admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-02-11 21:00:39 +00:00
parent b02428c301
commit 06135b417f
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
41 changed files with 1423 additions and 218 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

72
2019/19xxx/CVE-2019-19004.json Normal file
View File

@ -0,0 +1,72 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19004",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/autotrace/autotrace/commits/master",
"refsource": "MISC",
"name": "https://github.com/autotrace/autotrace/commits/master"
},
{
"refsource": "MISC",
"name": "https://github.com/autotrace/autotrace/commits/master/src/input-bmp.c",
"url": "https://github.com/autotrace/autotrace/commits/master/src/input-bmp.c"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/autotrace/autotrace/pull/40",
"url": "https://github.com/autotrace/autotrace/pull/40"
}
]
}
}

67
2019/19xxx/CVE-2019-19005.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19005",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/autotrace/autotrace/commits/master",
"refsource": "MISC",
"name": "https://github.com/autotrace/autotrace/commits/master"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/autotrace/autotrace/pull/40",
"url": "https://github.com/autotrace/autotrace/pull/40"
}
]
}
}

61
2020/9xxx/CVE-2020-9307.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-9307",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-9307",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Hirschmann OS2, RSP, and RSPE devices before HiOS 08.3.00 allow a denial of service. An unauthenticated, adjacent attacker can cause an infinite loop on one of the HSR ring ports of the device. This effectively breaks the redundancy of the HSR ring. If the attacker can perform the same attack on a second device, the ring is broken into two parts (thus disrupting communication between devices in the different parts)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.belden.com/dfsmedia/f1e38517e0cd4caa8b1acb6619890f5e/12276-source/options/view",
"url": "https://www.belden.com/dfsmedia/f1e38517e0cd4caa8b1acb6619890f5e/12276-source/options/view"
},
{
"refsource": "MISC",
"name": "https://www.belden.com/security",
"url": "https://www.belden.com/security"
}
]
}

90
2021/21xxx/CVE-2021-21014.json
View File

@ -1,18 +1,96 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-02-09T23:00:00.000Z",
"ID": "CVE-2021-21014",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Magento Commerce Arbitrary Folder Empty Could Lead To Arbitrary Code Execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Magento Commerce",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_value": "2.4.1"
},
{
"version_affected": "<=",
"version_value": "2.4.0-p1"
},
{
"version_affected": "<=",
"version_value": "2.3.6"
},
{
"version_affected": "<=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to a file upload restriction bypass. Successful exploitation could lead to arbitrary code execution by an authenticated attacker. Access to the admin console is required for successful exploitation."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "None",
"attackVector": "None",
"availabilityImpact": "None",
"baseScore": 9.1,
"baseSeverity": "Critical",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "None",
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unrestricted Upload of File with Dangerous Type (CWE-434)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html",
"name": "https://helpx.adobe.com/security/products/magento/apsb21-08.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}

90
2021/21xxx/CVE-2021-21047.json
View File

@ -1,18 +1,96 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-02-09T23:00:00.000Z",
"ID": "CVE-2021-21047",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Adobe Photoshop Out-Of-Bounds Write Vulnerability Could Lead To Remote Code Execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Photoshop",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_value": "22.1.1"
},
{
"version_affected": "<=",
"version_value": "21.2.4"
},
{
"version_affected": "<=",
"version_value": "None"
},
{
"version_affected": "<=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) are affected by an Out-of-bounds Write vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write (CWE-787)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/photoshop/apsb21-10.html",
"name": "https://helpx.adobe.com/security/products/photoshop/apsb21-10.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}

90
2021/21xxx/CVE-2021-21048.json
View File

@ -1,18 +1,96 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-02-09T23:00:00.000Z",
"ID": "CVE-2021-21048",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Adobe Photoshop Buffer Overflow Vulnerability Could Lead To Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Photoshop",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_value": "22.1.1"
},
{
"version_affected": "<=",
"version_value": "21.2.4"
},
{
"version_affected": "<=",
"version_value": "None"
},
{
"version_affected": "<=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) are affected by a Memory Corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Access of Memory Location After End of Buffer (CWE-788)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/photoshop/apsb21-10.html",
"name": "https://helpx.adobe.com/security/products/photoshop/apsb21-10.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}

90
2021/21xxx/CVE-2021-21049.json
View File

@ -1,18 +1,96 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-02-09T23:00:00.000Z",
"ID": "CVE-2021-21049",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Adobe Photoshop Out-Of-Bounds Read Vulnerability Could Lead To Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Photoshop",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_value": "22.1.1"
},
{
"version_affected": "<=",
"version_value": "21.2.4"
},
{
"version_affected": "<=",
"version_value": "None"
},
{
"version_affected": "<=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) are affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/photoshop/apsb21-10.html",
"name": "https://helpx.adobe.com/security/products/photoshop/apsb21-10.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}

90
2021/21xxx/CVE-2021-21050.json
View File

@ -1,18 +1,96 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-02-09T23:00:00.000Z",
"ID": "CVE-2021-21050",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Adobe Photoshop Out-Of-Bounds Read Vulnerability Could Lead To Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Photoshop",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_value": "22.1.1"
},
{
"version_affected": "<=",
"version_value": "21.2.4"
},
{
"version_affected": "<=",
"version_value": "None"
},
{
"version_affected": "<=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) are affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/photoshop/apsb21-10.html",
"name": "https://helpx.adobe.com/security/products/photoshop/apsb21-10.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}

90
2021/21xxx/CVE-2021-21051.json
View File

@ -1,18 +1,96 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-02-09T23:00:00.000Z",
"ID": "CVE-2021-21051",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Adobe Photoshop Buffer Overflow Vulnerability Could Lead To Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Photoshop",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_value": "22.1.1"
},
{
"version_affected": "<=",
"version_value": "21.2.4"
},
{
"version_affected": "<=",
"version_value": "None"
},
{
"version_affected": "<=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted javascript file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow (CWE-120)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/photoshop/apsb21-10.html",
"name": "https://helpx.adobe.com/security/products/photoshop/apsb21-10.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}

90
2021/21xxx/CVE-2021-21052.json
View File

@ -1,18 +1,96 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-02-09T23:00:00.000Z",
"ID": "CVE-2021-21052",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Adobe Animate Out-of-Bounds Write Vulnerability Could Lead To Arbitrary Code Execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Animate",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_value": "21.0.2"
},
{
"version_affected": "<=",
"version_value": "None"
},
{
"version_affected": "<=",
"version_value": "None"
},
{
"version_affected": "<=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Adobe Animate version 21.0.2 (and earlier) is affected by an Out-of-bounds Write vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write (CWE-787)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/animate/apsb21-11.html",
"name": "https://helpx.adobe.com/security/products/animate/apsb21-11.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}

90
2021/21xxx/CVE-2021-21053.json
View File

@ -1,18 +1,96 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-02-09T23:00:00.000Z",
"ID": "CVE-2021-21053",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Adobe Illustrator Out-Of-Bounds Write Vulnerability Could Lead To Remote Code Execution "
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Illustrator",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_value": "25.1"
},
{
"version_affected": "<=",
"version_value": "None"
},
{
"version_affected": "<=",
"version_value": "None"
},
{
"version_affected": "<=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Adobe Illustrator version 25.1 (and earlier) is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write (CWE-787)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/illustrator/apsb21-12.html",
"name": "https://helpx.adobe.com/security/products/illustrator/apsb21-12.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}

90
2021/21xxx/CVE-2021-21054.json
View File

@ -1,18 +1,96 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-02-09T23:00:00.000Z",
"ID": "CVE-2021-21054",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Adobe Illustrator Out-Of-Bounds Write Vulnerability Could Lead To Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Illustrator",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_value": "25.1"
},
{
"version_affected": "<=",
"version_value": "None"
},
{
"version_affected": "<=",
"version_value": "None"
},
{
"version_affected": "<=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Adobe Illustrator version 25.1 (and earlier) is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write (CWE-787)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/illustrator/apsb21-12.html",
"name": "https://helpx.adobe.com/security/products/illustrator/apsb21-12.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}

90
2021/21xxx/CVE-2021-21055.json
View File

@ -1,18 +1,96 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-02-09T23:00:00.000Z",
"ID": "CVE-2021-21055",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Adobe Dreamweaver Untrusted Search Path Vulnerability Could Lead To Information Disclosure"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Dreamweaver",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_value": "21.0"
},
{
"version_affected": "<=",
"version_value": "20.2"
},
{
"version_affected": "<=",
"version_value": "None"
},
{
"version_affected": "<=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Adobe Dreamweaver versions 21.0 (and earlier) and 20.2 (and earlier) is affected by an untrusted search path vulnerability that could result in information disclosure. An attacker with physical access to the system could replace certain configuration files and dynamic libraries that Dreamweaver references, potentially resulting in information disclosure."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "High",
"attackVector": "Physical",
"availabilityImpact": "High",
"baseScore": 6.2,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Untrusted Search Path (CWE-426)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/dreamweaver/apsb21-13.html",
"name": "https://helpx.adobe.com/security/products/dreamweaver/apsb21-13.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}

90
2021/21xxx/CVE-2021-21058.json
View File

@ -1,18 +1,96 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-02-09T23:00:00.000Z",
"ID": "CVE-2021-21058",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Acrobat Reader DC Memory Corruption Vulnerability Could Lead to Arbitrary Code Execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_value": "2020.013.20074"
},
{
"version_affected": "<=",
"version_value": "2020.001.30018"
},
{
"version_affected": "<=",
"version_value": "2017.011.30188"
},
{
"version_affected": "<=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "None",
"attackVector": "None",
"availabilityImpact": "None",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "None",
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Access of Memory Location After End of Buffer (CWE-788)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html",
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}

90
2021/21xxx/CVE-2021-21059.json
View File

@ -1,18 +1,96 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-02-09T23:00:00.000Z",
"ID": "CVE-2021-21059",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Acrobat Reader DC Buffer Overflow Vulnerability Could Lead to Arbitrary Code Execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_value": "2020.013.20074"
},
{
"version_affected": "<=",
"version_value": "2020.001.30018"
},
{
"version_affected": "<=",
"version_value": "2017.011.30188"
},
{
"version_affected": "<=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "None",
"attackVector": "None",
"availabilityImpact": "None",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "None",
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Access of Memory Location After End of Buffer (CWE-788)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html",
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}

90
2021/21xxx/CVE-2021-21062.json
View File

@ -1,18 +1,96 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-02-09T23:00:00.000Z",
"ID": "CVE-2021-21062",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Acrobat Reader DC Buffer Overflow Vulnerability Could Lead To Arbitrary Code Execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_value": "2020.013.20074"
},
{
"version_affected": "<=",
"version_value": "2020.001.30018"
},
{
"version_affected": "<=",
"version_value": "2017.011.30188"
},
{
"version_affected": "<=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "None",
"attackVector": "None",
"availabilityImpact": "None",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "None",
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Access of Memory Location After End of Buffer (CWE-788)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html",
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}

90
2021/21xxx/CVE-2021-21063.json
View File

@ -1,18 +1,96 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-02-09T23:00:00.000Z",
"ID": "CVE-2021-21063",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Acrobat Reader DC Buffer Overflow Vulnerability Could Lead to Arbitrary Code Execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_value": "2020.013.20074"
},
{
"version_affected": "<=",
"version_value": "2020.001.30018"
},
{
"version_affected": "<=",
"version_value": "2017.011.30188"
},
{
"version_affected": "<=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "None",
"attackVector": "None",
"availabilityImpact": "None",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "None",
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Access of Memory Location After End of Buffer (CWE-788)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html",
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}

4
2021/21xxx/CVE-2021-21445.json
View File

@ -82,9 +82,9 @@
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"url": "https://i7p.wdf.sap.corp/sap/support/notes/2984034",
"url": "https://launchpad.support.sap.com/#/notes/2984034",
"refsource": "MISC",
"name": "https://i7p.wdf.sap.corp/sap/support/notes/2984034"
"name": "https://launchpad.support.sap.com/#/notes/2984034"
}
]
}

4
2021/21xxx/CVE-2021-21446.json
View File

@ -90,9 +90,9 @@
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"url": "https://i7p.wdf.sap.corp/sap/support/notes/3000306",
"url": "https://launchpad.support.sap.com/#/notes/3000306",
"refsource": "MISC",
"name": "https://i7p.wdf.sap.corp/sap/support/notes/3000306"
"name": "https://launchpad.support.sap.com/#/notes/3000306"
}
]
}

4
2021/21xxx/CVE-2021-21447.json
View File

@ -70,9 +70,9 @@
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"url": "https://i7p.wdf.sap.corp/sap/support/notes/2965154",
"url": "https://launchpad.support.sap.com/#/notes/2965154",
"refsource": "MISC",
"name": "https://i7p.wdf.sap.corp/sap/support/notes/2965154"
"name": "https://launchpad.support.sap.com/#/notes/2965154"
}
]
}

4
2021/21xxx/CVE-2021-21448.json
View File

@ -66,9 +66,9 @@
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"url": "https://i7p.wdf.sap.corp/sap/support/notes/2992269",
"url": "https://launchpad.support.sap.com/#/notes/2992269",
"refsource": "MISC",
"name": "https://i7p.wdf.sap.corp/sap/support/notes/2992269"
"name": "https://launchpad.support.sap.com/#/notes/2992269"
}
]
}

9
2021/21xxx/CVE-2021-21449.json
View File

@ -60,20 +60,15 @@
},
"references": {
"reference_data": [
{
"url": "https://i7p.wdf.sap.corp/sap/support/notes/3002617",
"refsource": "MISC",
"name": "https://i7p.wdf.sap.corp/sap/support/notes/3002617"
},
{
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476",
"refsource": "MISC",
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"url": "https://launchpad.support.sap.com/#/notes/3002617",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-013/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-013/"
"name": "https://launchpad.support.sap.com/#/notes/3002617"
}
]
}

9
2021/21xxx/CVE-2021-21450.json
View File

@ -60,20 +60,15 @@
},
"references": {
"reference_data": [
{
"url": "https://i7p.wdf.sap.corp/sap/support/notes/3002617",
"refsource": "MISC",
"name": "https://i7p.wdf.sap.corp/sap/support/notes/3002617"
},
{
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476",
"refsource": "MISC",
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"url": "https://launchpad.support.sap.com/#/notes/3002617",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-012/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-012/"
"name": "https://launchpad.support.sap.com/#/notes/3002617"
}
]
}

9
2021/21xxx/CVE-2021-21451.json
View File

@ -60,20 +60,15 @@
},
"references": {
"reference_data": [
{
"url": "https://i7p.wdf.sap.corp/sap/support/notes/3002617",
"refsource": "MISC",
"name": "https://i7p.wdf.sap.corp/sap/support/notes/3002617"
},
{
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476",
"refsource": "MISC",
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"url": "https://launchpad.support.sap.com/#/notes/3002617",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-011/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-011/"
"name": "https://launchpad.support.sap.com/#/notes/3002617"
}
]
}

9
2021/21xxx/CVE-2021-21452.json
View File

@ -60,20 +60,15 @@
},
"references": {
"reference_data": [
{
"url": "https://i7p.wdf.sap.corp/sap/support/notes/3002617",
"refsource": "MISC",
"name": "https://i7p.wdf.sap.corp/sap/support/notes/3002617"
},
{
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476",
"refsource": "MISC",
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"url": "https://launchpad.support.sap.com/#/notes/3002617",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-010/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-010/"
"name": "https://launchpad.support.sap.com/#/notes/3002617"
}
]
}

9
2021/21xxx/CVE-2021-21453.json
View File

@ -60,20 +60,15 @@
},
"references": {
"reference_data": [
{
"url": "https://i7p.wdf.sap.corp/sap/support/notes/3002617",
"refsource": "MISC",
"name": "https://i7p.wdf.sap.corp/sap/support/notes/3002617"
},
{
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476",
"refsource": "MISC",
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"url": "https://launchpad.support.sap.com/#/notes/3002617",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-009/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-009/"
"name": "https://launchpad.support.sap.com/#/notes/3002617"
}
]
}

9
2021/21xxx/CVE-2021-21454.json
View File

@ -60,20 +60,15 @@
},
"references": {
"reference_data": [
{
"url": "https://i7p.wdf.sap.corp/sap/support/notes/3002617",
"refsource": "MISC",
"name": "https://i7p.wdf.sap.corp/sap/support/notes/3002617"
},
{
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476",
"refsource": "MISC",
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"url": "https://launchpad.support.sap.com/#/notes/3002617",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-008/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-008/"
"name": "https://launchpad.support.sap.com/#/notes/3002617"
}
]
}

9
2021/21xxx/CVE-2021-21455.json
View File

@ -60,20 +60,15 @@
},
"references": {
"reference_data": [
{
"url": "https://i7p.wdf.sap.corp/sap/support/notes/3002617",
"refsource": "MISC",
"name": "https://i7p.wdf.sap.corp/sap/support/notes/3002617"
},
{
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476",
"refsource": "MISC",
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"url": "https://launchpad.support.sap.com/#/notes/3002617",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-007/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-007/"
"name": "https://launchpad.support.sap.com/#/notes/3002617"
}
]
}

9
2021/21xxx/CVE-2021-21456.json
View File

@ -60,20 +60,15 @@
},
"references": {
"reference_data": [
{
"url": "https://i7p.wdf.sap.corp/sap/support/notes/3002617",
"refsource": "MISC",
"name": "https://i7p.wdf.sap.corp/sap/support/notes/3002617"
},
{
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476",
"refsource": "MISC",
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"url": "https://launchpad.support.sap.com/#/notes/3002617",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-006/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-006/"
"name": "https://launchpad.support.sap.com/#/notes/3002617"
}
]
}

9
2021/21xxx/CVE-2021-21457.json
View File

@ -60,20 +60,15 @@
},
"references": {
"reference_data": [
{
"url": "https://i7p.wdf.sap.corp/sap/support/notes/3002617",
"refsource": "MISC",
"name": "https://i7p.wdf.sap.corp/sap/support/notes/3002617"
},
{
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476",
"refsource": "MISC",
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"url": "https://launchpad.support.sap.com/#/notes/3002617",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-005/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-005/"
"name": "https://launchpad.support.sap.com/#/notes/3002617"
}
]
}

9
2021/21xxx/CVE-2021-21458.json
View File

@ -60,20 +60,15 @@
},
"references": {
"reference_data": [
{
"url": "https://i7p.wdf.sap.corp/sap/support/notes/3002617",
"refsource": "MISC",
"name": "https://i7p.wdf.sap.corp/sap/support/notes/3002617"
},
{
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476",
"refsource": "MISC",
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"url": "https://launchpad.support.sap.com/#/notes/3002617",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-004/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-004/"
"name": "https://launchpad.support.sap.com/#/notes/3002617"
}
]
}

9
2021/21xxx/CVE-2021-21459.json
View File

@ -60,20 +60,15 @@
},
"references": {
"reference_data": [
{
"url": "https://i7p.wdf.sap.corp/sap/support/notes/3002617",
"refsource": "MISC",
"name": "https://i7p.wdf.sap.corp/sap/support/notes/3002617"
},
{
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476",
"refsource": "MISC",
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"url": "https://launchpad.support.sap.com/#/notes/3002617",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-002/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-002/"
"name": "https://launchpad.support.sap.com/#/notes/3002617"
}
]
}

9
2021/21xxx/CVE-2021-21460.json
View File

@ -60,20 +60,15 @@
},
"references": {
"reference_data": [
{
"url": "https://i7p.wdf.sap.corp/sap/support/notes/3002617",
"refsource": "MISC",
"name": "https://i7p.wdf.sap.corp/sap/support/notes/3002617"
},
{
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476",
"refsource": "MISC",
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"url": "https://launchpad.support.sap.com/#/notes/3002617",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-003/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-003/"
"name": "https://launchpad.support.sap.com/#/notes/3002617"
}
]
}

9
2021/21xxx/CVE-2021-21461.json
View File

@ -60,20 +60,15 @@
},
"references": {
"reference_data": [
{
"url": "https://i7p.wdf.sap.corp/sap/support/notes/3002617",
"refsource": "MISC",
"name": "https://i7p.wdf.sap.corp/sap/support/notes/3002617"
},
{
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476",
"refsource": "MISC",
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"url": "https://launchpad.support.sap.com/#/notes/3002617",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-014/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-014/"
"name": "https://launchpad.support.sap.com/#/notes/3002617"
}
]
}

9
2021/21xxx/CVE-2021-21462.json
View File

@ -60,20 +60,15 @@
},
"references": {
"reference_data": [
{
"url": "https://i7p.wdf.sap.corp/sap/support/notes/3002617",
"refsource": "MISC",
"name": "https://i7p.wdf.sap.corp/sap/support/notes/3002617"
},
{
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476",
"refsource": "MISC",
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"url": "https://launchpad.support.sap.com/#/notes/3002617",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-015/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-015/"
"name": "https://launchpad.support.sap.com/#/notes/3002617"
}
]
}

9
2021/21xxx/CVE-2021-21463.json
View File

@ -60,20 +60,15 @@
},
"references": {
"reference_data": [
{
"url": "https://i7p.wdf.sap.corp/sap/support/notes/3002617",
"refsource": "MISC",
"name": "https://i7p.wdf.sap.corp/sap/support/notes/3002617"
},
{
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476",
"refsource": "MISC",
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"url": "https://launchpad.support.sap.com/#/notes/3002617",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-016/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-016/"
"name": "https://launchpad.support.sap.com/#/notes/3002617"
}
]
}

10
2021/21xxx/CVE-2021-21464.json
View File

@ -60,15 +60,15 @@
},
"references": {
"reference_data": [
{
"url": "https://i7p.wdf.sap.corp/sap/support/notes/3002617",
"refsource": "MISC",
"name": "https://i7p.wdf.sap.corp/sap/support/notes/3002617"
},
{
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476",
"refsource": "MISC",
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"url": "https://launchpad.support.sap.com/#/notes/3002617",
"refsource": "MISC",
"name": "https://launchpad.support.sap.com/#/notes/3002617"
}
]
}

4
2021/21xxx/CVE-2021-21465.json
View File

@ -110,9 +110,9 @@
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"url": "https://i7p.wdf.sap.corp/sap/support/notes/2986980",
"url": "https://launchpad.support.sap.com/#/notes/2986980",
"refsource": "MISC",
"name": "https://i7p.wdf.sap.corp/sap/support/notes/2986980"
"name": "https://launchpad.support.sap.com/#/notes/2986980"
}
]
}

6
2021/21xxx/CVE-2021-21467.json
View File

@ -43,7 +43,7 @@
"description_data": [
{
"lang": "eng",
"value": "SAP Banking Services (Generic Market Data) 400, 450, and 500 does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. An unauthorized User is allowed to display restricted Business Partner Generic Market Data (GMD), due to improper authorization check."
"value": "SAP Banking Services (Generic Market Data) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. An unauthorized User is allowed to display restricted Business Partner Generic Market Data (GMD), due to improper authorization check."
}
]
},
@ -74,9 +74,9 @@
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"url": "https://i7p.wdf.sap.corp/sap/support/notes/3008422",
"url": "https://launchpad.support.sap.com/#/notes/3008422",
"refsource": "MISC",
"name": "https://i7p.wdf.sap.corp/sap/support/notes/3008422"
"name": "https://launchpad.support.sap.com/#/notes/3008422"
}
]
}

4
2021/21xxx/CVE-2021-21468.json
View File

@ -110,9 +110,9 @@
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"url": "https://i7p.wdf.sap.corp/sap/support/notes/2986980",
"url": "https://launchpad.support.sap.com/#/notes/2986980",
"refsource": "MISC",
"name": "https://i7p.wdf.sap.corp/sap/support/notes/2986980"
"name": "https://launchpad.support.sap.com/#/notes/2986980"
}
]
}

6
2021/21xxx/CVE-2021-21469.json
View File

@ -43,7 +43,7 @@
"description_data": [
{
"lang": "eng",
"value": "When security guidelines for SAP NetWeaver Master Data Management, versions 7.10, 710, and 710.750, running on windows have not been thoroughly reviewed, it might be possible for an external operator to try and set custom paths in the MDS server configuration. When no adequate protection has been enforced on any level (e.g., MDS Server password not set, network and OS configuration not properly secured, etc.), a malicious user might define UNC paths which could then be exploited to put the system at risk using a so-called SMB relay attack and obtain highly sensitive data, which leads to Information Disclosure."
"value": "When security guidelines for SAP NetWeaver Master Data Management running on windows have not been thoroughly reviewed, it might be possible for an external operator to try and set custom paths in the MDS server configuration. When no adequate protection has been enforced on any level (e.g., MDS Server password not set, network and OS configuration not properly secured, etc.), a malicious user might define UNC paths which could then be exploited to put the system at risk using a so-called SMB relay attack and obtain highly sensitive data, which leads to Information Disclosure."
}
]
},
@ -74,9 +74,9 @@
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"url": "https://i7p.wdf.sap.corp/sap/support/notes/2993032",
"url": "https://launchpad.support.sap.com/#/notes/2993032",
"refsource": "MISC",
"name": "https://i7p.wdf.sap.corp/sap/support/notes/2993032"
"name": "https://launchpad.support.sap.com/#/notes/2993032"
}
]
}