admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-01-28 19:01:47 +00:00
parent 68f5e02758
commit dfc878b2b4
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
86 changed files with 2850 additions and 1536 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
2015/8xxx/CVE-2015-8011.json
View File

@ -2,7 +2,7 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8011",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,61 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Buffer overflow in the lldp_decode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via vectors involving large management addresses and TLV boundaries."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/10/16/2",
"url": "http://www.openwall.com/lists/oss-security/2015/10/16/2"
},
{
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/10/30/2",
"url": "http://www.openwall.com/lists/oss-security/2015/10/30/2"
},
{
"refsource": "MISC",
"name": "https://github.com/vincentbernat/lldpd/commit/dd4f16e7e816f2165fba76e3d162cd8d2978dcb2",
"url": "https://github.com/vincentbernat/lldpd/commit/dd4f16e7e816f2165fba76e3d162cd8d2978dcb2"
}
]
}

63
2015/8xxx/CVE-2015-8012.json
View File

@ -2,7 +2,7 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8012",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,66 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "lldpd before 0.8.0 allows remote attackers to cause a denial of service (assertion failure and daemon crash) via a malformed packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://github.com/vincentbernat/lldpd/commit/793526f8884455f43daecd0a2c46772388417a00",
"url": "https://github.com/vincentbernat/lldpd/commit/793526f8884455f43daecd0a2c46772388417a00"
},
{
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/10/30/2",
"url": "http://www.openwall.com/lists/oss-security/2015/10/30/2"
},
{
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/10/18/2",
"url": "http://www.openwall.com/lists/oss-security/2015/10/18/2"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/vincentbernat/lldpd/commit/9221b5c249f9e4843f77c7f888d5705348d179c0",
"url": "https://github.com/vincentbernat/lldpd/commit/9221b5c249f9e4843f77c7f888d5705348d179c0"
}
]
}

188
2019/17xxx/CVE-2019-17338.json
View File

@ -1,95 +1,95 @@
{
"CVE_data_meta": {
"ASSIGNER": "security@tibco.com",
"DATE_PUBLIC": "2020-01-28T17:00:00Z",
"ID": "CVE-2019-17338",
"STATE": "PUBLIC",
"TITLE": "TIBCO Patterns - Search Exposes Cross Site Scripting Vulnerabilities"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "TIBCO Patterns - Search",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_value": "5.4.0"
}
]
}
}
]
},
"vendor_name": "TIBCO Software Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The user interface component of TIBCO Software Inc.'s TIBCO Patterns - Search contains multiple vulnerabilities that theoretically allow authenticated users to perform persistent cross-site scripting (XSS) attacks.\n\nAffected releases are TIBCO Software Inc.'s TIBCO Patterns - Search: versions 5.4.0 and below.\n"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "The impact of these vulnerabilities includes the theoretical possibility that an attacker could gain all privileges available via the affected component."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.tibco.com/support/advisories/2020/01/tibco-security-advisory-january-28-2020-tibco-patterns",
"refsource": "CONFIRM",
"url": "https://www.tibco.com/support/advisories/2020/01/tibco-security-advisory-january-28-2020-tibco-patterns"
},
{
"name": "http://www.tibco.com/services/support/advisories",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/services/support/advisories"
}
]
},
"solution": [
{
"lang": "eng",
"value": "TIBCO has released updated versions of the affected components which address these issues.\n\nTIBCO Patterns - Search versions 5.4.0 and below update to version 5.5.0 or higher"
}
],
"source": {
"discovery": "INTERNAL"
}
}
"CVE_data_meta": {
"ASSIGNER": "security@tibco.com",
"DATE_PUBLIC": "2020-01-28T17:00:00Z",
"ID": "CVE-2019-17338",
"STATE": "PUBLIC",
"TITLE": "TIBCO Patterns - Search Exposes Cross Site Scripting Vulnerabilities"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "TIBCO Patterns - Search",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_value": "5.4.0"
}
]
}
}
]
},
"vendor_name": "TIBCO Software Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The user interface component of TIBCO Software Inc.'s TIBCO Patterns - Search contains multiple vulnerabilities that theoretically allow authenticated users to perform persistent cross-site scripting (XSS) attacks. Affected releases are TIBCO Software Inc.'s TIBCO Patterns - Search: versions 5.4.0 and below."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "The impact of these vulnerabilities includes the theoretical possibility that an attacker could gain all privileges available via the affected component."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.tibco.com/services/support/advisories",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/services/support/advisories"
},
{
"name": "https://www.tibco.com/support/advisories/2020/01/tibco-security-advisory-january-28-2020-tibco-patterns",
"refsource": "CONFIRM",
"url": "https://www.tibco.com/support/advisories/2020/01/tibco-security-advisory-january-28-2020-tibco-patterns"
}
]
},
"solution": [
{
"lang": "eng",
"value": "TIBCO has released updated versions of the affected components which address these issues.\n\nTIBCO Patterns - Search versions 5.4.0 and below update to version 5.5.0 or higher"
}
],
"source": {
"discovery": "INTERNAL"
}
}

300
2019/4xxx/CVE-2019-4568.json
View File

@ -1,153 +1,153 @@
{
"data_version" : "4.0",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Denial of Service",
"lang" : "eng"
}
]
}
]
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM MQ and IBM MQ Appliance 8.0 and 9.0 LTS could allow a remote attacker with intimate knowledge of the server to cause a denial of service when receiving data on the channel. IBM X-Force ID: 166629."
}
]
},
"CVE_data_meta" : {
"DATE_PUBLIC" : "2020-01-24T00:00:00",
"ID" : "CVE-2019-4568",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com"
},
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 1106517 (MQ)",
"url" : "https://www.ibm.com/support/pages/node/1106517",
"name" : "https://www.ibm.com/support/pages/node/1106517"
},
{
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/166629",
"name" : "ibm-mq-cve20194568-dos (166629)"
}
]
},
"data_format" : "MITRE",
"data_type" : "CVE",
"affects" : {
"vendor" : {
"vendor_data" : [
"data_version": "4.0",
"problemtype": {
"problemtype_data": [
{
"product" : {
"product_data" : [
{
"product_name" : "MQ",
"version" : {
"version_data" : [
{
"version_value" : "9.0.0.1"
},
{
"version_value" : "8.0.0.1"
},
{
"version_value" : "8.0.0.2"
},
{
"version_value" : "8.0.0.3"
},
{
"version_value" : "8.0.0.4"
},
{
"version_value" : "8.0.0.5"
},
{
"version_value" : "8.0.0.6"
},
{
"version_value" : "8.0.0.7"
},
{
"version_value" : "9.0.0.2"
},
{
"version_value" : "8.0.0.8"
},
{
"version_value" : "8.0.0.9"
},
{
"version_value" : "9.0.0.3"
},
{
"version_value" : "8.0.0.0"
},
{
"version_value" : "8.0.0.10"
},
{
"version_value" : "9.0.0.0"
},
{
"version_value" : "9.0.0.4"
},
{
"version_value" : "9.0.0.5"
},
{
"version_value" : "8.0.0.11"
},
{
"version_value" : "9.0.0.6"
},
{
"version_value" : "8.0.0.12"
},
{
"version_value" : "9.0.0.7"
},
{
"version_value" : "8.0.0.13"
}
]
}
}
]
},
"vendor_name" : "IBM"
"description": [
{
"value": "Denial of Service",
"lang": "eng"
}
]
}
]
}
},
"impact" : {
"cvssv3" : {
"BM" : {
"S" : "U",
"A" : "H",
"SCORE" : "5.900",
"C" : "N",
"AV" : "N",
"AC" : "H",
"I" : "N",
"UI" : "N",
"PR" : "N"
},
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
}
}
}
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM MQ and IBM MQ Appliance 8.0 and 9.0 LTS could allow a remote attacker with intimate knowledge of the server to cause a denial of service when receiving data on the channel. IBM X-Force ID: 166629."
}
]
},
"CVE_data_meta": {
"DATE_PUBLIC": "2020-01-24T00:00:00",
"ID": "CVE-2019-4568",
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com"
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 1106517 (MQ)",
"url": "https://www.ibm.com/support/pages/node/1106517",
"name": "https://www.ibm.com/support/pages/node/1106517"
},
{
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/166629",
"name": "ibm-mq-cve20194568-dos (166629)"
}
]
},
"data_format": "MITRE",
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MQ",
"version": {
"version_data": [
{
"version_value": "9.0.0.1"
},
{
"version_value": "8.0.0.1"
},
{
"version_value": "8.0.0.2"
},
{
"version_value": "8.0.0.3"
},
{
"version_value": "8.0.0.4"
},
{
"version_value": "8.0.0.5"
},
{
"version_value": "8.0.0.6"
},
{
"version_value": "8.0.0.7"
},
{
"version_value": "9.0.0.2"
},
{
"version_value": "8.0.0.8"
},
{
"version_value": "8.0.0.9"
},
{
"version_value": "9.0.0.3"
},
{
"version_value": "8.0.0.0"
},
{
"version_value": "8.0.0.10"
},
{
"version_value": "9.0.0.0"
},
{
"version_value": "9.0.0.4"
},
{
"version_value": "9.0.0.5"
},
{
"version_value": "8.0.0.11"
},
{
"version_value": "9.0.0.6"
},
{
"version_value": "8.0.0.12"
},
{
"version_value": "9.0.0.7"
},
{
"version_value": "8.0.0.13"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"impact": {
"cvssv3": {
"BM": {
"S": "U",
"A": "H",
"SCORE": "5.900",
"C": "N",
"AV": "N",
"AC": "H",
"I": "N",
"UI": "N",
"PR": "N"
},
"TM": {
"RC": "C",
"RL": "O",
"E": "U"
}
}
}
}

340
2019/4xxx/CVE-2019-4614.json
View File

@ -1,174 +1,174 @@
{
"data_format" : "MITRE",
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 1106523 (MQ)",
"url" : "https://www.ibm.com/support/pages/node/1106523",
"name" : "https://www.ibm.com/support/pages/node/1106523"
},
{
"name" : "ibm-mq-cve20194614-dos (168639)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/168639",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF"
}
]
},
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"BM" : {
"SCORE" : "5.300",
"AV" : "N",
"C" : "N",
"AC" : "H",
"I" : "N",
"PR" : "L",
"UI" : "N",
"S" : "U",
"A" : "H"
},
"TM" : {
"RC" : "C",
"E" : "U",
"RL" : "O"
}
}
},
"affects" : {
"vendor" : {
"vendor_data" : [
"data_format": "MITRE",
"references": {
"reference_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "9.0.0.1"
},
{
"version_value" : "8.0.0.1"
},
{
"version_value" : "8.0.0.2"
},
{
"version_value" : "8.0.0.3"
},
{
"version_value" : "8.0.0.4"
},
{
"version_value" : "8.0.0.5"
},
{
"version_value" : "8.0.0.6"
},
{
"version_value" : "8.0.0.7"
},
{
"version_value" : "9.0.0.2"
},
{
"version_value" : "8.0.0.8"
},
{
"version_value" : "8.0.0.9"
},
{
"version_value" : "9.0.0.3"
},
{
"version_value" : "8.0.0.0"
},
{
"version_value" : "8.0.0.10"
},
{
"version_value" : "9.0.0.0"
},
{
"version_value" : "9.0.0.4"
},
{
"version_value" : "9.0.0.5"
},
{
"version_value" : "9.1.0.0"
},
{
"version_value" : "9.1.0.1"
},
{
"version_value" : "9.1.1"
},
{
"version_value" : "9.1.0.2"
},
{
"version_value" : "9.1.2"
},
{
"version_value" : "8.0.0.11"
},
{
"version_value" : "9.0.0.6"
},
{
"version_value" : "8.0.0.12"
},
{
"version_value" : "9.1.0.3"
},
{
"version_value" : "9.1.3"
},
{
"version_value" : "9.0.0.7"
},
{
"version_value" : "8.0.0.13"
}
]
},
"product_name" : "MQ"
}
]
}
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 1106523 (MQ)",
"url": "https://www.ibm.com/support/pages/node/1106523",
"name": "https://www.ibm.com/support/pages/node/1106523"
},
{
"name": "ibm-mq-cve20194614-dos (168639)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/168639",
"title": "X-Force Vulnerability Report",
"refsource": "XF"
}
]
}
},
"data_version" : "4.0",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Denial of Service",
"lang" : "eng"
}
]
},
"data_type": "CVE",
"impact": {
"cvssv3": {
"BM": {
"SCORE": "5.300",
"AV": "N",
"C": "N",
"AC": "H",
"I": "N",
"PR": "L",
"UI": "N",
"S": "U",
"A": "H"
},
"TM": {
"RC": "C",
"E": "U",
"RL": "O"
}
}
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "9.0.0.1"
},
{
"version_value": "8.0.0.1"
},
{
"version_value": "8.0.0.2"
},
{
"version_value": "8.0.0.3"
},
{
"version_value": "8.0.0.4"
},
{
"version_value": "8.0.0.5"
},
{
"version_value": "8.0.0.6"
},
{
"version_value": "8.0.0.7"
},
{
"version_value": "9.0.0.2"
},
{
"version_value": "8.0.0.8"
},
{
"version_value": "8.0.0.9"
},
{
"version_value": "9.0.0.3"
},
{
"version_value": "8.0.0.0"
},
{
"version_value": "8.0.0.10"
},
{
"version_value": "9.0.0.0"
},
{
"version_value": "9.0.0.4"
},
{
"version_value": "9.0.0.5"
},
{
"version_value": "9.1.0.0"
},
{
"version_value": "9.1.0.1"
},
{
"version_value": "9.1.1"
},
{
"version_value": "9.1.0.2"
},
{
"version_value": "9.1.2"
},
{
"version_value": "8.0.0.11"
},
{
"version_value": "9.0.0.6"
},
{
"version_value": "8.0.0.12"
},
{
"version_value": "9.1.0.3"
},
{
"version_value": "9.1.3"
},
{
"version_value": "9.0.0.7"
},
{
"version_value": "8.0.0.13"
}
]
},
"product_name": "MQ"
}
]
}
}
]
}
]
},
"description" : {
"description_data" : [
{
"value" : "IBM MQ and IBM MQ Appliance 8.0 and 9.0 LTS client connecting to a Queue Manager could cause a SIGSEGV denial of service caused by converting an invalid message. IBM X-Force ID: 168639.",
"lang" : "eng"
}
]
},
"CVE_data_meta" : {
"DATE_PUBLIC" : "2020-01-24T00:00:00",
"ID" : "CVE-2019-4614",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com"
}
}
}
},
"data_version": "4.0",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Denial of Service",
"lang": "eng"
}
]
}
]
},
"description": {
"description_data": [
{
"value": "IBM MQ and IBM MQ Appliance 8.0 and 9.0 LTS client connecting to a Queue Manager could cause a SIGSEGV denial of service caused by converting an invalid message. IBM X-Force ID: 168639.",
"lang": "eng"
}
]
},
"CVE_data_meta": {
"DATE_PUBLIC": "2020-01-24T00:00:00",
"ID": "CVE-2019-4614",
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com"
}
}

282
2019/4xxx/CVE-2019-4620.json
View File

@ -1,144 +1,144 @@
{
"impact" : {
"cvssv3" : {
"BM" : {
"S" : "U",
"A" : "H",
"I" : "H",
"AC" : "L",
"AV" : "L",
"SCORE" : "8.400",
"C" : "H",
"UI" : "N",
"PR" : "N"
},
"TM" : {
"RC" : "C",
"E" : "U",
"RL" : "O"
}
}
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "8.0.0.3"
},
{
"version_value" : "8.0.0.4"
},
{
"version_value" : "8.0.0.5"
},
{
"version_value" : "8.0.0.6"
},
{
"version_value" : "8.0.0.0"
},
{
"version_value" : "8.0.0.10"
},
{
"version_value" : "8.0.0.11"
},
{
"version_value" : "9.1.0.1"
},
{
"version_value" : "9.1.1"
},
{
"version_value" : "8.0.0.1"
},
{
"version_value" : "8.0.0.7"
},
{
"version_value" : "8.0.0.9"
},
{
"version_value" : "8.0.0.12"
},
{
"version_value" : "9.1.0.2"
},
{
"version_value" : "9.1.2"
},
{
"version_value" : "9.1.0.3"
},
{
"version_value" : "9.1.3"
},
{
"version_value" : "9.1"
},
{
"version_value" : "8.0.0.13"
}
]
},
"product_name" : "MQ Appliance"
}
]
}
"impact": {
"cvssv3": {
"BM": {
"S": "U",
"A": "H",
"I": "H",
"AC": "L",
"AV": "L",
"SCORE": "8.400",
"C": "H",
"UI": "N",
"PR": "N"
},
"TM": {
"RC": "C",
"E": "U",
"RL": "O"
}
]
}
},
"data_type" : "CVE",
"data_format" : "MITRE",
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/pages/node/1125891",
"url" : "https://www.ibm.com/support/pages/node/1125891",
"title" : "IBM Security Bulletin 1125891 (MQ Appliance)",
"refsource" : "CONFIRM"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/168863",
"name" : "ibm-mq-cve20194620-sec-bypass (168863)",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM MQ Appliance 8.0 and 9.0 LTS could allow a local attacker to bypass security restrictions caused by improper validation of environment variables. IBM X-Force ID: 168863."
}
]
},
"CVE_data_meta" : {
"ID" : "CVE-2019-4620",
"DATE_PUBLIC" : "2020-01-23T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC"
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Bypass Security"
}
}
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "8.0.0.3"
},
{
"version_value": "8.0.0.4"
},
{
"version_value": "8.0.0.5"
},
{
"version_value": "8.0.0.6"
},
{
"version_value": "8.0.0.0"
},
{
"version_value": "8.0.0.10"
},
{
"version_value": "8.0.0.11"
},
{
"version_value": "9.1.0.1"
},
{
"version_value": "9.1.1"
},
{
"version_value": "8.0.0.1"
},
{
"version_value": "8.0.0.7"
},
{
"version_value": "8.0.0.9"
},
{
"version_value": "8.0.0.12"
},
{
"version_value": "9.1.0.2"
},
{
"version_value": "9.1.2"
},
{
"version_value": "9.1.0.3"
},
{
"version_value": "9.1.3"
},
{
"version_value": "9.1"
},
{
"version_value": "8.0.0.13"
}
]
},
"product_name": "MQ Appliance"
}
]
}
}
]
}
]
},
"data_version" : "4.0"
}
}
},
"data_type": "CVE",
"data_format": "MITRE",
"references": {
"reference_data": [
{
"name": "https://www.ibm.com/support/pages/node/1125891",
"url": "https://www.ibm.com/support/pages/node/1125891",
"title": "IBM Security Bulletin 1125891 (MQ Appliance)",
"refsource": "CONFIRM"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/168863",
"name": "ibm-mq-cve20194620-sec-bypass (168863)",
"refsource": "XF",
"title": "X-Force Vulnerability Report"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM MQ Appliance 8.0 and 9.0 LTS could allow a local attacker to bypass security restrictions caused by improper validation of environment variables. IBM X-Force ID: 168863."
}
]
},
"CVE_data_meta": {
"ID": "CVE-2019-4620",
"DATE_PUBLIC": "2020-01-23T00:00:00",
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Bypass Security"
}
]
}
]
},
"data_version": "4.0"
}

174
2019/4xxx/CVE-2019-4631.json
View File

@ -1,90 +1,90 @@
{
"data_version" : "4.0",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Gain Access",
"lang" : "eng"
}
]
}
]
},
"description" : {
"description_data" : [
{
"value" : "IBM Security Secret Server 10.7 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 170001.",
"lang" : "eng"
}
]
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"ID" : "CVE-2019-4631",
"DATE_PUBLIC" : "2020-01-24T00:00:00"
},
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 1283224 (Security Secret Server)",
"url" : "https://www.ibm.com/support/pages/node/1283224",
"name" : "https://www.ibm.com/support/pages/node/1283224"
},
{
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"name" : "ibm-sss-cve20194631-open-redirect (170001)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/170001"
}
]
},
"data_format" : "MITRE",
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
},
"BM" : {
"UI" : "R",
"PR" : "N",
"C" : "N",
"SCORE" : "7.400",
"AV" : "N",
"I" : "H",
"AC" : "L",
"A" : "N",
"S" : "C"
}
}
},
"affects" : {
"vendor" : {
"vendor_data" : [
"data_version": "4.0",
"problemtype": {
"problemtype_data": [
{
"product" : {
"product_data" : [
{
"product_name" : "Security Secret Server",
"version" : {
"version_data" : [
{
"version_value" : "10.7"
}
]
}
}
]
},
"vendor_name" : "IBM"
"description": [
{
"value": "Gain Access",
"lang": "eng"
}
]
}
]
}
}
}
]
},
"description": {
"description_data": [
{
"value": "IBM Security Secret Server 10.7 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 170001.",
"lang": "eng"
}
]
},
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC",
"ID": "CVE-2019-4631",
"DATE_PUBLIC": "2020-01-24T00:00:00"
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 1283224 (Security Secret Server)",
"url": "https://www.ibm.com/support/pages/node/1283224",
"name": "https://www.ibm.com/support/pages/node/1283224"
},
{
"title": "X-Force Vulnerability Report",
"refsource": "XF",
"name": "ibm-sss-cve20194631-open-redirect (170001)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/170001"
}
]
},
"data_format": "MITRE",
"data_type": "CVE",
"impact": {
"cvssv3": {
"TM": {
"E": "U",
"RL": "O",
"RC": "C"
},
"BM": {
"UI": "R",
"PR": "N",
"C": "N",
"SCORE": "7.400",
"AV": "N",
"I": "H",
"AC": "L",
"A": "N",
"S": "C"
}
}
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Security Secret Server",
"version": {
"version_data": [
{
"version_value": "10.7"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
}
}

174
2019/4xxx/CVE-2019-4632.json
View File

@ -1,90 +1,90 @@
{
"CVE_data_meta" : {
"DATE_PUBLIC" : "2020-01-24T00:00:00",
"ID" : "CVE-2019-4632",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com"
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Secret Server 10.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 170004."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
]
}
]
},
"data_version" : "4.0",
"impact" : {
"cvssv3" : {
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "H"
},
"BM" : {
"SCORE" : "6.100",
"AV" : "N",
"C" : "L",
"I" : "L",
"AC" : "L",
"PR" : "N",
"UI" : "R",
"S" : "C",
"A" : "N"
}
}
},
"affects" : {
"vendor" : {
"vendor_data" : [
"CVE_data_meta": {
"DATE_PUBLIC": "2020-01-24T00:00:00",
"ID": "CVE-2019-4632",
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com"
},
"description": {
"description_data": [
{
"product" : {
"product_data" : [
{
"product_name" : "Security Secret Server",
"version" : {
"version_data" : [
{
"version_value" : "10.7"
}
]
}
}
]
},
"vendor_name" : "IBM"
"lang": "eng",
"value": "IBM Security Secret Server 10.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 170004."
}
]
}
},
"data_type" : "CVE",
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/pages/node/1283254",
"url" : "https://www.ibm.com/support/pages/node/1283254",
"title" : "IBM Security Bulletin 1283254 (Security Secret Server)",
"refsource" : "CONFIRM"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/170004",
"name" : "ibm-sss-cve20194632-xss (170004)",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
},
"data_format" : "MITRE"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"data_version": "4.0",
"impact": {
"cvssv3": {
"TM": {
"RC": "C",
"RL": "O",
"E": "H"
},
"BM": {
"SCORE": "6.100",
"AV": "N",
"C": "L",
"I": "L",
"AC": "L",
"PR": "N",
"UI": "R",
"S": "C",
"A": "N"
}
}
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Security Secret Server",
"version": {
"version_data": [
{
"version_value": "10.7"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_type": "CVE",
"references": {
"reference_data": [
{
"name": "https://www.ibm.com/support/pages/node/1283254",
"url": "https://www.ibm.com/support/pages/node/1283254",
"title": "IBM Security Bulletin 1283254 (Security Secret Server)",
"refsource": "CONFIRM"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/170004",
"name": "ibm-sss-cve20194632-xss (170004)",
"refsource": "XF",
"title": "X-Force Vulnerability Report"
}
]
},
"data_format": "MITRE"
}

172
2019/4xxx/CVE-2019-4633.json
View File

@ -1,90 +1,90 @@
{
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/pages/node/1283200",
"name" : "https://www.ibm.com/support/pages/node/1283200",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 1283200 (Security Secret Server)"
},
{
"name" : "ibm-sss-cve20194633-info-disc (170007)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/170007",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF"
}
]
},
"data_format" : "MITRE",
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"S" : "U",
"UI" : "R",
"PR" : "N",
"SCORE" : "3.100",
"AV" : "N",
"C" : "L",
"AC" : "H",
"I" : "N"
},
"TM" : {
"RC" : "C",
"E" : "U",
"RL" : "O"
}
}
},
"affects" : {
"vendor" : {
"vendor_data" : [
"references": {
"reference_data": [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "10.7"
}
]
},
"product_name" : "Security Secret Server"
}
]
},
"vendor_name" : "IBM"
"url": "https://www.ibm.com/support/pages/node/1283200",
"name": "https://www.ibm.com/support/pages/node/1283200",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 1283200 (Security Secret Server)"
},
{
"name": "ibm-sss-cve20194633-info-disc (170007)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/170007",
"title": "X-Force Vulnerability Report",
"refsource": "XF"
}
]
}
},
"data_version" : "4.0",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
},
"data_format": "MITRE",
"data_type": "CVE",
"impact": {
"cvssv3": {
"BM": {
"A": "N",
"S": "U",
"UI": "R",
"PR": "N",
"SCORE": "3.100",
"AV": "N",
"C": "L",
"AC": "H",
"I": "N"
},
"TM": {
"RC": "C",
"E": "U",
"RL": "O"
}
}
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "10.7"
}
]
},
"product_name": "Security Secret Server"
}
]
},
"vendor_name": "IBM"
}
]
}
]
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Secret Server 10.7 could allow an attacker to obtain sensitive information due to an overly permissive CORS policy. IBM X-Force ID: 170007."
}
]
},
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2020-01-24T00:00:00",
"ID" : "CVE-2019-4633"
}
}
}
},
"data_version": "4.0",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Security Secret Server 10.7 could allow an attacker to obtain sensitive information due to an overly permissive CORS policy. IBM X-Force ID: 170007."
}
]
},
"CVE_data_meta": {
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2020-01-24T00:00:00",
"ID": "CVE-2019-4633"
}
}

172
2019/4xxx/CVE-2019-4635.json
View File

@ -1,90 +1,90 @@
{
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 1283212 (Security Secret Server)",
"url" : "https://www.ibm.com/support/pages/node/1283212",
"name" : "https://www.ibm.com/support/pages/node/1283212"
},
{
"name" : "ibm-sss-cve20194635-command-injection (170011)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/170011",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF"
}
]
},
"data_format" : "MITRE",
"data_type" : "CVE",
"affects" : {
"vendor" : {
"vendor_data" : [
"references": {
"reference_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "10.7"
}
]
},
"product_name" : "Security Secret Server"
}
]
}
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 1283212 (Security Secret Server)",
"url": "https://www.ibm.com/support/pages/node/1283212",
"name": "https://www.ibm.com/support/pages/node/1283212"
},
{
"name": "ibm-sss-cve20194635-command-injection (170011)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/170011",
"title": "X-Force Vulnerability Report",
"refsource": "XF"
}
]
}
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"S" : "U",
"PR" : "H",
"UI" : "N",
"AC" : "L",
"I" : "L",
"C" : "N",
"SCORE" : "2.700",
"AV" : "N"
},
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
}
}
},
"data_version" : "4.0",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Gain Access",
"lang" : "eng"
}
]
},
"data_format": "MITRE",
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "10.7"
}
]
},
"product_name": "Security Secret Server"
}
]
}
}
]
}
]
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Secret Server 10.7 could allow a privileged user to perform unauthorized command injection due to imporoper input neutralization of special elements. IBM X-Force ID: 170011."
}
]
},
"CVE_data_meta" : {
"DATE_PUBLIC" : "2020-01-24T00:00:00",
"ID" : "CVE-2019-4635",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com"
}
}
}
},
"impact": {
"cvssv3": {
"BM": {
"A": "N",
"S": "U",
"PR": "H",
"UI": "N",
"AC": "L",
"I": "L",
"C": "N",
"SCORE": "2.700",
"AV": "N"
},
"TM": {
"E": "U",
"RL": "O",
"RC": "C"
}
}
},
"data_version": "4.0",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Gain Access",
"lang": "eng"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Security Secret Server 10.7 could allow a privileged user to perform unauthorized command injection due to imporoper input neutralization of special elements. IBM X-Force ID: 170011."
}
]
},
"CVE_data_meta": {
"DATE_PUBLIC": "2020-01-24T00:00:00",
"ID": "CVE-2019-4635",
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com"
}
}

174
2019/4xxx/CVE-2019-4636.json
View File

@ -1,90 +1,90 @@
{
"data_version" : "4.0",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"CVE_data_meta" : {
"ID" : "CVE-2019-4636",
"DATE_PUBLIC" : "2020-01-24T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC"
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Secret Server 10.7 could disclose sensitive information to an authenticated user from generated error messages. IBM X-Force ID: 170013."
}
]
},
"data_format" : "MITRE",
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 1283260 (Security Secret Server)",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/1283260",
"url" : "https://www.ibm.com/support/pages/node/1283260"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/170013",
"name" : "ibm-sss-cve20194636-info-disc (170013)",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
},
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"S" : "U",
"UI" : "N",
"PR" : "H",
"SCORE" : "2.700",
"C" : "L",
"AV" : "N",
"AC" : "L",
"I" : "N"
},
"TM" : {
"RC" : "C",
"E" : "U",
"RL" : "O"
}
}
},
"affects" : {
"vendor" : {
"vendor_data" : [
"data_version": "4.0",
"problemtype": {
"problemtype_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Security Secret Server",
"version" : {
"version_data" : [
{
"version_value" : "10.7"
}
]
}
}
]
}
"description": [
{
"value": "Obtain Information",
"lang": "eng"
}
]
}
]
}
}
}
]
},
"CVE_data_meta": {
"ID": "CVE-2019-4636",
"DATE_PUBLIC": "2020-01-24T00:00:00",
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Security Secret Server 10.7 could disclose sensitive information to an authenticated user from generated error messages. IBM X-Force ID: 170013."
}
]
},
"data_format": "MITRE",
"references": {
"reference_data": [
{
"title": "IBM Security Bulletin 1283260 (Security Secret Server)",
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/pages/node/1283260",
"url": "https://www.ibm.com/support/pages/node/1283260"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/170013",
"name": "ibm-sss-cve20194636-info-disc (170013)",
"refsource": "XF",
"title": "X-Force Vulnerability Report"
}
]
},
"data_type": "CVE",
"impact": {
"cvssv3": {
"BM": {
"A": "N",
"S": "U",
"UI": "N",
"PR": "H",
"SCORE": "2.700",
"C": "L",
"AV": "N",
"AC": "L",
"I": "N"
},
"TM": {
"RC": "C",
"E": "U",
"RL": "O"
}
}
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "Security Secret Server",
"version": {
"version_data": [
{
"version_value": "10.7"
}
]
}
}
]
}
}
]
}
}
}

174
2019/4xxx/CVE-2019-4637.json
View File

@ -1,90 +1,90 @@
{
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2019-4637",
"DATE_PUBLIC" : "2020-01-24T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC"
},
"description" : {
"description_data" : [
{
"value" : "IBM Security Secret Server 10.7 uses incomplete blacklisting for input validation which allows attackers to bypass application controls resulting in direct impact to the system and data integrity. IBM X-Force ID: 170043.",
"lang" : "eng"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Gain Access",
"lang" : "eng"
}
]
}
]
},
"data_type" : "CVE",
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/pages/node/1283242",
"url" : "https://www.ibm.com/support/pages/node/1283242",
"title" : "IBM Security Bulletin 1283242 (Security Secret Server)",
"refsource" : "CONFIRM"
},
{
"name" : "ibm-sss-cve20194637-weak-security (170043)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/170043",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF"
}
]
},
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"S" : "U",
"PR" : "L",
"UI" : "N",
"SCORE" : "4.300",
"AV" : "N",
"C" : "N",
"I" : "L",
"AC" : "L"
},
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
}
}
},
"affects" : {
"vendor" : {
"vendor_data" : [
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-4637",
"DATE_PUBLIC": "2020-01-24T00:00:00",
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Security Secret Server",
"version" : {
"version_data" : [
{
"version_value" : "10.7"
}
]
}
}
]
}
"value": "IBM Security Secret Server 10.7 uses incomplete blacklisting for input validation which allows attackers to bypass application controls resulting in direct impact to the system and data integrity. IBM X-Force ID: 170043.",
"lang": "eng"
}
]
}
}
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Gain Access",
"lang": "eng"
}
]
}
]
},
"data_type": "CVE",
"references": {
"reference_data": [
{
"name": "https://www.ibm.com/support/pages/node/1283242",
"url": "https://www.ibm.com/support/pages/node/1283242",
"title": "IBM Security Bulletin 1283242 (Security Secret Server)",
"refsource": "CONFIRM"
},
{
"name": "ibm-sss-cve20194637-weak-security (170043)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/170043",
"title": "X-Force Vulnerability Report",
"refsource": "XF"
}
]
},
"data_format": "MITRE",
"impact": {
"cvssv3": {
"BM": {
"A": "N",
"S": "U",
"PR": "L",
"UI": "N",
"SCORE": "4.300",
"AV": "N",
"C": "N",
"I": "L",
"AC": "L"
},
"TM": {
"RC": "C",
"RL": "O",
"E": "U"
}
}
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "Security Secret Server",
"version": {
"version_data": [
{
"version_value": "10.7"
}
]
}
}
]
}
}
]
}
}
}

174
2019/4xxx/CVE-2019-4638.json
View File

@ -1,90 +1,90 @@
{
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Secret Server 10.7 does not set the secure attribute on authorization tokens or session cookies. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 170044."
}
]
},
"CVE_data_meta" : {
"ID" : "CVE-2019-4638",
"DATE_PUBLIC" : "2020-01-24T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC"
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"data_type" : "CVE",
"data_format" : "MITRE",
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 1283236 (Security Secret Server)",
"url" : "https://www.ibm.com/support/pages/node/1283236",
"name" : "https://www.ibm.com/support/pages/node/1283236"
},
{
"name" : "ibm-sss-cve20194638-info-disc (170044)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/170044",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF"
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"E" : "U",
"RC" : "C"
},
"BM" : {
"A" : "N",
"S" : "U",
"PR" : "N",
"UI" : "N",
"AC" : "H",
"I" : "N",
"SCORE" : "3.700",
"C" : "L",
"AV" : "N"
}
}
},
"affects" : {
"vendor" : {
"vendor_data" : [
"data_version": "4.0",
"description": {
"description_data": [
{
"product" : {
"product_data" : [
{
"product_name" : "Security Secret Server",
"version" : {
"version_data" : [
{
"version_value" : "10.7"
}
]
}
}
]
},
"vendor_name" : "IBM"
"lang": "eng",
"value": "IBM Security Secret Server 10.7 does not set the secure attribute on authorization tokens or session cookies. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 170044."
}
]
}
}
}
]
},
"CVE_data_meta": {
"ID": "CVE-2019-4638",
"DATE_PUBLIC": "2020-01-24T00:00:00",
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Obtain Information",
"lang": "eng"
}
]
}
]
},
"data_type": "CVE",
"data_format": "MITRE",
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 1283236 (Security Secret Server)",
"url": "https://www.ibm.com/support/pages/node/1283236",
"name": "https://www.ibm.com/support/pages/node/1283236"
},
{
"name": "ibm-sss-cve20194638-info-disc (170044)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/170044",
"title": "X-Force Vulnerability Report",
"refsource": "XF"
}
]
},
"impact": {
"cvssv3": {
"TM": {
"RL": "O",
"E": "U",
"RC": "C"
},
"BM": {
"A": "N",
"S": "U",
"PR": "N",
"UI": "N",
"AC": "H",
"I": "N",
"SCORE": "3.700",
"C": "L",
"AV": "N"
}
}
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Security Secret Server",
"version": {
"version_data": [
{
"version_value": "10.7"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
}
}

174
2019/4xxx/CVE-2019-4639.json
View File

@ -1,90 +1,90 @@
{
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"CVE_data_meta" : {
"DATE_PUBLIC" : "2020-01-24T00:00:00",
"ID" : "CVE-2019-4639",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com"
},
"description" : {
"description_data" : [
{
"value" : "IBM Security Secret Server 10.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 170045.",
"lang" : "eng"
}
]
},
"data_version" : "4.0",
"impact" : {
"cvssv3" : {
"BM" : {
"AC" : "H",
"I" : "N",
"C" : "H",
"SCORE" : "5.900",
"AV" : "N",
"PR" : "N",
"UI" : "N",
"S" : "U",
"A" : "N"
},
"TM" : {
"RC" : "C",
"E" : "U",
"RL" : "O"
}
}
},
"affects" : {
"vendor" : {
"vendor_data" : [
"problemtype": {
"problemtype_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Security Secret Server",
"version" : {
"version_data" : [
{
"version_value" : "10.7"
}
]
}
}
]
}
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
}
},
"data_format" : "MITRE",
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 1283194 (Security Secret Server)",
"url" : "https://www.ibm.com/support/pages/node/1283194",
"name" : "https://www.ibm.com/support/pages/node/1283194"
},
{
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"name" : "ibm-sss-cve20194639-info-disc (170045)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/170045"
}
]
},
"data_type" : "CVE"
}
]
},
"CVE_data_meta": {
"DATE_PUBLIC": "2020-01-24T00:00:00",
"ID": "CVE-2019-4639",
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com"
},
"description": {
"description_data": [
{
"value": "IBM Security Secret Server 10.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 170045.",
"lang": "eng"
}
]
},
"data_version": "4.0",
"impact": {
"cvssv3": {
"BM": {
"AC": "H",
"I": "N",
"C": "H",
"SCORE": "5.900",
"AV": "N",
"PR": "N",
"UI": "N",
"S": "U",
"A": "N"
},
"TM": {
"RC": "C",
"E": "U",
"RL": "O"
}
}
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "Security Secret Server",
"version": {
"version_data": [
{
"version_value": "10.7"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 1283194 (Security Secret Server)",
"url": "https://www.ibm.com/support/pages/node/1283194",
"name": "https://www.ibm.com/support/pages/node/1283194"
},
{
"title": "X-Force Vulnerability Report",
"refsource": "XF",
"name": "ibm-sss-cve20194639-info-disc (170045)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/170045"
}
]
},
"data_type": "CVE"
}

174
2019/4xxx/CVE-2019-4679.json
View File

@ -1,90 +1,90 @@
{
"data_version" : "4.0",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2020-01-24T00:00:00",
"ID" : "CVE-2019-4679"
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Content Navigator 3.0CD could allow an authenticated user to gain information about the hosting operating system and version that could be used in further attacks against the system. IBM X-Force ID: 171515."
}
]
},
"data_format" : "MITRE",
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 1283458 (Content Navigator)",
"url" : "https://www.ibm.com/support/pages/node/1283458",
"name" : "https://www.ibm.com/support/pages/node/1283458"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/171515",
"name" : "ibm-cn-cve20194679-info-disc (171515)",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
},
"data_type" : "CVE",
"affects" : {
"vendor" : {
"vendor_data" : [
"data_version": "4.0",
"problemtype": {
"problemtype_data": [
{
"product" : {
"product_data" : [
{
"product_name" : "Content Navigator",
"version" : {
"version_data" : [
{
"version_value" : "3.0CD"
}
]
}
}
]
},
"vendor_name" : "IBM"
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
}
},
"impact" : {
"cvssv3" : {
"BM" : {
"PR" : "L",
"UI" : "N",
"I" : "N",
"AC" : "L",
"AV" : "N",
"SCORE" : "4.300",
"C" : "L",
"A" : "N",
"S" : "U"
},
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
}
}
}
}
]
},
"CVE_data_meta": {
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2020-01-24T00:00:00",
"ID": "CVE-2019-4679"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Content Navigator 3.0CD could allow an authenticated user to gain information about the hosting operating system and version that could be used in further attacks against the system. IBM X-Force ID: 171515."
}
]
},
"data_format": "MITRE",
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 1283458 (Content Navigator)",
"url": "https://www.ibm.com/support/pages/node/1283458",
"name": "https://www.ibm.com/support/pages/node/1283458"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/171515",
"name": "ibm-cn-cve20194679-info-disc (171515)",
"refsource": "XF",
"title": "X-Force Vulnerability Report"
}
]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Content Navigator",
"version": {
"version_data": [
{
"version_value": "3.0CD"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"impact": {
"cvssv3": {
"BM": {
"PR": "L",
"UI": "N",
"I": "N",
"AC": "L",
"AV": "N",
"SCORE": "4.300",
"C": "L",
"A": "N",
"S": "U"
},
"TM": {
"E": "U",
"RL": "O",
"RC": "C"
}
}
}
}

176
2019/4xxx/CVE-2019-4707.json
View File

@ -1,90 +1,90 @@
{
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "9.0.7.0"
}
]
},
"product_name" : "Security Access Manager Appliance"
}
]
},
"vendor_name" : "IBM"
}
]
}
},
"impact" : {
"cvssv3" : {
"BM" : {
"I" : "N",
"AC" : "L",
"SCORE" : "7.100",
"C" : "H",
"AV" : "N",
"PR" : "L",
"UI" : "N",
"S" : "U",
"A" : "L"
},
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
}
}
},
"data_type" : "CVE",
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 1284034 (Security Access Manager Appliance)",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/1284034",
"url" : "https://www.ibm.com/support/pages/node/1284034"
},
{
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/172018",
"name" : "ibm-sam-cve20194707-xxe (172018)"
}
]
},
"data_format" : "MITRE",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Access Manager Appliance 9.0.7.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 172018."
}
]
},
"CVE_data_meta" : {
"DATE_PUBLIC" : "2020-01-27T00:00:00",
"ID" : "CVE-2019-4707",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com"
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "9.0.7.0"
}
]
},
"product_name": "Security Access Manager Appliance"
}
]
},
"vendor_name": "IBM"
}
]
}
]
},
"data_version" : "4.0"
}
}
},
"impact": {
"cvssv3": {
"BM": {
"I": "N",
"AC": "L",
"SCORE": "7.100",
"C": "H",
"AV": "N",
"PR": "L",
"UI": "N",
"S": "U",
"A": "L"
},
"TM": {
"RC": "C",
"RL": "O",
"E": "U"
}
}
},
"data_type": "CVE",
"references": {
"reference_data": [
{
"title": "IBM Security Bulletin 1284034 (Security Access Manager Appliance)",
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/pages/node/1284034",
"url": "https://www.ibm.com/support/pages/node/1284034"
},
{
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/172018",
"name": "ibm-sam-cve20194707-xxe (172018)"
}
]
},
"data_format": "MITRE",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Security Access Manager Appliance 9.0.7.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 172018."
}
]
},
"CVE_data_meta": {
"DATE_PUBLIC": "2020-01-27T00:00:00",
"ID": "CVE-2019-4707",
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"data_version": "4.0"
}

200
2020/4xxx/CVE-2020-4207.json
View File

@ -1,103 +1,103 @@
{
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"value" : "IBM Watson IoT Message Gateway 2.0.0.x, 5.0.0.0, 5.0.0.1, and 5.0.0.2 is vulnerable to a buffer overflow, caused by improper bounds checking when handling a failed HTTP request with specific content in the headers. By sending a specially crafted HTTP request, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause a denial of service. IBM X-Force ID: 174972.",
"lang" : "eng"
}
]
},
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2020-01-24T00:00:00",
"ID" : "CVE-2020-4207"
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Gain Access",
"lang" : "eng"
}
]
}
]
},
"data_type" : "CVE",
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/pages/node/1283626",
"url" : "https://www.ibm.com/support/pages/node/1283626",
"title" : "IBM Security Bulletin 1283626 (IoT MessageSight)",
"refsource" : "CONFIRM"
},
{
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"name" : "ibm-watson-cve20204207-code-exec (174972)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/174972"
}
]
},
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"E" : "U",
"RC" : "C"
},
"BM" : {
"S" : "U",
"A" : "H",
"I" : "H",
"AC" : "L",
"C" : "H",
"SCORE" : "9.800",
"AV" : "N",
"UI" : "N",
"PR" : "N"
}
}
},
"affects" : {
"vendor" : {
"vendor_data" : [
"data_version": "4.0",
"description": {
"description_data": [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "5.0.0.1"
}
]
},
"product_name" : "WIoTP MessageGateway"
},
{
"version" : {
"version_data" : [
{
"version_value" : "2.0"
},
{
"version_value" : "5.0.0.0"
}
]
},
"product_name" : "IoT MessageSight"
}
]
},
"vendor_name" : "IBM"
"value": "IBM Watson IoT Message Gateway 2.0.0.x, 5.0.0.0, 5.0.0.1, and 5.0.0.2 is vulnerable to a buffer overflow, caused by improper bounds checking when handling a failed HTTP request with specific content in the headers. By sending a specially crafted HTTP request, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause a denial of service. IBM X-Force ID: 174972.",
"lang": "eng"
}
]
}
}
}
]
},
"CVE_data_meta": {
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2020-01-24T00:00:00",
"ID": "CVE-2020-4207"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Gain Access",
"lang": "eng"
}
]
}
]
},
"data_type": "CVE",
"references": {
"reference_data": [
{
"name": "https://www.ibm.com/support/pages/node/1283626",
"url": "https://www.ibm.com/support/pages/node/1283626",
"title": "IBM Security Bulletin 1283626 (IoT MessageSight)",
"refsource": "CONFIRM"
},
{
"title": "X-Force Vulnerability Report",
"refsource": "XF",
"name": "ibm-watson-cve20204207-code-exec (174972)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/174972"
}
]
},
"data_format": "MITRE",
"impact": {
"cvssv3": {
"TM": {
"RL": "O",
"E": "U",
"RC": "C"
},
"BM": {
"S": "U",
"A": "H",
"I": "H",
"AC": "L",
"C": "H",
"SCORE": "9.800",
"AV": "N",
"UI": "N",
"PR": "N"
}
}
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "5.0.0.1"
}
]
},
"product_name": "WIoTP MessageGateway"
},
{
"version": {
"version_data": [
{
"version_value": "2.0"
},
{
"version_value": "5.0.0.0"
}
]
},
"product_name": "IoT MessageSight"
}
]
},
"vendor_name": "IBM"
}
]
}
}
}

4
2020/5xxx/CVE-2020-5211.json
View File

@ -35,7 +35,7 @@
"description_data": [
{
"lang": "eng",
"value": "In NetHack before 3.6.5, an invalid extended command in value for the AUTOCOMPLETE configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation.\n\nThis vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to upload their own configuration files.\n\nUsers should upgrade to NetHack 3.6.5."
"value": "In NetHack before 3.6.5, an invalid extended command in value for the AUTOCOMPLETE configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to upload their own configuration files. Users should upgrade to NetHack 3.6.5."
}
]
},
@ -80,4 +80,4 @@
"advisory": "GHSA-r788-4jf4-r9f7",
"discovery": "UNKNOWN"
}
}
}

4
2020/5xxx/CVE-2020-5212.json
View File

@ -35,7 +35,7 @@
"description_data": [
{
"lang": "eng",
"value": "In NetHack before 3.6.5, an extremely long value for the MENUCOLOR configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation.\n\nThis vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to upload their own configuration files.\n\nUsers should upgrade to NetHack 3.6.5."
"value": "In NetHack before 3.6.5, an extremely long value for the MENUCOLOR configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to upload their own configuration files. Users should upgrade to NetHack 3.6.5."
}
]
},
@ -80,4 +80,4 @@
"advisory": "GHSA-g89f-m829-4m56",
"discovery": "UNKNOWN"
}
}
}

4
2020/5xxx/CVE-2020-5213.json
View File

@ -35,7 +35,7 @@
"description_data": [
{
"lang": "eng",
"value": "In NetHack before 3.6.5, too long of a value for the SYMBOL configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation.\n\nThis vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to upload their own configuration files.\n\nUsers should upgrade to NetHack 3.6.5."
"value": "In NetHack before 3.6.5, too long of a value for the SYMBOL configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to upload their own configuration files. Users should upgrade to NetHack 3.6.5."
}
]
},
@ -80,4 +80,4 @@
"advisory": "GHSA-rr25-4v34-pr7v",
"discovery": "UNKNOWN"
}
}
}

4
2020/5xxx/CVE-2020-5214.json
View File

@ -35,7 +35,7 @@
"description_data": [
{
"lang": "eng",
"value": "In NetHack before 3.6.5, detecting an unknown configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation.\n\nThis vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to upload their own configuration files.\n\nUsers should upgrade to NetHack 3.6.5."
"value": "In NetHack before 3.6.5, detecting an unknown configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to upload their own configuration files. Users should upgrade to NetHack 3.6.5."
}
]
},
@ -80,4 +80,4 @@
"advisory": "GHSA-p8fw-rq89-xqx6",
"discovery": "UNKNOWN"
}
}
}

5
2020/7xxx/CVE-2020-7040.json
View File

@ -86,6 +86,11 @@
"refsource": "MLIST",
"name": "[oss-security] 20200123 Re: CVE-2020-7040: storeBackup: denial of service and symlink attack vector via fixed lockfile path /tmp/storeBackup.lock",
"url": "http://www.openwall.com/lists/oss-security/2020/01/23/1"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0119",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00054.html"
}
]
}

18
2020/8xxx/CVE-2020-8252.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8252",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8253.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8253",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8254.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8254",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8255.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8255",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8256.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8256",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8257.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8257",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8258.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8258",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8259.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8259",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8260.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8260",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8261.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8261",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8262.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8262",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8263.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8263",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8264.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8264",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8265.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8265",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8266.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8266",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8267.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8267",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8268.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8268",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8269.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8269",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8270.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8270",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8271.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8271",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8272.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8272",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8273.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8273",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8274.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8274",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8275.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8275",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8276.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8276",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8277.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8277",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8278.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8278",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8279.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8279",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8280.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8280",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8281.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8281",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8282.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8282",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8283.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8283",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8284.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8284",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8285.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8285",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8286.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8286",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8287.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8287",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8288.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8288",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8289.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8289",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8290.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8290",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8291.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8291",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8292.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8292",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8293.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8293",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8294.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8294",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8295.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8295",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8296.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8296",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8297.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8297",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8298.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8298",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8299.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8299",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8300.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8300",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8301.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8301",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8302.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8302",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8303.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8303",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8304.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8304",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8305.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8305",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8306.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8306",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8307.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8307",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8308.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8308",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8309.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8309",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8310.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8310",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8311.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8311",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8312.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8312",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8313.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8313",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8314.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8314",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

62
2020/8xxx/CVE-2020-8315.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-8315",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Python (CPython) 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1, an insecure dependency load upon launch on Windows 7 may result in an attacker's copy of api-ms-win-core-path-l1-1-0.dll being loaded and used instead of the system's copy. Windows 8 and later are unaffected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://bugs.python.org/issue39401",
"refsource": "MISC",
"name": "https://bugs.python.org/issue39401"
}
]
}
}