admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 02:32:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-06-04 19:01:21 +00:00
parent 4a498145fa
commit f99ad361f9
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
8 changed files with 175 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2005/1xxx/CVE-2005-1513.json
View File

@ -96,6 +96,11 @@
"refsource": "DEBIAN",
"name": "DSA-4692",
"url": "https://www.debian.org/security/2020/dsa-4692"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20200604 [SECURITY] [DLA 2234-1] netqmail security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00002.html"
}
]
}

5
2005/1xxx/CVE-2005-1514.json
View File

@ -91,6 +91,11 @@
"refsource": "DEBIAN",
"name": "DSA-4692",
"url": "https://www.debian.org/security/2020/dsa-4692"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20200604 [SECURITY] [DLA 2234-1] netqmail security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00002.html"
}
]
}

5
2005/1xxx/CVE-2005-1515.json
View File

@ -91,6 +91,11 @@
"refsource": "DEBIAN",
"name": "DSA-4692",
"url": "https://www.debian.org/security/2020/dsa-4692"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20200604 [SECURITY] [DLA 2234-1] netqmail security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00002.html"
}
]
}

56
2020/11xxx/CVE-2020-11679.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-11679",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-11679",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Castel NextGen DVR v1.0.0 is vulnerable to privilege escalation through the Adminstrator/Users/Edit/:UserId functionality. Adminstrator/Users/Edit/:UserId fails to check that the request was submitted by an Administrator. This allows a normal user to escalate their privileges by adding additional roles to their account."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.securitymetrics.com/blog/attackers-known-unknown-authorization-bypass",
"url": "https://www.securitymetrics.com/blog/attackers-known-unknown-authorization-bypass"
}
]
}

56
2020/11xxx/CVE-2020-11680.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-11680",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-11680",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Castel NextGen DVR v1.0.0 is vulnerable to authorization bypass on all administrator functionality. The application fails to check that a request was submitted by an administrator. Consequently, a normal user can perform actions including, but not limited to, creating/modifying the file store, creating/modifying alerts, creating/modifying users, etc."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.securitymetrics.com/blog/attackers-known-unknown-authorization-bypass",
"url": "https://www.securitymetrics.com/blog/attackers-known-unknown-authorization-bypass"
}
]
}

56
2020/11xxx/CVE-2020-11681.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-11681",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-11681",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Castel NextGen DVR v1.0.0 stores and displays credentials for the associated SMTP server in cleartext. Low privileged users can exploit this to create an administrator user and obtain the SMTP credentials."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.securitymetrics.com/blog/attackers-known-unknown-authorization-bypass",
"url": "https://www.securitymetrics.com/blog/attackers-known-unknown-authorization-bypass"
}
]
}

5
2020/3xxx/CVE-2020-3811.json
View File

@ -67,6 +67,11 @@
"refsource": "MISC",
"url": "https://www.debian.org/security/2020/dsa-4692",
"name": "https://www.debian.org/security/2020/dsa-4692"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20200604 [SECURITY] [DLA 2234-1] netqmail security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00002.html"
}
]
}

5
2020/3xxx/CVE-2020-3812.json
View File

@ -67,6 +67,11 @@
"refsource": "MISC",
"url": "https://www.debian.org/security/2020/dsa-4692",
"name": "https://www.debian.org/security/2020/dsa-4692"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20200604 [SECURITY] [DLA 2234-1] netqmail security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00002.html"
}
]
}