admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-21 05:40:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-01-04 03:01:41 +00:00
parent b3f3905969
commit 11e9a83b6e
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
13 changed files with 237 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2020/15xxx/CVE-2020-15106.json
View File

@ -76,6 +76,11 @@
"name": "https://github.com/etcd-io/etcd/security/advisories/GHSA-p4g4-wgrh-qrg2",
"refsource": "CONFIRM",
"url": "https://github.com/etcd-io/etcd/security/advisories/GHSA-p4g4-wgrh-qrg2"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-cd43b84c16",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L6B6R43Y7M3DCHWK3L3UVGE2K6WWECMP/"
}
]
},

5
2020/15xxx/CVE-2020-15112.json
View File

@ -76,6 +76,11 @@
"name": "https://github.com/etcd-io/etcd/security/advisories/GHSA-m332-53r6-2w93",
"refsource": "CONFIRM",
"url": "https://github.com/etcd-io/etcd/security/advisories/GHSA-m332-53r6-2w93"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-cd43b84c16",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L6B6R43Y7M3DCHWK3L3UVGE2K6WWECMP/"
}
]
},

5
2020/15xxx/CVE-2020-15113.json
View File

@ -76,6 +76,11 @@
"name": "https://github.com/etcd-io/etcd/security/advisories/GHSA-chh6-ppwq-jh92",
"refsource": "CONFIRM",
"url": "https://github.com/etcd-io/etcd/security/advisories/GHSA-chh6-ppwq-jh92"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-cd43b84c16",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L6B6R43Y7M3DCHWK3L3UVGE2K6WWECMP/"
}
]
},

5
2020/15xxx/CVE-2020-15114.json
View File

@ -76,6 +76,11 @@
"name": "https://github.com/etcd-io/etcd/security/advisories/GHSA-2xhq-gv6c-p224",
"refsource": "CONFIRM",
"url": "https://github.com/etcd-io/etcd/security/advisories/GHSA-2xhq-gv6c-p224"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-cd43b84c16",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L6B6R43Y7M3DCHWK3L3UVGE2K6WWECMP/"
}
]
},

5
2020/15xxx/CVE-2020-15115.json
View File

@ -76,6 +76,11 @@
"name": "https://github.com/etcd-io/etcd/security/advisories/GHSA-4993-m7g5-r9hh",
"refsource": "CONFIRM",
"url": "https://github.com/etcd-io/etcd/security/advisories/GHSA-4993-m7g5-r9hh"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-cd43b84c16",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L6B6R43Y7M3DCHWK3L3UVGE2K6WWECMP/"
}
]
},

5
2020/15xxx/CVE-2020-15136.json
View File

@ -81,6 +81,11 @@
"name": "https://github.com/etcd-io/etcd/blob/master/Documentation/op-guide/gateway.md",
"refsource": "MISC",
"url": "https://github.com/etcd-io/etcd/blob/master/Documentation/op-guide/gateway.md"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-cd43b84c16",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L6B6R43Y7M3DCHWK3L3UVGE2K6WWECMP/"
}
]
},

5
2020/26xxx/CVE-2020-26521.json
View File

@ -61,6 +61,11 @@
"refsource": "CONFIRM",
"name": "http://www.openwall.com/lists/oss-security/2020/11/02/2",
"url": "http://www.openwall.com/lists/oss-security/2020/11/02/2"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-2c8851d48b",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VT67XCLIIBYRT762SVFBYFFTQFVSM3SI/"
}
]
}

5
2020/26xxx/CVE-2020-26892.json
View File

@ -61,6 +61,11 @@
"refsource": "CONFIRM",
"name": "https://www.openwall.com/lists/oss-security/2020/11/02/2",
"url": "https://www.openwall.com/lists/oss-security/2020/11/02/2"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-2c8851d48b",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VT67XCLIIBYRT762SVFBYFFTQFVSM3SI/"
}
]
}

10
2020/9xxx/CVE-2020-9497.json
View File

@ -78,6 +78,16 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20201106 [SECURITY] [DLA 2435-1] guacamole-server security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00010.html"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-bfde0ab889",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVV5K2X4EXSAVUUL7IJ3MUJ3ADWMVSBM/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-640645e518",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WNS7UHBOFV6JHWH5XOEZTE3BREGRSSQ3/"
}
]
},

10
2020/9xxx/CVE-2020-9498.json
View File

@ -68,6 +68,16 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20201106 [SECURITY] [DLA 2435-1] guacamole-server security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00010.html"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-bfde0ab889",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVV5K2X4EXSAVUUL7IJ3MUJ3ADWMVSBM/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-640645e518",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WNS7UHBOFV6JHWH5XOEZTE3BREGRSSQ3/"
}
]
},

61
2021/21xxx/CVE-2021-21494.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-21494",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-21494",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "MK-AUTH through 19.01 K4.9 allows XSS via the admin/logs_ajax.php tipo parameter. An attacker can leverage this to read the centralmka2 (session token) cookie, which is not set to HTTPOnly."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://mk-auth.com.br/",
"refsource": "MISC",
"name": "http://mk-auth.com.br/"
},
{
"url": "https://gist.github.com/alacerda/380b8923e36a29a02ba1457c1eb3ec2f",
"refsource": "MISC",
"name": "https://gist.github.com/alacerda/380b8923e36a29a02ba1457c1eb3ec2f"
}
]
}

61
2021/21xxx/CVE-2021-21495.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-21495",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-21495",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "MK-AUTH through 19.01 K4.9 allows CSRF for password changes via the central/executar_central.php?acao=altsenha_princ URI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://mk-auth.com.br/",
"refsource": "MISC",
"name": "http://mk-auth.com.br/"
},
{
"url": "https://gist.github.com/alacerda/98853283be6009e75b7d94968d50b88e",
"refsource": "MISC",
"name": "https://gist.github.com/alacerda/98853283be6009e75b7d94968d50b88e"
}
]
}

67
2021/3xxx/CVE-2021-3007.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-3007",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Zend Framework 3.0.0 has a deserialization vulnerability that can lead to remote code execution if the content is controllable, related to the __destruct method of the Zend\\Http\\Response\\Stream class in Stream.php. NOTE: the code may be related to Laminas Project laminas-http. Zend Framework is no longer supported by the maintainer. However, not all Zend Framework 3.0.0 vulnerabilities exist in a Laminas Project release."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/Ling-Yizhou/zendframework3-/blob/main/zend%20framework3%20%E5%8F%8D%E5%BA%8F%E5%88%97%E5%8C%96%20rce.md",
"refsource": "MISC",
"name": "https://github.com/Ling-Yizhou/zendframework3-/blob/main/zend%20framework3%20%E5%8F%8D%E5%BA%8F%E5%88%97%E5%8C%96%20rce.md"
},
{
"url": "https://github.com/laminas/laminas-http/commits/2.15.x/src/Response/Stream.php",
"refsource": "MISC",
"name": "https://github.com/laminas/laminas-http/commits/2.15.x/src/Response/Stream.php"
}
]
}
}