admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-12 02:05:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' into ubuntu-20201110-1

Browse Source
This commit is contained in:
Seth Arnold 2020-11-17 01:48:06 +00:00 committed by GitHub
commit df506c7f53
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1841 changed files with 62811 additions and 2091 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
2008/5xxx/CVE-2008-5110.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "syslog-ng does not call chdir when it calls chroot, which might allow attackers to escape the intended jail. NOTE: this is only a vulnerability when a separate vulnerability is present."
"value": "syslog-ng does not call chdir when it calls chroot, which might allow attackers to escape the intended jail. NOTE: this is only a vulnerability when a separate vulnerability is present. This flaw affects syslog-ng versions prior to and including 2.0.9."
}
]
},

5
2010/2xxx/CVE-2010-2076.json
View File

@ -116,6 +116,11 @@
"refsource": "MLIST",
"name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
}
]
}

5
2011/1xxx/CVE-2011-1096.json
View File

@ -191,6 +191,11 @@
"refsource": "MLIST",
"name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
}
]
}

5
2011/2xxx/CVE-2011-2487.json
View File

@ -143,6 +143,11 @@
"refsource": "MLIST",
"name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
}
]
}

5
2012/0xxx/CVE-2012-0803.json
View File

@ -76,6 +76,11 @@
"refsource": "MLIST",
"name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
}
]
}

5
2012/2xxx/CVE-2012-2378.json
View File

@ -101,6 +101,11 @@
"refsource": "MLIST",
"name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
}
]
}

5
2012/2xxx/CVE-2012-2379.json
View File

@ -156,6 +156,11 @@
"refsource": "MLIST",
"name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
}
]
}

5
2012/3xxx/CVE-2012-3451.json
View File

@ -141,6 +141,11 @@
"refsource": "MLIST",
"name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
}
]
}

5
2012/5xxx/CVE-2012-5575.json
View File

@ -141,6 +141,11 @@
"refsource": "MLIST",
"name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
}
]
}

5
2012/5xxx/CVE-2012-5633.json
View File

@ -166,6 +166,11 @@
"refsource": "MLIST",
"name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
}
]
}

5
2013/0xxx/CVE-2013-0239.json
View File

@ -111,6 +111,11 @@
"refsource": "MLIST",
"name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
}
]
}

5
2013/2xxx/CVE-2013-2160.json
View File

@ -96,6 +96,11 @@
"refsource": "MLIST",
"name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
}
]
}

5
2014/0xxx/CVE-2014-0034.json
View File

@ -111,6 +111,11 @@
"refsource": "MLIST",
"name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
}
]
}

5
2014/0xxx/CVE-2014-0035.json
View File

@ -106,6 +106,11 @@
"refsource": "MLIST",
"name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
}
]
}

5
2014/0xxx/CVE-2014-0109.json
View File

@ -91,6 +91,11 @@
"refsource": "MLIST",
"name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
}
]
}

5
2014/0xxx/CVE-2014-0110.json
View File

@ -91,6 +91,11 @@
"refsource": "MLIST",
"name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
}
]
}

5
2014/3xxx/CVE-2014-3566.json
View File

@ -1356,6 +1356,11 @@
"refsource": "MLIST",
"name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
}
]
}

5
2014/3xxx/CVE-2014-3577.json
View File

@ -261,6 +261,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1875",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00033.html"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
}
]
}

5
2014/3xxx/CVE-2014-3584.json
View File

@ -91,6 +91,11 @@
"refsource": "MLIST",
"name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
}
]
}

5
2014/3xxx/CVE-2014-3623.json
View File

@ -111,6 +111,11 @@
"refsource": "MLIST",
"name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
}
]
}

5
2014/4xxx/CVE-2014-4508.json
View File

@ -106,6 +106,11 @@
"name": "58964",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58964"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20201112 CVE-2014-4508",
"url": "http://www.openwall.com/lists/oss-security/2020/11/12/3"
}
]
}

5
2015/5xxx/CVE-2015-5175.json
View File

@ -91,6 +91,11 @@
"refsource": "MLIST",
"name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
}
]
}

5
2015/5xxx/CVE-2015-5253.json
View File

@ -91,6 +91,11 @@
"refsource": "MLIST",
"name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
}
]
}

5
2016/2xxx/CVE-2016-2031.json
View File

@ -71,6 +71,11 @@
"refsource": "MISC",
"name": "https://www.securityfocus.com/bid/90207",
"url": "https://www.securityfocus.com/bid/90207"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-431802.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-431802.pdf"
}
]
}

5
2016/4xxx/CVE-2016-4464.json
View File

@ -91,6 +91,11 @@
"refsource": "MLIST",
"name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
}
]
}

5
2016/6xxx/CVE-2016-6812.json
View File

@ -95,6 +95,11 @@
"refsource": "MLIST",
"name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
}
]
}

5
2016/8xxx/CVE-2016-8739.json
View File

@ -90,6 +90,11 @@
"refsource": "MLIST",
"name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
}
]
}

5
2017/12xxx/CVE-2017-12624.json
View File

@ -105,6 +105,11 @@
"refsource": "MLIST",
"name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
}
]
}

71
2017/12xxx/CVE-2017-12629.json
View File

@ -16,6 +16,37 @@
"version_data": [
{
"version_value": "Apache Solr before 7.1 with Apache Lucene before 7.1"
},
{
"version_affected": "<",
"version_name": "lucene-solr",
"version_value": "7.1.0"
},
{
"version_affected": "<",
"version_name": "lucene-solr",
"version_value": "6.6.2"
},
{
"version_affected": "<",
"version_name": "lucene-solr",
"version_value": "5.5.5"
},
{
"version_affected": "!",
"version_name": "lucene-solr",
"version_value": "7.2.0"
},
{
"version_affected": "!",
"version_name": "lucene-solr",
"version_value": "8.0.0"
},
{
"platform": "redhat",
"version_affected": "<",
"version_name": "lucene-solr",
"version_value": "5.3.1-redhat-2"
}
]
}
@ -72,11 +103,6 @@
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101261"
},
{
"name": "https://twitter.com/ApacheSolr/status/918731485611401216",
"refsource": "MISC",
"url": "https://twitter.com/ApacheSolr/status/918731485611401216"
},
{
"name": "RHSA-2018:0004",
"refsource": "REDHAT",
@ -97,11 +123,6 @@
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/43009/"
},
{
"name": "https://twitter.com/searchtools_avi/status/918904813613543424",
"refsource": "MISC",
"url": "https://twitter.com/searchtools_avi/status/918904813613543424"
},
{
"name": "RHSA-2018:0003",
"refsource": "REDHAT",
@ -127,11 +148,6 @@
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3124"
},
{
"name": "http://openwall.com/lists/oss-security/2017/10/13/1",
"refsource": "MISC",
"url": "http://openwall.com/lists/oss-security/2017/10/13/1"
},
{
"name": "[www-announce] 20171019 [SECURITY] CVE-2017-12629: Several critical vulnerabilities discovered in Apache Solr (XXE & RCE)",
"refsource": "MLIST",
@ -142,15 +158,30 @@
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4124"
},
{
"name": "https://twitter.com/joshbressers/status/919258716297420802",
"refsource": "MISC",
"url": "https://twitter.com/joshbressers/status/919258716297420802"
},
{
"refsource": "UBUNTU",
"name": "USN-4259-1",
"url": "https://usn.ubuntu.com/4259-1/"
},
{
"name": "https://twitter.com/ApacheSolr/status/918731485611401216",
"refsource": "MISC",
"url": "https://twitter.com/ApacheSolr/status/918731485611401216"
},
{
"name": "https://twitter.com/searchtools_avi/status/918904813613543424",
"refsource": "MISC",
"url": "https://twitter.com/searchtools_avi/status/918904813613543424"
},
{
"name": "http://openwall.com/lists/oss-security/2017/10/13/1",
"refsource": "MISC",
"url": "http://openwall.com/lists/oss-security/2017/10/13/1"
},
{
"name": "https://twitter.com/joshbressers/status/919258716297420802",
"refsource": "MISC",
"url": "https://twitter.com/joshbressers/status/919258716297420802"
}
]
}

5
2017/12xxx/CVE-2017-12631.json
View File

@ -85,6 +85,11 @@
"refsource": "MLIST",
"name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
}
]
}

5
2017/13xxx/CVE-2017-13080.json
View File

@ -264,6 +264,11 @@
"name": "USN-3455-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3455-1"
},
{
"refsource": "CONFIRM",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html"
}
]
}

30
2017/14xxx/CVE-2017-14063.json
View File

@ -156,6 +156,36 @@
"refsource": "MLIST",
"name": "[tez-issues] 20201021 [jira] [Commented] (TEZ-4237) Upgrade async-http-client-1.9.40 due to CVE-2017-14063",
"url": "https://lists.apache.org/thread.html/r5f794dc07913c5f2ec08f540813b40e61b562d36f8b1f916e8705c56@%3Cissues.tez.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[tez-issues] 20201110 [jira] [Commented] (TEZ-4237) Upgrade async-http-client-1.9.40 due to CVE-2017-14063",
"url": "https://lists.apache.org/thread.html/r41a0e2c36f7d1854a4d56cb1e4aa720ef501782d887ece1c9b1e2d60@%3Cissues.tez.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[tez-issues] 20201111 [jira] [Commented] (TEZ-4237) Upgrade async-http-client-1.9.40 due to CVE-2017-14063",
"url": "https://lists.apache.org/thread.html/r5b8666c4414500ff6e993bfa69cb6afa19b1b67c4585a045c0c21662@%3Cissues.tez.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r0a6b6429a7558051dbb70bd06584b4b1c334a80ec9203d3d39b7045a@%3Ccommits.tez.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r0a6b6429a7558051dbb70bd06584b4b1c334a80ec9203d3d39b7045a@%3Ccommits.tez.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rfe55d83e4070bcc9285bbbf6bc39635dbcbba6d14d89aab0f339c83a@%3Ccommits.tez.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rfe55d83e4070bcc9285bbbf6bc39635dbcbba6d14d89aab0f339c83a@%3Ccommits.tez.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[tez-issues] 20201111 [jira] [Updated] (TEZ-4237) Upgrade async-http-client-1.9.40 due to CVE-2017-14063",
"url": "https://lists.apache.org/thread.html/r5f07c30721503d4c02d5451f77a611a1a0bb2a94ddcdf071c9485ea3@%3Cissues.tez.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[tez-dev] 20201112 Build failed in Jenkins: Tez-qbt-0.10-Build #12",
"url": "https://lists.apache.org/thread.html/r14a74d204f285dd3a4fa203de6dbb4e741ddb7fdfff7915590e5b3db@%3Cdev.tez.apache.org%3E"
}
]
}

25
2017/18xxx/CVE-2017-18926.json
View File

@ -71,6 +71,31 @@
"refsource": "DEBIAN",
"name": "DSA-4785",
"url": "https://www.debian.org/security/2020/dsa-4785"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20201113 Buffer Overflow in raptor widely unfixed in Linux distros",
"url": "http://www.openwall.com/lists/oss-security/2020/11/13/1"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20201113 Re: Buffer Overflow in raptor widely unfixed in Linux distros",
"url": "http://www.openwall.com/lists/oss-security/2020/11/13/2"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20201114 Re: Buffer Overflow in raptor widely unfixed in Linux distros",
"url": "http://www.openwall.com/lists/oss-security/2020/11/14/2"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20201116 Re: Buffer Overflow in raptor widely unfixed in Linux distros",
"url": "http://www.openwall.com/lists/oss-security/2020/11/16/3"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20201116 Re: Buffer Overflow in raptor widely unfixed in Linux distros",
"url": "http://www.openwall.com/lists/oss-security/2020/11/16/2"
}
]
}

5
2017/3xxx/CVE-2017-3156.json
View File

@ -85,6 +85,11 @@
"refsource": "MLIST",
"name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
}
]
}

5
2017/5xxx/CVE-2017-5653.json
View File

@ -89,6 +89,11 @@
"refsource": "MLIST",
"name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
}
]
}

5
2017/5xxx/CVE-2017-5656.json
View File

@ -94,6 +94,11 @@
"refsource": "MLIST",
"name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
}
]
}

5
2017/7xxx/CVE-2017-7661.json
View File

@ -76,6 +76,11 @@
"refsource": "MLIST",
"name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
}
]
}

5
2017/7xxx/CVE-2017-7662.json
View File

@ -76,6 +76,11 @@
"refsource": "MLIST",
"name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
}
]
}

5
2018/14xxx/CVE-2018-14040.json
View File

@ -126,6 +126,11 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html",
"url": "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html"
},
{
"refsource": "MLIST",
"name": "[hbase-issues] 20201116 [GitHub] [hbase] symat opened a new pull request #2661: HBASE-25261 Upgrade Bootstrap to 3.4.1",
"url": "https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714@%3Cissues.hbase.apache.org%3E"
}
]
}

5
2018/14xxx/CVE-2018-14041.json
View File

@ -126,6 +126,11 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html",
"url": "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html"
},
{
"refsource": "MLIST",
"name": "[hbase-issues] 20201116 [GitHub] [hbase] symat opened a new pull request #2661: HBASE-25261 Upgrade Bootstrap to 3.4.1",
"url": "https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714@%3Cissues.hbase.apache.org%3E"
}
]
}

5
2018/14xxx/CVE-2018-14042.json
View File

@ -116,6 +116,11 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html",
"url": "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html"
},
{
"refsource": "MLIST",
"name": "[hbase-issues] 20201116 [GitHub] [hbase] symat opened a new pull request #2661: HBASE-25261 Upgrade Bootstrap to 3.4.1",
"url": "https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714@%3Cissues.hbase.apache.org%3E"
}
]
}

5
2018/16xxx/CVE-2018-16763.json
View File

@ -71,6 +71,11 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/153696/fuelCMS-1.4.1-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/153696/fuelCMS-1.4.1-Remote-Code-Execution.html"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/160080/Fuel-CMS-1.4-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/160080/Fuel-CMS-1.4-Remote-Code-Execution.html"
}
]
}

5
2018/17xxx/CVE-2018-17765.json
View File

@ -71,6 +71,11 @@
"refsource": "MISC",
"name": "https://youtu.be/oyUD7RDJsJs",
"url": "https://youtu.be/oyUD7RDJsJs"
},
{
"refsource": "MISC",
"name": "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-14/",
"url": "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-14/"
}
]
}

5
2018/17xxx/CVE-2018-17766.json
View File

@ -71,6 +71,11 @@
"refsource": "MISC",
"name": "https://youtu.be/oyUD7RDJsJs",
"url": "https://youtu.be/oyUD7RDJsJs"
},
{
"refsource": "MISC",
"name": "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-15/",
"url": "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-15/"
}
]
}

5
2018/17xxx/CVE-2018-17767.json
View File

@ -71,6 +71,11 @@
"refsource": "MISC",
"name": "https://youtu.be/oyUD7RDJsJs",
"url": "https://youtu.be/oyUD7RDJsJs"
},
{
"refsource": "MISC",
"name": "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-10/",
"url": "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-10/"
}
]
}

5
2018/17xxx/CVE-2018-17768.json
View File

@ -71,6 +71,11 @@
"refsource": "MISC",
"name": "https://youtu.be/oyUD7RDJsJs",
"url": "https://youtu.be/oyUD7RDJsJs"
},
{
"refsource": "MISC",
"name": "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-13/",
"url": "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-13/"
}
]
}

5
2018/17xxx/CVE-2018-17769.json
View File

@ -71,6 +71,11 @@
"refsource": "MISC",
"name": "https://youtu.be/oyUD7RDJsJs",
"url": "https://youtu.be/oyUD7RDJsJs"
},
{
"refsource": "MISC",
"name": "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-16/",
"url": "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-16/"
}
]
}

5
2018/17xxx/CVE-2018-17770.json
View File

@ -52,6 +52,11 @@
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.ptsecurity.com/ww-en/analytics/threatscape/",
"url": "https://www.ptsecurity.com/ww-en/analytics/threatscape/"
},
{
"url": "https://ingenico.us/smart-terminals/telium2",
"refsource": "MISC",

5
2018/17xxx/CVE-2018-17771.json
View File

@ -71,6 +71,11 @@
"refsource": "MISC",
"name": "https://youtu.be/oyUD7RDJsJs",
"url": "https://youtu.be/oyUD7RDJsJs"
},
{
"refsource": "MISC",
"name": "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-11/",
"url": "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-11/"
}
]
}

5
2018/17xxx/CVE-2018-17772.json
View File

@ -71,6 +71,11 @@
"refsource": "MISC",
"name": "https://youtu.be/oyUD7RDJsJs",
"url": "https://youtu.be/oyUD7RDJsJs"
},
{
"refsource": "MISC",
"name": "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-18/",
"url": "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-18/"
}
]
}

5
2018/17xxx/CVE-2018-17773.json
View File

@ -71,6 +71,11 @@
"refsource": "MISC",
"name": "https://youtu.be/oyUD7RDJsJs",
"url": "https://youtu.be/oyUD7RDJsJs"
},
{
"refsource": "MISC",
"name": "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-19/",
"url": "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-19/"
}
]
}

5
2018/17xxx/CVE-2018-17774.json
View File

@ -71,6 +71,11 @@
"refsource": "MISC",
"name": "https://youtu.be/oyUD7RDJsJs",
"url": "https://youtu.be/oyUD7RDJsJs"
},
{
"refsource": "MISC",
"name": "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-12/",
"url": "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-12/"
}
]
}

2
2018/1xxx/CVE-2018-1311.json
View File

@ -70,7 +70,7 @@
"description_data": [
{
"lang": "eng",
"value": "The Apache Xerces-C 3.0.0 to 3.2.2 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library and has no current mitigation other than to disable DTD processing. This can be accomplished via the DOM using a standard parser feature, or via SAX using the XERCES_DISABLE_DTD environment variable."
"value": "The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library and has no current mitigation other than to disable DTD processing. This can be accomplished via the DOM using a standard parser feature, or via SAX using the XERCES_DISABLE_DTD environment variable."
}
]
}

5
2018/8xxx/CVE-2018-8038.json
View File

@ -87,6 +87,11 @@
"refsource": "MLIST",
"name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
}
]
}

5
2018/8xxx/CVE-2018-8039.json
View File

@ -160,6 +160,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
}
]
}

5
2018/9xxx/CVE-2018-9285.json
View File

@ -61,6 +61,11 @@
"name": "https://fortiguard.com/zeroday/FG-VD-17-216",
"refsource": "MISC",
"url": "https://fortiguard.com/zeroday/FG-VD-17-216"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/160049/ASUS-TM-AC1900-Arbitrary-Command-Execution.html",
"url": "http://packetstormsecurity.com/files/160049/ASUS-TM-AC1900-Arbitrary-Command-Execution.html"
}
]
}

12
2019/1010xxx/CVE-2019-1010022.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard."
"value": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat.\""
}
]
},
@ -56,6 +56,16 @@
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850",
"refsource": "MISC",
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850"
},
{
"refsource": "DEBIAN",
"name": "CVE-2019-1010022",
"url": "https://security-tracker.debian.org/tracker/CVE-2019-1010022"
},
{
"refsource": "UBUNTU",
"name": "CVE-2019-1010022",
"url": "https://ubuntu.com/security/CVE-2019-1010022"
}
]
}

12
2019/1010xxx/CVE-2019-1010023.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code."
"value": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat.\""
}
]
},
@ -66,6 +66,16 @@
"refsource": "CONFIRM",
"name": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&amp;utm_medium=RSS",
"url": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&amp;utm_medium=RSS"
},
{
"refsource": "DEBIAN",
"name": "CVE-2019-1010023",
"url": "https://security-tracker.debian.org/tracker/CVE-2019-1010023"
},
{
"refsource": "UBUNTU",
"name": "CVE-2019-1010023",
"url": "https://ubuntu.com/security/CVE-2019-1010023"
}
]
}

12
2019/1010xxx/CVE-2019-1010024.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc."
"value": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat.\""
}
]
},
@ -71,6 +71,16 @@
"refsource": "CONFIRM",
"name": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&amp;utm_medium=RSS",
"url": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&amp;utm_medium=RSS"
},
{
"refsource": "DEBIAN",
"name": "CVE-2019-1010024",
"url": "https://security-tracker.debian.org/tracker/CVE-2019-1010024"
},
{
"refsource": "UBUNTU",
"name": "CVE-2019-1010024",
"url": "https://ubuntu.com/security/CVE-2019-1010024"
}
]
}

10
2019/1010xxx/CVE-2019-1010025.json
View File

@ -66,6 +66,16 @@
"refsource": "CONFIRM",
"name": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&amp;utm_medium=RSS",
"url": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&amp;utm_medium=RSS"
},
{
"refsource": "DEBIAN",
"name": "CVE-2019-1010025",
"url": "https://security-tracker.debian.org/tracker/CVE-2019-1010025"
},
{
"refsource": "UBUNTU",
"name": "CVE-2019-1010025",
"url": "https://ubuntu.com/security/CVE-2019-1010025"
}
]
}

50
2019/11xxx/CVE-2019-11121.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-11121",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Media SDK for Windows",
"version": {
"version_data": [
{
"version_value": "before version 2019 R1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "escalation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00262",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00262"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper file permissions in the installer for the Intel(R) Media SDK for Windows before version 2019 R1 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
]
}

15
2019/11xxx/CVE-2019-11411.json
View File

@ -76,6 +76,21 @@
"refsource": "GENTOO",
"name": "GLSA-202007-52",
"url": "https://security.gentoo.org/glsa/202007-52"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-53773f4954",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/67PMOZV4DLVL2KGU2SV724QL7Y4PKWKU/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-496ab4615a",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3RQXMWEOWCGLOLFBQSXBM3MBN33T4I5H/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-f3d08b9b3a",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MFCRO74ORRIVWNVAX2MAMRY3THCTWLQI/"
}
]
}

15
2019/11xxx/CVE-2019-11412.json
View File

@ -76,6 +76,21 @@
"refsource": "GENTOO",
"name": "GLSA-202007-52",
"url": "https://security.gentoo.org/glsa/202007-52"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-53773f4954",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/67PMOZV4DLVL2KGU2SV724QL7Y4PKWKU/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-496ab4615a",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3RQXMWEOWCGLOLFBQSXBM3MBN33T4I5H/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-f3d08b9b3a",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MFCRO74ORRIVWNVAX2MAMRY3THCTWLQI/"
}
]
}

15
2019/11xxx/CVE-2019-11413.json
View File

@ -76,6 +76,21 @@
"refsource": "GENTOO",
"name": "GLSA-202007-52",
"url": "https://security.gentoo.org/glsa/202007-52"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-53773f4954",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/67PMOZV4DLVL2KGU2SV724QL7Y4PKWKU/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-496ab4615a",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3RQXMWEOWCGLOLFBQSXBM3MBN33T4I5H/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-f3d08b9b3a",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MFCRO74ORRIVWNVAX2MAMRY3THCTWLQI/"
}
]
}

5
2019/12xxx/CVE-2019-12406.json
View File

@ -93,6 +93,11 @@
"refsource": "MLIST",
"name": "[cxf-issues] 20200821 [jira] [Comment Edited] (CXF-8328) CVE-2019-12406 not fixed in 3.1 branch",
"url": "https://lists.apache.org/thread.html/rca465c9d1e1969281338522b76701c85a07abd045c494261137236e0@%3Cissues.cxf.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
}
]
},

5
2019/12xxx/CVE-2019-12419.json
View File

@ -93,6 +93,11 @@
"refsource": "MLIST",
"name": "[cxf-dev] 20201103 Re: CVE-2019-12419",
"url": "https://lists.apache.org/thread.html/re7593a274ee0a85d304d5d42c66fc0081c94d7f22bc96a1084d43b80@%3Cdev.cxf.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
}
]
},

5
2019/12xxx/CVE-2019-12423.json
View File

@ -73,6 +73,11 @@
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
}
]
},

15
2019/14xxx/CVE-2019-14899.json
View File

@ -89,10 +89,25 @@
"name": "[oss-security] 20200813 Blind in/on-path attacks against VPN-tunneled connections (CVE-2019-14899 follow-up)",
"url": "http://www.openwall.com/lists/oss-security/2020/08/13/2"
},
{
"refsource": "CONFIRM",
"name": "https://support.apple.com/kb/HT211850",
"url": "https://support.apple.com/kb/HT211850"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20201007 Re: [CVE-2019-14899] Inferring and hijacking VPN-tunneled TCP connections.",
"url": "http://www.openwall.com/lists/oss-security/2020/10/07/3"
},
{
"refsource": "CONFIRM",
"name": "https://support.apple.com/kb/HT211931",
"url": "https://support.apple.com/kb/HT211931"
},
{
"refsource": "FULLDISC",
"name": "20201115 APPLE-SA-2020-11-13-3 Additional information for APPLE-SA-2020-09-16-1 iOS 14.0 and iPadOS 14.0",
"url": "http://seclists.org/fulldisclosure/2020/Nov/20"
}
]
},

62
2019/17xxx/CVE-2019-17566.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-17566",
"ASSIGNER": "security@apache.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Apache Batik",
"version": {
"version_data": [
{
"version_value": "Apache Batik 1.12 and older"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://xmlgraphics.apache.org/security.html",
"url": "https://xmlgraphics.apache.org/security.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache Batik is vulnerable to server-side request forgery, caused by improper input validation by the \"xlink:href\" attributes. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests."
}
]
}
}

25
2019/17xxx/CVE-2019-17573.json
View File

@ -68,6 +68,31 @@
"refsource": "CONFIRM",
"name": "http://cxf.apache.org/security-advisories.data/CVE-2019-17573.txt.asc?version=1&modificationDate=1579178542000&api=v2",
"url": "http://cxf.apache.org/security-advisories.data/CVE-2019-17573.txt.asc?version=1&modificationDate=1579178542000&api=v2"
},
{
"refsource": "MLIST",
"name": "[cxf-dev] 20201112 CVE-2020-13954: Apache CXF Reflected XSS in the services listing page via the styleSheetPath",
"url": "https://lists.apache.org/thread.html/r51fdd73548290b2dfd0b48f7ab69bf9ae064dd100364cd8a15f0b3ec@%3Cdev.cxf.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cxf-users] 20201112 CVE-2020-13954: Apache CXF Reflected XSS in the services listing page via the styleSheetPath",
"url": "https://lists.apache.org/thread.html/r51fdd73548290b2dfd0b48f7ab69bf9ae064dd100364cd8a15f0b3ec@%3Cusers.cxf.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20201112 CVE-2020-13954: Apache CXF Reflected XSS in the services listing page via the styleSheetPath",
"url": "http://www.openwall.com/lists/oss-security/2020/11/12/2"
},
{
"refsource": "MLIST",
"name": "[announce] 20201112 CVE-2020-13954: Apache CXF Reflected XSS in the services listing page via the styleSheetPath",
"url": "https://lists.apache.org/thread.html/r51fdd73548290b2dfd0b48f7ab69bf9ae064dd100364cd8a15f0b3ec@%3Cannounce.apache.org%3E"
}
]
},

61
2019/19xxx/CVE-2019-19556.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-19556",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-19556",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An authentication bypass in the debug interface in Mercedes-Benz HERMES 1 allows an attacker with physical access to device hardware to obtain system information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://skygo.360.cn/archive/Security-Research-Report-on-Mercedes-Benz-Cars-en.pdf",
"url": "https://skygo.360.cn/archive/Security-Research-Report-on-Mercedes-Benz-Cars-en.pdf"
},
{
"refsource": "MISC",
"name": "https://media.daimler.com/marsMediaSite/en/instance/ko/Mercedes-Benz-and-360-Group-to-join-forces-Mercedes-Benz-and-360-Group-with-its-Cyber-Security-Brain-work-together-to-strengthen-car-IT-security-for-industry.xhtml?oid=45208829",
"url": "https://media.daimler.com/marsMediaSite/en/instance/ko/Mercedes-Benz-and-360-Group-to-join-forces-Mercedes-Benz-and-360-Group-with-its-Cyber-Security-Brain-work-together-to-strengthen-car-IT-security-for-industry.xhtml?oid=45208829"
}
]
}

61
2019/19xxx/CVE-2019-19557.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-19557",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-19557",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A misconfiguration in the debug interface in Mercedes-Benz HERMES 1 allows an attacker with direct physical access to device hardware to obtain cellular modem information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://skygo.360.cn/archive/Security-Research-Report-on-Mercedes-Benz-Cars-en.pdf",
"url": "https://skygo.360.cn/archive/Security-Research-Report-on-Mercedes-Benz-Cars-en.pdf"
},
{
"refsource": "MISC",
"name": "https://media.daimler.com/marsMediaSite/en/instance/ko/Mercedes-Benz-and-360-Group-to-join-forces-Mercedes-Benz-and-360-Group-with-its-Cyber-Security-Brain-work-together-to-strengthen-car-IT-security-for-industry.xhtml?oid=45208829",
"url": "https://media.daimler.com/marsMediaSite/en/instance/ko/Mercedes-Benz-and-360-Group-to-join-forces-Mercedes-Benz-and-360-Group-with-its-Cyber-Security-Brain-work-together-to-strengthen-car-IT-security-for-industry.xhtml?oid=45208829"
}
]
}

61
2019/19xxx/CVE-2019-19560.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-19560",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-19560",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An authentication bypass in the debug interface in Mercedes-Benz HERMES 1.5 allows an attacker with physical access to device hardware to obtain system information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://skygo.360.cn/archive/Security-Research-Report-on-Mercedes-Benz-Cars-en.pdf",
"url": "https://skygo.360.cn/archive/Security-Research-Report-on-Mercedes-Benz-Cars-en.pdf"
},
{
"refsource": "MISC",
"name": "https://media.daimler.com/marsMediaSite/en/instance/ko/Mercedes-Benz-and-360-Group-to-join-forces-Mercedes-Benz-and-360-Group-with-its-Cyber-Security-Brain-work-together-to-strengthen-car-IT-security-for-industry.xhtml?oid=45208829",
"url": "https://media.daimler.com/marsMediaSite/en/instance/ko/Mercedes-Benz-and-360-Group-to-join-forces-Mercedes-Benz-and-360-Group-with-its-Cyber-Security-Brain-work-together-to-strengthen-car-IT-security-for-industry.xhtml?oid=45208829"
}
]
}

61
2019/19xxx/CVE-2019-19561.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-19561",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-19561",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A misconfiguration in the debug interface in Mercedes-Benz HERMES 1.5 allows an attacker with direct physical access to device hardware to obtain cellular modem information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://skygo.360.cn/archive/Security-Research-Report-on-Mercedes-Benz-Cars-en.pdf",
"url": "https://skygo.360.cn/archive/Security-Research-Report-on-Mercedes-Benz-Cars-en.pdf"
},
{
"refsource": "MISC",
"name": "https://media.daimler.com/marsMediaSite/en/instance/ko/Mercedes-Benz-and-360-Group-to-join-forces-Mercedes-Benz-and-360-Group-with-its-Cyber-Security-Brain-work-together-to-strengthen-car-IT-security-for-industry.xhtml?oid=45208829",
"url": "https://media.daimler.com/marsMediaSite/en/instance/ko/Mercedes-Benz-and-360-Group-to-join-forces-Mercedes-Benz-and-360-Group-with-its-Cyber-Security-Brain-work-together-to-strengthen-car-IT-security-for-industry.xhtml?oid=45208829"
}
]
}

61
2019/19xxx/CVE-2019-19562.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-19562",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-19562",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An authentication bypass in the debug interface in Mercedes-Benz HERMES 2.1 allows an attacker with physical access to device hardware to obtain system information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://skygo.360.cn/archive/Security-Research-Report-on-Mercedes-Benz-Cars-en.pdf",
"url": "https://skygo.360.cn/archive/Security-Research-Report-on-Mercedes-Benz-Cars-en.pdf"
},
{
"refsource": "MISC",
"name": "https://media.daimler.com/marsMediaSite/en/instance/ko/Mercedes-Benz-and-360-Group-to-join-forces-Mercedes-Benz-and-360-Group-with-its-Cyber-Security-Brain-work-together-to-strengthen-car-IT-security-for-industry.xhtml?oid=45208829",
"url": "https://media.daimler.com/marsMediaSite/en/instance/ko/Mercedes-Benz-and-360-Group-to-join-forces-Mercedes-Benz-and-360-Group-with-its-Cyber-Security-Brain-work-together-to-strengthen-car-IT-security-for-industry.xhtml?oid=45208829"
}
]
}

61
2019/19xxx/CVE-2019-19563.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-19563",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-19563",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A misconfiguration in the debug interface in Mercedes-Benz HERMES 2.1 allows an attacker with direct physical access to device hardware to obtain cellular modem information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://skygo.360.cn/archive/Security-Research-Report-on-Mercedes-Benz-Cars-en.pdf",
"url": "https://skygo.360.cn/archive/Security-Research-Report-on-Mercedes-Benz-Cars-en.pdf"
},
{
"refsource": "MISC",
"name": "https://media.daimler.com/marsMediaSite/en/instance/ko/Mercedes-Benz-and-360-Group-to-join-forces-Mercedes-Benz-and-360-Group-with-its-Cyber-Security-Brain-work-together-to-strengthen-car-IT-security-for-industry.xhtml?oid=45208829",
"url": "https://media.daimler.com/marsMediaSite/en/instance/ko/Mercedes-Benz-and-360-Group-to-join-forces-Mercedes-Benz-and-360-Group-with-its-Cyber-Security-Brain-work-together-to-strengthen-car-IT-security-for-industry.xhtml?oid=45208829"
}
]
}

5
2019/20xxx/CVE-2019-20838.json
View File

@ -61,6 +61,11 @@
"url": "https://www.pcre.org/original/changelog.txt",
"refsource": "MISC",
"name": "https://www.pcre.org/original/changelog.txt"
},
{
"refsource": "CONFIRM",
"name": "https://support.apple.com/kb/HT211931",
"url": "https://support.apple.com/kb/HT211931"
}
]
}

12
2019/3xxx/CVE-2019-3815.json
View File

@ -54,7 +54,7 @@
"description": [
{
"lang": "eng",
"value": "CWE-400"
"value": "CWE-401"
}
]
}
@ -72,11 +72,6 @@
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106632"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3815",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3815"
},
{
"name": "RHSA-2019:0201",
"refsource": "REDHAT",
@ -86,6 +81,11 @@
"refsource": "REDHAT",
"name": "RHBA-2019:0327",
"url": "https://access.redhat.com/errata/RHBA-2019:0327"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3815",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3815"
}
]
}

12
2019/3xxx/CVE-2019-3821.json
View File

@ -36,7 +36,7 @@
"description": [
{
"lang": "eng",
"value": "CWE-400"
"value": "CWE-772"
}
]
}
@ -44,6 +44,11 @@
},
"references": {
"reference_data": [
{
"refsource": "UBUNTU",
"name": "USN-4035-1",
"url": "https://usn.ubuntu.com/4035-1/"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3821",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3821",
@ -53,11 +58,6 @@
"url": "https://github.com/ceph/civetweb/pull/33",
"refsource": "MISC",
"name": "https://github.com/ceph/civetweb/pull/33"
},
{
"refsource": "UBUNTU",
"name": "USN-4035-1",
"url": "https://usn.ubuntu.com/4035-1/"
}
]
},

22
2019/3xxx/CVE-2019-3882.json
View File

@ -36,7 +36,7 @@
"description": [
{
"lang": "eng",
"value": "CWE-400"
"value": "CWE-770"
}
]
}
@ -44,11 +44,6 @@
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3882",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3882",
"refsource": "CONFIRM"
},
{
"refsource": "UBUNTU",
"name": "USN-3981-1",
@ -79,11 +74,6 @@
"name": "USN-3982-1",
"url": "https://usn.ubuntu.com/3982-1/"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20190517-0005/",
"url": "https://security.netapp.com/advisory/ntap-20190517-0005/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1407",
@ -148,6 +138,16 @@
"refsource": "REDHAT",
"name": "RHSA-2019:3517",
"url": "https://access.redhat.com/errata/RHSA-2019:3517"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3882",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3882",
"refsource": "CONFIRM"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20190517-0005/",
"url": "https://security.netapp.com/advisory/ntap-20190517-0005/"
}
]
},

32
2019/3xxx/CVE-2019-3883.json
View File

@ -36,7 +36,7 @@
"description": [
{
"lang": "eng",
"value": "CWE-400"
"value": "CWE-772"
}
]
}
@ -44,21 +44,6 @@
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3883",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3883",
"refsource": "CONFIRM"
},
{
"url": "https://pagure.io/389-ds-base/issue/50329",
"name": "https://pagure.io/389-ds-base/issue/50329",
"refsource": "CONFIRM"
},
{
"url": "https://pagure.io/389-ds-base/pull-request/50331",
"name": "https://pagure.io/389-ds-base/pull-request/50331",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20190506 [SECURITY] [DLA 1779-1] 389-ds-base security update",
@ -73,6 +58,21 @@
"refsource": "REDHAT",
"name": "RHSA-2019:3401",
"url": "https://access.redhat.com/errata/RHSA-2019:3401"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3883",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3883",
"refsource": "CONFIRM"
},
{
"url": "https://pagure.io/389-ds-base/issue/50329",
"name": "https://pagure.io/389-ds-base/issue/50329",
"refsource": "CONFIRM"
},
{
"url": "https://pagure.io/389-ds-base/pull-request/50331",
"name": "https://pagure.io/389-ds-base/pull-request/50331",
"refsource": "CONFIRM"
}
]
},

53
2019/7xxx/CVE-2019-7357.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7357",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Subrion CMS 4.2.1 has CSRF in panel/modules/plugins/. The attacker can remotely activate/deactivate the plugins."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/intelliants/subrion/commits/develop",
"refsource": "MISC",
"name": "https://github.com/intelliants/subrion/commits/develop"
},
{
"refsource": "MISC",
"name": "https://github.com/ngpentest007/CVE-2019-7357/blob/main/Subrion_4.2.1%20-%20CVE-2019-7357.pdf",
"url": "https://github.com/ngpentest007/CVE-2019-7357/blob/main/Subrion_4.2.1%20-%20CVE-2019-7357.pdf"
}
]
}

5
2019/8xxx/CVE-2019-8331.json
View File

@ -166,6 +166,11 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html",
"url": "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html"
},
{
"refsource": "MLIST",
"name": "[hbase-issues] 20201116 [GitHub] [hbase] symat opened a new pull request #2661: HBASE-25261 Upgrade Bootstrap to 3.4.1",
"url": "https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714@%3Cissues.hbase.apache.org%3E"
}
]
}

10
2020/0xxx/CVE-2020-0181.json
View File

@ -48,6 +48,16 @@
"refsource": "MISC",
"name": "https://source.android.com/security/bulletin/pixel/2020-06-01",
"url": "https://source.android.com/security/bulletin/pixel/2020-06-01"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-e99ef3282f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVBD5JRUQPN4LQHTAAJHA3MR5M7YTAC7/"
},
{
"refsource": "GENTOO",
"name": "GLSA-202011-19",
"url": "https://security.gentoo.org/glsa/202011-19"
}
]
},

10
2020/0xxx/CVE-2020-0198.json
View File

@ -58,6 +58,16 @@
"refsource": "UBUNTU",
"name": "USN-4396-1",
"url": "https://usn.ubuntu.com/4396-1/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-e99ef3282f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVBD5JRUQPN4LQHTAAJHA3MR5M7YTAC7/"
},
{
"refsource": "GENTOO",
"name": "GLSA-202011-19",
"url": "https://security.gentoo.org/glsa/202011-19"
}
]
},

62
2020/0xxx/CVE-2020-0409.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0409",
"ASSIGNER": "security@android.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android-10 Android-8.0 Android-8.1 Android-9"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://source.android.com/security/bulletin/2020-11-01",
"url": "https://source.android.com/security/bulletin/2020-11-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In create of FileMap.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-8.0 Android-8.1 Android-9Android ID: A-156997193"
}
]
}
}

62
2020/0xxx/CVE-2020-0418.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0418",
"ASSIGNER": "security@android.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android-10"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://source.android.com/security/bulletin/2020-11-01",
"url": "https://source.android.com/security/bulletin/2020-11-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In getPermissionInfosForGroup of Utils.java, there is a logic error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-153879813"
}
]
}
}

62
2020/0xxx/CVE-2020-0424.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0424",
"ASSIGNER": "security@android.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android-11 Android-9 Android-10"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://source.android.com/security/bulletin/2020-11-01",
"url": "https://source.android.com/security/bulletin/2020-11-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In send_vc of res_send.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-9 Android-10Android ID: A-161362564"
}
]
}
}

62
2020/0xxx/CVE-2020-0437.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0437",
"ASSIGNER": "security@android.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android-8.0 Android-8.1 Android-9 Android-10 Android-11"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://source.android.com/security/bulletin/2020-11-01",
"url": "https://source.android.com/security/bulletin/2020-11-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In CellBroadcastReceiver's intent handlers, there is a possible denial of service due to a missing permission check. This could lead to local denial of service of emergency alerts with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10 Android-11Android ID: A-162741784"
}
]
}
}

62
2020/0xxx/CVE-2020-0438.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0438",
"ASSIGNER": "security@android.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android-11 Android-10"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://source.android.com/security/bulletin/2020-11-01",
"url": "https://source.android.com/security/bulletin/2020-11-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the AIBinder_Class constructor of ibinder.cpp, there is a possible arbitrary code execution due to uninitialized data. This could lead to local escalation of privilege if a process were using libbinder_ndk in a vulnerable way with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-10Android ID: A-161812320"
}
]
}
}

62
2020/0xxx/CVE-2020-0439.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0439",
"ASSIGNER": "security@android.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android-8.1 Android-9 Android-10 Android-11 Android-8.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://source.android.com/security/bulletin/2020-11-01",
"url": "https://source.android.com/security/bulletin/2020-11-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In generatePackageInfo of PackageManagerService.java, there is a possible permissions bypass due to an incorrect permission check. This could lead to local escalation of privilege that allows instant apps access to permissions not allowed for instant apps, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11 Android-8.0Android ID: A-140256621"
}
]
}
}

62
2020/0xxx/CVE-2020-0441.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0441",
"ASSIGNER": "security@android.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android-11 Android-8.0 Android-8.1 Android-9 Android-10"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://source.android.com/security/bulletin/2020-11-01",
"url": "https://source.android.com/security/bulletin/2020-11-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Message and toBundle of Notification.java, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service requiring a device reset to fix with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-158304295"
}
]
}
}

62
2020/0xxx/CVE-2020-0442.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0442",
"ASSIGNER": "security@android.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android-10 Android-11 Android-8.0 Android-8.1 Android-9"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://source.android.com/security/bulletin/2020-11-01",
"url": "https://source.android.com/security/bulletin/2020-11-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Message and toBundle of Notification.java, there is a possible UI slowdown or crash due to improper input validation. This could lead to remote denial of service if a malicious contact file is received, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.0 Android-8.1 Android-9Android ID: A-147358092"
}
]
}
}

62
2020/0xxx/CVE-2020-0443.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0443",
"ASSIGNER": "security@android.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android-11 Android-8.0 Android-8.1 Android-9 Android-10"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://source.android.com/security/bulletin/2020-11-01",
"url": "https://source.android.com/security/bulletin/2020-11-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In LocaleList of LocaleList.java, there is a possible forced reboot due to an uncaught exception. This could lead to local denial of service requiring factory reset to restore with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-152410253"
}
]
}
}

62
2020/0xxx/CVE-2020-0445.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0445",
"ASSIGNER": "security@android.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android SoC"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://source.android.com/security/bulletin/2020-11-01",
"url": "https://source.android.com/security/bulletin/2020-11-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-168264527"
}
]
}
}

62
2020/0xxx/CVE-2020-0446.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0446",
"ASSIGNER": "security@android.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android SoC"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://source.android.com/security/bulletin/2020-11-01",
"url": "https://source.android.com/security/bulletin/2020-11-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-168264528"
}
]
}
}

62
2020/0xxx/CVE-2020-0447.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0447",
"ASSIGNER": "security@android.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android SoC"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://source.android.com/security/bulletin/2020-11-01",
"url": "https://source.android.com/security/bulletin/2020-11-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-168251617"
}
]
}
}

62
2020/0xxx/CVE-2020-0448.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0448",
"ASSIGNER": "security@android.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android-8.0 Android-8.1 Android-9 Android-10 Android-11"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://source.android.com/security/bulletin/2020-11-01",
"url": "https://source.android.com/security/bulletin/2020-11-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In getPhoneAccountsForPackage of TelecomServiceImpl.java, there is a possible way to access a tracking identifier due to a missing permission check. This could lead to local information disclosure of the identifier, which could be used to track an account across devices, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10 Android-11Android ID: A-153995334"
}
]
}
}

62
2020/0xxx/CVE-2020-0449.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0449",
"ASSIGNER": "security@android.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android-9 Android-10 Android-11 Android-8.0 Android-8.1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://source.android.com/security/bulletin/2020-11-01",
"url": "https://source.android.com/security/bulletin/2020-11-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In btm_sec_disconnected of btm_sec.cc, there is a possible memory corruption due to a use after free. This could lead to remote code execution in the Bluetooth server with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.0 Android-8.1Android ID: A-162497143"
}
]
}
}

62
2020/0xxx/CVE-2020-0450.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0450",
"ASSIGNER": "security@android.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android-8.0 Android-8.1 Android-9 Android-10 Android-11"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://source.android.com/security/bulletin/2020-11-01",
"url": "https://source.android.com/security/bulletin/2020-11-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In rw_i93_sm_format of rw_i93.cc, there is a possible out of bounds read due to uninitialized data. This could lead to remote information disclosure over NFC with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10 Android-11Android ID: A-157650336"
}
]
}
}

Some files were not shown because too many files have changed in this diff Show More