admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-10-22 17:01:54 +00:00
parent 2b2316a083
commit e925f4808b
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
7 changed files with 216 additions and 73 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
2020/25xxx/CVE-2020-25825.json
View File

@ -71,21 +71,6 @@
"refsource": "CONFIRM",
"name": "https://github.com/OctopusDeploy/Issues/issues/6607",
"url": "https://github.com/OctopusDeploy/Issues/issues/6607"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/OctopusDeploy/Issues/issues/6637",
"url": "https://github.com/OctopusDeploy/Issues/issues/6637"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/OctopusDeploy/Issues/issues/6639",
"url": "https://github.com/OctopusDeploy/Issues/issues/6639"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/OctopusDeploy/Issues/issues/6640",
"url": "https://github.com/OctopusDeploy/Issues/issues/6640"
}
]
}

16
2020/26xxx/CVE-2020-26894.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "Faulkner Wildlife Issues in the New Millennium 18.0.160 on Windows allows local, low-privileged users to gain privileges by creating a malicious \"%SYSTEMDRIVE%\\Course Software Material 18.0.1.9\\cmd.exe\" file."
"value": "LiveCode v9.6.1 on Windows allows local, low-privileged users to gain privileges by creating a malicious \"cmd.exe\" in the folder of the vulnerable LiveCode application. If the application is using LiveCode's \"shell()\" function, it will attempt to search for \"cmd.exe\" in the folder of the current application and run the malicious \"cmd.exe\"."
}
]
},
@ -53,9 +53,19 @@
"references": {
"reference_data": [
{
"url": "https://john-woodman.com/posts/Privilege-Escalation-Vulnerability-Faulkner-Press/",
"refsource": "MISC",
"name": "https://john-woodman.com/posts/Privilege-Escalation-Vulnerability-Faulkner-Press/"
"name": "https://john-woodman.com/posts/LiveCode-Privilege-Escalation-Vulnerability/",
"url": "https://john-woodman.com/posts/LiveCode-Privilege-Escalation-Vulnerability/"
},
{
"refsource": "MISC",
"name": "https://quality.livecode.com/show_bug.cgi?id=22942",
"url": "https://quality.livecode.com/show_bug.cgi?id=22942"
},
{
"refsource": "MISC",
"name": "https://github.com/livecode/livecode/pull/7454",
"url": "https://github.com/livecode/livecode/pull/7454"
}
]
}

71
2020/27xxx/CVE-2020-27155.json
View File

@ -1,17 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-27155",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-27155",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in Octopus Deploy through 2020.4.4. If enabled, the websocket endpoint may allow an untrusted tentacle host to present itself as a trusted one."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/OctopusDeploy",
"refsource": "MISC",
"name": "https://github.com/OctopusDeploy"
},
{
"refsource": "MISC",
"name": "https://github.com/OctopusDeploy/Issues/issues/6637",
"url": "https://github.com/OctopusDeploy/Issues/issues/6637"
},
{
"refsource": "MISC",
"name": "https://github.com/OctopusDeploy/Issues/issues/6639",
"url": "https://github.com/OctopusDeploy/Issues/issues/6639"
},
{
"refsource": "MISC",
"name": "https://github.com/OctopusDeploy/Issues/issues/6640",
"url": "https://github.com/OctopusDeploy/Issues/issues/6640"
}
]
}

61
2020/27xxx/CVE-2020-27195.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-27195",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-27195",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "HashiCorp Nomad and Nomad Enterprise version 0.9.0 up to 0.12.5 client file sandbox feature can be subverted using either the template or artifact stanzas. Fixed in 0.12.6, 0.11.5, and 0.10.6"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.nomadproject.io/downloads",
"refsource": "MISC",
"name": "https://www.nomadproject.io/downloads"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/hashicorp/nomad/blob/master/CHANGELOG.md#0126-october-21-2020",
"url": "https://github.com/hashicorp/nomad/blob/master/CHANGELOG.md#0126-october-21-2020"
}
]
}

18
2020/27xxx/CVE-2020-27662.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-27662",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/27xxx/CVE-2020-27663.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-27663",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

90
2020/7xxx/CVE-2020-7020.json
View File

@ -3,61 +3,65 @@
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "bressers@elastic.co",
"ASSIGNER": "security@elastic.co",
"ID": "CVE-2020-7020",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Elastic",
"product": {
"product_data": [
"vendor": {
"vendor_data": [
{
"product_name": "Elasticsearch",
"version": {
"version_data": [
{
"version_value": "before 6.8.13 and 7.9.2"
}
]
}
"vendor_name": "Elastic",
"product": {
"product_data": [
{
"product_name": "Elasticsearch",
"version": {
"version_data": [
{
"version_value": "before 6.8.13 and 7.9.2"
}
]
}
}
]
}
}
]
}
}
]
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
"problemtype_data": [
{
"lang": "eng",
"value": "CWE-270: Privilege Context Switching Error"
"description": [
{
"lang": "eng",
"value": "CWE-270: Privilege Context Switching Error"
}
]
}
]
}
]
]
},
"references": {
"reference_data": [
{
"url": "https://staging-website.elastic.co/community/security/"
},
{
"url": "https://discuss.elastic.co/t/elastic-stack-7-9-3-and-6-8-13-security-update/253033"
}
]
"reference_data": [
{
"url": "https://staging-website.elastic.co/community/security/",
"refsource": "MISC",
"name": "https://staging-website.elastic.co/community/security/"
},
{
"url": "https://discuss.elastic.co/t/elastic-stack-7-9-3-and-6-8-13-security-update/253033",
"refsource": "MISC",
"name": "https://discuss.elastic.co/t/elastic-stack-7-9-3-and-6-8-13-security-update/253033"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Elasticsearch versions before 6.8.13 and 7.9.2 contain a document disclosure flaw when Document or Field Level Security is used. Search queries do not properly preserve security permissions when executing certain complex queries. This could result in the search disclosing the existence of documents the attacker should not be able to view. This could result in an attacker gaining additional insight into potentially sensitive indices."
}
]
"description_data": [
{
"lang": "eng",
"value": "Elasticsearch versions before 6.8.13 and 7.9.2 contain a document disclosure flaw when Document or Field Level Security is used. Search queries do not properly preserve security permissions when executing certain complex queries. This could result in the search disclosing the existence of documents the attacker should not be able to view. This could result in an attacker gaining additional insight into potentially sensitive indices."
}
]
}
}
}