admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-02-22 02:00:40 +00:00
parent d983616819
commit 114d811036
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
13 changed files with 261 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2018/16xxx/CVE-2018-16621.json
View File

@ -56,6 +56,11 @@
"name": "https://support.sonatype.com/hc/en-us/articles/360010789153-CVE-2018-16621-Nexus-Repository-Manager-Java-Injection-October-17-2018",
"refsource": "CONFIRM",
"url": "https://support.sonatype.com/hc/en-us/articles/360010789153-CVE-2018-16621-Nexus-Repository-Manager-Java-Injection-October-17-2018"
},
{
"refsource": "MISC",
"name": "https://securitylab.github.com/advisories/GHSL-2020-015-nxrm-sonatype",
"url": "https://securitylab.github.com/advisories/GHSL-2020-015-nxrm-sonatype"
}
]
}

5
2019/20xxx/CVE-2019-20788.json
View File

@ -66,6 +66,11 @@
"refsource": "UBUNTU",
"name": "USN-4407-1",
"url": "https://usn.ubuntu.com/4407-1/"
},
{
"refsource": "MISC",
"name": "https://securitylab.github.com/advisories/GHSL-2020-064-libvnc-libvncclient",
"url": "https://securitylab.github.com/advisories/GHSL-2020-064-libvnc-libvncclient"
}
]
}

5
2020/12xxx/CVE-2020-12049.json
View File

@ -91,6 +91,11 @@
"refsource": "GENTOO",
"name": "GLSA-202007-46",
"url": "https://security.gentoo.org/glsa/202007-46"
},
{
"refsource": "MISC",
"name": "https://securitylab.github.com/advisories/GHSL-2020-057-DBus-DoS-file-descriptor-leak",
"url": "https://securitylab.github.com/advisories/GHSL-2020-057-DBus-DoS-file-descriptor-leak"
}
]
}

5
2020/12xxx/CVE-2020-12283.json
View File

@ -71,6 +71,11 @@
"refsource": "CONFIRM",
"name": "https://github.com/sourcegraph/sourcegraph/blob/master/CHANGELOG.md",
"url": "https://github.com/sourcegraph/sourcegraph/blob/master/CHANGELOG.md"
},
{
"refsource": "MISC",
"name": "https://securitylab.github.com/advisories/GHSL-2020-085-sourcegraph",
"url": "https://securitylab.github.com/advisories/GHSL-2020-085-sourcegraph"
}
]
}

5
2020/13xxx/CVE-2020-13163.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/ConradIrwin/em-imap/issues/25",
"refsource": "MISC",
"name": "https://github.com/ConradIrwin/em-imap/issues/25"
},
{
"refsource": "MISC",
"name": "https://securitylab.github.com/advisories/GHSL-2020-095-conradirwin-em-imap",
"url": "https://securitylab.github.com/advisories/GHSL-2020-095-conradirwin-em-imap"
}
]
}

5
2020/13xxx/CVE-2020-13445.json
View File

@ -61,6 +61,11 @@
"refsource": "MISC",
"name": "https://issues.liferay.com/browse/LPE-17023",
"url": "https://issues.liferay.com/browse/LPE-17023"
},
{
"refsource": "MISC",
"name": "https://securitylab.github.com/advisories/GHSL-2020-043-liferay_ce",
"url": "https://securitylab.github.com/advisories/GHSL-2020-043-liferay_ce"
}
]
}

5
2020/13xxx/CVE-2020-13482.json
View File

@ -66,6 +66,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2020-8ccd750904",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z32PUJA6RGBZ3TKSOTGUXZ45662S3MVF/"
},
{
"refsource": "MISC",
"name": "https://securitylab.github.com/advisories/GHSL-2020-094-igrigorik-em-http-request",
"url": "https://securitylab.github.com/advisories/GHSL-2020-094-igrigorik-em-http-request"
}
]
}

5
2020/27xxx/CVE-2020-27998.json
View File

@ -66,6 +66,11 @@
"url": "https://github.com/FastReports/FastReport/compare/v2020.3.0...v2020.4.0",
"refsource": "MISC",
"name": "https://github.com/FastReports/FastReport/compare/v2020.3.0...v2020.4.0"
},
{
"refsource": "MISC",
"name": "https://securitylab.github.com/advisories/GHSL-2020-143-FastReportsInc-FastReports",
"url": "https://securitylab.github.com/advisories/GHSL-2020-143-FastReportsInc-FastReports"
}
]
}

7
2020/29xxx/CVE-2020-29529.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "HashiCorp go-slug up to 0.4.3 did not fully protect against Zip Slip attacks while unpacking tar archives, and protections could be bypassed with specific constructions of multiple symlinks. Fixed in 0.5.0."
"value": "HashiCorp go-slug up to 0.4.3 did not fully protect against directory traversal while unpacking tar archives, and protections could be bypassed with specific constructions of multiple symlinks. Fixed in 0.5.0."
}
]
},
@ -66,6 +66,11 @@
"refsource": "MISC",
"name": "https://github.com/hashicorp/go-slug/pull/12",
"url": "https://github.com/hashicorp/go-slug/pull/12"
},
{
"refsource": "MISC",
"name": "https://securitylab.github.com/advisories/GHSL-2020-262-zipslip-go-slug",
"url": "https://securitylab.github.com/advisories/GHSL-2020-262-zipslip-go-slug"
}
]
}

66
2021/24xxx/CVE-2021-24115.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24115",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-24115",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In Botan before 2.17.3, constant-time computations are not used for certain decoding and encoding operations (base32, base58, base64, and hex)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/randombit/botan/compare/2.17.2...2.17.3",
"refsource": "MISC",
"name": "https://github.com/randombit/botan/compare/2.17.2...2.17.3"
},
{
"refsource": "MISC",
"name": "https://github.com/randombit/botan/pull/2549",
"url": "https://github.com/randombit/botan/pull/2549"
},
{
"refsource": "CONFIRM",
"name": "https://botan.randombit.net/news.html",
"url": "https://botan.randombit.net/news.html"
}
]
}

56
2021/26xxx/CVE-2021-26119.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-26119",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-26119",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Smarty before 3.1.39 allows a Sandbox Escape because $smarty.template_object can be accessed in sandbox mode."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/smarty-php/smarty/blob/master/CHANGELOG.md",
"refsource": "MISC",
"name": "https://github.com/smarty-php/smarty/blob/master/CHANGELOG.md"
}
]
}

56
2021/26xxx/CVE-2021-26120.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-26120",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-26120",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Smarty before 3.1.39 allows code injection via an unexpected function name after a {function name= substring."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/smarty-php/smarty/blob/master/CHANGELOG.md",
"refsource": "MISC",
"name": "https://github.com/smarty-php/smarty/blob/master/CHANGELOG.md"
}
]
}

61
2021/3xxx/CVE-2021-3149.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3149",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-3149",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "On Netshield NANO 25 10.2.18 devices, /usr/local/webmin/System/manual_ping.cgi allows OS command injection (after authentication by the attacker) because the system C library function is used unsafely."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.netshieldcorp.com/netshield-appliances/",
"refsource": "MISC",
"name": "https://www.netshieldcorp.com/netshield-appliances/"
},
{
"refsource": "MISC",
"name": "https://www.digitaldefense.com/resources/vulnerability-research/netshield-corporation-nano-25/",
"url": "https://www.digitaldefense.com/resources/vulnerability-research/netshield-corporation-nano-25/"
}
]
}