admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-05 10:18:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-12-14 14:01:08 +00:00
parent 2bf142c00f
commit 140b1648b5
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
25 changed files with 422 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2017/18xxx/CVE-2017-18922.json
View File

@ -111,6 +111,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1056",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00066.html"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf"
}
]
}

5
2018/20xxx/CVE-2018-20019.json
View File

@ -91,6 +91,11 @@
"refsource": "UBUNTU",
"name": "USN-4587-1",
"url": "https://usn.ubuntu.com/4587-1/"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf"
}
]
}

5
2018/20xxx/CVE-2018-20748.json
View File

@ -106,6 +106,11 @@
"refsource": "UBUNTU",
"name": "USN-4587-1",
"url": "https://usn.ubuntu.com/4587-1/"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf"
}
]
}

5
2018/20xxx/CVE-2018-20749.json
View File

@ -96,6 +96,11 @@
"refsource": "UBUNTU",
"name": "USN-4587-1",
"url": "https://usn.ubuntu.com/4587-1/"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf"
}
]
}

5
2018/20xxx/CVE-2018-20750.json
View File

@ -96,6 +96,11 @@
"refsource": "UBUNTU",
"name": "USN-4587-1",
"url": "https://usn.ubuntu.com/4587-1/"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf"
}
]
}

5
2018/21xxx/CVE-2018-21247.json
View File

@ -86,6 +86,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1056",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00066.html"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf"
}
]
}

5
2019/15xxx/CVE-2019-15681.json
View File

@ -98,6 +98,11 @@
"refsource": "UBUNTU",
"name": "USN-4587-1",
"url": "https://usn.ubuntu.com/4587-1/"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf"
}
]
},

5
2019/20xxx/CVE-2019-20788.json
View File

@ -71,6 +71,11 @@
"refsource": "MISC",
"name": "https://securitylab.github.com/advisories/GHSL-2020-064-libvnc-libvncclient",
"url": "https://securitylab.github.com/advisories/GHSL-2020-064-libvnc-libvncclient"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf"
}
]
}

5
2019/20xxx/CVE-2019-20839.json
View File

@ -101,6 +101,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20200828 [SECURITY] [DLA 2347-1] libvncserver security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00045.html"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf"
}
]
}

5
2019/20xxx/CVE-2019-20840.json
View File

@ -86,6 +86,11 @@
"refsource": "UBUNTU",
"name": "USN-4434-1",
"url": "https://usn.ubuntu.com/4434-1/"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf"
}
]
}

5
2020/14xxx/CVE-2020-14396.json
View File

@ -66,6 +66,11 @@
"refsource": "UBUNTU",
"name": "USN-4434-1",
"url": "https://usn.ubuntu.com/4434-1/"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf"
}
]
}

5
2020/14xxx/CVE-2020-14397.json
View File

@ -96,6 +96,11 @@
"refsource": "UBUNTU",
"name": "USN-4573-1",
"url": "https://usn.ubuntu.com/4573-1/"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf"
}
]
}

5
2020/14xxx/CVE-2020-14398.json
View File

@ -81,6 +81,11 @@
"refsource": "UBUNTU",
"name": "USN-4434-1",
"url": "https://usn.ubuntu.com/4434-1/"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf"
}
]
}

5
2020/14xxx/CVE-2020-14401.json
View File

@ -91,6 +91,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20200828 [SECURITY] [DLA 2347-1] libvncserver security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00045.html"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf"
}
]
}

5
2020/14xxx/CVE-2020-14402.json
View File

@ -96,6 +96,11 @@
"refsource": "UBUNTU",
"name": "USN-4573-1",
"url": "https://usn.ubuntu.com/4573-1/"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf"
}
]
}

5
2020/14xxx/CVE-2020-14403.json
View File

@ -81,6 +81,11 @@
"refsource": "UBUNTU",
"name": "USN-4573-1",
"url": "https://usn.ubuntu.com/4573-1/"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf"
}
]
}

5
2020/14xxx/CVE-2020-14404.json
View File

@ -81,6 +81,11 @@
"refsource": "UBUNTU",
"name": "USN-4573-1",
"url": "https://usn.ubuntu.com/4573-1/"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf"
}
]
}

5
2020/14xxx/CVE-2020-14405.json
View File

@ -76,6 +76,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20200828 [SECURITY] [DLA 2347-1] libvncserver security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00045.html"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf"
}
]
}

97
2021/36xxx/CVE-2021-36721.json
View File

@ -1,18 +1,103 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "cna@cyber.gov.il",
"DATE_PUBLIC": "2021-12-13T08:13:00.000Z",
"ID": "CVE-2021-36721",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Sysaid - Sysaid API User Enumeration"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SysAid API ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "Sysaid \u00e2\u20ac\u201c version 20.4.74",
"version_value": "20.4.74"
}
]
}
}
]
},
"vendor_name": "SysAid "
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Dudu Moyal - Softix"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Sysaid API User Enumeration - Attacker sending requests to specific api path without any authorization before 21.3.60 version could get users names from the LDAP server."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "User Enumeration"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "INCD CVE Advisories",
"refsource": "CERT",
"url": "https://www.gov.il/en/departments/faq/cve_advisories"
}
]
},
"solution": [
{
"lang": "eng",
"value": "Update to version 21.3.60"
}
],
"source": {
"defect": [
"ILVN-2021-0006"
],
"discovery": "EXTERNAL"
}
}

56
2021/3xxx/CVE-2021-3376.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3376",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-3376",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in Cuppa CMS Versions Before 31 Jan 2021 allows authenticated attackers to gain escalated privileges via a crafted POST request using the user_group_id_field parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/CuppaCMS/CuppaCMS/issues/12",
"refsource": "MISC",
"name": "https://github.com/CuppaCMS/CuppaCMS/issues/12"
}
]
}

61
2021/44xxx/CVE-2021-44538.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-44538",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-44538",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The olm_session_describe function in Matrix libolm before 3.2.7 is vulnerable to a buffer overflow. The Olm session object represents a cryptographic channel between two parties. Therefore, its state is partially controllable by the remote party of the channel. Attackers can construct a crafted sequence of messages to manipulate the state of the receiver's session in such a way that, for some buffer sizes, a buffer overflow happens on a call to olm_session_describe. Furthermore, safe buffer sizes were undocumented. The overflow content is partially controllable by the attacker and limited to ASCII spaces and digits. The known affected products are Element Web And SchildiChat Web."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://gitlab.matrix.org/matrix-org/olm/-/tags",
"refsource": "MISC",
"name": "https://gitlab.matrix.org/matrix-org/olm/-/tags"
},
{
"refsource": "MISC",
"name": "https://matrix.org/blog/2021/12/13/disclosure-buffer-overflow-in-libolm-and-matrix-js-sdk",
"url": "https://matrix.org/blog/2021/12/13/disclosure-buffer-overflow-in-libolm-and-matrix-js-sdk"
}
]
}

56
2021/45xxx/CVE-2021-45014.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-45014",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-45014",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is an upload sql injection vulnerability in the background of taocms 3.0.2 in parameter id:action=cms&ctrl=update&id=26"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/taogogo/taocms/issues/11",
"refsource": "MISC",
"name": "https://github.com/taogogo/taocms/issues/11"
}
]
}

56
2021/45xxx/CVE-2021-45015.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-45015",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-45015",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "taocms 3.0.2 is vulnerable to arbitrary file deletion via taocms\\include\\Model\\file.php from line 60 to line 72."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/taogogo/taocms/issues/12",
"refsource": "MISC",
"name": "https://github.com/taogogo/taocms/issues/12"
}
]
}

18
2021/4xxx/CVE-2021-4115.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-4115",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/4xxx/CVE-2021-4116.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-4116",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}