admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-02-26 16:00:39 +00:00
parent 693ba43752
commit 00d2a99da6
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
6 changed files with 413 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

84
2019/11xxx/CVE-2019-11684.json
View File

@ -1,18 +1,84 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-11684",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-11684",
"STATE": "PUBLIC",
"TITLE": "Improper Access Control in Bosch Video Recording Manager",
"DATE_PUBLIC": "2019-05-09"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Access Control in the RCP+ server of the Bosch Video Recording Manager (VRM) component allows arbitrary and unauthenticated access to a limited subset of certificates, stored in the underlying Microsoft Windows operating system. The fixed versions implement modified authentication checks. Prior releases of VRM software version 3.70 are considered unaffected. This vulnerability affects VRM v3.70.x, v3.71 < v3.71.0034 and v3.81 < 3.81.0050; DIVAR IP 5000 3.80 < 3.80.0039; BVMS all versions using VRM."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-804652.html",
"name": "https://psirt.bosch.com/security-advisories/bosch-sa-804652.html"
}
]
},
"source": {
"advisory": "BOSCH-SA-804652-BT",
"discovery": "INTERNAL"
}
}

85
2020/24xxx/CVE-2020-24686.json
View File

@ -1,18 +1,85 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@ch.abb.com",
"ID": "CVE-2020-24686",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "AC500 V2 webserver denial of service vulnerability"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "ABB",
"product": {
"product_data": [
{
"product_name": "AC500 V2 products with onboard Ethernet",
"version": {
"version_data": [
{
"version_value": "All"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The vulnerabilities can be exploited to cause the web visualization component of the PLC to stop and not respond, leading to genuine users losing remote visibility of the PLC state. If a user attempts to login to the PLC while this vulnerability is exploited, the PLC will show an error state and refuse connections to Automation Builder. The execution of the PLC application is not affected by this vulnerability. This issue affects ABB AC500 V2 products with onboard Ethernet."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400 Uncontrolled Resource Consumption"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://search.abb.com/library/Download.aspx?DocumentID=3ADR010645&LanguageCode=en&DocumentPartId=&Action=Launch",
"url": "https://search.abb.com/library/Download.aspx?DocumentID=3ADR010645&LanguageCode=en&DocumentPartId=&Action=Launch"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}

85
2021/23xxx/CVE-2021-23964.json
View File

@ -4,14 +4,93 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-23964",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@mozilla.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mozilla",
"product": {
"product_data": [
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_value": "< 85"
}
]
}
},
{
"product_name": "Thunderbird",
"version": {
"version_data": [
{
"version_value": "< 78.7"
}
]
}
},
{
"product_name": "Firefox ESR",
"version": {
"version_data": [
{
"version_value": "< 78.7"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory safety bugs fixed in Firefox 85 and Firefox ESR 78.7"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.mozilla.org/security/advisories/mfsa2021-03/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2021-03/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2021-04/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2021-04/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2021-05/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2021-05/"
},
{
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1662507%2C1666285%2C1673526%2C1674278%2C1674835%2C1675097%2C1675844%2C1675868%2C1677590%2C1677888%2C1680410%2C1681268%2C1682068%2C1682938%2C1683736%2C1685260%2C1685925",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1662507%2C1666285%2C1673526%2C1674278%2C1674835%2C1675097%2C1675844%2C1675868%2C1677590%2C1677888%2C1680410%2C1681268%2C1682068%2C1682938%2C1683736%2C1685260%2C1685925"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Mozilla developers reported memory safety bugs present in Firefox 84 and Firefox ESR 78.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 85, Thunderbird < 78.7, and Firefox ESR < 78.7."
}
]
}

55
2021/23xxx/CVE-2021-23965.json
View File

@ -4,14 +4,63 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-23965",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@mozilla.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mozilla",
"product": {
"product_data": [
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_value": "< 85"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory safety bugs fixed in Firefox 85"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.mozilla.org/security/advisories/mfsa2021-03/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2021-03/"
},
{
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1670378%2C1673555%2C1676812%2C1678582%2C1684497",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1670378%2C1673555%2C1676812%2C1678582%2C1684497"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Mozilla developers reported memory safety bugs present in Firefox 84. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 85."
}
]
}

85
2021/23xxx/CVE-2021-23978.json
View File

@ -4,14 +4,93 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-23978",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@mozilla.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mozilla",
"product": {
"product_data": [
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_value": "< 86"
}
]
}
},
{
"product_name": "Thunderbird",
"version": {
"version_data": [
{
"version_value": "< 78.8"
}
]
}
},
{
"product_name": "Firefox ESR",
"version": {
"version_data": [
{
"version_value": "< 78.8"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory safety bugs fixed in Firefox 86 and Firefox ESR 78.8"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.mozilla.org/security/advisories/mfsa2021-07/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2021-07/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2021-09/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2021-09/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2021-08/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2021-08/"
},
{
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=786797%2C1682928%2C1687391%2C1687597",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=786797%2C1682928%2C1687391%2C1687597"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Mozilla developers reported memory safety bugs present in Firefox 85 and Firefox ESR 78.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 86, Thunderbird < 78.8, and Firefox ESR < 78.8."
}
]
}

55
2021/23xxx/CVE-2021-23979.json
View File

@ -4,14 +4,63 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-23979",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@mozilla.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mozilla",
"product": {
"product_data": [
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_value": "< 86"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory safety bugs fixed in Firefox 86"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.mozilla.org/security/advisories/mfsa2021-07/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2021-07/"
},
{
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1663222%2C1666607%2C1672120%2C1678463%2C1678927%2C1679560%2C1681297%2C1681684%2C1683490%2C1684377%2C1684902",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1663222%2C1666607%2C1672120%2C1678463%2C1678927%2C1679560%2C1681297%2C1681684%2C1683490%2C1684377%2C1684902"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Mozilla developers reported memory safety bugs present in Firefox 85. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 86."
}
]
}