admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-10-02 19:01:54 +00:00
parent 0131338c5f
commit f957c0ce4e
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
17 changed files with 274 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
2020/10xxx/CVE-2020-10381.json
View File

@ -54,8 +54,8 @@
"reference_data": [ "reference_data": [
{ {
"refsource": "CONFIRM", "refsource": "CONFIRM",
"name": "https://www.mbconnectline.de/en/support/sicherheitshinweise.html", "name": "https://mbconnectline.com/security-advice/",
"url": "https://www.mbconnectline.de/en/support/sicherheitshinweise.html" "url": "https://mbconnectline.com/security-advice/"
} }
] ]
} }

4
2020/10xxx/CVE-2020-10382.json
View File

@ -54,8 +54,8 @@
"reference_data": [ "reference_data": [
{ {
"refsource": "CONFIRM", "refsource": "CONFIRM",
"name": "https://www.mbconnectline.de/en/support/sicherheitshinweise.html", "name": "https://mbconnectline.com/security-advice/",
"url": "https://www.mbconnectline.de/en/support/sicherheitshinweise.html" "url": "https://mbconnectline.com/security-advice/"
} }
] ]
} }

4
2020/10xxx/CVE-2020-10383.json
View File

@ -54,8 +54,8 @@
"reference_data": [ "reference_data": [
{ {
"refsource": "CONFIRM", "refsource": "CONFIRM",
"name": "https://www.mbconnectline.de/en/support/sicherheitshinweise.html", "name": "https://mbconnectline.com/security-advice/",
"url": "https://www.mbconnectline.de/en/support/sicherheitshinweise.html" "url": "https://mbconnectline.com/security-advice/"
} }
] ]
} }

4
2020/10xxx/CVE-2020-10384.json
View File

@ -54,8 +54,8 @@
"reference_data": [ "reference_data": [
{ {
"refsource": "CONFIRM", "refsource": "CONFIRM",
"name": "https://www.mbconnectline.de/en/support/sicherheitshinweise.html", "name": "https://mbconnectline.com/security-advice/",
"url": "https://www.mbconnectline.de/en/support/sicherheitshinweise.html" "url": "https://mbconnectline.com/security-advice/"
} }
] ]
} }

5
2020/15xxx/CVE-2020-15049.json
View File

@ -91,6 +91,11 @@
"refsource": "UBUNTU", "refsource": "UBUNTU",
"name": "USN-4551-1", "name": "USN-4551-1",
"url": "https://usn.ubuntu.com/4551-1/" "url": "https://usn.ubuntu.com/4551-1/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20201002 [SECURITY] [DLA 2394-1] squid3 security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00005.html"
} }
] ]
}, },

2
2020/15xxx/CVE-2020-15230.json
View File

@ -35,7 +35,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "Vapor is a web framework for Swift. In Vapor before version 4.29.4, Attackers can access data at arbitrary filesystem paths on the same host as an application. Only applications using FileMiddleware are affected.\n\nThis is fixed in version 4.29.4." "value": "Vapor is a web framework for Swift. In Vapor before version 4.29.4, Attackers can access data at arbitrary filesystem paths on the same host as an application. Only applications using FileMiddleware are affected. This is fixed in version 4.29.4."
} }
] ]
}, },

2
2020/15xxx/CVE-2020-15588.json
View File

@ -34,7 +34,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "An issue was discovered in the client side of Zoho ManageEngine Desktop Central before 10.0.533. An attacker-controlled server can trigger an integer overflow via a crafted header value." "value": "An issue was discovered in the client side of Zoho ManageEngine Desktop Central 10.0.552.W. An attacker-controlled server can trigger an integer overflow in InternetSendRequestEx and InternetSendRequestByBitrate that leads to a heap-based buffer overflow and Remote Code Execution with SYSTEM privileges."
} }
] ]
}, },

5
2020/15xxx/CVE-2020-15810.json
View File

@ -96,6 +96,11 @@
"refsource": "UBUNTU", "refsource": "UBUNTU",
"name": "USN-4551-1", "name": "USN-4551-1",
"url": "https://usn.ubuntu.com/4551-1/" "url": "https://usn.ubuntu.com/4551-1/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20201002 [SECURITY] [DLA 2394-1] squid3 security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00005.html"
} }
] ]
} }

5
2020/15xxx/CVE-2020-15811.json
View File

@ -96,6 +96,11 @@
"refsource": "UBUNTU", "refsource": "UBUNTU",
"name": "USN-4551-1", "name": "USN-4551-1",
"url": "https://usn.ubuntu.com/4551-1/" "url": "https://usn.ubuntu.com/4551-1/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20201002 [SECURITY] [DLA 2394-1] squid3 security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00005.html"
} }
] ]
} }

56
2020/24xxx/CVE-2020-24568.json
View File

@ -1,17 +1,61 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-24568",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2020-24568",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.1. There is a blind SQL injection in the lancompenent component, allowing logged-in attackers to discover arbitrary information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://mbconnectline.com/security-advice/",
"url": "https://mbconnectline.com/security-advice/"
} }
] ]
} }

6
2020/24xxx/CVE-2020-24569.json
View File

@ -53,9 +53,9 @@
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"url": "https://www.mbconnectline.de/en/support/sicherheitshinweise.html", "refsource": "CONFIRM",
"refsource": "MISC", "name": "https://mbconnectline.com/security-advice/",
"name": "https://www.mbconnectline.de/en/support/sicherheitshinweise.html" "url": "https://mbconnectline.com/security-advice/"
} }
] ]
} }

6
2020/24xxx/CVE-2020-24570.json
View File

@ -53,9 +53,9 @@
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"url": "https://www.mbconnectline.de/en/support/sicherheitshinweise.html", "refsource": "CONFIRM",
"refsource": "MISC", "name": "https://mbconnectline.com/security-advice/",
"name": "https://www.mbconnectline.de/en/support/sicherheitshinweise.html" "url": "https://mbconnectline.com/security-advice/"
} }
] ]
} }

5
2020/24xxx/CVE-2020-24606.json
View File

@ -101,6 +101,11 @@
"refsource": "UBUNTU", "refsource": "UBUNTU",
"name": "USN-4551-1", "name": "USN-4551-1",
"url": "https://usn.ubuntu.com/4551-1/" "url": "https://usn.ubuntu.com/4551-1/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20201002 [SECURITY] [DLA 2394-1] squid3 security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00005.html"
} }
] ]
}, },

50
2020/24xxx/CVE-2020-24627.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-24627", "ID": "CVE-2020-24627",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "security-alert@hpe.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "HPE KVM IP Console Switches",
"version": {
"version_data": [
{
"version_value": "G2 4x1Ex32 Prior to 2.8.3"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote stored xss"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04044en_us",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04044en_us"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A remote stored xss vulnerability was discovered in HPE KVM IP Console Switches version(s): G2 4x1Ex32 Prior to 2.8.3."
} }
] ]
} }

50
2020/24xxx/CVE-2020-24628.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-24628", "ID": "CVE-2020-24628",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "security-alert@hpe.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "HPE KVM IP Console Switches",
"version": {
"version_data": [
{
"version_value": "G2 4x1Ex32 Prior to 2.8.3"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote code injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04044en_us",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04044en_us"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A remote code injection vulnerability was discovered in HPE KVM IP Console Switches version(s): G2 4x1Ex32 Prior to 2.8.3."
} }
] ]
} }

76
2020/26xxx/CVE-2020-26541.json Normal file
View File

@ -0,0 +1,76 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-26541",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://lkml.org/lkml/2020/9/15/1871",
"refsource": "MISC",
"name": "https://lkml.org/lkml/2020/9/15/1871"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AC:L/AV:L/A:H/C:H/I:H/PR:H/S:U/UI:R",
"version": "3.1"
}
}
}

18
2020/26xxx/CVE-2020-26542.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-26542",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}