admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 18:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-07-09 11:00:48 +00:00
parent 848d115309
commit 0f4a356e43
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
14 changed files with 397 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

63
2012/1xxx/CVE-2012-1102.json
View File

@ -1,17 +1,66 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1102",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2012-1102",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "perl-xml-atom",
"version": {
"version_data": [
{
"version_value": "perl-xml-atom 0.39"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-611"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://metacpan.org/release/MIYAGAWA/XML-Atom-0.39/source/Changes",
"url": "https://metacpan.org/release/MIYAGAWA/XML-Atom-0.39/source/Changes"
},
{
"refsource": "MISC",
"name": "https://seclists.org/oss-sec/2012/q1/549",
"url": "https://seclists.org/oss-sec/2012/q1/549"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "It was discovered that the XML::Atom Perl module before version 0.39 did not disable external entities when parsing XML from potentially untrusted sources. This may allow attackers to gain read access to otherwise protected resources, depending on how the library is used."
}
]
}

73
2012/2xxx/CVE-2012-2666.json
View File

@ -1,17 +1,76 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-2666",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2012-2666",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "go/golang",
"version": {
"version_data": [
{
"version_value": "go/golang 1.0.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-377"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2012-2666",
"url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2012-2666"
},
{
"refsource": "MISC",
"name": "https://bugzilla.suse.com/show_bug.cgi?id=765455",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=765455"
},
{
"refsource": "MISC",
"name": "https://github.com/golang/go/commit/8ac275bb01588a8c0e6c0fe2de7fd11f08feccdd",
"url": "https://github.com/golang/go/commit/8ac275bb01588a8c0e6c0fe2de7fd11f08feccdd"
},
{
"refsource": "MISC",
"name": "https://codereview.appspot.com/5992078",
"url": "https://codereview.appspot.com/5992078"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "golang/go in 1.0.2 fixes all.bash on shared machines. dotest() in src/pkg/debug/gosym/pclntab_test.go creates a temporary file with predicable name and executes it as shell script."
}
]
}

5
2020/1xxx/CVE-2020-1927.json
View File

@ -168,6 +168,11 @@
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210709 [SECURITY] [DLA 2706-1] apache2 security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html"
}
]
},

5
2020/1xxx/CVE-2020-1934.json
View File

@ -153,6 +153,11 @@
"refsource": "MLIST",
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d@%3Ccvs.httpd.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210709 [SECURITY] [DLA 2706-1] apache2 security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html"
}
]
},

5
2020/35xxx/CVE-2020-35452.json
View File

@ -238,6 +238,11 @@
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210702-0001/",
"url": "https://security.netapp.com/advisory/ntap-20210702-0001/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210709 [SECURITY] [DLA 2706-1] apache2 security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html"
}
]
},

5
2021/26xxx/CVE-2021-26690.json
View File

@ -238,6 +238,11 @@
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210702-0001/",
"url": "https://security.netapp.com/advisory/ntap-20210702-0001/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210709 [SECURITY] [DLA 2706-1] apache2 security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html"
}
]
},

5
2021/26xxx/CVE-2021-26691.json
View File

@ -238,6 +238,11 @@
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210702-0001/",
"url": "https://security.netapp.com/advisory/ntap-20210702-0001/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210709 [SECURITY] [DLA 2706-1] apache2 security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html"
}
]
},

5
2021/30xxx/CVE-2021-30641.json
View File

@ -113,6 +113,11 @@
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210702-0001/",
"url": "https://security.netapp.com/advisory/ntap-20210702-0001/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210709 [SECURITY] [DLA 2706-1] apache2 security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html"
}
]
},

5
2021/31xxx/CVE-2021-31618.json
View File

@ -102,6 +102,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2021-181f29c392",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A73QJ4HPUMU26I6EULG6SCK67TUEXZYR/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210709 [SECURITY] [DLA 2706-1] apache2 security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html"
}
]
},

50
2021/32xxx/CVE-2021-32972.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-32972",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Panasonic FPWIN Pro",
"version": {
"version_data": [
{
"version_value": "All Versions 7.5.1.1 and prior"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "IMPROPER RESTRICTION OF XML EXTERNAL ENTITY REFERENCE CWE-611"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-180-03",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-180-03"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Panasonic FPWIN Pro, all Versions 7.5.1.1 and prior, allows an attacker to craft a project file specifying a URI that causes the XML parser to access the URI and embed the contents, which may allow the attacker to disclose information that is accessible in the context of the user executing software."
}
]
}

50
2021/3xxx/CVE-2021-3570.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3570",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "linuxptp",
"version": {
"version_data": [
{
"version_value": "linuxptp 3.1.1, linuxptp 2.0.1, linuxptp 1.9.3, linuxptp 1.8.1, linuxptp 1.7.1, linuxptp 1.6.1, linuxptp 1.5.1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1966240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966240"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A flaw was found in the ptp4l program of the linuxptp package. A missing length check when forwarding a PTP message between ports allows a remote attacker to cause an information leak, crash, or potentially remote code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. This flaw affects linuxptp versions before 3.1.1, before 2.0.1, before 1.9.3, before 1.8.1, before 1.7.1, before 1.6.1 and before 1.5.1."
}
]
}

50
2021/3xxx/CVE-2021-3571.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3571",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "linuxptp",
"version": {
"version_data": [
{
"version_value": "linuxptp 3.1.1, linuxptp 2.0.1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1966241",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966241"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A flaw was found in the ptp4l program of the linuxptp package. When ptp4l is operating on a little-endian architecture as a PTP transparent clock, a remote attacker could send a crafted one-step sync message to cause an information leak or crash. The highest threat from this vulnerability is to data confidentiality and system availability. This flaw affects linuxptp versions before 3.1.1 and before 2.0.1."
}
]
}

55
2021/3xxx/CVE-2021-3612.json
View File

@ -4,14 +4,63 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3612",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "kernel",
"version": {
"version_data": [
{
"version_value": "kernel 5.9-rc1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20->CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1974079",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974079"
},
{
"refsource": "MISC",
"name": "https://lore.kernel.org/linux-input/20210620120030.1513655-1-avlarkin82@gmail.com/",
"url": "https://lore.kernel.org/linux-input/20210620120030.1513655-1-avlarkin82@gmail.com/"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability."
}
]
}

50
2021/3xxx/CVE-2021-3637.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3637",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "keycloak-model-infinispan",
"version": {
"version_data": [
{
"version_value": "keycloak 14.0.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-770"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1979638",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1979638"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A flaw was found in keycloak-model-infinispan in keycloak versions before 14.0.0 where authenticationSessions map in RootAuthenticationSessionEntity grows boundlessly which could lead to a DoS attack."
}
]
}