admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-08 05:58:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #354 from CVEProject/master

Browse Source 
XFA Rebase
This commit is contained in:
Scott Moore 2020-10-30 09:49:26 -04:00 committed by GitHub
commit dc05f58ad0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
118 changed files with 2777 additions and 203 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2015/8xxx/CVE-2015-8606.json
View File

@ -76,6 +76,11 @@
"name": "20151213 SilverStripe CMS & Framework v3.2.0 - Cross-Site Scripting Vulnerability",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Dec/55"
},
{
"refsource": "MISC",
"name": "https://cybersecurityworks.com/zerodays/cve-2015-8606-silverstripe.html",
"url": "https://cybersecurityworks.com/zerodays/cve-2015-8606-silverstripe.html"
}
]
}

5
2015/8xxx/CVE-2015-8766.json
View File

@ -66,6 +66,11 @@
"name": "20151213 Symphony 2.6.3 \u00c3\u00a2\u00e2\u0082\u00ac\u00e2\u0080\u009c Multiple Persistent Cross-Site Scripting Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Dec/60"
},
{
"refsource": "MISC",
"name": "https://cybersecurityworks.com/zerodays/cve-2015-8766-getsymphoney.html",
"url": "https://cybersecurityworks.com/zerodays/cve-2015-8766-getsymphoney.html"
}
]
}

5
2015/9xxx/CVE-2015-9228.json
View File

@ -76,6 +76,11 @@
"refsource": "MISC",
"name": "https://wpvulndb.com/vulnerabilities/9758",
"url": "https://wpvulndb.com/vulnerabilities/9758"
},
{
"refsource": "MISC",
"name": "https://cybersecurityworks.com/zerodays/cve-2015-9228-crony.html",
"url": "https://cybersecurityworks.com/zerodays/cve-2015-9228-crony.html"
}
]
}

5
2015/9xxx/CVE-2015-9229.json
View File

@ -56,6 +56,11 @@
"name": "https://github.com/cybersecurityworks/Disclosed/issues/5",
"refsource": "MISC",
"url": "https://github.com/cybersecurityworks/Disclosed/issues/5"
},
{
"refsource": "MISC",
"name": "https://cybersecurityworks.com/zerodays/cve-2015-9229-nextgen-gallery.html",
"url": "https://cybersecurityworks.com/zerodays/cve-2015-9229-nextgen-gallery.html"
}
]
}

5
2015/9xxx/CVE-2015-9230.json
View File

@ -81,6 +81,11 @@
"name": "https://packetstormsecurity.com/files/135125/BulletProof-Security-.52.4-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "https://packetstormsecurity.com/files/135125/BulletProof-Security-.52.4-Cross-Site-Scripting.html"
},
{
"refsource": "MISC",
"name": "https://cybersecurityworks.com/zerodays/cve-2015-9230-bulletproof.html",
"url": "https://cybersecurityworks.com/zerodays/cve-2015-9230-bulletproof.html"
}
]
}

5
2015/9xxx/CVE-2015-9260.json
View File

@ -66,6 +66,11 @@
"name": "https://github.com/cybersecurityworks/Disclosed/issues/8",
"refsource": "MISC",
"url": "https://github.com/cybersecurityworks/Disclosed/issues/8"
},
{
"refsource": "MISC",
"name": "https://cybersecurityworks.com/zerodays/cve-2015-9260-bedita.html",
"url": "https://cybersecurityworks.com/zerodays/cve-2015-9260-bedita.html"
}
]
}

5
2015/9xxx/CVE-2015-9410.json
View File

@ -61,6 +61,11 @@
"url": "https://github.com/cybersecurityworks/Disclosed/issues/7",
"refsource": "MISC",
"name": "https://github.com/cybersecurityworks/Disclosed/issues/7"
},
{
"refsource": "MISC",
"name": "https://cybersecurityworks.com/zerodays/cve-2015-9410-blubrry.html",
"url": "https://cybersecurityworks.com/zerodays/cve-2015-9410-blubrry.html"
}
]
}

5
2015/9xxx/CVE-2015-9537.json
View File

@ -66,6 +66,11 @@
"url": "https://www.openwall.com/lists/oss-security/2015/10/27/4",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2015/10/27/4"
},
{
"refsource": "MISC",
"name": "https://cybersecurityworks.com/zerodays/cve-2015-9537-nextgen.html",
"url": "https://cybersecurityworks.com/zerodays/cve-2015-9537-nextgen.html"
}
]
}

5
2015/9xxx/CVE-2015-9538.json
View File

@ -81,6 +81,11 @@
"url": "https://www.openwall.com/lists/oss-security/2015/09/01/7",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2015/09/01/7"
},
{
"refsource": "MISC",
"name": "https://cybersecurityworks.com/zerodays/cve-2015-9538-nextgen.html",
"url": "https://cybersecurityworks.com/zerodays/cve-2015-9538-nextgen.html"
}
]
}

5
2015/9xxx/CVE-2015-9539.json
View File

@ -66,6 +66,11 @@
"url": "https://github.com/amansaini/fast-secure-contact-form",
"refsource": "MISC",
"name": "https://github.com/amansaini/fast-secure-contact-form"
},
{
"refsource": "MISC",
"name": "https://cybersecurityworks.com/zerodays/cve-2015-9539-fastsecure.html",
"url": "https://cybersecurityworks.com/zerodays/cve-2015-9539-fastsecure.html"
}
]
}

5
2015/9xxx/CVE-2015-9549.json
View File

@ -61,6 +61,11 @@
"url": "https://www.openwall.com/lists/oss-security/2015/12/19/2",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2015/12/19/2"
},
{
"refsource": "MISC",
"name": "https://cybersecurityworks.com/zerodays/cve-2015-9549-ocportal.html",
"url": "https://cybersecurityworks.com/zerodays/cve-2015-9549-ocportal.html"
}
]
}

5
2016/11xxx/CVE-2016-11014.json
View File

@ -71,6 +71,11 @@
"url": "https://khalil-shreateh.com/khalil.shtml/it-highlights/593-Netgear-1.0.0.24-Bypass---Improper-Session-Management--.html",
"refsource": "MISC",
"name": "https://khalil-shreateh.com/khalil.shtml/it-highlights/593-Netgear-1.0.0.24-Bypass---Improper-Session-Management--.html"
},
{
"refsource": "MISC",
"name": "https://cybersecurityworks.com/zerodays/cve-2016-11014-netgear.html",
"url": "https://cybersecurityworks.com/zerodays/cve-2016-11014-netgear.html"
}
]
}

5
2016/11xxx/CVE-2016-11015.json
View File

@ -71,6 +71,11 @@
"url": "https://pmcg2k15.wordpress.com/2016/01/11/fd-cross-site-request-forgery-in-netgear-router-jnr1010-version-1-0-0-24/",
"refsource": "MISC",
"name": "https://pmcg2k15.wordpress.com/2016/01/11/fd-cross-site-request-forgery-in-netgear-router-jnr1010-version-1-0-0-24/"
},
{
"refsource": "MISC",
"name": "https://cybersecurityworks.com/zerodays/cve-2016-11015-netgear.html",
"url": "https://cybersecurityworks.com/zerodays/cve-2016-11015-netgear.html"
}
]
}

5
2016/11xxx/CVE-2016-11016.json
View File

@ -76,6 +76,11 @@
"url": "https://khalil-shreateh.com/khalil.shtml/it-highlights/592-Netgear-1.0.0.24-Cross-Site-Request-Forgery--.html",
"refsource": "MISC",
"name": "https://khalil-shreateh.com/khalil.shtml/it-highlights/592-Netgear-1.0.0.24-Cross-Site-Request-Forgery--.html"
},
{
"refsource": "MISC",
"name": "https://cybersecurityworks.com/zerodays/cve-2016-11016-netgear.html",
"url": "https://cybersecurityworks.com/zerodays/cve-2016-11016-netgear.html"
}
]
}

5
2017/14xxx/CVE-2017-14245.json
View File

@ -71,6 +71,11 @@
"refsource": "GENTOO",
"name": "GLSA-202007-65",
"url": "https://security.gentoo.org/glsa/202007-65"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20201029 [SECURITY] [DLA 2418-1] libsndfile security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00030.html"
}
]
}

5
2017/14xxx/CVE-2017-14246.json
View File

@ -71,6 +71,11 @@
"refsource": "GENTOO",
"name": "GLSA-202007-65",
"url": "https://security.gentoo.org/glsa/202007-65"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20201029 [SECURITY] [DLA 2418-1] libsndfile security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00030.html"
}
]
}

5
2017/14xxx/CVE-2017-14530.json
View File

@ -61,6 +61,11 @@
"name": "https://github.com/cybersecurityworks/Disclosed/issues/9",
"refsource": "MISC",
"url": "https://github.com/cybersecurityworks/Disclosed/issues/9"
},
{
"refsource": "MISC",
"name": "https://cybersecurityworks.com/zerodays/cve-2017-14530-crony.html",
"url": "https://cybersecurityworks.com/zerodays/cve-2017-14530-crony.html"
}
]
}

5
2017/14xxx/CVE-2017-14634.json
View File

@ -71,6 +71,11 @@
"refsource": "UBUNTU",
"name": "USN-4013-1",
"url": "https://usn.ubuntu.com/4013-1/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20201029 [SECURITY] [DLA 2418-1] libsndfile security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00030.html"
}
]
}

5
2017/14xxx/CVE-2017-14651.json
View File

@ -61,6 +61,11 @@
"name": "https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2017-0265",
"refsource": "MISC",
"url": "https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2017-0265"
},
{
"refsource": "MISC",
"name": "https://cybersecurityworks.com/zerodays/cve-2017-14651-wso2.html",
"url": "https://cybersecurityworks.com/zerodays/cve-2017-14651-wso2.html"
}
]
}

5
2017/6xxx/CVE-2017-6892.json
View File

@ -76,6 +76,11 @@
"refsource": "UBUNTU",
"name": "USN-4013-1",
"url": "https://usn.ubuntu.com/4013-1/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20201029 [SECURITY] [DLA 2418-1] libsndfile security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00030.html"
}
]
}

5
2018/18xxx/CVE-2018-18809.json
View File

@ -227,6 +227,11 @@
"refsource": "MISC",
"name": "https://security.elarlang.eu/cve-2018-18809-path-traversal-in-tibco-jaspersoft.html",
"url": "https://security.elarlang.eu/cve-2018-18809-path-traversal-in-tibco-jaspersoft.html"
},
{
"refsource": "MISC",
"name": "https://cybersecurityworks.com/zerodays/cve-2018-18809-tibco.html",
"url": "https://cybersecurityworks.com/zerodays/cve-2018-18809-tibco.html"
}
]
},

5
2018/19xxx/CVE-2018-19661.json
View File

@ -66,6 +66,11 @@
"refsource": "UBUNTU",
"name": "USN-4013-1",
"url": "https://usn.ubuntu.com/4013-1/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20201029 [SECURITY] [DLA 2418-1] libsndfile security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00030.html"
}
]
}

5
2018/19xxx/CVE-2018-19662.json
View File

@ -66,6 +66,11 @@
"refsource": "UBUNTU",
"name": "USN-4013-1",
"url": "https://usn.ubuntu.com/4013-1/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20201029 [SECURITY] [DLA 2418-1] libsndfile security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00030.html"
}
]
}

5
2018/19xxx/CVE-2018-19758.json
View File

@ -66,6 +66,11 @@
"refsource": "UBUNTU",
"name": "USN-4013-1",
"url": "https://usn.ubuntu.com/4013-1/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20201029 [SECURITY] [DLA 2418-1] libsndfile security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00030.html"
}
]
}

5
2018/20xxx/CVE-2018-20432.json
View File

@ -61,6 +61,11 @@
"refsource": "MISC",
"name": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10109",
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10109"
},
{
"refsource": "MISC",
"name": "https://cybersecurityworks.com/zerodays/cve-2018-20432-dlink.html",
"url": "https://cybersecurityworks.com/zerodays/cve-2018-20432-dlink.html"
}
]
}

5
2018/5xxx/CVE-2018-5950.json
View File

@ -91,6 +91,11 @@
"name": "[debian-lts-announce] 20180209 [SECURITY] [DLA 1272-1] mailman security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00007.html"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/159761/Mailman-2.1.23-Cross-Site-Scripting.html",
"url": "http://packetstormsecurity.com/files/159761/Mailman-2.1.23-Cross-Site-Scripting.html"
}
]
}

5
2019/11xxx/CVE-2019-11057.json
View File

@ -61,6 +61,11 @@
"refsource": "MISC",
"name": "https://medium.com/@mohnishdhage/sql-injection-vtiger-crm-v7-1-0-cve-2019-11057-245f84fc5c2c",
"url": "https://medium.com/@mohnishdhage/sql-injection-vtiger-crm-v7-1-0-cve-2019-11057-245f84fc5c2c"
},
{
"refsource": "MISC",
"name": "https://cybersecurityworks.com/zerodays/cve-2019-11057-vtiger.html",
"url": "https://cybersecurityworks.com/zerodays/cve-2019-11057-vtiger.html"
}
]
}

5
2019/11xxx/CVE-2019-11556.json
View File

@ -66,6 +66,11 @@
"refsource": "CONFIRM",
"name": "https://pagure.io/pagure/c/31a0d2950ed409550074ca52ba492f9b87ec3318?branch=ab39e95ed4dc8367e5e146e6d9a9fa6925b75618",
"url": "https://pagure.io/pagure/c/31a0d2950ed409550074ca52ba492f9b87ec3318?branch=ab39e95ed4dc8367e5e146e6d9a9fa6925b75618"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1765",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00066.html"
}
]
}

5
2019/16xxx/CVE-2019-16728.json
View File

@ -56,6 +56,11 @@
"url": "https://research.securitum.com/dompurify-bypass-using-mxss/",
"refsource": "MISC",
"name": "https://research.securitum.com/dompurify-bypass-using-mxss/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20201029 [SECURITY] [DLA 2419-1] dompurify.js security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00029.html"
}
]
}

5
2019/19xxx/CVE-2019-19306.json
View File

@ -66,6 +66,11 @@
"url": "https://wordpress.org/plugins/zoho-crm-forms/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/zoho-crm-forms/#developers"
},
{
"refsource": "MISC",
"name": "https://cybersecurityworks.com/zerodays/cve-2019-19306-zoho.html",
"url": "https://cybersecurityworks.com/zerodays/cve-2019-19306-zoho.html"
}
]
}

5
2019/20xxx/CVE-2019-20363.json
View File

@ -61,6 +61,11 @@
"url": "https://github.com/igniterealtime/Openfire/pull/1561",
"refsource": "MISC",
"name": "https://github.com/igniterealtime/Openfire/pull/1561"
},
{
"refsource": "MISC",
"name": "https://cybersecurityworks.com/zerodays/cve-2019-20363-openfire.html",
"url": "https://cybersecurityworks.com/zerodays/cve-2019-20363-openfire.html"
}
]
}

5
2019/20xxx/CVE-2019-20364.json
View File

@ -61,6 +61,11 @@
"url": "https://github.com/igniterealtime/Openfire/pull/1561",
"refsource": "MISC",
"name": "https://github.com/igniterealtime/Openfire/pull/1561"
},
{
"refsource": "MISC",
"name": "https://cybersecurityworks.com/zerodays/cve-2019-20364-openfire.html",
"url": "https://cybersecurityworks.com/zerodays/cve-2019-20364-openfire.html"
}
]
}

5
2019/20xxx/CVE-2019-20365.json
View File

@ -61,6 +61,11 @@
"url": "https://github.com/igniterealtime/Openfire/pull/1561",
"refsource": "MISC",
"name": "https://github.com/igniterealtime/Openfire/pull/1561"
},
{
"refsource": "MISC",
"name": "https://cybersecurityworks.com/zerodays/cve-2019-20365-openfire.html",
"url": "https://cybersecurityworks.com/zerodays/cve-2019-20365-openfire.html"
}
]
}

5
2019/20xxx/CVE-2019-20366.json
View File

@ -61,6 +61,11 @@
"url": "https://github.com/igniterealtime/Openfire/pull/1561",
"refsource": "MISC",
"name": "https://github.com/igniterealtime/Openfire/pull/1561"
},
{
"refsource": "MISC",
"name": "https://cybersecurityworks.com/zerodays/cve-2019-20366-openfire.html",
"url": "https://cybersecurityworks.com/zerodays/cve-2019-20366-openfire.html"
}
]
}

5
2019/20xxx/CVE-2019-20434.json
View File

@ -61,6 +61,11 @@
"url": "https://github.com/cybersecurityworks/Disclosed/issues/17",
"refsource": "MISC",
"name": "https://github.com/cybersecurityworks/Disclosed/issues/17"
},
{
"refsource": "MISC",
"name": "https://cybersecurityworks.com/zerodays/cve-2019-20434-wso2.html",
"url": "https://cybersecurityworks.com/zerodays/cve-2019-20434-wso2.html"
}
]
},

5
2019/20xxx/CVE-2019-20435.json
View File

@ -61,6 +61,11 @@
"url": "https://github.com/cybersecurityworks/Disclosed/issues/18",
"refsource": "MISC",
"name": "https://github.com/cybersecurityworks/Disclosed/issues/18"
},
{
"refsource": "MISC",
"name": "https://cybersecurityworks.com/zerodays/cve-2019-20435-wso2.html",
"url": "https://cybersecurityworks.com/zerodays/cve-2019-20435-wso2.html"
}
]
},

5
2019/20xxx/CVE-2019-20436.json
View File

@ -61,6 +61,11 @@
"url": "https://github.com/cybersecurityworks/Disclosed/issues/19",
"refsource": "MISC",
"name": "https://github.com/cybersecurityworks/Disclosed/issues/19"
},
{
"refsource": "MISC",
"name": "https://cybersecurityworks.com/zerodays/cve-2019-20436-wso2.html",
"url": "https://cybersecurityworks.com/zerodays/cve-2019-20436-wso2.html"
}
]
},

5
2019/20xxx/CVE-2019-20437.json
View File

@ -61,6 +61,11 @@
"url": "https://github.com/cybersecurityworks/Disclosed/issues/20",
"refsource": "MISC",
"name": "https://github.com/cybersecurityworks/Disclosed/issues/20"
},
{
"refsource": "MISC",
"name": "https://cybersecurityworks.com/zerodays/cve-2019-20437-wso2.html",
"url": "https://cybersecurityworks.com/zerodays/cve-2019-20437-wso2.html"
}
]
},

5
2019/20xxx/CVE-2019-20438.json
View File

@ -61,6 +61,11 @@
"url": "https://github.com/cybersecurityworks/Disclosed/issues/22",
"refsource": "MISC",
"name": "https://github.com/cybersecurityworks/Disclosed/issues/22"
},
{
"refsource": "MISC",
"name": "https://cybersecurityworks.com/zerodays/cve-2019-20438-wso2.html",
"url": "https://cybersecurityworks.com/zerodays/cve-2019-20438-wso2.html"
}
]
},

5
2019/20xxx/CVE-2019-20439.json
View File

@ -61,6 +61,11 @@
"url": "https://github.com/cybersecurityworks/Disclosed/issues/21",
"refsource": "MISC",
"name": "https://github.com/cybersecurityworks/Disclosed/issues/21"
},
{
"refsource": "MISC",
"name": "https://cybersecurityworks.com/zerodays/cve-2019-20439-wso2.html",
"url": "https://cybersecurityworks.com/zerodays/cve-2019-20439-wso2.html"
}
]
},

5
2019/20xxx/CVE-2019-20440.json
View File

@ -61,6 +61,11 @@
"url": "https://github.com/cybersecurityworks/Disclosed/issues/24",
"refsource": "MISC",
"name": "https://github.com/cybersecurityworks/Disclosed/issues/24"
},
{
"refsource": "MISC",
"name": "https://cybersecurityworks.com/zerodays/cve-2019-20440-wso2.html",
"url": "https://cybersecurityworks.com/zerodays/cve-2019-20440-wso2.html"
}
]
},

5
2019/20xxx/CVE-2019-20441.json
View File

@ -61,6 +61,11 @@
"url": "https://github.com/cybersecurityworks/Disclosed/issues/23",
"refsource": "MISC",
"name": "https://github.com/cybersecurityworks/Disclosed/issues/23"
},
{
"refsource": "MISC",
"name": "https://cybersecurityworks.com/zerodays/cve-2019-20441-wso2.html",
"url": "https://cybersecurityworks.com/zerodays/cve-2019-20441-wso2.html"
}
]
},

5
2019/20xxx/CVE-2019-20442.json
View File

@ -61,6 +61,11 @@
"url": "https://github.com/cybersecurityworks/Disclosed/issues/25",
"refsource": "MISC",
"name": "https://github.com/cybersecurityworks/Disclosed/issues/25"
},
{
"refsource": "MISC",
"name": "https://cybersecurityworks.com/zerodays/cve-2019-20442-wso2.html",
"url": "https://cybersecurityworks.com/zerodays/cve-2019-20442-wso2.html"
}
]
},

5
2019/20xxx/CVE-2019-20443.json
View File

@ -61,6 +61,11 @@
"url": "https://github.com/cybersecurityworks/Disclosed/issues/26",
"refsource": "MISC",
"name": "https://github.com/cybersecurityworks/Disclosed/issues/26"
},
{
"refsource": "MISC",
"name": "https://cybersecurityworks.com/zerodays/cve-2019-20443-wso2.html",
"url": "https://cybersecurityworks.com/zerodays/cve-2019-20443-wso2.html"
}
]
},

5
2019/3xxx/CVE-2019-3832.json
View File

@ -68,6 +68,11 @@
"refsource": "GENTOO",
"name": "GLSA-202007-65",
"url": "https://security.gentoo.org/glsa/202007-65"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20201029 [SECURITY] [DLA 2418-1] libsndfile security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00030.html"
}
]
},

94
2019/4xxx/CVE-2019-4547.json
View File

@ -1,18 +1,90 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4547",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "IBM Security Directory Server 6.4.0 generates an error message that includes sensitive information about its environment, users, or associated data. IBM X-Force ID: 165949.",
"lang": "eng"
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.ibm.com/support/pages/node/6356607",
"name": "https://www.ibm.com/support/pages/node/6356607",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 6356607 (Security Directory Server)"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/165949",
"name": "ibm-sds-cve20194547-info-disc (165949)",
"refsource": "XF",
"title": "X-Force Vulnerability Report"
}
]
},
"data_version": "4.0",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "6.4.0"
}
]
},
"product_name": "Security Directory Server"
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"data_format": "MITRE",
"impact": {
"cvssv3": {
"BM": {
"PR": "N",
"SCORE": "5.300",
"AC": "L",
"A": "N",
"UI": "N",
"S": "U",
"I": "N",
"AV": "N",
"C": "L"
},
"TM": {
"RL": "O",
"E": "U",
"RC": "C"
}
}
},
"CVE_data_meta": {
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2020-10-28T00:00:00",
"ID": "CVE-2019-4547"
},
"data_type": "CVE"
}

86
2019/4xxx/CVE-2019-4563.json
View File

@ -1,17 +1,89 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4563",
"STATE": "RESERVED"
"references": {
"reference_data": [
{
"title": "IBM Security Bulletin 6356607 (Security Directory Server)",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/pages/node/6356607",
"name": "https://www.ibm.com/support/pages/node/6356607"
},
{
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"name": "ibm-sds-cve20194563-info-disc (166624)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/166624"
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "Security Directory Server",
"version": {
"version_data": [
{
"version_value": "6.4.0"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "IBM Security Directory Server 6.4.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 166624."
}
]
},
"impact": {
"cvssv3": {
"TM": {
"RC": "C",
"E": "U",
"RL": "O"
},
"BM": {
"I": "N",
"AV": "N",
"C": "L",
"A": "N",
"UI": "N",
"AC": "H",
"S": "U",
"PR": "N",
"SCORE": "3.700"
}
}
},
"data_format": "MITRE",
"CVE_data_meta": {
"DATE_PUBLIC": "2020-10-28T00:00:00",
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2019-4563"
},
"data_type": "CVE",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
}

5
2020/13xxx/CVE-2020-13957.json
View File

@ -63,6 +63,11 @@
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20201023-0002/",
"url": "https://security.netapp.com/advisory/ntap-20201023-0002/"
},
{
"refsource": "MLIST",
"name": "[lucene-issues] 20201029 [jira] [Commented] (SOLR-14925) CVE-2020-13957: The checks added to unauthenticated configset uploads can be circumvented",
"url": "https://lists.apache.org/thread.html/r8b1782d42d0a4ce573495d5d9345ad328d652c68c411ccdb245c57e3@%3Cissues.lucene.apache.org%3E"
}
]
},

55
2020/14xxx/CVE-2020-14323.json
View File

@ -4,14 +4,63 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-14323",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Samba",
"version": {
"version_data": [
{
"version_value": "All samba versions before 4.11.15, before 4.12.9 and before 4.13.1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-170"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1891685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891685"
},
{
"refsource": "MISC",
"name": "https://www.samba.org/samba/security/CVE-2020-14323.html",
"url": "https://www.samba.org/samba/security/CVE-2020-14323.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1. A local user could use this flaw to crash the winbind service causing denial of service."
}
]
}

5
2020/14xxx/CVE-2020-14723.json
View File

@ -68,6 +68,11 @@
"url": "https://www.oracle.com/security-alerts/cpujul2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"refsource": "MISC",
"name": "https://cybersecurityworks.com/zerodays/cve-2020-14723-oracle.html",
"url": "https://cybersecurityworks.com/zerodays/cve-2020-14723-oracle.html"
}
]
}

5
2020/14xxx/CVE-2020-14882.json
View File

@ -80,6 +80,11 @@
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/159769/Oracle-WebLogic-Server-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/159769/Oracle-WebLogic-Server-Remote-Code-Execution.html"
}
]
}

5
2020/15xxx/CVE-2020-15190.json
View File

@ -103,6 +103,11 @@
"name": "https://github.com/tensorflow/tensorflow/commit/da8558533d925694483d2c136a9220d6d49d843c",
"refsource": "MISC",
"url": "https://github.com/tensorflow/tensorflow/commit/da8558533d925694483d2c136a9220d6d49d843c"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1766",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html"
}
]
},

5
2020/15xxx/CVE-2020-15191.json
View File

@ -94,6 +94,11 @@
"name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-q8qj-fc9q-cphr",
"refsource": "CONFIRM",
"url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-q8qj-fc9q-cphr"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1766",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html"
}
]
},

5
2020/15xxx/CVE-2020-15192.json
View File

@ -86,6 +86,11 @@
"name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8fxw-76px-3rxv",
"refsource": "CONFIRM",
"url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8fxw-76px-3rxv"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1766",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html"
}
]
},

5
2020/15xxx/CVE-2020-15193.json
View File

@ -86,6 +86,11 @@
"name": "https://github.com/tensorflow/tensorflow/commit/22e07fb204386768e5bcbea563641ea11f96ceb8",
"refsource": "MISC",
"url": "https://github.com/tensorflow/tensorflow/commit/22e07fb204386768e5bcbea563641ea11f96ceb8"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1766",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html"
}
]
},

5
2020/15xxx/CVE-2020-15194.json
View File

@ -103,6 +103,11 @@
"name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9mqp-7v2h-2382",
"refsource": "CONFIRM",
"url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9mqp-7v2h-2382"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1766",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html"
}
]
},

5
2020/15xxx/CVE-2020-15195.json
View File

@ -103,6 +103,11 @@
"name": "https://github.com/tensorflow/tensorflow/commit/390611e0d45c5793c7066110af37c8514e6a6c54",
"refsource": "MISC",
"url": "https://github.com/tensorflow/tensorflow/commit/390611e0d45c5793c7066110af37c8514e6a6c54"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1766",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html"
}
]
},

5
2020/15xxx/CVE-2020-15202.json
View File

@ -108,6 +108,11 @@
"name": "https://github.com/tensorflow/tensorflow/commit/ca8c013b5e97b1373b3bb1c97ea655e69f31a575",
"refsource": "MISC",
"url": "https://github.com/tensorflow/tensorflow/commit/ca8c013b5e97b1373b3bb1c97ea655e69f31a575"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1766",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html"
}
]
},

5
2020/15xxx/CVE-2020-15203.json
View File

@ -95,6 +95,11 @@
"name": "https://github.com/tensorflow/tensorflow/commit/33be22c65d86256e6826666662e40dbdfe70ee83",
"refsource": "MISC",
"url": "https://github.com/tensorflow/tensorflow/commit/33be22c65d86256e6826666662e40dbdfe70ee83"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1766",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html"
}
]
},

5
2020/15xxx/CVE-2020-15204.json
View File

@ -95,6 +95,11 @@
"name": "https://github.com/tensorflow/tensorflow/commit/9a133d73ae4b4664d22bd1aa6d654fec13c52ee1",
"refsource": "MISC",
"url": "https://github.com/tensorflow/tensorflow/commit/9a133d73ae4b4664d22bd1aa6d654fec13c52ee1"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1766",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html"
}
]
},

5
2020/15xxx/CVE-2020-15205.json
View File

@ -103,6 +103,11 @@
"name": "https://github.com/tensorflow/tensorflow/commit/0462de5b544ed4731aa2fb23946ac22c01856b80",
"refsource": "MISC",
"url": "https://github.com/tensorflow/tensorflow/commit/0462de5b544ed4731aa2fb23946ac22c01856b80"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1766",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html"
}
]
},

5
2020/15xxx/CVE-2020-15206.json
View File

@ -95,6 +95,11 @@
"name": "https://github.com/tensorflow/tensorflow/commit/adf095206f25471e864a8e63a0f1caef53a0e3a6",
"refsource": "MISC",
"url": "https://github.com/tensorflow/tensorflow/commit/adf095206f25471e864a8e63a0f1caef53a0e3a6"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1766",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html"
}
]
},

5
2020/15xxx/CVE-2020-15207.json
View File

@ -95,6 +95,11 @@
"name": "https://github.com/tensorflow/tensorflow/commit/2d88f470dea2671b430884260f3626b1fe99830a",
"refsource": "MISC",
"url": "https://github.com/tensorflow/tensorflow/commit/2d88f470dea2671b430884260f3626b1fe99830a"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1766",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html"
}
]
},

5
2020/15xxx/CVE-2020-15208.json
View File

@ -103,6 +103,11 @@
"name": "https://github.com/tensorflow/tensorflow/commit/8ee24e7949a203d234489f9da2c5bf45a7d5157d",
"refsource": "MISC",
"url": "https://github.com/tensorflow/tensorflow/commit/8ee24e7949a203d234489f9da2c5bf45a7d5157d"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1766",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html"
}
]
},

5
2020/15xxx/CVE-2020-15209.json
View File

@ -95,6 +95,11 @@
"name": "https://github.com/tensorflow/tensorflow/commit/0b5662bc2be13a8c8f044d925d87fb6e56247cd8",
"refsource": "MISC",
"url": "https://github.com/tensorflow/tensorflow/commit/0b5662bc2be13a8c8f044d925d87fb6e56247cd8"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1766",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html"
}
]
},

5
2020/15xxx/CVE-2020-15210.json
View File

@ -95,6 +95,11 @@
"name": "https://github.com/tensorflow/tensorflow/commit/d58c96946b2880991d63d1dacacb32f0a4dfa453",
"refsource": "MISC",
"url": "https://github.com/tensorflow/tensorflow/commit/d58c96946b2880991d63d1dacacb32f0a4dfa453"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1766",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html"
}
]
},

5
2020/15xxx/CVE-2020-15211.json
View File

@ -128,6 +128,11 @@
"name": "https://github.com/tensorflow/tensorflow/commit/fff2c8326280c07733828f990548979bdc893859",
"refsource": "MISC",
"url": "https://github.com/tensorflow/tensorflow/commit/fff2c8326280c07733828f990548979bdc893859"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1766",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html"
}
]
},

2
2020/24xxx/CVE-2020-24408.json
View File

@ -49,7 +49,7 @@
"description_data": [
{
"lang": "eng",
"value": "Magento versions 2.4.0 and 2.3.5p1 (and earlier) are affected by a persistent XSS vulnerability that allows users to upload malicious JavaScript via the file upload component. This vulnerability could be abused by an unauthenticated attacker to execute XSS attacks against other Magento users. This vulnerability requires a victim to browse to the uploaded file."
"value": "New description: Magento versions 2.4.0 and 2.3.5p2 (and earlier) are affected by a persistent XSS vulnerability that allows users to upload malicious JavaScript via the file upload component. This vulnerability could be abused by an unauthenticated attacker to execute XSS attacks against other Magento users. This vulnerability requires a victim to browse to the uploaded file."
}
]
},

5
2020/24xxx/CVE-2020-24601.json
View File

@ -56,6 +56,11 @@
"url": "https://issues.igniterealtime.org/browse/OF-1963",
"refsource": "MISC",
"name": "https://issues.igniterealtime.org/browse/OF-1963"
},
{
"refsource": "MISC",
"name": "https://cybersecurityworks.com/zerodays/cve-2020-24601-ignite-realtime-openfire.html",
"url": "https://cybersecurityworks.com/zerodays/cve-2020-24601-ignite-realtime-openfire.html"
}
]
}

5
2020/25xxx/CVE-2020-25516.json
View File

@ -56,6 +56,11 @@
"url": "https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2020-0781",
"refsource": "MISC",
"name": "https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2020-0781"
},
{
"refsource": "MISC",
"name": "https://github.com/piuppi/Proof-of-Concepts/blob/main/WSO2/CVE-2020-25516.md",
"url": "https://github.com/piuppi/Proof-of-Concepts/blob/main/WSO2/CVE-2020-25516.md"
}
]
}

60
2020/25xxx/CVE-2020-25646.json
View File

@ -4,15 +4,69 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-25646",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Ansible Community",
"product": {
"product_data": [
{
"product_name": "Community Collections",
"version": {
"version_data": [
{
"version_value": "from 1.0.0 to 1.2.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-117"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/ansible-collections/community.crypto/commit/233d1afc296f6770e905a1785ee2f35af7605e43",
"refsource": "MISC",
"name": "https://github.com/ansible-collections/community.crypto/commit/233d1afc296f6770e905a1785ee2f35af7605e43"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A flaw was found in Ansible Collection community.crypto. openssl_privatekey_info exposes private key in logs. This directly impacts confidentiality"
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "7.5/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
]
]
}
}

56
2020/25xxx/CVE-2020-25780.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-25780",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-25780",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In CommCell in Commvault before 14.68, 15.x before 15.58, 16.x before 16.44, 17.x before 17.29, and 18.x before 18.13, Directory Traversal can occur such that an attempt to view a log file can instead view a file outside of the log-files folder."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://kb.commvault.com/article/63264",
"refsource": "MISC",
"name": "http://kb.commvault.com/article/63264"
}
]
}

85
2020/26xxx/CVE-2020-26205.json
View File

@ -1,18 +1,91 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2020-26205",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "XSS in Sal"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sal",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_value": "4.1.6"
}
]
}
}
]
},
"vendor_name": "salopensource"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Sal is a multi-tenanted reporting dashboard for Munki with the ability to display information from Facter. In Sal through version 4.1.6 there is an XSS vulnerability on the machine_list view."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/salopensource/sal/pull/405",
"refsource": "CONFIRM",
"url": "https://github.com/salopensource/sal/pull/405"
},
{
"name": "https://github.com/salopensource/sal/commit/145bb72daf8460bdedbbc9fb708d346283e7a568",
"refsource": "MISC",
"url": "https://github.com/salopensource/sal/commit/145bb72daf8460bdedbbc9fb708d346283e7a568"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}

5
2020/26xxx/CVE-2020-26870.json
View File

@ -66,6 +66,11 @@
"url": "https://github.com/cure53/DOMPurify/compare/2.0.16...2.0.17",
"refsource": "MISC",
"name": "https://github.com/cure53/DOMPurify/compare/2.0.16...2.0.17"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20201029 [SECURITY] [DLA 2419-1] dompurify.js security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00029.html"
}
]
}

79
2020/27xxx/CVE-2020-27014.json
View File

@ -1,18 +1,63 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-27014",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta" : {
"ASSIGNER" : "security@trendmicro.com",
"ID" : "CVE-2020-27014",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Trend Micro Antivirus for Mac (Consumer)",
"version" : {
"version_data" : [
{
"version_value" : "2020 (v10.x) and below"
}
]
}
}
]
},
"vendor_name" : "Trend Micro"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Trend Micro Antivirus for Mac 2020 (Consumer) contains a race condition vulnerability in the Web Threat Protection Blocklist component, that if exploited, could allow an attacker to case a kernel panic or crash.\n\n\r\nAn attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Race Condition"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://helpcenter.trendmicro.com/en-us/article/TMKA-09974"
},
{
"url" : "https://www.zerodayinitiative.com/advisories/ZDI-20-1285/"
}
]
}
}

79
2020/27xxx/CVE-2020-27015.json
View File

@ -1,18 +1,63 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-27015",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta" : {
"ASSIGNER" : "security@trendmicro.com",
"ID" : "CVE-2020-27015",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Trend Micro Antivirus for Mac (Consumer)",
"version" : {
"version_data" : [
{
"version_value" : "2020 (v10.x) and below"
}
]
}
}
]
},
"vendor_name" : "Trend Micro"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Trend Micro Antivirus for Mac 2020 (Consumer) contains an Error Message Information Disclosure vulnerability that if exploited, could allow kernel pointers and debug messages to leak to userland.\r\n\r\n\n\nAn attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information Disclosure"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://helpcenter.trendmicro.com/en-us/article/TMKA-09975"
},
{
"url" : "https://www.zerodayinitiative.com/advisories/ZDI-20-1286/"
}
]
}
}

7
2020/27xxx/CVE-2020-27648.json
View File

@ -65,7 +65,12 @@
"name": "https://www.synology.com/security/advisory/Synology_SA_20_18",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_20_18"
},
{
"refsource": "MISC",
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1058",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1058"
}
]
}
}
}

7
2020/27xxx/CVE-2020-27649.json
View File

@ -65,7 +65,12 @@
"name": "https://www.synology.com/security/advisory/Synology_SA_20_14",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_20_14"
},
{
"refsource": "MISC",
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1058",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1058"
}
]
}
}
}

7
2020/27xxx/CVE-2020-27651.json
View File

@ -65,7 +65,12 @@
"name": "https://www.synology.com/security/advisory/Synology_SA_20_14",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_20_14"
},
{
"refsource": "MISC",
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1059",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1059"
}
]
}
}
}

7
2020/27xxx/CVE-2020-27652.json
View File

@ -65,7 +65,12 @@
"name": "https://www.synology.com/security/advisory/Synology_SA_20_18",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_20_18"
},
{
"refsource": "MISC",
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1061",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1061"
}
]
}
}
}

7
2020/27xxx/CVE-2020-27653.json
View File

@ -65,7 +65,12 @@
"name": "https://www.synology.com/security/advisory/Synology_SA_20_14",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_20_14"
},
{
"refsource": "MISC",
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1061",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1061"
}
]
}
}
}

12
2020/27xxx/CVE-2020-27654.json
View File

@ -65,7 +65,17 @@
"name": "https://www.synology.com/security/advisory/Synology_SA_20_14",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_20_14"
},
{
"refsource": "MISC",
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1065",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1065"
},
{
"refsource": "MISC",
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1064",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1064"
}
]
}
}
}

7
2020/27xxx/CVE-2020-27658.json
View File

@ -65,7 +65,12 @@
"name": "https://www.synology.com/security/advisory/Synology_SA_20_14",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_20_14"
},
{
"refsource": "MISC",
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1086",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1086"
}
]
}
}
}

56
2020/27xxx/CVE-2020-27744.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-27744",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-27744",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered on Western Digital My Cloud NAS devices before 5.04.114. They allow remote code execution with resultant escalation of privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114",
"refsource": "MISC",
"name": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114"
}
]
}

61
2020/27xxx/CVE-2020-27747.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-27747",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-27747",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in Click Studios Passwordstate 8.9 (Build 8973).If the user of the system has assigned himself a PIN code for entering from a mobile device using the built-in generator (4 digits), a remote attacker has the opportunity to conduct a brute force attack on this PIN code. As result, remote attacker retrieves all passwords from another systems, available for affected account."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.clickstudios.com.au/",
"refsource": "MISC",
"name": "https://www.clickstudios.com.au/"
},
{
"refsource": "MISC",
"name": "https://github.com/jet-pentest/CVE-2020-27747",
"url": "https://github.com/jet-pentest/CVE-2020-27747"
}
]
}

61
2020/27xxx/CVE-2020-27885.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-27885",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-27885",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-Site Scripting (XSS) vulnerability on WSO2 API Manager 3.1.0. By exploiting a Cross-site scripting vulnerability the attacker can hijack a logged-in user\u2019s session by stealing cookies which means that a malicious hacker can change the logged-in user\u2019s password and invalidate the session of the victim while the hacker maintains access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://docs.wso2.com/display/Security/2020+Advisories",
"url": "https://docs.wso2.com/display/Security/2020+Advisories"
},
{
"refsource": "MISC",
"name": "https://www.rodrigofavarini.com.br/cybersecurity/multiple-xss-on-api-manager-3-1-0/",
"url": "https://www.rodrigofavarini.com.br/cybersecurity/multiple-xss-on-api-manager-3-1-0/"
}
]
}

66
2020/27xxx/CVE-2020-27886.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-27886",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-27886",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in EyesOfNetwork eonweb 5.3-7 through 5.3-8. The eonweb web interface is prone to a SQL injection, allowing an unauthenticated attacker to exploit the username_available function of the includes/functions.php file (which is called by login.php)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.eyesofnetwork.com/en",
"refsource": "MISC",
"name": "https://www.eyesofnetwork.com/en"
},
{
"url": "http://download.eyesofnetwork.com/EyesOfNetwork-5.3-x86_64-bin.iso",
"refsource": "MISC",
"name": "http://download.eyesofnetwork.com/EyesOfNetwork-5.3-x86_64-bin.iso"
},
{
"url": "https://github.com/EyesOfNetworkCommunity/eonweb/issues/76",
"refsource": "MISC",
"name": "https://github.com/EyesOfNetworkCommunity/eonweb/issues/76"
}
]
}

66
2020/27xxx/CVE-2020-27887.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-27887",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-27887",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in EyesOfNetwork 5.3 through 5.3-8. An authenticated web user with sufficient privileges could abuse the AutoDiscovery module to run arbitrary OS commands via the nmap_binary parameter to lilac/autodiscovery.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.eyesofnetwork.com/en",
"refsource": "MISC",
"name": "https://www.eyesofnetwork.com/en"
},
{
"url": "http://download.eyesofnetwork.com/EyesOfNetwork-5.3-x86_64-bin.iso",
"refsource": "MISC",
"name": "http://download.eyesofnetwork.com/EyesOfNetwork-5.3-x86_64-bin.iso"
},
{
"url": "https://github.com/EyesOfNetworkCommunity/eonweb/issues/76",
"refsource": "MISC",
"name": "https://github.com/EyesOfNetworkCommunity/eonweb/issues/76"
}
]
}

2
2020/27xxx/CVE-2020-27986.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** SonarQube 8.4.2.36762 allows remote attackers to discover cleartext SMTP, SVN, and GitLab credentials via the api/settings/values URI. NOTE: reportedly, the vendor's position is \"it is the administrator's responsibility to configure it.\""
"value": "** DISPUTED ** SonarQube 8.4.2.36762 allows remote attackers to discover cleartext SMTP, SVN, and GitLab credentials via the api/settings/values URI. NOTE: reportedly, the vendor's position for SMTP and SVN is \"it is the administrator's responsibility to configure it.\""
}
]
},

62
2020/27xxx/CVE-2020-27993.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-27993",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Hrsale 2.0.0 allows download?type=files&filename=../ directory traversal to read arbitrary files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.exploit-db.com/exploits/48920",
"refsource": "MISC",
"name": "https://www.exploit-db.com/exploits/48920"
}
]
}
}

18
2020/27xxx/CVE-2020-27994.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-27994",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

62
2020/27xxx/CVE-2020-27995.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-27995",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL Injection in Zoho ManageEngine Applications Manager 14 before 14560 allows an attacker to execute commands on the server via the MyPage.do template_resid parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.manageengine.com/products/applications_manager/issues.html#v14560",
"refsource": "MISC",
"name": "https://www.manageengine.com/products/applications_manager/issues.html#v14560"
}
]
}
}

67
2020/27xxx/CVE-2020-27996.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-27996",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in SmartStoreNET before 4.0.1. It does not properly consider the need for a CustomModelPartAttribute decoration in certain ModelBase.CustomProperties situations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/smartstore/SmartStoreNET/commit/8702c6140f4fc91956ef35dba12d24492fb3f768",
"refsource": "MISC",
"name": "https://github.com/smartstore/SmartStoreNET/commit/8702c6140f4fc91956ef35dba12d24492fb3f768"
},
{
"url": "https://github.com/smartstore/SmartStoreNET/compare/4.0.0...4.0.1",
"refsource": "MISC",
"name": "https://github.com/smartstore/SmartStoreNET/compare/4.0.0...4.0.1"
}
]
}
}

18
2020/27xxx/CVE-2020-27997.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-27997",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

72
2020/27xxx/CVE-2020-27998.json Normal file
View File

@ -0,0 +1,72 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-27998",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in FastReport before 2020.4.0. It lacks a ScriptSecurity feature and therefore may mishandle (for example) GetType, typeof, TypeOf, DllImport, LoadLibrary, and GetProcAddress."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/FastReports/FastReport/pull/206",
"refsource": "MISC",
"name": "https://github.com/FastReports/FastReport/pull/206"
},
{
"url": "https://opensource.fast-report.com/2020/09/report-script-security.html",
"refsource": "MISC",
"name": "https://opensource.fast-report.com/2020/09/report-script-security.html"
},
{
"url": "https://github.com/FastReports/FastReport/compare/v2020.3.0...v2020.4.0",
"refsource": "MISC",
"name": "https://github.com/FastReports/FastReport/compare/v2020.3.0...v2020.4.0"
}
]
}
}

18
2020/27xxx/CVE-2020-27999.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-27999",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/28xxx/CVE-2020-28000.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-28000",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

91
2020/4xxx/CVE-2020-4721.json
View File

@ -1,17 +1,92 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-4721",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Privileges"
}
]
}
]
},
"CVE_data_meta": {
"DATE_PUBLIC": "2020-10-28T00:00:00",
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2020-4721"
},
"data_type": "CVE",
"impact": {
"cvssv3": {
"BM": {
"A": "H",
"AC": "L",
"UI": "R",
"S": "U",
"PR": "N",
"SCORE": "7.800",
"I": "H",
"AV": "L",
"C": "H"
},
"TM": {
"RC": "C",
"E": "U",
"RL": "O"
}
}
},
"data_format": "MITRE",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 187868."
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "i2 Analyst Notebook",
"version": {
"version_data": [
{
"version_value": "9.2.1"
},
{
"version_value": "9.2.0"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://www.ibm.com/support/pages/node/6356497",
"name": "https://www.ibm.com/support/pages/node/6356497",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 6356497 (i2 Analyst Notebook)"
},
{
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"name": "ibm-i2-cve20204721-bo (187868)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/187868"
}
]
}

87
2020/4xxx/CVE-2020-4722.json
View File

@ -1,17 +1,92 @@
{
"data_type": "CVE",
"impact": {
"cvssv3": {
"TM": {
"E": "U",
"RL": "O",
"RC": "C"
},
"BM": {
"C": "H",
"AV": "L",
"I": "H",
"SCORE": "7.800",
"PR": "N",
"S": "U",
"UI": "R",
"A": "H",
"AC": "L"
}
}
},
"data_format": "MITRE",
"data_version": "4.0",
"data_type": "CVE",
"CVE_data_meta": {
"ID": "CVE-2020-4722",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"DATE_PUBLIC": "2020-10-28T00:00:00",
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.ibm.com/support/pages/node/6356497",
"name": "https://www.ibm.com/support/pages/node/6356497",
"title": "IBM Security Bulletin 6356497 (i2 Analyst Notebook)",
"refsource": "CONFIRM"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/187870",
"name": "ibm-i2-cve20204722-bo (187870)",
"title": "X-Force Vulnerability Report",
"refsource": "XF"
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "i2 Analyst Notebook",
"version": {
"version_data": [
{
"version_value": "9.2.1"
},
{
"version_value": "9.2.0"
}
]
}
}
]
}
}
]
}
},
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 187870.",
"lang": "eng"
}
]
}

97
2020/4xxx/CVE-2020-4723.json
View File

@ -1,18 +1,93 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-4723",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 187873.",
"lang": "eng"
}
]
}
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "9.2.1"
},
{
"version_value": "9.2.0"
}
]
},
"product_name": "i2 Analyst Notebook"
}
]
}
}
]
}
},
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://www.ibm.com/support/pages/node/6356497",
"name": "https://www.ibm.com/support/pages/node/6356497",
"title": "IBM Security Bulletin 6356497 (i2 Analyst Notebook)",
"refsource": "CONFIRM"
},
{
"title": "X-Force Vulnerability Report",
"refsource": "XF",
"name": "ibm-i2-cve20204723-bo (187873)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/187873"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Gain Privileges",
"lang": "eng"
}
]
}
]
},
"CVE_data_meta": {
"ID": "CVE-2020-4723",
"DATE_PUBLIC": "2020-10-28T00:00:00",
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC"
},
"data_type": "CVE",
"impact": {
"cvssv3": {
"TM": {
"RC": "C",
"E": "U",
"RL": "O"
},
"BM": {
"PR": "N",
"SCORE": "7.800",
"AC": "L",
"A": "H",
"UI": "R",
"S": "U",
"I": "H",
"C": "H",
"AV": "L"
}
}
},
"data_format": "MITRE"
}

Some files were not shown because too many files have changed in this diff Show More