admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-21 05:40:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-04-13 14:00:44 +00:00
parent 37f48c68c3
commit 23055ec489
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
16 changed files with 627 additions and 377 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2020/24xxx/CVE-2020-24135.json
View File

@ -56,6 +56,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/vedees/wcms/issues/9", "name": "https://github.com/vedees/wcms/issues/9",
"url": "https://github.com/vedees/wcms/issues/9" "url": "https://github.com/vedees/wcms/issues/9"
},
{
"refsource": "MISC",
"name": "https://github.com/secwx/research/blob/main/cve/CVE-2020-24135.md",
"url": "https://github.com/secwx/research/blob/main/cve/CVE-2020-24135.md"
} }
] ]
} }

5
2020/24xxx/CVE-2020-24136.json
View File

@ -56,6 +56,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/vedees/wcms/issues/12", "name": "https://github.com/vedees/wcms/issues/12",
"url": "https://github.com/vedees/wcms/issues/12" "url": "https://github.com/vedees/wcms/issues/12"
},
{
"refsource": "MISC",
"name": "https://github.com/secwx/research/blob/main/cve/CVE-2020-24136.md",
"url": "https://github.com/secwx/research/blob/main/cve/CVE-2020-24136.md"
} }
] ]
} }

5
2020/24xxx/CVE-2020-24137.json
View File

@ -56,6 +56,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/vedees/wcms/issues/7", "name": "https://github.com/vedees/wcms/issues/7",
"url": "https://github.com/vedees/wcms/issues/7" "url": "https://github.com/vedees/wcms/issues/7"
},
{
"refsource": "MISC",
"name": "https://github.com/secwx/research/blob/main/cve/CVE-2020-24137.md",
"url": "https://github.com/secwx/research/blob/main/cve/CVE-2020-24137.md"
} }
] ]
} }

5
2020/24xxx/CVE-2020-24138.json
View File

@ -56,6 +56,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/vedees/wcms/issues/10", "name": "https://github.com/vedees/wcms/issues/10",
"url": "https://github.com/vedees/wcms/issues/10" "url": "https://github.com/vedees/wcms/issues/10"
},
{
"refsource": "MISC",
"name": "https://github.com/secwx/research/blob/main/cve/CVE-2020-24138.md",
"url": "https://github.com/secwx/research/blob/main/cve/CVE-2020-24138.md"
} }
] ]
} }

5
2020/24xxx/CVE-2020-24139.json
View File

@ -56,6 +56,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/vedees/wcms/issues/8", "name": "https://github.com/vedees/wcms/issues/8",
"url": "https://github.com/vedees/wcms/issues/8" "url": "https://github.com/vedees/wcms/issues/8"
},
{
"refsource": "MISC",
"name": "https://github.com/secwx/research/blob/main/cve/CVE-2020-24139.md",
"url": "https://github.com/secwx/research/blob/main/cve/CVE-2020-24139.md"
} }
] ]
} }

5
2020/24xxx/CVE-2020-24140.json
View File

@ -56,6 +56,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/vedees/wcms/issues/11", "name": "https://github.com/vedees/wcms/issues/11",
"url": "https://github.com/vedees/wcms/issues/11" "url": "https://github.com/vedees/wcms/issues/11"
},
{
"refsource": "MISC",
"name": "https://github.com/secwx/research/blob/main/cve/CVE-2020-24140.md",
"url": "https://github.com/secwx/research/blob/main/cve/CVE-2020-24140.md"
} }
] ]
} }

50
2021/22xxx/CVE-2021-22505.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-22505", "ID": "CVE-2021-22505",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "security@microfocus.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Operations Agent",
"version": {
"version_data": [
{
"version_value": "12.0x, 12.10, 12.11, 12.12, 12.14 and 12.15."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://softwaresupport.softwaregrp.com/doc/KM03792442",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03792442"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Escalation of privileges vulnerability in Micro Focus Operations Agent, affects versions 12.0x, 12.10, 12.11, 12.12, 12.14 and 12.15. The vulnerability could be exploited to escalate privileges and execute code under the account of the Operations Agent."
} }
] ]
} }

14
2021/25xxx/CVE-2021-25250.json
View File

@ -44,7 +44,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value" : "An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a sensitive file could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability." "value": "An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a sensitive file could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
} }
] ]
}, },
@ -63,13 +63,19 @@
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"url" : "https://success.trendmicro.com/solution/000286019" "url": "https://success.trendmicro.com/solution/000286019",
"refsource": "MISC",
"name": "https://success.trendmicro.com/solution/000286019"
}, },
{ {
"url" : "https://success.trendmicro.com/solution/000286157" "url": "https://success.trendmicro.com/solution/000286157",
"refsource": "MISC",
"name": "https://success.trendmicro.com/solution/000286157"
}, },
{ {
"url" : "https://www.zerodayinitiative.com/advisories/ZDI-21-400/" "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-400/",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-400/"
} }
] ]
} }

14
2021/25xxx/CVE-2021-25253.json
View File

@ -44,7 +44,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value" : "An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a resource used by the service could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability." "value": "An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a resource used by the service could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
} }
] ]
}, },
@ -63,13 +63,19 @@
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"url" : "https://success.trendmicro.com/solution/000286019" "url": "https://success.trendmicro.com/solution/000286019",
"refsource": "MISC",
"name": "https://success.trendmicro.com/solution/000286019"
}, },
{ {
"url" : "https://success.trendmicro.com/solution/000286157" "url": "https://success.trendmicro.com/solution/000286157",
"refsource": "MISC",
"name": "https://success.trendmicro.com/solution/000286157"
}, },
{ {
"url" : "https://www.zerodayinitiative.com/advisories/ZDI-21-401/" "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-401/",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-401/"
} }
] ]
} }

67
2021/28xxx/CVE-2021-28421.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-28421",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2021-28421",
"STATE": "PUBLIC"
}, },
"description": { "affects": {
"description_data": [ "vendor": {
"vendor_data": [
{ {
"lang": "eng", "product": {
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FluidSynth 2.1.7 contains a use after free vulnerability in sfloader/fluid_sffile.c that can result in arbitrary code execution or a denial of service (DoS) if a malicious soundfont2 file is loaded into a fluidsynth library."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/FluidSynth/fluidsynth/issues/808",
"refsource": "MISC",
"name": "https://github.com/FluidSynth/fluidsynth/issues/808"
},
{
"refsource": "MISC",
"name": "https://github.com/FluidSynth/fluidsynth/pull/810",
"url": "https://github.com/FluidSynth/fluidsynth/pull/810"
} }
] ]
} }

14
2021/28xxx/CVE-2021-28645.json
View File

@ -44,7 +44,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value" : "An incorrect permission assignment vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability." "value": "An incorrect permission assignment vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
} }
] ]
}, },
@ -63,13 +63,19 @@
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"url" : "https://success.trendmicro.com/solution/000286019" "url": "https://success.trendmicro.com/solution/000286019",
"refsource": "MISC",
"name": "https://success.trendmicro.com/solution/000286019"
}, },
{ {
"url" : "https://success.trendmicro.com/solution/000286157" "url": "https://success.trendmicro.com/solution/000286157",
"refsource": "MISC",
"name": "https://success.trendmicro.com/solution/000286157"
}, },
{ {
"url" : "https://www.zerodayinitiative.com/advisories/ZDI-21-402/" "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-402/",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-402/"
} }
] ]
} }

8
2021/28xxx/CVE-2021-28646.json
View File

@ -63,10 +63,14 @@
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"url" : "https://success.trendmicro.com/solution/000286019" "url": "https://success.trendmicro.com/solution/000286019",
"refsource": "MISC",
"name": "https://success.trendmicro.com/solution/000286019"
}, },
{ {
"url" : "https://success.trendmicro.com/solution/000286157" "url": "https://success.trendmicro.com/solution/000286157",
"refsource": "MISC",
"name": "https://success.trendmicro.com/solution/000286157"
} }
] ]
} }

4
2021/28xxx/CVE-2021-28647.json
View File

@ -53,7 +53,9 @@
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"url" : "https://helpcenter.trendmicro.com/en-us/article/TMKA-10282" "url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10282",
"refsource": "MISC",
"name": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10282"
} }
] ]
} }

5
2021/29xxx/CVE-2021-29357.json
View File

@ -56,6 +56,11 @@
"url": "https://success.outsystems.com/Support/Security/Vulnerabilities/Vulnerability_RTAF-2226", "url": "https://success.outsystems.com/Support/Security/Vulnerabilities/Vulnerability_RTAF-2226",
"refsource": "MISC", "refsource": "MISC",
"name": "https://success.outsystems.com/Support/Security/Vulnerabilities/Vulnerability_RTAF-2226" "name": "https://success.outsystems.com/Support/Security/Vulnerabilities/Vulnerability_RTAF-2226"
},
{
"refsource": "MISC",
"name": "https://labs.integrity.pt/advisories/cve-2021-29357/",
"url": "https://labs.integrity.pt/advisories/cve-2021-29357/"
} }
] ]
} }

67
2021/30xxx/CVE-2021-30175.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-30175",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2021-30175",
"STATE": "PUBLIC"
}, },
"description": { "affects": {
"description_data": [ "vendor": {
"vendor_data": [
{ {
"lang": "eng", "product": {
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ZEROF Web Server 1.0 (April 2021) allows SQL Injection via the /HandleEvent endpoint for the login page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://pro.zerof.ru",
"refsource": "MISC",
"name": "https://pro.zerof.ru"
},
{
"refsource": "MISC",
"name": "https://github.com/awillix/research/blob/main/cve/CVE-2021-30175.md",
"url": "https://github.com/awillix/research/blob/main/cve/CVE-2021-30175.md"
} }
] ]
} }

67
2021/30xxx/CVE-2021-30176.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-30176",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2021-30176",
"STATE": "PUBLIC"
}, },
"description": { "affects": {
"description_data": [ "vendor": {
"vendor_data": [
{ {
"lang": "eng", "product": {
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ZEROF Expert pro/2.0 application for mobile devices allows SQL Injection via the Authorization header to the /v2/devices/add endpoint."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://pro.zerof.ru",
"refsource": "MISC",
"name": "https://pro.zerof.ru"
},
{
"refsource": "MISC",
"name": "https://github.com/awillix/research/blob/main/cve/CVE-2021-30176.md",
"url": "https://github.com/awillix/research/blob/main/cve/CVE-2021-30176.md"
} }
] ]
} }