admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-02-22 15:00:39 +00:00
parent f69290a5cb
commit 1d27fcb9c5
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
11 changed files with 476 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
2020/19xxx/CVE-2020-19762.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-19762",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-19762",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Automated Logic Corporation (ALC) WebCTRL System 6.5 and prior allows remote attackers to execute any JavaScript code via a XSS payload for the first parameter in a GET request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/ismailerkek/CVEs/blob/main/CVE-2020-19762-RESERVED.md",
"url": "https://github.com/ismailerkek/CVEs/blob/main/CVE-2020-19762-RESERVED.md"
}
]
}

61
2020/21xxx/CVE-2020-21224.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-21224",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-21224",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Remote Code Execution vulnerability has been found in Inspur ClusterEngine V4.0. A remote attacker can send a malicious login packet to the control server"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/NS-Sp4ce/Inspur/tree/master/ClusterEngineV4.0%20Vul",
"refsource": "MISC",
"name": "https://github.com/NS-Sp4ce/Inspur/tree/master/ClusterEngineV4.0%20Vul"
},
{
"refsource": "MISC",
"name": "https://github.com/NS-Sp4ce/Inspur/",
"url": "https://github.com/NS-Sp4ce/Inspur/"
}
]
}

5
2021/26xxx/CVE-2021-26723.json
View File

@ -66,6 +66,11 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/161303/Jenzabar-9.2.2-Cross-Site-Scripting.html",
"url": "http://packetstormsecurity.com/files/161303/Jenzabar-9.2.2-Cross-Site-Scripting.html"
},
{
"refsource": "MISC",
"name": "https://gist.github.com/Y0ung-DST/d1b6b65be6248b0ffc2b2f2120deb205",
"url": "https://gist.github.com/Y0ung-DST/d1b6b65be6248b0ffc2b2f2120deb205"
}
]
}

5
2021/26xxx/CVE-2021-26937.json
View File

@ -76,6 +76,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210219 [SECURITY] [DLA 2570-1] screen security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00031.html"
},
{
"refsource": "DEBIAN",
"name": "DSA-4861",
"url": "https://www.debian.org/security/2021/dsa-4861"
}
]
}

5
2021/27xxx/CVE-2021-27212.json
View File

@ -71,6 +71,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210220 [SECURITY] [DLA 2574-1] openldap security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00035.html"
},
{
"refsource": "DEBIAN",
"name": "DSA-4860",
"url": "https://www.debian.org/security/2021/dsa-4860"
}
]
}

61
2021/27xxx/CVE-2021-27368.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-27368",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-27368",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Contact page in Monica 2.19.1 allows stored XSS via the First Name field."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/monicahq/monica/issues/4888",
"refsource": "MISC",
"name": "https://github.com/monicahq/monica/issues/4888"
},
{
"url": "https://github.com/monicahq/monica/pull/4543",
"refsource": "MISC",
"name": "https://github.com/monicahq/monica/pull/4543"
}
]
}

61
2021/27xxx/CVE-2021-27369.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-27369",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-27369",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Contact page in Monica 2.19.1 allows stored XSS via the Middle Name field."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/monicahq/monica/issues/4888",
"refsource": "MISC",
"name": "https://github.com/monicahq/monica/issues/4888"
},
{
"url": "https://github.com/monicahq/monica/pull/4543",
"refsource": "MISC",
"name": "https://github.com/monicahq/monica/pull/4543"
}
]
}

61
2021/27xxx/CVE-2021-27370.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-27370",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-27370",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Contact page in Monica 2.19.1 allows stored XSS via the Last Name field."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/monicahq/monica/issues/4888",
"refsource": "MISC",
"name": "https://github.com/monicahq/monica/issues/4888"
},
{
"url": "https://github.com/monicahq/monica/pull/4543",
"refsource": "MISC",
"name": "https://github.com/monicahq/monica/pull/4543"
}
]
}

61
2021/27xxx/CVE-2021-27371.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-27371",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-27371",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Contact page in Monica 2.19.1 allows stored XSS via the Description field."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/monicahq/monica/issues/4888",
"refsource": "MISC",
"name": "https://github.com/monicahq/monica/issues/4888"
},
{
"url": "https://github.com/monicahq/monica/pull/4543",
"refsource": "MISC",
"name": "https://github.com/monicahq/monica/pull/4543"
}
]
}

67
2021/27xxx/CVE-2021-27559.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-27559",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Contact page in Monica 2.19.1 allows stored XSS via the Nickname field."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/monicahq/monica/issues/4888",
"refsource": "MISC",
"name": "https://github.com/monicahq/monica/issues/4888"
},
{
"url": "https://github.com/monicahq/monica/pull/4543",
"refsource": "MISC",
"name": "https://github.com/monicahq/monica/pull/4543"
}
]
}
}

75
2021/3xxx/CVE-2021-3120.json
View File

@ -1,18 +1,81 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3120",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-3120",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An arbitrary file upload vulnerability in the YITH WooCommerce Gift Cards Premium plugin before 3.3.1 for WordPress allows remote attackers to achieve remote code execution on the operating system in the security context of the web server. In order to exploit this vulnerability, an attacker must be able to place a valid Gift Card product into the shopping cart. An uploaded file is placed at a predetermined path on the web server with a user-specified filename and extension. This occurs because the ywgc-upload-picture parameter can have a .php value even though the intention was to only allow uploads of Gift Card images."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://yithemes.com/themes/plugins/yith-woocommerce-gift-cards/",
"refsource": "MISC",
"name": "https://yithemes.com/themes/plugins/yith-woocommerce-gift-cards/"
},
{
"url": "https://github.com/guy-liu/yith-giftdrop",
"refsource": "MISC",
"name": "https://github.com/guy-liu/yith-giftdrop"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N",
"version": "3.1"
}
}
}