admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-03-12 21:01:11 +00:00
parent 9be2474bcb
commit fbf59f2d8c
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
36 changed files with 1074 additions and 204 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
2015/3xxx/CVE-2015-3641.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3641",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "bitcoind and Bitcoin-Qt prior to 0.10.2 allow attackers to cause a denial of service (disabled functionality such as a client application crash) via an \"Easy\" attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures",
"refsource": "MISC",
"name": "https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures"
}
]
}

5
2016/6xxx/CVE-2016-6814.json
View File

@ -122,6 +122,11 @@
"url": "https://www.oracle.com/security-alerts/cpujan2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-202003-01",
"url": "https://security.gentoo.org/glsa/202003-01"
}
]
}

53
2017/18xxx/CVE-2017-18350.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18350",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "bitcoind and Bitcoin-Qt prior to 0.15.1 have a stack-based buffer overflow if an attacker-controlled SOCKS proxy server is used. This results from an integer signedness error when the proxy server responds with an acknowledgement of an unexpected target domain name."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures",
"refsource": "MISC",
"name": "https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures"
},
{
"refsource": "MISC",
"name": "https://medium.com/@lukedashjr/cve-2017-18350-disclosure-fe6d695f45d5",
"url": "https://medium.com/@lukedashjr/cve-2017-18350-disclosure-fe6d695f45d5"
}
]
}

53
2018/10xxx/CVE-2018-10704.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10704",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "yidashi yii2cmf 2.0 has XSS via the /search q parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/yidashi/yii2cmf",
"refsource": "MISC",
"name": "https://github.com/yidashi/yii2cmf"
},
{
"refsource": "MISC",
"name": "http://testh5shanglv.minshengec.com:1024/phpmyadmin/doc/yii2cmf_xss.htm",
"url": "http://testh5shanglv.minshengec.com:1024/phpmyadmin/doc/yii2cmf_xss.htm"
}
]
}

48
2018/19xxx/CVE-2018-19516.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-19516",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "messagepartthemes/default/defaultrenderer.cpp in messagelib in KDE Applications before 18.12.0 does not properly restrict the handling of an http-equiv=\"REFRESH\" value."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://cgit.kde.org/messagelib.git/commit/messageviewer/src/messagepartthemes/default/defaultrenderer.cpp?id=34765909cdf8e55402a8567b48fb288839c61612",
"refsource": "MISC",
"name": "https://cgit.kde.org/messagelib.git/commit/messageviewer/src/messagepartthemes/default/defaultrenderer.cpp?id=34765909cdf8e55402a8567b48fb288839c61612"
}
]
}

48
2018/20xxx/CVE-2018-20586.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20586",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "bitcoind and Bitcoin-Qt prior to 0.17.1 allow injection of arbitrary data into the debug log via an RPC call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures#CVE-2018-20586",
"refsource": "MISC",
"name": "https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures#CVE-2018-20586"
}
]
}

61
2019/11xxx/CVE-2019-11343.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-11343",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-11343",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Torpedo Query before 2.5.3 mishandles the LIKE operator in ConditionBuilder.java, LikeCondition.java, and NotLikeCondition.java."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/xjodoin/torpedoquery/commit/3c20b874fba9cc2a78b9ace10208de1602b56c3f",
"url": "https://github.com/xjodoin/torpedoquery/commit/3c20b874fba9cc2a78b9ace10208de1602b56c3f"
},
{
"refsource": "MISC",
"name": "https://github.com/xjodoin/torpedoquery/compare/v2.5.2...v2.5.3",
"url": "https://github.com/xjodoin/torpedoquery/compare/v2.5.2...v2.5.3"
}
]
}

56
2019/11xxx/CVE-2019-11355.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-11355",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-11355",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in Poly (formerly Polycom) HDX 3.1.13. A feature exists that allows the creation of a server / client certificate, or the upload of the user certificate, on the administrator's page. The value received from the user is the factor value of a shell script on the equipment. By entering a special character (such as a single quote) in a CN or other CSR field, one can insert a command into a factor value. A system command can be executed as root."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://support.polycom.com/content/dam/polycom-support/global/documentation/hdx-3-1-14-advisory.pdf",
"url": "https://support.polycom.com/content/dam/polycom-support/global/documentation/hdx-3-1-14-advisory.pdf"
}
]
}

5
2019/11xxx/CVE-2019-11745.json
View File

@ -113,6 +113,11 @@
"refsource": "REDHAT",
"name": "RHSA-2020:0466",
"url": "https://access.redhat.com/errata/RHSA-2020:0466"
},
{
"refsource": "GENTOO",
"name": "GLSA-202003-02",
"url": "https://security.gentoo.org/glsa/202003-02"
}
]
},

5
2019/17xxx/CVE-2019-17005.json
View File

@ -108,6 +108,11 @@
"refsource": "REDHAT",
"name": "RHSA-2020:0295",
"url": "https://access.redhat.com/errata/RHSA-2020:0295"
},
{
"refsource": "GENTOO",
"name": "GLSA-202003-02",
"url": "https://security.gentoo.org/glsa/202003-02"
}
]
},

5
2019/17xxx/CVE-2019-17008.json
View File

@ -108,6 +108,11 @@
"refsource": "REDHAT",
"name": "RHSA-2020:0295",
"url": "https://access.redhat.com/errata/RHSA-2020:0295"
},
{
"refsource": "GENTOO",
"name": "GLSA-202003-02",
"url": "https://security.gentoo.org/glsa/202003-02"
}
]
},

5
2019/17xxx/CVE-2019-17010.json
View File

@ -108,6 +108,11 @@
"refsource": "REDHAT",
"name": "RHSA-2020:0295",
"url": "https://access.redhat.com/errata/RHSA-2020:0295"
},
{
"refsource": "GENTOO",
"name": "GLSA-202003-02",
"url": "https://security.gentoo.org/glsa/202003-02"
}
]
},

5
2019/17xxx/CVE-2019-17011.json
View File

@ -108,6 +108,11 @@
"refsource": "REDHAT",
"name": "RHSA-2020:0295",
"url": "https://access.redhat.com/errata/RHSA-2020:0295"
},
{
"refsource": "GENTOO",
"name": "GLSA-202003-02",
"url": "https://security.gentoo.org/glsa/202003-02"
}
]
},

5
2019/17xxx/CVE-2019-17012.json
View File

@ -108,6 +108,11 @@
"refsource": "REDHAT",
"name": "RHSA-2020:0295",
"url": "https://access.redhat.com/errata/RHSA-2020:0295"
},
{
"refsource": "GENTOO",
"name": "GLSA-202003-02",
"url": "https://security.gentoo.org/glsa/202003-02"
}
]
},

5
2019/17xxx/CVE-2019-17016.json
View File

@ -168,6 +168,11 @@
"refsource": "REDHAT",
"name": "RHSA-2020:0295",
"url": "https://access.redhat.com/errata/RHSA-2020:0295"
},
{
"refsource": "GENTOO",
"name": "GLSA-202003-02",
"url": "https://security.gentoo.org/glsa/202003-02"
}
]
},

5
2019/17xxx/CVE-2019-17017.json
View File

@ -168,6 +168,11 @@
"refsource": "REDHAT",
"name": "RHSA-2020:0295",
"url": "https://access.redhat.com/errata/RHSA-2020:0295"
},
{
"refsource": "GENTOO",
"name": "GLSA-202003-02",
"url": "https://security.gentoo.org/glsa/202003-02"
}
]
},

5
2019/17xxx/CVE-2019-17022.json
View File

@ -168,6 +168,11 @@
"refsource": "REDHAT",
"name": "RHSA-2020:0295",
"url": "https://access.redhat.com/errata/RHSA-2020:0295"
},
{
"refsource": "GENTOO",
"name": "GLSA-202003-02",
"url": "https://security.gentoo.org/glsa/202003-02"
}
]
},

5
2019/17xxx/CVE-2019-17024.json
View File

@ -168,6 +168,11 @@
"refsource": "REDHAT",
"name": "RHSA-2020:0295",
"url": "https://access.redhat.com/errata/RHSA-2020:0295"
},
{
"refsource": "GENTOO",
"name": "GLSA-202003-02",
"url": "https://security.gentoo.org/glsa/202003-02"
}
]
},

5
2019/17xxx/CVE-2019-17026.json
View File

@ -81,6 +81,11 @@
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1607443",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1607443"
},
{
"refsource": "GENTOO",
"name": "GLSA-202003-02",
"url": "https://security.gentoo.org/glsa/202003-02"
}
]
},

5
2019/20xxx/CVE-2019-20503.json
View File

@ -71,6 +71,11 @@
"refsource": "DEBIAN",
"name": "DSA-4639",
"url": "https://www.debian.org/security/2020/dsa-4639"
},
{
"refsource": "GENTOO",
"name": "GLSA-202003-02",
"url": "https://security.gentoo.org/glsa/202003-02"
}
]
}

62
2020/0xxx/CVE-2020-0526.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0526",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Intel",
"product": {
"product_data": [
{
"product_name": "Intel(R) NUC Firmware",
"version": {
"version_data": [
{
"version_value": "See advisory https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper input validation in firmware for Intel(R) NUC may allow a privileged user to potentially enable escalation of privilege via local access. The list of affected products is provided in intel-sa-00343: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html"
}
]
}
}

62
2020/0xxx/CVE-2020-0530.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0530",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Intel",
"product": {
"product_data": [
{
"product_name": "Intel(R) NUC Firmware",
"version": {
"version_data": [
{
"version_value": "See advisory https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper buffer restrictions in firmware for Intel(R) NUC may allow an authenticated user to potentially enable escalation of privilege via local access. The list of affected products is provided in intel-sa-00343: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html"
}
]
}
}

65
2020/0xxx/CVE-2020-0546.json Normal file
View File

@ -0,0 +1,65 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0546",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Intel",
"product": {
"product_data": [
{
"product_name": "Intel\u00ae Optane(TM) DC Persistent Memory Module Management Software",
"version": {
"version_data": [
{
"version_value": "before version 1.0.0.3461"
},
{
"version_value": "See advisory https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00326.html"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege, Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00326.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00326.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unquoted service path in Intel(R) Optane(TM) DC Persistent Memory Module Management Software before version 1.0.0.3461 may allow an authenticated user to potentially enable escalation of privilege and denial of service via local access."
}
]
}
}

62
2020/0xxx/CVE-2020-0556.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0556",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Intel",
"product": {
"product_data": [
{
"product_name": "BlueZ Advisory",
"version": {
"version_data": [
{
"version_value": "before version 5.53"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege, Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00352.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00352.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper access control in subsystem for BlueZ before version 5.53 may allow an unauthenticated user to potentially enable escalation of privilege and denial of service via adjacent access."
}
]
}
}

65
2020/0xxx/CVE-2020-0565.json Normal file
View File

@ -0,0 +1,65 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0565",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Intel",
"product": {
"product_data": [
{
"product_name": "Intel(R) Graphics Drivers",
"version": {
"version_data": [
{
"version_value": "before version 26.20.100.7158"
},
{
"version_value": "See advisory https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00315.html"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00315.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00315.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Uncontrolled search path in Intel(R) Graphics Drivers before version 26.20.100.7158 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
]
}
}

65
2020/0xxx/CVE-2020-0567.json Normal file
View File

@ -0,0 +1,65 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0567",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Intel",
"product": {
"product_data": [
{
"product_name": "Intel(R) Graphics Drivers",
"version": {
"version_data": [
{
"version_value": "before version 26.20.100.7212"
},
{
"version_value": "See advisory https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00315.html"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00315.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00315.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper input validation in Intel(R) Graphics Drivers before version 26.20.100.7212 may allow an authenticated user to enable denial of service via local access."
}
]
}
}

65
2020/0xxx/CVE-2020-0574.json Normal file
View File

@ -0,0 +1,65 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0574",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Intel",
"product": {
"product_data": [
{
"product_name": "Intel(R) MAX(R) 10 FPGA",
"version": {
"version_data": [
{
"version_value": "All versions"
},
{
"version_value": "See advisory https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00349.html"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00349.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00349.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper configuration in block design for Intel(R) MAX(R) 10 FPGA all versions may allow an authenticated user to potentially enable information disclosure via physical access."
}
]
}
}

15
2020/10xxx/CVE-2020-10018.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "accessibility/AXObjectCache.cpp in WebKit, as used in WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4, allows a denial of service (application crash) because maintenance of the m_deferredFocusedNodeChange data structure mishandles removal."
"value": "WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue has been fixed in 2.28.0 with improved memory handling."
}
]
},
@ -53,14 +53,19 @@
"references": {
"reference_data": [
{
"url": "https://bugs.webkit.org/show_bug.cgi?id=204342",
"refsource": "MISC",
"name": "https://bugs.webkit.org/show_bug.cgi?id=204342"
"name": "https://bugs.webkit.org/show_bug.cgi?id=204342#c21",
"url": "https://bugs.webkit.org/show_bug.cgi?id=204342#c21"
},
{
"url": "https://trac.webkit.org/changeset/257292",
"refsource": "MISC",
"name": "https://trac.webkit.org/changeset/257292"
"name": "https://webkitgtk.org/security/WSA-2020-0003.html",
"url": "https://webkitgtk.org/security/WSA-2020-0003.html"
},
{
"refsource": "MISC",
"name": "https://wpewebkit.org/security/WSA-2020-0003.html",
"url": "https://wpewebkit.org/security/WSA-2020-0003.html"
}
]
}

120
2020/5xxx/CVE-2020-5959.json
View File

@ -1,60 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@nvidia.com",
"ID" : "CVE-2020-5959",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "NVIDIA GPU Display Driver ",
"version" : {
"version_data" : [
{
"version_value" : "ALL"
}
]
}
}
]
},
"vendor_name" : "NVIDIA"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "NVIDIA Virtual GPU Manager, all versions, contains a vulnerability in the vGPU plugin in which an input index value is incorrectly validated which may lead to denial of service. "
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "denial of service"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://nvidia.custhelp.com/app/answers/detail/a_id/4996"
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2020-5959",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NVIDIA GPU Display Driver ",
"version": {
"version_data": [
{
"version_value": "ALL"
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NVIDIA Virtual GPU Manager, all versions, contains a vulnerability in the vGPU plugin in which an input index value is incorrectly validated which may lead to denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4996",
"refsource": "MISC",
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4996"
}
]
}
}

120
2020/5xxx/CVE-2020-5960.json
View File

@ -1,60 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@nvidia.com",
"ID" : "CVE-2020-5960",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "NVIDIA GPU Display Driver ",
"version" : {
"version_data" : [
{
"version_value" : "ALL"
}
]
}
}
]
},
"vendor_name" : "NVIDIA"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "NVIDIA Virtual GPU Manager contains a vulnerability in the kernel module (nvidia.ko), where a null pointer dereference may occur, which may lead to denial of service."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "denial of service"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://nvidia.custhelp.com/app/answers/detail/a_id/4996"
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2020-5960",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NVIDIA GPU Display Driver ",
"version": {
"version_data": [
{
"version_value": "ALL"
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NVIDIA Virtual GPU Manager contains a vulnerability in the kernel module (nvidia.ko), where a null pointer dereference may occur, which may lead to denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4996",
"refsource": "MISC",
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4996"
}
]
}
}

120
2020/5xxx/CVE-2020-5961.json
View File

@ -1,60 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@nvidia.com",
"ID" : "CVE-2020-5961",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "NVIDIA GPU Display Driver ",
"version" : {
"version_data" : [
{
"version_value" : "ALL"
}
]
}
}
]
},
"vendor_name" : "NVIDIA"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "NVIDIA vGPU graphics driver for guest OS contains a vulnerability in which an incorrect resource clean up on a failure path can impact the guest VM, leading to denial of service."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "denial of service"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://nvidia.custhelp.com/app/answers/detail/a_id/4996"
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2020-5961",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NVIDIA GPU Display Driver ",
"version": {
"version_data": [
{
"version_value": "ALL"
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NVIDIA vGPU graphics driver for guest OS contains a vulnerability in which an incorrect resource clean up on a failure path can impact the guest VM, leading to denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4996",
"refsource": "MISC",
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4996"
}
]
}
}

5
2020/6xxx/CVE-2020-6796.json
View File

@ -68,6 +68,11 @@
"refsource": "UBUNTU",
"name": "USN-4278-2",
"url": "https://usn.ubuntu.com/4278-2/"
},
{
"refsource": "GENTOO",
"name": "GLSA-202003-02",
"url": "https://security.gentoo.org/glsa/202003-02"
}
]
},

5
2020/6xxx/CVE-2020-6797.json
View File

@ -79,6 +79,11 @@
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1596668",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1596668"
},
{
"refsource": "GENTOO",
"name": "GLSA-202003-02",
"url": "https://security.gentoo.org/glsa/202003-02"
}
]
},

5
2020/6xxx/CVE-2020-6798.json
View File

@ -84,6 +84,11 @@
"refsource": "UBUNTU",
"name": "USN-4278-2",
"url": "https://usn.ubuntu.com/4278-2/"
},
{
"refsource": "GENTOO",
"name": "GLSA-202003-02",
"url": "https://security.gentoo.org/glsa/202003-02"
}
]
},

5
2020/6xxx/CVE-2020-6799.json
View File

@ -63,6 +63,11 @@
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1606596",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1606596"
},
{
"refsource": "GENTOO",
"name": "GLSA-202003-02",
"url": "https://security.gentoo.org/glsa/202003-02"
}
]
},

5
2020/6xxx/CVE-2020-6800.json
View File

@ -84,6 +84,11 @@
"refsource": "UBUNTU",
"name": "USN-4278-2",
"url": "https://usn.ubuntu.com/4278-2/"
},
{
"refsource": "GENTOO",
"name": "GLSA-202003-02",
"url": "https://security.gentoo.org/glsa/202003-02"
}
]
},