admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-04-14 18:01:20 +00:00
parent b252d6db2d
commit fa07444454
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
9 changed files with 153 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2018/20xxx/CVE-2018-20062.json
View File

@ -56,6 +56,11 @@
"name": "https://github.com/nangge/noneCms/issues/21",
"refsource": "MISC",
"url": "https://github.com/nangge/noneCms/issues/21"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/157218/ThinkPHP-5.0.23-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/157218/ThinkPHP-5.0.23-Remote-Code-Execution.html"
}
]
}

5
2019/16xxx/CVE-2019-16383.json
View File

@ -71,6 +71,11 @@
"refsource": "CONFIRM",
"name": "https://docs.ipswitch.com/MOVEit/Transfer2019_1/ReleaseNotes/en/index.htm#49443.htm",
"url": "https://docs.ipswitch.com/MOVEit/Transfer2019_1/ReleaseNotes/en/index.htm#49443.htm"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/157208/MOVEit-Transfer-11.1.1-SQL-Injection.html",
"url": "http://packetstormsecurity.com/files/157208/MOVEit-Transfer-11.1.1-SQL-Injection.html"
}
]
}

67
2019/18xxx/CVE-2019-18822.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18822",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A privilege escalation vulnerability in ZOOM Call Recording 6.3.1 allows its user account (i.e., the account under which the program runs - by default, the callrec account) to elevate privileges to root by abusing the callrec-rs@.service. The callrec-rs@.service starts the /opt/callrec/bin/rs binary with root privileges, and this binary is owned by callrec. It can be replaced by a Trojan horse."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.zoomint.com/solutions/call-recording",
"refsource": "MISC",
"name": "https://www.zoomint.com/solutions/call-recording"
},
{
"refsource": "MISC",
"name": "https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-18822-PrivEscal-ZoomCallRecording",
"url": "https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-18822-PrivEscal-ZoomCallRecording"
}
]
}
}

5
2019/20xxx/CVE-2019-20085.json
View File

@ -56,6 +56,11 @@
"url": "https://www.exploit-db.com/exploits/47774",
"refsource": "MISC",
"name": "https://www.exploit-db.com/exploits/47774"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/157196/TVT-NVMS-1000-Directory-Traversal.html",
"url": "http://packetstormsecurity.com/files/157196/TVT-NVMS-1000-Directory-Traversal.html"
}
]
}

5
2019/9xxx/CVE-2019-9082.json
View File

@ -61,6 +61,11 @@
"name": "46488",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46488/"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/157218/ThinkPHP-5.0.23-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/157218/ThinkPHP-5.0.23-Remote-Code-Execution.html"
}
]
}

56
2020/10xxx/CVE-2020-10384.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-10384",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-10384",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.5.0. There is a local privilege escalation from the www-data account to the root account."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.mbconnectline.de/en/support/sicherheitshinweise.html",
"url": "https://www.mbconnectline.de/en/support/sicherheitshinweise.html"
}
]
}

5
2020/10xxx/CVE-2020-10808.json
View File

@ -71,6 +71,11 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/157111/Vesta-Control-Panel-Authenticated-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/157111/Vesta-Control-Panel-Authenticated-Remote-Code-Execution.html"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/157219/Vesta-Control-Panel-Authenticated-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/157219/Vesta-Control-Panel-Authenticated-Remote-Code-Execution.html"
}
]
}

7
2020/11xxx/CVE-2020-11725.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "snd_ctl_elem_add in sound/core/control.c in the Linux kernel through 5.6.3 has a count=info->owner typo, which is mishandled in the private_size*count multiplication."
"value": "** DISPUTED ** snd_ctl_elem_add in sound/core/control.c in the Linux kernel through 5.6.3 has a count=info->owner line, which later affects a private_size*count multiplication for unspecified \"interesting side effects.\" NOTE: kernel engineers dispute this finding, because it could be relevant only if new callers were added that were unfamiliar with the misuse of the info->owner field to represent data unrelated to the \"owner\" concept. The existing callers, SNDRV_CTL_IOCTL_ELEM_ADD and SNDRV_CTL_IOCTL_ELEM_REPLACE, have been designed to misuse the info->owner field in a safe way."
}
]
},
@ -61,6 +61,11 @@
"url": "https://github.com/torvalds/linux/blob/3b2549a3740efb8af0150415737067d87e466c5b/sound/core/control.c#L1434-L1474",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/blob/3b2549a3740efb8af0150415737067d87e466c5b/sound/core/control.c#L1434-L1474"
},
{
"refsource": "MISC",
"name": "https://lore.kernel.org/alsa-devel/s5h4ktmlfpx.wl-tiwai@suse.de/",
"url": "https://lore.kernel.org/alsa-devel/s5h4ktmlfpx.wl-tiwai@suse.de/"
}
]
}

5
2020/2xxx/CVE-2020-2555.json
View File

@ -81,6 +81,11 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/157054/Oracle-Coherence-Fusion-Middleware-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/157054/Oracle-Coherence-Fusion-Middleware-Remote-Code-Execution.html"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/157207/Oracle-WebLogic-Server-12.2.1.4.0-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/157207/Oracle-WebLogic-Server-12.2.1.4.0-Remote-Code-Execution.html"
}
]
}