8@%3Cdev.tomcat.apache.org%3E"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200724-0003/",
"url": "https://security.netapp.com/advisory/ntap-20200724-0003/"
} }
] ]
}, },

18
2020/13xxx/CVE-2020-13935.json
View File

@ -59,11 +59,6 @@
"name": "[debian-lts-announce] 20200722 [SECURITY] [DLA 2286-1] tomcat8 security update", "name": "[debian-lts-announce] 20200722 [SECURITY] [DLA 2286-1] tomcat8 security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00017.html" "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00017.html"
}, },
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200724-0003/",
"url": "https://security.netapp.com/advisory/ntap-20200724-0003/"
},
{ {
"refsource": "SUSE", "refsource": "SUSE",
"name": "openSUSE-SU-2020:1102", "name": "openSUSE-SU-2020:1102",
@ -79,13 +74,20 @@
"name": "USN-4448-1", "name": "USN-4448-1",
"url": "https://usn.ubuntu.com/4448-1/" "url": "https://usn.ubuntu.com/4448-1/"
}, },
{
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200724-0003/",
"url": "https://security.netapp.com/advisory/ntap-20200724-0003/"
},
{ {
"refsource": "CONFIRM", "refsource": "CONFIRM",
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10332", "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10332",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10332" "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10332"
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
}, },

18
2020/14xxx/CVE-2020-14060.json
View File

@ -52,28 +52,30 @@
}, },
"references": { "references": {
"reference_data": [ "reference_data": [
{
"url": "https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062",
"refsource": "MISC",
"name": "https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062"
},
{ {
"url": "https://github.com/FasterXML/jackson-databind/issues/2688", "url": "https://github.com/FasterXML/jackson-databind/issues/2688",
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/FasterXML/jackson-databind/issues/2688" "name": "https://github.com/FasterXML/jackson-databind/issues/2688"
}, },
{
"url": "https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062",
"refsource": "MISC",
"name": "https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062"
},
{ {
"refsource": "MLIST", "refsource": "MLIST",
"name": "[debian-lts-announce] 20200701 [SECURITY] [DLA 2270-1] jackson-databind security update", "name": "[debian-lts-announce] 20200701 [SECURITY] [DLA 2270-1] jackson-databind security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00001.html" "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00001.html"
}, },
{
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{ {
"refsource": "CONFIRM", "refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200702-0003/", "name": "https://security.netapp.com/advisory/ntap-20200702-0003/",
"url": "https://security.netapp.com/advisory/ntap-20200702-0003/" "url": "https://security.netapp.com/advisory/ntap-20200702-0003/"
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
} }

8
2020/14xxx/CVE-2020-14061.json
View File

@ -67,13 +67,15 @@
"name": "[debian-lts-announce] 20200701 [SECURITY] [DLA 2270-1] jackson-databind security update", "name": "[debian-lts-announce] 20200701 [SECURITY] [DLA 2270-1] jackson-databind security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00001.html" "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00001.html"
}, },
{
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{ {
"refsource": "CONFIRM", "refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200702-0003/", "name": "https://security.netapp.com/advisory/ntap-20200702-0003/",
"url": "https://security.netapp.com/advisory/ntap-20200702-0003/" "url": "https://security.netapp.com/advisory/ntap-20200702-0003/"
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
} }

8
2020/14xxx/CVE-2020-14062.json
View File

@ -67,13 +67,15 @@
"name": "[debian-lts-announce] 20200701 [SECURITY] [DLA 2270-1] jackson-databind security update", "name": "[debian-lts-announce] 20200701 [SECURITY] [DLA 2270-1] jackson-databind security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00001.html" "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00001.html"
}, },
{
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{ {
"refsource": "CONFIRM", "refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200702-0003/", "name": "https://security.netapp.com/advisory/ntap-20200702-0003/",
"url": "https://security.netapp.com/advisory/ntap-20200702-0003/" "url": "https://security.netapp.com/advisory/ntap-20200702-0003/"
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
} }

8
2020/14xxx/CVE-2020-14195.json
View File

@ -62,13 +62,15 @@
"name": "[debian-lts-announce] 20200701 [SECURITY] [DLA 2270-1] jackson-databind security update", "name": "[debian-lts-announce] 20200701 [SECURITY] [DLA 2270-1] jackson-databind security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00001.html" "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00001.html"
}, },
{
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{ {
"refsource": "CONFIRM", "refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200702-0003/", "name": "https://security.netapp.com/advisory/ntap-20200702-0003/",
"url": "https://security.netapp.com/advisory/ntap-20200702-0003/" "url": "https://security.netapp.com/advisory/ntap-20200702-0003/"
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
} }

5
2020/15xxx/CVE-2020-15157.json
View File

@ -83,6 +83,11 @@
"refsource": "UBUNTU", "refsource": "UBUNTU",
"name": "USN-4589-1", "name": "USN-4589-1",
"url": "https://usn.ubuntu.com/4589-1/" "url": "https://usn.ubuntu.com/4589-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4589-2",
"url": "https://usn.ubuntu.com/4589-2/"
} }
] ]
}, },

14
2020/15xxx/CVE-2020-15358.json
View File

@ -67,11 +67,6 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://www.sqlite.org/src/info/10fa79d00f8091e5" "name": "https://www.sqlite.org/src/info/10fa79d00f8091e5"
}, },
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200709-0001/",
"url": "https://security.netapp.com/advisory/ntap-20200709-0001/"
},
{ {
"refsource": "GENTOO", "refsource": "GENTOO",
"name": "GLSA-202007-26", "name": "GLSA-202007-26",
@ -83,7 +78,14 @@
"url": "https://usn.ubuntu.com/4438-1/" "url": "https://usn.ubuntu.com/4438-1/"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200709-0001/",
"url": "https://security.netapp.com/advisory/ntap-20200709-0001/"
} }
] ]
} }

14
2020/15xxx/CVE-2020-15389.json
View File

@ -57,18 +57,20 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/uclouvain/openjpeg/issues/1261" "name": "https://github.com/uclouvain/openjpeg/issues/1261"
}, },
{
"refsource": "MISC",
"name": "https://pastebin.com/4sDKQ7U8",
"url": "https://pastebin.com/4sDKQ7U8"
},
{ {
"refsource": "MLIST", "refsource": "MLIST",
"name": "[debian-lts-announce] 20200710 [SECURITY] [DLA 2277-1] openjpeg2 security update", "name": "[debian-lts-announce] 20200710 [SECURITY] [DLA 2277-1] openjpeg2 security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00008.html" "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00008.html"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"refsource": "MISC",
"name": "https://pastebin.com/4sDKQ7U8",
"url": "https://pastebin.com/4sDKQ7U8"
} }
] ]
} }

34
2020/1xxx/CVE-2020-1730.json
View File

@ -47,16 +47,6 @@
}, },
"references": { "references": {
"reference_data": [ "reference_data": [
{
"url": "https://www.libssh.org/security/advisories/CVE-2020-1730.txt",
"refsource": "MISC",
"name": "https://www.libssh.org/security/advisories/CVE-2020-1730.txt"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1730",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1730",
"refsource": "CONFIRM"
},
{ {
"refsource": "FEDORA", "refsource": "FEDORA",
"name": "FEDORA-2020-5a77f0d68f", "name": "FEDORA-2020-5a77f0d68f",
@ -67,18 +57,30 @@
"name": "USN-4327-1", "name": "USN-4327-1",
"url": "https://usn.ubuntu.com/4327-1/" "url": "https://usn.ubuntu.com/4327-1/"
}, },
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200424-0001/",
"url": "https://security.netapp.com/advisory/ntap-20200424-0001/"
},
{ {
"refsource": "FEDORA", "refsource": "FEDORA",
"name": "FEDORA-2020-6cad41abb0", "name": "FEDORA-2020-6cad41abb0",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2A7BIFKUYIYKTY7FX4BEWVC2OHS5DPOU/" "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2A7BIFKUYIYKTY7FX4BEWVC2OHS5DPOU/"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"url": "https://www.libssh.org/security/advisories/CVE-2020-1730.txt",
"refsource": "MISC",
"name": "https://www.libssh.org/security/advisories/CVE-2020-1730.txt"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1730",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1730",
"refsource": "CONFIRM"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200424-0001/",
"url": "https://security.netapp.com/advisory/ntap-20200424-0001/"
} }
] ]
}, },

4
2020/1xxx/CVE-2020-1935.json
View File

@ -131,7 +131,9 @@
"url": "https://usn.ubuntu.com/4448-1/" "url": "https://usn.ubuntu.com/4448-1/"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
}, },

4
2020/1xxx/CVE-2020-1938.json
View File

@ -276,7 +276,9 @@
"url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E" "url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
}, },

4
2020/1xxx/CVE-2020-1941.json
View File

@ -60,7 +60,9 @@
"url": "https://lists.apache.org/thread.html/re4672802b0e5ed67c08c9e77057d52138e062f77cc09581b723cf95a@%3Ccommits.activemq.apache.org%3E" "url": "https://lists.apache.org/thread.html/re4672802b0e5ed67c08c9e77057d52138e062f77cc09581b723cf95a@%3Ccommits.activemq.apache.org%3E"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
}, },

4
2020/1xxx/CVE-2020-1945.json
View File

@ -215,7 +215,9 @@
"url": "https://lists.apache.org/thread.html/r5e1cdd79f019162f76414708b2092acad0a6703d666d72d717319305@%3Cdev.creadur.apache.org%3E" "url": "https://lists.apache.org/thread.html/r5e1cdd79f019162f76414708b2092acad0a6703d666d72d717319305@%3Cdev.creadur.apache.org%3E"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
}, },

4
2020/1xxx/CVE-2020-1950.json
View File

@ -65,7 +65,9 @@
"url": "https://usn.ubuntu.com/4564-1/" "url": "https://usn.ubuntu.com/4564-1/"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
}, },

4
2020/1xxx/CVE-2020-1951.json
View File

@ -65,7 +65,9 @@
"url": "https://usn.ubuntu.com/4564-1/" "url": "https://usn.ubuntu.com/4564-1/"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
}, },

14
2020/1xxx/CVE-2020-1953.json
View File

@ -56,18 +56,20 @@
}, },
"references": { "references": {
"reference_data": [ "reference_data": [
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/d0e00f2e147a9e9b13a6829133092f349b2882bf6860397368a52600@%3Cannounce.tomcat.apache.org%3E",
"url": "https://lists.apache.org/thread.html/d0e00f2e147a9e9b13a6829133092f349b2882bf6860397368a52600@%3Cannounce.tomcat.apache.org%3E"
},
{ {
"refsource": "MLIST", "refsource": "MLIST",
"name": "[camel-commits] 20200313 [camel] branch camel-3.1.x updated: Update Commons Configuration 2 due to CVE-2020-1953", "name": "[camel-commits] 20200313 [camel] branch camel-3.1.x updated: Update Commons Configuration 2 due to CVE-2020-1953",
"url": "https://lists.apache.org/thread.html/rde2186ad6ac0d6ed8d51af7509244adcf1ce0f9a3b7e1d1dd3b64676@%3Ccommits.camel.apache.org%3E" "url": "https://lists.apache.org/thread.html/rde2186ad6ac0d6ed8d51af7509244adcf1ce0f9a3b7e1d1dd3b64676@%3Ccommits.camel.apache.org%3E"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "refsource": "MISC",
"name": "https://lists.apache.org/thread.html/d0e00f2e147a9e9b13a6829133092f349b2882bf6860397368a52600@%3Cannounce.tomcat.apache.org%3E",
"url": "https://lists.apache.org/thread.html/d0e00f2e147a9e9b13a6829133092f349b2882bf6860397368a52600@%3Cannounce.tomcat.apache.org%3E"
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
}, },

8
2020/1xxx/CVE-2020-1954.json
View File

@ -44,13 +44,15 @@
}, },
"references": { "references": {
"reference_data": [ "reference_data": [
{
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{ {
"refsource": "MISC", "refsource": "MISC",
"name": "http://cxf.apache.org/security-advisories.data/CVE-2020-1954.txt.asc?version=1&modificationDate=1585730169000&api=v2", "name": "http://cxf.apache.org/security-advisories.data/CVE-2020-1954.txt.asc?version=1&modificationDate=1585730169000&api=v2",
"url": "http://cxf.apache.org/security-advisories.data/CVE-2020-1954.txt.asc?version=1&modificationDate=1585730169000&api=v2" "url": "http://cxf.apache.org/security-advisories.data/CVE-2020-1954.txt.asc?version=1&modificationDate=1585730169000&api=v2"
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
}, },

8
2020/1xxx/CVE-2020-1967.json
View File

@ -187,13 +187,15 @@
"name": "https://www.tenable.com/security/tns-2020-04", "name": "https://www.tenable.com/security/tns-2020-04",
"url": "https://www.tenable.com/security/tns-2020-04" "url": "https://www.tenable.com/security/tns-2020-04"
}, },
{
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{ {
"refsource": "CONFIRM", "refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200717-0004/", "name": "https://security.netapp.com/advisory/ntap-20200717-0004/",
"url": "https://security.netapp.com/advisory/ntap-20200717-0004/" "url": "https://security.netapp.com/advisory/ntap-20200717-0004/"
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
} }

90
2020/24xxx/CVE-2020-24409.json
View File

@ -1,18 +1,96 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2020-10-20T23:00:00.000Z",
"ID": "CVE-2020-24409", "ID": "CVE-2020-24409",
"ASSIGNER": "cve@mitre.org", "STATE": "PUBLIC",
"STATE": "RESERVED" "TITLE": "Adobe Illustrator PDF File Parsing Out-Of-Bounds Read Vulnerability"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Illustrator",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_value": "24.2"
},
{
"version_affected": "<=",
"version_value": "None"
},
{
"version_affected": "<=",
"version_value": "None"
},
{
"version_affected": "<=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Adobe Illustrator version 24.2 (and earlier) is affected by an out-of-bounds read vulnerability when parsing crafted PDF files. This could result in a read past the end of an allocated memory structure, potentially resulting in arbitrary code execution in the context of the current user. This vulnerability requires user interaction to exploit."
} }
] ]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/illustrator/apsb20-53.html",
"name": "https://helpx.adobe.com/security/products/illustrator/apsb20-53.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
} }
} }

90
2020/24xxx/CVE-2020-24410.json
View File

@ -1,18 +1,96 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2020-10-20T23:00:00.000Z",
"ID": "CVE-2020-24410", "ID": "CVE-2020-24410",
"ASSIGNER": "cve@mitre.org", "STATE": "PUBLIC",
"STATE": "RESERVED" "TITLE": "Adobe Illustrator PDF File Parsing Out-Of-Bounds Read Vulnerability"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Illustrator",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_value": "24.2"
},
{
"version_affected": "<=",
"version_value": "None"
},
{
"version_affected": "<=",
"version_value": "None"
},
{
"version_affected": "<=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Adobe Illustrator version 24.2 (and earlier) is affected by an out-of-bounds read vulnerability when parsing crafted PDF files. This could result in a read past the end of an allocated memory structure, potentially resulting in arbitrary code execution in the context of the current user. This vulnerability requires user interaction to exploit."
} }
] ]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/illustrator/apsb20-53.html",
"name": "https://helpx.adobe.com/security/products/illustrator/apsb20-53.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
} }
} }

90
2020/24xxx/CVE-2020-24411.json
View File

@ -1,18 +1,96 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2020-10-20T23:00:00.000Z",
"ID": "CVE-2020-24411", "ID": "CVE-2020-24411",
"ASSIGNER": "cve@mitre.org", "STATE": "PUBLIC",
"STATE": "RESERVED" "TITLE": "Adobe Illustrator PDF File Parsing Out-Of-Bounds Write Vulnerability"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Illustrator",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_value": "24.2"
},
{
"version_affected": "<=",
"version_value": "None"
},
{
"version_affected": "<=",
"version_value": "None"
},
{
"version_affected": "<=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Adobe Illustrator version 24.2 (and earlier) is affected by an out-of-bounds write vulnerability when handling crafted PDF files. This could result in a write past the end of an allocated memory structure, potentially resulting in arbitrary code execution in the context of the current user. This vulnerability requires user interaction to exploit."
} }
] ]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write (CWE-787)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/illustrator/apsb20-53.html",
"name": "https://helpx.adobe.com/security/products/illustrator/apsb20-53.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
} }
} }

90
2020/24xxx/CVE-2020-24412.json
View File

@ -1,18 +1,96 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2020-10-20T23:00:00.000Z",
"ID": "CVE-2020-24412", "ID": "CVE-2020-24412",
"ASSIGNER": "cve@mitre.org", "STATE": "PUBLIC",
"STATE": "RESERVED" "TITLE": "Adobe Illustrator Memory Corruption Vulnerability"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Illustrator",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_value": "24.1.2"
},
{
"version_affected": "<=",
"version_value": "None"
},
{
"version_affected": "<=",
"version_value": "None"
},
{
"version_affected": "<=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory corruption vulnerability that occurs when parsing a specially crafted .svg file. This could result in arbitrary code execution in the context of the current user. This vulnerability requires user interaction to exploit."
} }
] ]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Access of Memory Location After End of Buffer (CWE-788)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/illustrator/apsb20-53.html",
"name": "https://helpx.adobe.com/security/products/illustrator/apsb20-53.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
} }
} }

90
2020/24xxx/CVE-2020-24413.json
View File

@ -1,18 +1,96 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2020-10-20T23:00:00.000Z",
"ID": "CVE-2020-24413", "ID": "CVE-2020-24413",
"ASSIGNER": "cve@mitre.org", "STATE": "PUBLIC",
"STATE": "RESERVED" "TITLE": "Adobe Illustrator Memory Corruption Vulnerability"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Illustrator",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_value": "24.1.2"
},
{
"version_affected": "<=",
"version_value": "None"
},
{
"version_affected": "<=",
"version_value": "None"
},
{
"version_affected": "<=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory corruption vulnerability that occurs when parsing a specially crafted .svg file. This could result in arbitrary code execution in the context of the current user. This vulnerability requires user interaction to exploit."
} }
] ]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Access of Memory Location After End of Buffer (CWE-788)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/illustrator/apsb20-53.html",
"name": "https://helpx.adobe.com/security/products/illustrator/apsb20-53.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
} }
} }

90
2020/24xxx/CVE-2020-24414.json
View File

@ -1,18 +1,96 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2020-10-20T23:00:00.000Z",
"ID": "CVE-2020-24414", "ID": "CVE-2020-24414",
"ASSIGNER": "cve@mitre.org", "STATE": "PUBLIC",
"STATE": "RESERVED" "TITLE": "Adobe Illustrator Memory Corruption Vulnerability"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Illustrator",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_value": "24.1.2"
},
{
"version_affected": "<=",
"version_value": "None"
},
{
"version_affected": "<=",
"version_value": "None"
},
{
"version_affected": "<=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory corruption vulnerability that occurs when parsing a specially crafted .svg file. This could result in arbitrary code execution in the context of the current user. This vulnerability requires user interaction to exploit."
} }
] ]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Access of Memory Location After End of Buffer (CWE-788)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/illustrator/apsb20-53.html",
"name": "https://helpx.adobe.com/security/products/illustrator/apsb20-53.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
} }
} }

90
2020/24xxx/CVE-2020-24415.json
View File

@ -1,18 +1,96 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2020-10-20T23:00:00.000Z",
"ID": "CVE-2020-24415", "ID": "CVE-2020-24415",
"ASSIGNER": "cve@mitre.org", "STATE": "PUBLIC",
"STATE": "RESERVED" "TITLE": "Adobe Illustrator Memory Corruption Vulnerability"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Illustrator",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_value": "24.1.2"
},
{
"version_affected": "<=",
"version_value": "None"
},
{
"version_affected": "<=",
"version_value": "None"
},
{
"version_affected": "<=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory corruption vulnerability that occurs when parsing a specially crafted .svg file. This could result in arbitrary code execution in the context of the current user. This vulnerability requires user interaction to exploit."
} }
] ]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Access of Memory Location After End of Buffer (CWE-788)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/illustrator/apsb20-53.html",
"name": "https://helpx.adobe.com/security/products/illustrator/apsb20-53.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
} }
} }

90
2020/24xxx/CVE-2020-24416.json
View File

@ -1,18 +1,96 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2020-10-20T23:00:00.000Z",
"ID": "CVE-2020-24416", "ID": "CVE-2020-24416",
"ASSIGNER": "cve@mitre.org", "STATE": "PUBLIC",
"STATE": "RESERVED" "TITLE": "Blind stored XSS in Marketo Sales insight plugin for SalesForce"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Marketo",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_value": "1.4355"
},
{
"version_affected": "<=",
"version_value": "None"
},
{
"version_affected": "<=",
"version_value": "None"
},
{
"version_affected": "<=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Marketo Sales Insight plugin version 1.4355 (and earlier) is affected by a blind stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field."
} }
] ]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Network",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site Scripting (Stored XSS) (CWE-79)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/marketo/apsb20-60.html",
"name": "https://helpx.adobe.com/security/products/marketo/apsb20-60.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
} }
} }

50
2020/25xxx/CVE-2020-25157.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-25157", "ID": "CVE-2020-25157",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Advantech R-SeeNet",
"version": {
"version_data": [
{
"version_value": "Versions 1.5.1 through 2.4.10"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USE IN AN SQL COMMAND ('SQL INJECTION')"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-289-02",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-289-02"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "The R-SeeNet webpage (1.5.1 through 2.4.10) suffers from SQL injection, which allows a remote attacker to invoke queries on the database and retrieve sensitive information."
} }
] ]
} }

5
2020/25xxx/CVE-2020-25270.json
View File

@ -61,6 +61,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/Ko-kn3t/CVE-2020-25270", "name": "https://github.com/Ko-kn3t/CVE-2020-25270",
"url": "https://github.com/Ko-kn3t/CVE-2020-25270" "url": "https://github.com/Ko-kn3t/CVE-2020-25270"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/159614/Hostel-Management-System-2.1-Cross-Site-Scripting.html",
"url": "http://packetstormsecurity.com/files/159614/Hostel-Management-System-2.1-Cross-Site-Scripting.html"
} }
] ]
} }

55
2020/25xxx/CVE-2020-25648.json
View File

@ -4,14 +4,63 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-25648", "ID": "CVE-2020-25648",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "nss",
"version": {
"version_data": [
{
"version_value": "nss versions before 3.58"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-770"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1887319",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887319"
},
{
"refsource": "MISC",
"name": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.58_release_notes",
"url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.58_release_notes"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. This flaw affects NSS versions before 3.58."
} }
] ]
} }

5
2020/25xxx/CVE-2020-25760.json
View File

@ -66,6 +66,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://packetstormsecurity.com/files/author/15149/", "name": "https://packetstormsecurity.com/files/author/15149/",
"url": "https://packetstormsecurity.com/files/author/15149/" "url": "https://packetstormsecurity.com/files/author/15149/"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/159637/Visitor-Management-System-In-PHP-1.0-SQL-Injection.html",
"url": "http://packetstormsecurity.com/files/159637/Visitor-Management-System-In-PHP-1.0-SQL-Injection.html"
} }
] ]
} }

5
2020/25xxx/CVE-2020-25790.json
View File

@ -66,6 +66,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "http://packetstormsecurity.com/files/159503/Typesetter-CMS-5.1-Remote-Code-Execution.html", "name": "http://packetstormsecurity.com/files/159503/Typesetter-CMS-5.1-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/159503/Typesetter-CMS-5.1-Remote-Code-Execution.html" "url": "http://packetstormsecurity.com/files/159503/Typesetter-CMS-5.1-Remote-Code-Execution.html"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/159615/Typesetter-CMS-5.1-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/159615/Typesetter-CMS-5.1-Remote-Code-Execution.html"
} }
] ]
} }

5
2020/3xxx/CVE-2020-3235.json
View File

@ -46,7 +46,6 @@
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. " "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
} }
], ],
"impact": { "impact": {
"cvss": { "cvss": {
"baseScore": "7.7", "baseScore": "7.7",
@ -74,7 +73,9 @@
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-dos-USxSyTk5" "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-dos-USxSyTk5"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
}, },

4
2020/3xxx/CVE-2020-3909.json
View File

@ -147,7 +147,9 @@
"name": "https://support.apple.com/HT211107" "name": "https://support.apple.com/HT211107"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
}, },

4
2020/4xxx/CVE-2020-4051.json
View File

@ -95,7 +95,9 @@
"url": "https://github.com/dojo/dijit/commit/462bdcd60d0333315fe69ab4709c894d78f61301" "url": "https://github.com/dojo/dijit/commit/462bdcd60d0333315fe69ab4709c894d78f61301"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
}, },

4
2020/5xxx/CVE-2020-5397.json
View File

@ -75,7 +75,9 @@
"name": "https://pivotal.io/security/cve-2020-5397" "name": "https://pivotal.io/security/cve-2020-5397"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
}, },

4
2020/5xxx/CVE-2020-5398.json
View File

@ -230,7 +230,9 @@
"url": "https://lists.apache.org/thread.html/r1c679c43fa4f7846d748a937955c7921436d1b315445978254442163@%3Ccommits.ambari.apache.org%3E" "url": "https://lists.apache.org/thread.html/r1c679c43fa4f7846d748a937955c7921436d1b315445978254442163@%3Ccommits.ambari.apache.org%3E"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
}, },

14
2020/5xxx/CVE-2020-5407.json
View File

@ -64,11 +64,6 @@
}, },
"references": { "references": {
"reference_data": [ "reference_data": [
{
"refsource": "CONFIRM",
"url": "https://tanzu.vmware.com/security/cve-2020-5407",
"name": "https://tanzu.vmware.com/security/cve-2020-5407"
},
{ {
"refsource": "MLIST", "refsource": "MLIST",
"name": "[servicemix-issues] 20200514 [jira] [Created] (SM-4384) Create OSGi bundles for spring-security 5.3.2.RELEASE + 5.1.10.RELEASE", "name": "[servicemix-issues] 20200514 [jira] [Created] (SM-4384) Create OSGi bundles for spring-security 5.3.2.RELEASE + 5.1.10.RELEASE",
@ -85,7 +80,14 @@
"url": "https://lists.apache.org/thread.html/ra19a4e7236877fe12bfb52db07b27ad72d9e7a9f5e27bba7e928e18a@%3Cdev.geode.apache.org%3E" "url": "https://lists.apache.org/thread.html/ra19a4e7236877fe12bfb52db07b27ad72d9e7a9f5e27bba7e928e18a@%3Cdev.geode.apache.org%3E"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"refsource": "CONFIRM",
"url": "https://tanzu.vmware.com/security/cve-2020-5407",
"name": "https://tanzu.vmware.com/security/cve-2020-5407"
} }
] ]
}, },

8
2020/5xxx/CVE-2020-5408.json
View File

@ -79,13 +79,15 @@
}, },
"references": { "references": {
"reference_data": [ "reference_data": [
{
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{ {
"refsource": "CONFIRM", "refsource": "CONFIRM",
"url": "https://tanzu.vmware.com/security/cve-2020-5408", "url": "https://tanzu.vmware.com/security/cve-2020-5408",
"name": "https://tanzu.vmware.com/security/cve-2020-5408" "name": "https://tanzu.vmware.com/security/cve-2020-5408"
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
}, },

50
2020/5xxx/CVE-2020-5790.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-5790", "ID": "CVE-2020-5790",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "vulnreport@tenable.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Nagios XI",
"version": {
"version_data": [
{
"version_value": "5.7.3"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site Request Forgery"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.tenable.com/security/research/tra-2020-58",
"url": "https://www.tenable.com/security/research/tra-2020-58"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Cross-site request forgery in Nagios XI 5.7.3 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link."
} }
] ]
} }

50
2020/5xxx/CVE-2020-5791.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-5791", "ID": "CVE-2020-5791",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "vulnreport@tenable.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Nagios XI",
"version": {
"version_data": [
{
"version_value": "5.7.3"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authenticated OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.tenable.com/security/research/tra-2020-58",
"url": "https://www.tenable.com/security/research/tra-2020-58"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Improper neutralization of special elements used in an OS command in Nagios XI 5.7.3 allows a remote, authenticated admin user to execute operating system commands with the privileges of the apache user."
} }
] ]
} }

50
2020/5xxx/CVE-2020-5792.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-5792", "ID": "CVE-2020-5792",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "vulnreport@tenable.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Nagios XI",
"version": {
"version_data": [
{
"version_value": "5.7.3"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authenticated OS Command Argument Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.tenable.com/security/research/tra-2020-58",
"url": "https://www.tenable.com/security/research/tra-2020-58"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Improper neutralization of argument delimiters in a command in Nagios XI 5.7.3 allows a remote, authenticated admin user to write to arbitrary files and ultimately execute code with the privileges of the apache user."
} }
] ]
} }

24
2020/7xxx/CVE-2020-7067.json
View File

@ -90,16 +90,6 @@
}, },
"references": { "references": {
"reference_data": [ "reference_data": [
{
"name": "https://bugs.php.net/bug.php?id=79465",
"refsource": "CONFIRM",
"url": "https://bugs.php.net/bug.php?id=79465"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200504-0001/",
"url": "https://security.netapp.com/advisory/ntap-20200504-0001/"
},
{ {
"refsource": "DEBIAN", "refsource": "DEBIAN",
"name": "DSA-4717", "name": "DSA-4717",
@ -111,7 +101,19 @@
"url": "https://www.debian.org/security/2020/dsa-4719" "url": "https://www.debian.org/security/2020/dsa-4719"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"name": "https://bugs.php.net/bug.php?id=79465",
"refsource": "CONFIRM",
"url": "https://bugs.php.net/bug.php?id=79465"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200504-0001/",
"url": "https://security.netapp.com/advisory/ntap-20200504-0001/"
} }
] ]
}, },

4
2020/8xxx/CVE-2020-8172.json
View File

@ -65,7 +65,9 @@
"url": "https://security.netapp.com/advisory/ntap-20200625-0002/" "url": "https://security.netapp.com/advisory/ntap-20200625-0002/"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
}, },

4
2020/8xxx/CVE-2020-8174.json
View File

@ -50,7 +50,9 @@
"url": "https://hackerone.com/reports/784186" "url": "https://hackerone.com/reports/784186"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
}, },

40
2020/8xxx/CVE-2020-8840.json
View File

@ -52,11 +52,6 @@
}, },
"references": { "references": {
"reference_data": [ "reference_data": [
{
"url": "https://github.com/FasterXML/jackson-databind/issues/2620",
"refsource": "MISC",
"name": "https://github.com/FasterXML/jackson-databind/issues/2620"
},
{ {
"refsource": "MLIST", "refsource": "MLIST",
"name": "[druid-commits] 20200219 [GitHub] [druid] ccaominh opened a new pull request #9379: Suppress CVE-2020-8840 for htrace-core-4.0.1", "name": "[druid-commits] 20200219 [GitHub] [druid] ccaominh opened a new pull request #9379: Suppress CVE-2020-8840 for htrace-core-4.0.1",
@ -162,11 +157,6 @@
"name": "[tomee-dev] 20200316 RE: CVE-2020-8840 on TomEE 8.0.1", "name": "[tomee-dev] 20200316 RE: CVE-2020-8840 on TomEE 8.0.1",
"url": "https://lists.apache.org/thread.html/rc068e824654c4b8bd4f2490bec869e29edbfcd5dfe02d47cbf7433b2@%3Cdev.tomee.apache.org%3E" "url": "https://lists.apache.org/thread.html/rc068e824654c4b8bd4f2490bec869e29edbfcd5dfe02d47cbf7433b2@%3Cdev.tomee.apache.org%3E"
}, },
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200327-0002/",
"url": "https://security.netapp.com/advisory/ntap-20200327-0002/"
},
{ {
"refsource": "MLIST", "refsource": "MLIST",
"name": "[ranger-dev] 20200330 [jira] [Updated] (RANGER-2770) Upgrade jackson-databind to version 2.10.0 [CVE-2020-8840] - (Ranger)", "name": "[ranger-dev] 20200330 [jira] [Updated] (RANGER-2770) Upgrade jackson-databind to version 2.10.0 [CVE-2020-8840] - (Ranger)",
@ -187,11 +177,6 @@
"name": "[ranger-dev] 20200408 Review Request 72332: RANGER-2770 : Upgrade jackson-databind to version 2.10.0 [CVE-2020-8840] - (Ranger)", "name": "[ranger-dev] 20200408 Review Request 72332: RANGER-2770 : Upgrade jackson-databind to version 2.10.0 [CVE-2020-8840] - (Ranger)",
"url": "https://lists.apache.org/thread.html/r2fa8046bd47fb407ca09b5107a80fa6147ba4ebe879caae5c98b7657@%3Cdev.ranger.apache.org%3E" "url": "https://lists.apache.org/thread.html/r2fa8046bd47fb407ca09b5107a80fa6147ba4ebe879caae5c98b7657@%3Cdev.ranger.apache.org%3E"
}, },
{
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{ {
"refsource": "MLIST", "refsource": "MLIST",
"name": "[ranger-dev] 20200415 [jira] [Commented] (RANGER-2770) Upgrade jackson-databind to version 2.10.0 [CVE-2020-8840] - (Ranger)", "name": "[ranger-dev] 20200415 [jira] [Commented] (RANGER-2770) Upgrade jackson-databind to version 2.10.0 [CVE-2020-8840] - (Ranger)",
@ -253,9 +238,9 @@
"url": "https://lists.apache.org/thread.html/r8e96c340004b7898cad3204ea51280ef6e4b553a684e1452bf1b18b1@%3Cjira.kafka.apache.org%3E" "url": "https://lists.apache.org/thread.html/r8e96c340004b7898cad3204ea51280ef6e4b553a684e1452bf1b18b1@%3Cjira.kafka.apache.org%3E"
}, },
{ {
"refsource": "CONFIRM", "url": "https://www.oracle.com/security-alerts/cpuapr2020.html",
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-01-fastjason-en", "refsource": "MISC",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-01-fastjason-en" "name": "https://www.oracle.com/security-alerts/cpuapr2020.html"
}, },
{ {
"refsource": "MLIST", "refsource": "MLIST",
@ -268,7 +253,24 @@
"url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E" "url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"url": "https://github.com/FasterXML/jackson-databind/issues/2620",
"refsource": "MISC",
"name": "https://github.com/FasterXML/jackson-databind/issues/2620"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200327-0002/",
"url": "https://security.netapp.com/advisory/ntap-20200327-0002/"
},
{
"refsource": "CONFIRM",
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-01-fastjason-en",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-01-fastjason-en"
} }
] ]
} }

14
2020/9xxx/CVE-2020-9281.json
View File

@ -52,11 +52,6 @@
}, },
"references": { "references": {
"reference_data": [ "reference_data": [
{
"url": "https://github.com/ckeditor/ckeditor4",
"refsource": "MISC",
"name": "https://github.com/ckeditor/ckeditor4"
},
{ {
"refsource": "FEDORA", "refsource": "FEDORA",
"name": "FEDORA-2020-8d5de93970", "name": "FEDORA-2020-8d5de93970",
@ -73,7 +68,14 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L322YA73LCV3TO7ORY45WQDAFJVNKXBE/" "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L322YA73LCV3TO7ORY45WQDAFJVNKXBE/"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"url": "https://github.com/ckeditor/ckeditor4",
"refsource": "MISC",
"name": "https://github.com/ckeditor/ckeditor4"
} }
] ]
} }

4
2020/9xxx/CVE-2020-9327.json
View File

@ -88,7 +88,9 @@
"url": "https://security.netapp.com/advisory/ntap-20200313-0002/" "url": "https://security.netapp.com/advisory/ntap-20200313-0002/"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
} }

4
2020/9xxx/CVE-2020-9409.json
View File

@ -99,7 +99,9 @@
"url": "http://www.tibco.com/services/support/advisories" "url": "http://www.tibco.com/services/support/advisories"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
}, },

4
2020/9xxx/CVE-2020-9410.json
View File

@ -145,7 +145,9 @@
"url": "http://www.tibco.com/services/support/advisories" "url": "http://www.tibco.com/services/support/advisories"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
}, },

336
2020/9xxx/CVE-2020-9417.json
View File

@ -1,169 +1,169 @@
{ {
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "security@tibco.com", "ASSIGNER": "security@tibco.com",
"DATE_PUBLIC": "2020-10-20T17:00:00Z", "DATE_PUBLIC": "2020-10-20T17:00:00Z",
"ID": "CVE-2020-9417", "ID": "CVE-2020-9417",
"STATE": "PUBLIC", "STATE": "PUBLIC",
"TITLE": "TIBCO Foresight SQL Injection" "TITLE": "TIBCO Foresight SQL Injection"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "TIBCO Foresight Archive and Retrieval System", "product_name": "TIBCO Foresight Archive and Retrieval System",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_affected": "<=", "version_affected": "<=",
"version_value": "5.1.0" "version_value": "5.1.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "5.2.0" "version_value": "5.2.0"
} }
] ]
} }
}, },
{ {
"product_name": "TIBCO Foresight Archive and Retrieval System Healthcare Edition", "product_name": "TIBCO Foresight Archive and Retrieval System Healthcare Edition",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_affected": "<=", "version_affected": "<=",
"version_value": "5.1.0" "version_value": "5.1.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "5.2.0" "version_value": "5.2.0"
} }
] ]
} }
}, },
{ {
"product_name": "TIBCO Foresight Operational Monitor", "product_name": "TIBCO Foresight Operational Monitor",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_affected": "<=", "version_affected": "<=",
"version_value": "5.1.0" "version_value": "5.1.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "5.2.0" "version_value": "5.2.0"
} }
] ]
} }
}, },
{ {
"product_name": "TIBCO Foresight Operational Monitor Healthcare Edition", "product_name": "TIBCO Foresight Operational Monitor Healthcare Edition",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_affected": "<=", "version_affected": "<=",
"version_value": "5.1.0" "version_value": "5.1.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "5.2.0" "version_value": "5.2.0"
} }
] ]
} }
}, },
{ {
"product_name": "TIBCO Foresight Transaction Insight", "product_name": "TIBCO Foresight Transaction Insight",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_affected": "<=", "version_affected": "<=",
"version_value": "5.1.0" "version_value": "5.1.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "5.2.0" "version_value": "5.2.0"
} }
] ]
} }
}, },
{ {
"product_name": "TIBCO Foresight Transaction Insight Healthcare Edition", "product_name": "TIBCO Foresight Transaction Insight Healthcare Edition",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_affected": "<=", "version_affected": "<=",
"version_value": "5.1.0" "version_value": "5.1.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "5.2.0" "version_value": "5.2.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name": "TIBCO Software Inc." "vendor_name": "TIBCO Software Inc."
} }
] ]
} }
}, },
"data_format": "MITRE", "data_format": "MITRE",
"data_type": "CVE", "data_type": "CVE",
"data_version": "4.0", "data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "The Transaction Insight reporting component of TIBCO Software Inc.'s TIBCO Foresight Archive and Retrieval System, TIBCO Foresight Archive and Retrieval System Healthcare Edition, TIBCO Foresight Operational Monitor, TIBCO Foresight Operational Monitor Healthcare Edition, TIBCO Foresight Transaction Insight, and TIBCO Foresight Transaction Insight Healthcare Edition contains a vulnerability that theoretically allows an authenticated attacker to perform SQL injection.\n\nAffected releases are TIBCO Software Inc.'s TIBCO Foresight Archive and Retrieval System: versions 5.1.0 and below, version 5.2.0, TIBCO Foresight Archive and Retrieval System Healthcare Edition: versions 5.1.0 and below, version 5.2.0, TIBCO Foresight Operational Monitor: versions 5.1.0 and below, version 5.2.0, TIBCO Foresight Operational Monitor Healthcare Edition: versions 5.1.0 and below, version 5.2.0, TIBCO Foresight Transaction Insight: versions 5.1.0 and below, version 5.2.0, and TIBCO Foresight Transaction Insight Healthcare Edition: versions 5.1.0 and below, version 5.2.0.\n" "value": "The Transaction Insight reporting component of TIBCO Software Inc.'s TIBCO Foresight Archive and Retrieval System, TIBCO Foresight Archive and Retrieval System Healthcare Edition, TIBCO Foresight Operational Monitor, TIBCO Foresight Operational Monitor Healthcare Edition, TIBCO Foresight Transaction Insight, and TIBCO Foresight Transaction Insight Healthcare Edition contains a vulnerability that theoretically allows an authenticated attacker to perform SQL injection. Affected releases are TIBCO Software Inc.'s TIBCO Foresight Archive and Retrieval System: versions 5.1.0 and below, version 5.2.0, TIBCO Foresight Archive and Retrieval System Healthcare Edition: versions 5.1.0 and below, version 5.2.0, TIBCO Foresight Operational Monitor: versions 5.1.0 and below, version 5.2.0, TIBCO Foresight Operational Monitor Healthcare Edition: versions 5.1.0 and below, version 5.2.0, TIBCO Foresight Transaction Insight: versions 5.1.0 and below, version 5.2.0, and TIBCO Foresight Transaction Insight Healthcare Edition: versions 5.1.0 and below, version 5.2.0."
} }
] ]
}, },
"impact": { "impact": {
"cvss": { "cvss": {
"attackComplexity": "LOW", "attackComplexity": "LOW",
"attackVector": "NETWORK", "attackVector": "NETWORK",
"availabilityImpact": "LOW", "availabilityImpact": "LOW",
"baseScore": 7.6, "baseScore": 7.6,
"baseSeverity": "HIGH", "baseSeverity": "HIGH",
"confidentialityImpact": "HIGH", "confidentialityImpact": "HIGH",
"integrityImpact": "HIGH", "integrityImpact": "HIGH",
"privilegesRequired": "LOW", "privilegesRequired": "LOW",
"scope": "UNCHANGED", "scope": "UNCHANGED",
"userInteraction": "REQUIRED", "userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L",
"version": "3.0" "version": "3.0"
} }
}, },
"problemtype": { "problemtype": {
"problemtype_data": [ "problemtype_data": [
{ {
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "The impact of these vulnerabilities includes the theoretical possibility that an authenticated attacker could craft a SQL query that would allow the attacker to create records, and read, update or delete entries in a victims account." "value": "The impact of these vulnerabilities includes the theoretical possibility that an authenticated attacker could craft a SQL query that would allow the attacker to create records, and read, update or delete entries in a victim\u2019s account."
} }
] ]
} }
] ]
}, },
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "http://www.tibco.com/services/support/advisories", "name": "http://www.tibco.com/services/support/advisories",
"refsource": "CONFIRM", "refsource": "CONFIRM",
"url": "http://www.tibco.com/services/support/advisories" "url": "http://www.tibco.com/services/support/advisories"
} }
] ]
}, },
"solution": [ "solution": [
{ {
"lang": "eng", "lang": "eng",
"value": "TIBCO has released updated versions of the affected components which address these issues.\n\nTIBCO Foresight Archive and Retrieval System versions 5.1.0 and below update to version 5.1.1 or higher\nTIBCO Foresight Archive and Retrieval System version 5.2.0 update to version 5.2.1 or higher\nTIBCO Foresight Archive and Retrieval System Healthcare Edition versions 5.1.0 and below update to version 5.1.1 or higher\nTIBCO Foresight Archive and Retrieval System Healthcare Edition version 5.2.0 update to version 5.2.1 or higher\nTIBCO Foresight Operational Monitor versions 5.1.0 and below update to version 5.1.1 or higher\nTIBCO Foresight Operational Monitor version 5.2.0 update to version 5.2.1 or higher\nTIBCO Foresight Operational Monitor Healthcare Edition versions 5.1.0 and below update to version 5.1.1 or higher\nTIBCO Foresight Operational Monitor Healthcare Edition version 5.2.0 update to version 5.2.1 or higher\nTIBCO Foresight Transaction Insight versions 5.1.0 and below update to version 5.1.1 or higher\nTIBCO Foresight Transaction Insight version 5.2.0 update to version 5.2.1 or higher\nTIBCO Foresight Transaction Insight Healthcare Edition versions 5.1.0 and below update to version 5.1.1 or higher\nTIBCO Foresight Transaction Insight Healthcare Edition version 5.2.0 update to version 5.2.1 or higher" "value": "TIBCO has released updated versions of the affected components which address these issues.\n\nTIBCO Foresight Archive and Retrieval System versions 5.1.0 and below update to version 5.1.1 or higher\nTIBCO Foresight Archive and Retrieval System version 5.2.0 update to version 5.2.1 or higher\nTIBCO Foresight Archive and Retrieval System Healthcare Edition versions 5.1.0 and below update to version 5.1.1 or higher\nTIBCO Foresight Archive and Retrieval System Healthcare Edition version 5.2.0 update to version 5.2.1 or higher\nTIBCO Foresight Operational Monitor versions 5.1.0 and below update to version 5.1.1 or higher\nTIBCO Foresight Operational Monitor version 5.2.0 update to version 5.2.1 or higher\nTIBCO Foresight Operational Monitor Healthcare Edition versions 5.1.0 and below update to version 5.1.1 or higher\nTIBCO Foresight Operational Monitor Healthcare Edition version 5.2.0 update to version 5.2.1 or higher\nTIBCO Foresight Transaction Insight versions 5.1.0 and below update to version 5.1.1 or higher\nTIBCO Foresight Transaction Insight version 5.2.0 update to version 5.2.1 or higher\nTIBCO Foresight Transaction Insight Healthcare Edition versions 5.1.0 and below update to version 5.1.1 or higher\nTIBCO Foresight Transaction Insight Healthcare Edition version 5.2.0 update to version 5.2.1 or higher"
} }
], ],
"source": { "source": {
"discovery": "INTERNAL" "discovery": "INTERNAL"
} }
} }

8
2020/9xxx/CVE-2020-9484.json
View File

@ -154,13 +154,15 @@
"name": "[tomee-commits] 20201013 [jira] [Commented] (TOMEE-2909) Impact of security vulnerability(CVE-2020-9484) on TOMEE plus (7.0.7)", "name": "[tomee-commits] 20201013 [jira] [Commented] (TOMEE-2909) Impact of security vulnerability(CVE-2020-9484) on TOMEE plus (7.0.7)",
"url": "https://lists.apache.org/thread.html/rf59c72572b9fee674a5d5cc6afeca4ffc3918a02c354a81cc50b7119@%3Ccommits.tomee.apache.org%3E" "url": "https://lists.apache.org/thread.html/rf59c72572b9fee674a5d5cc6afeca4ffc3918a02c354a81cc50b7119@%3Ccommits.tomee.apache.org%3E"
}, },
{
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{ {
"refsource": "CONFIRM", "refsource": "CONFIRM",
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10332", "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10332",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10332" "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10332"
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
}, },

4
2020/9xxx/CVE-2020-9488.json
View File

@ -155,7 +155,9 @@
"url": "https://lists.apache.org/thread.html/r393943de452406f0f6f4b3def9f8d3c071f96323c1f6ed1a098f7fe4@%3Ctorque-dev.db.apache.org%3E" "url": "https://lists.apache.org/thread.html/r393943de452406f0f6f4b3def9f8d3c071f96323c1f6ed1a098f7fe4@%3Ctorque-dev.db.apache.org%3E"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
}, },

8
2020/9xxx/CVE-2020-9489.json
View File

@ -44,13 +44,15 @@
}, },
"references": { "references": {
"reference_data": [ "reference_data": [
{
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{ {
"refsource": "MISC", "refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r4d943777e36ca3aa6305a45da5acccc54ad894f2d5a07186cfa2442c%40%3Cdev.tika.apache.org%3E", "name": "https://lists.apache.org/thread.html/r4d943777e36ca3aa6305a45da5acccc54ad894f2d5a07186cfa2442c%40%3Cdev.tika.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r4d943777e36ca3aa6305a45da5acccc54ad894f2d5a07186cfa2442c%40%3Cdev.tika.apache.org%3E" "url": "https://lists.apache.org/thread.html/r4d943777e36ca3aa6305a45da5acccc54ad894f2d5a07186cfa2442c%40%3Cdev.tika.apache.org%3E"
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
}, },

14
2020/9xxx/CVE-2020-9490.json
View File

@ -69,11 +69,6 @@
"name": "[httpd-dev] 20200811 Re: Which version fixed the CVE-2020-9490, CVE-2020-11984 and CVE-2020-11993 vulnerabilities?", "name": "[httpd-dev] 20200811 Re: Which version fixed the CVE-2020-9490, CVE-2020-11984 and CVE-2020-11993 vulnerabilities?",
"url": "https://lists.apache.org/thread.html/r623de9b2b2433a87f3f3a15900419fc9c00c77b26936dfea4060f672@%3Cdev.httpd.apache.org%3E" "url": "https://lists.apache.org/thread.html/r623de9b2b2433a87f3f3a15900419fc9c00c77b26936dfea4060f672@%3Cdev.httpd.apache.org%3E"
}, },
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200814-0005/",
"url": "https://security.netapp.com/advisory/ntap-20200814-0005/"
},
{ {
"refsource": "UBUNTU", "refsource": "UBUNTU",
"name": "USN-4458-1", "name": "USN-4458-1",
@ -105,7 +100,14 @@
"url": "https://www.debian.org/security/2020/dsa-4757" "url": "https://www.debian.org/security/2020/dsa-4757"
}, },
{ {
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html" "url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200814-0005/",
"url": "https://security.netapp.com/advisory/ntap-20200814-0005/"
} }
] ]
}, },

8
2020/9xxx/CVE-2020-9546.json
View File

@ -117,13 +117,15 @@
"name": "[geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12", "name": "[geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12",
"url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E" "url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E"
}, },
{
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{ {
"refsource": "CONFIRM", "refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200904-0006/", "name": "https://security.netapp.com/advisory/ntap-20200904-0006/",
"url": "https://security.netapp.com/advisory/ntap-20200904-0006/" "url": "https://security.netapp.com/advisory/ntap-20200904-0006/"
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
} }

8
2020/9xxx/CVE-2020-9547.json
View File

@ -147,13 +147,15 @@
"name": "[geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12", "name": "[geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12",
"url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E" "url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E"
}, },
{
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{ {
"refsource": "CONFIRM", "refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200904-0006/", "name": "https://security.netapp.com/advisory/ntap-20200904-0006/",
"url": "https://security.netapp.com/advisory/ntap-20200904-0006/" "url": "https://security.netapp.com/advisory/ntap-20200904-0006/"
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
} }

8
2020/9xxx/CVE-2020-9548.json
View File

@ -112,13 +112,15 @@
"name": "[geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12", "name": "[geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12",
"url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E" "url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E"
}, },
{
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{ {
"refsource": "CONFIRM", "refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200904-0006/", "name": "https://security.netapp.com/advisory/ntap-20200904-0006/",
"url": "https://security.netapp.com/advisory/ntap-20200904-0006/" "url": "https://security.netapp.com/advisory/ntap-20200904-0006/"
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
} }
] ]
} }