admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-11-05 17:01:56 +00:00
parent 4866ae066e
commit fd7d3c4a0a
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
5 changed files with 292 additions and 111 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

112
2018/1xxx/CVE-2018-1725.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2020-11-04T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2018-1725"
"CVE_data_meta": {
"STATE": "PUBLIC",
"DATE_PUBLIC": "2020-11-04T00:00:00",
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2018-1725"
},
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM QRadar SIEM 7.3 and 7.4 n a multi tenant configuration could be vulnerable to information disclosure. IBM X-Force ID: 147440."
"lang": "eng",
"value": "IBM QRadar SIEM 7.3 and 7.4 n a multi tenant configuration could be vulnerable to information disclosure. IBM X-Force ID: 147440."
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"url" : "https://www.ibm.com/support/pages/node/6359945",
"name" : "https://www.ibm.com/support/pages/node/6359945",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6359945 (QRadar SIEM)"
"url": "https://www.ibm.com/support/pages/node/6359945",
"name": "https://www.ibm.com/support/pages/node/6359945",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 6359945 (QRadar SIEM)"
},
{
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/147440",
"name" : "ibm-qradar-cve20181725-info-disc (147440)"
"title": "X-Force Vulnerability Report",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/147440",
"name": "ibm-qradar-cve20181725-info-disc (147440)"
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"value" : "Obtain Information",
"lang" : "eng"
"value": "Obtain Information",
"lang": "eng"
}
]
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"SCORE" : "3.200",
"AV" : "L",
"I" : "N",
"S" : "C",
"PR" : "H",
"C" : "L",
"AC" : "L",
"UI" : "N"
"impact": {
"cvssv3": {
"BM": {
"A": "N",
"SCORE": "3.200",
"AV": "L",
"I": "N",
"S": "C",
"PR": "H",
"C": "L",
"AC": "L",
"UI": "N"
},
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
"TM": {
"E": "U",
"RL": "O",
"RC": "C"
}
}
},
"data_type" : "CVE",
"data_format" : "MITRE",
"affects" : {
"vendor" : {
"vendor_data" : [
"data_type": "CVE",
"data_format": "MITRE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name" : "QRadar SIEM",
"version" : {
"version_data" : [
"product_name": "QRadar SIEM",
"version": {
"version_data": [
{
"version_value" : "7.3.0"
"version_value": "7.3.0"
},
{
"version_value" : "7.4"
"version_value": "7.4"
},
{
"version_value" : "7.3.3.Patch.5"
"version_value": "7.3.3.Patch.5"
},
{
"version_value" : "7.4.1.Patch.1"
"version_value": "7.4.1.Patch.1"
}
]
}

50
2020/14xxx/CVE-2020-14222.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-14222",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@hcl.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "HCL Digital Experience",
"version": {
"version_data": [
{
"version_value": "8.5, 9.0, 9.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0084769",
"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0084769"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "HCL Digital Experience 8.5, 9.0, 9.5 is susceptible to cross site scripting (XSS). One subcomponent is vulnerable to reflected XSS. In reflected XSS, an attacker must induce a victim to click on a crafted URL from some delivery mechanism (email, other web site)."
}
]
}

50
2020/14xxx/CVE-2020-14240.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-14240",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@hcl.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "HCL Notes",
"version": {
"version_data": [
{
"version_value": "HCL Notes versions previous to releases 9.0.1 FP10 IF8, 10.0.1 FP6 and 11.0.1 FP1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0084789",
"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0084789"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "HCL Notes versions previous to releases 9.0.1 FP10 IF8, 10.0.1 FP6 and 11.0.1 FP1 is susceptible to a Stored Cross-site Scripting (XSS) vulnerability. An attacker could use this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site and/or steal the victim's cookie-based authentication credentials."
}
]
}

61
2020/26xxx/CVE-2020-26505.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-26505",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-26505",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Stored Cross-Site Scripting (XSS) vulnerability in the \u201cMarmind\u201d web application with version 4.1.141.0 allows an attacker to inject code that will later be executed by legitimate users when they open the assets containing the JavaScript code. This would allow an attacker to perform unauthorized actions in the application on behalf of legitimate users or spread malware via the application. By using the \u201cAssets Upload\u201d function, an attacker can abuse the upload function to upload a malicious PDF file containing a stored XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.marmind.com/en/",
"refsource": "MISC",
"name": "https://www.marmind.com/en/"
},
{
"refsource": "MISC",
"name": "https://www2.deloitte.com/de/de/pages/risk/articles/marmind-xss.html?nc=1",
"url": "https://www2.deloitte.com/de/de/pages/risk/articles/marmind-xss.html?nc=1"
}
]
}

50
2020/4xxx/CVE-2020-4097.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-4097",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@hcl.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "HCL Notes",
"version": {
"version_data": [
{
"version_value": "HCL Notes version 9 previous to release 9.0.1 FixPack 10 Interim Fix 8, version 10 previous to release 10.0.1 FixPack 6 and version 11 previous to 11.0.1 FixPack 1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0084796",
"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0084796"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In HCL Notes version 9 previous to release 9.0.1 FixPack 10 Interim Fix 8, version 10 previous to release 10.0.1 FixPack 6 and version 11 previous to 11.0.1 FixPack 1, a vulnerability in the input parameter handling of the Notes Client could potentially be exploited by an attacker resulting in a buffer overflow. This could enable an attacker to crash HCL Notes or execute attacker-controlled code on the client."
}
]
}