admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 03:02:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-03-20 15:01:24 +00:00
parent c00b0c1532
commit d9955d72ca
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
15 changed files with 414 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2019/10xxx/CVE-2019-10179.json
View File

@ -4,7 +4,8 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-10179",
"ASSIGNER": "darunesh@redhat.com"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
@ -68,4 +69,4 @@
]
]
}
}
}

5
2019/10xxx/CVE-2019-10221.json
View File

@ -4,7 +4,8 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-10221",
"ASSIGNER": "darunesh@redhat.com"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
@ -68,4 +69,4 @@
]
]
}
}
}

5
2019/17xxx/CVE-2019-17359.json
View File

@ -86,6 +86,11 @@
"refsource": "MLIST",
"name": "[tomee-commits] 20200320 [jira] [Commented] (TOMEE-2788) TomEE plus is affected by CVE-2019-17359 (BDSA-2019-3168) vulnerability",
"url": "https://lists.apache.org/thread.html/r16c3a90cb35ae8a9c74fd5c813c16d6ac255709c9f9d71cd409e007d@%3Ccommits.tomee.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[tomee-commits] 20200320 [jira] [Assigned] (TOMEE-2788) TomEE plus is affected by CVE-2019-17359 (BDSA-2019-3168) vulnerability",
"url": "https://lists.apache.org/thread.html/r02f887807a49cfd1f1ad53f7a61f3f8e12f60ba2c930bec163031209@%3Ccommits.tomee.apache.org%3E"
}
]
}

5
2019/19xxx/CVE-2019-19345.json
View File

@ -4,7 +4,8 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-19345",
"ASSIGNER": "darunesh@redhat.com"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
@ -68,4 +69,4 @@
]
]
}
}
}

50
2020/10xxx/CVE-2020-10597.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-10597",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Insulet Omnipod Insulin Management System",
"version": {
"version_data": [
{
"version_value": "The following versions of the Omnipod Insulin Management System are affected Product ID/Reorder number: 19191 and 40160, UDI/Model/NDC number: ZXP425 (10-Pack) and ZXR425 (10-Pack Canada)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "IMPROPER ACCESS CONTROL CWE-284"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.us-cert.gov/ics/advisories/icsma-20-079-01",
"url": "https://www.us-cert.gov/ics/advisories/icsma-20-079-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The affected insulin pump is designed to communicate using a wireless RF with an Insulet manufactured Personal Diabetes Manager device. This wireless RF communication protocol does not properly implement authentication or authorization. An attacker with access to one of the affected insulin pump models may be able to modify and/or intercept data. This vulnerability could also allow attackers to change pump settings and control insulin delivery."
}
]
}

6
2020/1xxx/CVE-2020-1696.json
View File

@ -4,7 +4,8 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-1696",
"ASSIGNER": "darunesh@redhat.com"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
@ -19,7 +20,6 @@
"version_data": [
{
"version_value": "all pki-core 10.x.x versions"
}
]
}
@ -69,4 +69,4 @@
]
]
}
}
}

5
2020/1xxx/CVE-2020-1707.json
View File

@ -4,7 +4,8 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-1707",
"ASSIGNER": "darunesh@redhat.com"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
@ -68,4 +69,4 @@
]
]
}
}
}

5
2020/1xxx/CVE-2020-1709.json
View File

@ -4,7 +4,8 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-1709",
"ASSIGNER": "darunesh@redhat.com"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
@ -68,4 +69,4 @@
]
]
}
}
}

53
2020/1xxx/CVE-2020-1793.json
View File

@ -4,14 +4,61 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-1793",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "HUAWEI Mate 20;HUAWEI Mate 30 Pro",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.0.0.188(C00E74R3P8)"
},
{
"version_value": "Versions earlier than 10.0.0.203(C00E202R7P2)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-02-smartphone-en",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-02-smartphone-en"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is an improper authentication vulnerability in several smartphones. The applock does not perform a sufficient authentication in certain scenarios, successful exploit could allow the attacker to gain certain data of the application which is locked. Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2)."
}
]
}

53
2020/1xxx/CVE-2020-1794.json
View File

@ -4,14 +4,61 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-1794",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "HUAWEI Mate 20;HUAWEI Mate 30 Pro",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.0.0.188(C00E74R3P8)"
},
{
"version_value": "Versions earlier than 10.0.0.203(C00E202R7P2)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-02-smartphone-en",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-02-smartphone-en"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is an improper authentication vulnerability in several smartphones. The applock does not perform a sufficient authentication in certain scenarios, successful exploit could allow the attacker to gain certain data of the application which is locked. Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2)."
}
]
}

53
2020/1xxx/CVE-2020-1795.json
View File

@ -4,14 +4,61 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-1795",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "HUAWEI Mate 20;HUAWEI Mate 30 Pro",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.0.0.188(C00E74R3P8)"
},
{
"version_value": "Versions earlier than 10.0.0.203(C00E202R7P2)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Logic Error"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-04-smartphone-en",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-04-smartphone-en"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is a logic error vulnerability in several smartphones. The software does not properly restrict certain operation when the Digital Balance function is on. Successful exploit could allow the attacker to bypass the Digital Balance limit after a series of operations.Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2)."
}
]
}

53
2020/1xxx/CVE-2020-1796.json
View File

@ -4,14 +4,61 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-1796",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "HUAWEI Mate 20;HUAWEI Mate 30 Pro",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.0.0.188(C00E74R3P8)"
},
{
"version_value": "Versions earlier than 10.0.0.203(C00E202R7P2)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Authorization"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-05-smartphone-en",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-05-smartphone-en"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is an improper authorization vulnerability in several smartphones. The software incorrectly performs an authorization to certain user, successful exploit could allow a low privilege user to do certain operation which the user are supposed not to do.Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2)."
}
]
}

53
2020/1xxx/CVE-2020-1862.json
View File

@ -4,14 +4,61 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-1862",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "CampusInsight;ManageOne",
"version": {
"version_data": [
{
"version_value": "V100R019C00"
},
{
"version_value": "6.5.RC2.B050"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Double Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-01-free-en",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-01-free-en"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is a double free vulnerability in some Huawei products. A local attacker with low privilege may perform some operations to exploit the vulnerability. Due to doubly freeing memory, successful exploit may cause some service abnormal. Affected product versions include:CampusInsight versions V100R019C00;ManageOne versions 6.5.RC2.B050."
}
]
}

50
2020/1xxx/CVE-2020-1864.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-1864",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Secospace AntiDDoS8000",
"version": {
"version_data": [
{
"version_value": "V500R001C00,V500R001C20,V500R001C60,V500R005C00"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-01-authentication-en",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-01-authentication-en"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Some Huawei products have a security vulnerability due to improper authentication. A remote attacker needs to obtain some information and forge the peer device to send specific packets to the affected device. Due to the improper implementation of the authentication function, attackers can exploit the vulnerability to connect to affected devices and execute a series of commands.Affected product versions include:Secospace AntiDDoS8000 versions V500R001C00,V500R001C20,V500R001C60,V500R005C00."
}
]
}

50
2020/1xxx/CVE-2020-1878.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-1878",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "OxfordS-AN00A",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.0.1.152D(C735E152R3P3),Versions earlier than 10.0.1.160(C00E160R4P1)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200311-01-informationleak-en",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200311-01-informationleak-en"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Huawei smartphone OxfordS-AN00A with versions earlier than 10.0.1.152D(C735E152R3P3),versions earlier than 10.0.1.160(C00E160R4P1) have an improper authentication vulnerability. Authentication to target component is improper when device performs an operation. Attackers exploit this vulnerability to obtain some information by loading malicious application, leading to information leak."
}
]
}