admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-07-15 15:00:54 +00:00
parent a819b73afd
commit 26ec052098
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
12 changed files with 347 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
2016/4xxx/CVE-2016-4074.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "The jv_dump_term function in jq 1.5 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted JSON file."
"value": "The jv_dump_term function in jq 1.5 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted JSON file. This issue has been fixed in jg 1.6_rc1-r0."
}
]
},
@ -76,6 +76,11 @@
"refsource": "MISC",
"name": "https://github.com/NixOS/nixpkgs/pull/18908",
"url": "https://github.com/NixOS/nixpkgs/pull/18908"
},
{
"refsource": "MISC",
"name": "https://github.com/hashicorp/consul/issues/10263",
"url": "https://github.com/hashicorp/consul/issues/10263"
}
]
}

5
2019/18xxx/CVE-2019-18218.json
View File

@ -111,6 +111,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0677",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00044.html"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210715 [SECURITY] [DLA 2708-1] php7.0 security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00008.html"
}
]
}

56
2020/12xxx/CVE-2020-12729.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-12729",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-12729",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "MagicMotion Flamingo 2 has a lack of access control for reading from device descriptors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.magicsmotion.com/p-flamingo.html",
"refsource": "MISC",
"name": "http://www.magicsmotion.com/p-flamingo.html"
}
]
}

56
2020/12xxx/CVE-2020-12730.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-12730",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-12730",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "MagicMotion Flamingo 2 lacks BLE encryption, enabling data sniffing and packet forgery."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.magicsmotion.com/p-flamingo.html",
"refsource": "MISC",
"name": "http://www.magicsmotion.com/p-flamingo.html"
}
]
}

56
2020/12xxx/CVE-2020-12731.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-12731",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-12731",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The MagicMotion Flamingo 2 application for Android stores data on an sdcard under com.vt.magicmotion/files/Pictures, whence it can be read by other applications."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.magicsmotion.com/p-flamingo.html",
"refsource": "MISC",
"name": "http://www.magicsmotion.com/p-flamingo.html"
}
]
}

61
2020/15xxx/CVE-2020-15495.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-15495",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-15495",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Acronis True Image 2019 update 1 through 2020 on macOS allows local privilege escalation due to an insecure XPC service configuration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.acronis.com/en-us/support/updates/index.html",
"refsource": "MISC",
"name": "https://www.acronis.com/en-us/support/updates/index.html"
},
{
"refsource": "MISC",
"name": "https://kb.acronis.com/content/68061",
"url": "https://kb.acronis.com/content/68061"
}
]
}

7
2020/19xxx/CVE-2020-19201.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "Netgate pfSense 2.4.4 - p2 is affected by: Cross Site Scripting (XSS). The impact is: Authenticated Stored XSS in NAT Configuration (local). The component is: Description Text box, Status/Reload Filter Page. The attack vector is: An attacker get access to the victim's session by performing the CSRF and gather the cookie and session ids or possibly can change the victims NAT configuration using this Stored XSS. This attack can possibly spoof the victim's informations."
"value": "A Stored Cross-Site Scripting (XSS) vulnerability was found in status_filter_reload.php, a page in the pfSense software WebGUI, on Netgate pfSense version 2.4.4-p2 and earlier. The page did not encode output from the filter reload process, and a stored XSS was possible via the descr (description) parameter on NAT rules."
}
]
},
@ -61,6 +61,11 @@
"refsource": "MISC",
"name": "https://docs.netgate.com/pfsense/en/latest/releases/2-4-4-p3.html",
"url": "https://docs.netgate.com/pfsense/en/latest/releases/2-4-4-p3.html"
},
{
"refsource": "MISC",
"name": "https://gist.github.com/dharmeshbaskaran/fd3779006361d07651a883e8a040d916",
"url": "https://gist.github.com/dharmeshbaskaran/fd3779006361d07651a883e8a040d916"
}
]
}

61
2020/25xxx/CVE-2020-25593.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-25593",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-25593",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Acronis True Image through 2021 on macOS allows local privilege escalation from admin to root due to insecure folder permissions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.acronis.com/en-us/blog/",
"refsource": "MISC",
"name": "https://www.acronis.com/en-us/blog/"
},
{
"refsource": "MISC",
"name": "https://kb.acronis.com/content/68396",
"url": "https://kb.acronis.com/content/68396"
}
]
}

61
2020/25xxx/CVE-2020-25736.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-25736",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-25736",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Acronis True Image 2019 update 1 through 2021 update 1 on macOS allows local privilege escalation due to an insecure XPC service configuration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.acronis.com/en-us/blog/",
"refsource": "MISC",
"name": "https://www.acronis.com/en-us/blog/"
},
{
"refsource": "MISC",
"name": "https://kb.acronis.com/content/68061",
"url": "https://kb.acronis.com/content/68061"
}
]
}

5
2020/7xxx/CVE-2020-7071.json
View File

@ -110,6 +110,11 @@
"refsource": "GENTOO",
"name": "GLSA-202105-23",
"url": "https://security.gentoo.org/glsa/202105-23"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210715 [SECURITY] [DLA 2708-1] php7.0 security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00008.html"
}
]
},

5
2021/21xxx/CVE-2021-21702.json
View File

@ -110,6 +110,11 @@
"refsource": "GENTOO",
"name": "GLSA-202105-23",
"url": "https://security.gentoo.org/glsa/202105-23"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210715 [SECURITY] [DLA 2708-1] php7.0 security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00008.html"
}
]
},

5
2021/28xxx/CVE-2021-28165.json
View File

@ -587,6 +587,11 @@
"refsource": "MLIST",
"name": "[solr-issues] 20210711 [jira] [Updated] (SOLR-15529) High security vulnerability in JDOM library bundled within Solr 8.9 CVE-2021-33813",
"url": "https://lists.apache.org/thread.html/rbc075a4ac85e7a8e47420b7383f16ffa0af3b792b8423584735f369f@%3Cissues.solr.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[kafka-jira] 20210715 [jira] [Commented] (KAFKA-12655) CVE-2021-28165 - Upgrade jetty to 9.4.39",
"url": "https://lists.apache.org/thread.html/r40136c2010fccf4fb2818a965e5d7ecca470e5f525c232ec5b8eb83a@%3Cjira.kafka.apache.org%3E"
}
]
}