Skip to content
This repository was archived by the owner on Jun 10, 2025. It is now read-only.

Commit 6b393c2

Browse files
cve-teamcve-team
committed
"-Synchronized-Data."
1 parent fb02779 commit 6b393c2

17 files changed

+953
-217
lines changed

2020/13xxx/CVE-2020-13160.json

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -66,6 +66,11 @@
6666
"refsource": "MISC",
6767
"name": "http://packetstormsecurity.com/files/158291/AnyDesk-GUI-Format-String-Write.html",
6868
"url": "http://packetstormsecurity.com/files/158291/AnyDesk-GUI-Format-String-Write.html"
69+
},
70+
{
71+
"refsource": "MISC",
72+
"name": "http://packetstormsecurity.com/files/161628/AnyDesk-5.5.2-Remote-Code-Execution.html",
73+
"url": "http://packetstormsecurity.com/files/161628/AnyDesk-5.5.2-Remote-Code-Execution.html"
6974
}
7075
]
7176
}

2020/13xxx/CVE-2020-13558.json

Lines changed: 47 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -4,14 +4,58 @@
44
"data_version": "4.0",
55
"CVE_data_meta": {
66
"ID": "CVE-2020-13558",
7-
"ASSIGNER": "[email protected]",
8-
"STATE": "RESERVED"
7+
"ASSIGNER": "[email protected]",
8+
"STATE": "PUBLIC"
9+
},
10+
"affects": {
11+
"vendor": {
12+
"vendor_data": [
13+
{
14+
"vendor_name": "n/a",
15+
"product": {
16+
"product_data": [
17+
{
18+
"product_name": "Webkit",
19+
"version": {
20+
"version_data": [
21+
{
22+
"version_value": "Webkit WebKitGTK 2.30.1"
23+
}
24+
]
25+
}
26+
}
27+
]
28+
}
29+
}
30+
]
31+
}
32+
},
33+
"problemtype": {
34+
"problemtype_data": [
35+
{
36+
"description": [
37+
{
38+
"lang": "eng",
39+
"value": "code execution"
40+
}
41+
]
42+
}
43+
]
44+
},
45+
"references": {
46+
"reference_data": [
47+
{
48+
"refsource": "MISC",
49+
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1172",
50+
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1172"
51+
}
52+
]
953
},
1054
"description": {
1155
"description_data": [
1256
{
1357
"lang": "eng",
14-
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
58+
"value": "A code execution vulnerability exists in the AudioSourceProviderGStreamer functionality of Webkit WebKitGTK 2.30.1. A specially crafted web page can lead to a use after free."
1559
}
1660
]
1761
}

2020/28xxx/CVE-2020-28591.json

Lines changed: 47 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -4,14 +4,58 @@
44
"data_version": "4.0",
55
"CVE_data_meta": {
66
"ID": "CVE-2020-28591",
7-
"ASSIGNER": "[email protected]",
8-
"STATE": "RESERVED"
7+
"ASSIGNER": "[email protected]",
8+
"STATE": "PUBLIC"
9+
},
10+
"affects": {
11+
"vendor": {
12+
"vendor_data": [
13+
{
14+
"vendor_name": "n/a",
15+
"product": {
16+
"product_data": [
17+
{
18+
"product_name": "Slic3r",
19+
"version": {
20+
"version_data": [
21+
{
22+
"version_value": "Slic3r libslic3r 1.3.0 , Slic3r libslic3r Master Commit 92abbc42"
23+
}
24+
]
25+
}
26+
}
27+
]
28+
}
29+
}
30+
]
31+
}
32+
},
33+
"problemtype": {
34+
"problemtype_data": [
35+
{
36+
"description": [
37+
{
38+
"lang": "eng",
39+
"value": "out of bounds read"
40+
}
41+
]
42+
}
43+
]
44+
},
45+
"references": {
46+
"reference_data": [
47+
{
48+
"refsource": "MISC",
49+
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1215",
50+
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1215"
51+
}
52+
]
953
},
1054
"description": {
1155
"description_data": [
1256
{
1357
"lang": "eng",
14-
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
58+
"value": "An out-of-bounds read vulnerability exists in the AMF File AMFParserContext::endElement() functionality of Slic3r libslic3r 1.3.0 and Master Commit 92abbc42. A specially crafted AMF file can lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability."
1559
}
1660
]
1761
}

2020/28xxx/CVE-2020-28597.json

Lines changed: 47 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -4,14 +4,58 @@
44
"data_version": "4.0",
55
"CVE_data_meta": {
66
"ID": "CVE-2020-28597",
7-
"ASSIGNER": "[email protected]",
8-
"STATE": "RESERVED"
7+
"ASSIGNER": "[email protected]",
8+
"STATE": "PUBLIC"
9+
},
10+
"affects": {
11+
"vendor": {
12+
"vendor_data": [
13+
{
14+
"vendor_name": "n/a",
15+
"product": {
16+
"product_data": [
17+
{
18+
"product_name": "Epignosis",
19+
"version": {
20+
"version_data": [
21+
{
22+
"version_value": "Epignosis eFront LMS 5.2.17, Epignosis eFront LMS 5.2.21"
23+
}
24+
]
25+
}
26+
}
27+
]
28+
}
29+
}
30+
]
31+
}
32+
},
33+
"problemtype": {
34+
"problemtype_data": [
35+
{
36+
"description": [
37+
{
38+
"lang": "eng",
39+
"value": "predictable seed"
40+
}
41+
]
42+
}
43+
]
44+
},
45+
"references": {
46+
"reference_data": [
47+
{
48+
"refsource": "MISC",
49+
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1221",
50+
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1221"
51+
}
52+
]
953
},
1054
"description": {
1155
"description_data": [
1256
{
1357
"lang": "eng",
14-
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
58+
"value": "A predictable seed vulnerability exists in the password reset functionality of Epignosis EfrontPro 5.2.21. By predicting the seed it is possible to generate the correct password reset 1-time token. An attacker can visit the password reset supplying the password reset token to reset the password of an account of their choice."
1559
}
1660
]
1761
}

2020/29xxx/CVE-2020-29047.json

Lines changed: 55 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,17 +1,66 @@
11
{
2-
"data_type": "CVE",
3-
"data_format": "MITRE",
4-
"data_version": "4.0",
52
"CVE_data_meta": {
6-
"ID": "CVE-2020-29047",
73
"ASSIGNER": "[email protected]",
8-
"STATE": "RESERVED"
4+
"ID": "CVE-2020-29047",
5+
"STATE": "PUBLIC"
96
},
7+
"affects": {
8+
"vendor": {
9+
"vendor_data": [
10+
{
11+
"product": {
12+
"product_data": [
13+
{
14+
"product_name": "n/a",
15+
"version": {
16+
"version_data": [
17+
{
18+
"version_value": "n/a"
19+
}
20+
]
21+
}
22+
}
23+
]
24+
},
25+
"vendor_name": "n/a"
26+
}
27+
]
28+
}
29+
},
30+
"data_format": "MITRE",
31+
"data_type": "CVE",
32+
"data_version": "4.0",
1033
"description": {
1134
"description_data": [
1235
{
1336
"lang": "eng",
14-
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
37+
"value": "The wp-hotel-booking plugin through 1.10.2 for WordPress allows remote attackers to execute arbitrary code because of an unserialize operation on the thimpress_hotel_booking_1 cookie in load in includes/class-wphb-sessions.php."
38+
}
39+
]
40+
},
41+
"problemtype": {
42+
"problemtype_data": [
43+
{
44+
"description": [
45+
{
46+
"lang": "eng",
47+
"value": "n/a"
48+
}
49+
]
50+
}
51+
]
52+
},
53+
"references": {
54+
"reference_data": [
55+
{
56+
"url": "https://wordpress.org/plugins/wp-hotel-booking/#developers",
57+
"refsource": "MISC",
58+
"name": "https://wordpress.org/plugins/wp-hotel-booking/#developers"
59+
},
60+
{
61+
"refsource": "MISC",
62+
"name": "https://appcheck-ng.com/cve-2020-29047/",
63+
"url": "https://appcheck-ng.com/cve-2020-29047/"
1564
}
1665
]
1766
}

2020/8xxx/CVE-2020-8296.json

Lines changed: 62 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -4,14 +4,73 @@
44
"data_version": "4.0",
55
"CVE_data_meta": {
66
"ID": "CVE-2020-8296",
7-
"ASSIGNER": "[email protected]",
8-
"STATE": "RESERVED"
7+
"ASSIGNER": "[email protected]",
8+
"STATE": "PUBLIC"
9+
},
10+
"affects": {
11+
"vendor": {
12+
"vendor_data": [
13+
{
14+
"vendor_name": "n/a",
15+
"product": {
16+
"product_data": [
17+
{
18+
"product_name": "Nextcloud Server",
19+
"version": {
20+
"version_data": [
21+
{
22+
"version_value": "Fixed in 20.0.0"
23+
}
24+
]
25+
}
26+
}
27+
]
28+
}
29+
}
30+
]
31+
}
32+
},
33+
"problemtype": {
34+
"problemtype_data": [
35+
{
36+
"description": [
37+
{
38+
"lang": "eng",
39+
"value": "Storing Passwords in a Recoverable Format (CWE-257)"
40+
}
41+
]
42+
}
43+
]
44+
},
45+
"references": {
46+
"reference_data": [
47+
{
48+
"refsource": "MISC",
49+
"name": "https://hackerone.com/reports/867164",
50+
"url": "https://hackerone.com/reports/867164"
51+
},
52+
{
53+
"refsource": "MISC",
54+
"name": "https://nextcloud.com/security/advisory/?id=NC-SA-2021-006",
55+
"url": "https://nextcloud.com/security/advisory/?id=NC-SA-2021-006"
56+
},
57+
{
58+
"refsource": "MISC",
59+
"name": "https://github.com/nextcloud/server/pull/21037",
60+
"url": "https://github.com/nextcloud/server/pull/21037"
61+
},
62+
{
63+
"refsource": "MISC",
64+
"name": "https://github.com/nextcloud/server/issues/17439",
65+
"url": "https://github.com/nextcloud/server/issues/17439"
66+
}
67+
]
968
},
1069
"description": {
1170
"description_data": [
1271
{
1372
"lang": "eng",
14-
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
73+
"value": "Nextcloud Server prior to 20.0.0 stores passwords in a recoverable format even when external storage is not configured."
1574
}
1675
]
1776
}

0 commit comments

Comments
 (0)