admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-01-14 02:01:03 +00:00
parent e76fc12c3c
commit 30270456e0
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
8 changed files with 78 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
2021/38xxx/CVE-2021-38677.json
View File

@ -43,7 +43,7 @@
"description_data": [
{
"lang": "eng",
"value": "A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running QcalAgent. If exploited, this vulnerability allows remote attackers to inject malicious code.\nWe have already fixed this vulnerability in the following versions of QcalAgent:\nQcalAgent 1.1.7 and later\n"
"value": "A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running QcalAgent. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of QcalAgent: QcalAgent 1.1.7 and later"
}
]
},
@ -81,8 +81,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.qnap.com/en/security-advisory/qsa-21-60"
"refsource": "MISC",
"url": "https://www.qnap.com/en/security-advisory/qsa-21-60",
"name": "https://www.qnap.com/en/security-advisory/qsa-21-60"
}
]
},

7
2021/38xxx/CVE-2021-38678.json
View File

@ -43,7 +43,7 @@
"description_data": [
{
"lang": "eng",
"value": "An open redirect vulnerability has been reported to affect QNAP device running QcalAgent. If exploited, this vulnerability allows attackers to redirect users to an untrusted page that contains malware.\nWe have already fixed this vulnerability in the following versions of QcalAgent:\nQcalAgent 1.1.7 and later\n"
"value": "An open redirect vulnerability has been reported to affect QNAP device running QcalAgent. If exploited, this vulnerability allows attackers to redirect users to an untrusted page that contains malware. We have already fixed this vulnerability in the following versions of QcalAgent: QcalAgent 1.1.7 and later"
}
]
},
@ -81,8 +81,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.qnap.com/en/security-advisory/qsa-21-60"
"refsource": "MISC",
"url": "https://www.qnap.com/en/security-advisory/qsa-21-60",
"name": "https://www.qnap.com/en/security-advisory/qsa-21-60"
}
]
},

7
2021/38xxx/CVE-2021-38682.json
View File

@ -93,7 +93,7 @@
"description_data": [
{
"lang": "eng",
"value": "A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code.\nWe have already fixed this vulnerability in the following versions of QVR Elite, QVR Pro, QVR Guard:\nQuTS hero h5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later\nQuTS hero h4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later\nQTS 5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later\nQTS 4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later\nQTS 4.5.4: QVR Pro 2.1.3.0 (2021/12/06) and later\nQTS 5.0.0: QVR Pro 2.1.3.0 (2021/12/06) and later\nQTS 4.5.4: QVR Guard 2.1.3.0 and later\nQTS 5.0.0: QVR Guard 2.1.3.0 and later\n"
"value": "A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of QVR Elite, QVR Pro, QVR Guard: QuTS hero h5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QuTS hero h4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 4.5.4: QVR Guard 2.1.3.0 and later QTS 5.0.0: QVR Guard 2.1.3.0 and later"
}
]
},
@ -131,8 +131,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.qnap.com/en/security-advisory/qsa-21-59"
"refsource": "MISC",
"url": "https://www.qnap.com/en/security-advisory/qsa-21-59",
"name": "https://www.qnap.com/en/security-advisory/qsa-21-59"
}
]
},

7
2021/38xxx/CVE-2021-38689.json
View File

@ -93,7 +93,7 @@
"description_data": [
{
"lang": "eng",
"value": "A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code.\nWe have already fixed this vulnerability in the following versions of QVR Elite, QVR Pro, QVR Guard:\nQuTS hero h5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later\nQuTS hero h4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later\nQTS 5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later\nQTS 4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later\nQTS 4.5.4: QVR Pro 2.1.3.0 (2021/12/06) and later\nQTS 5.0.0: QVR Pro 2.1.3.0 (2021/12/06) and later\nQTS 4.5.4: QVR Guard 2.1.3.0 (2021/12/06) and later\nQTS 5.0.0: QVR Guard 2.1.3.0 (2021/12/06) and later\n"
"value": "A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of QVR Elite, QVR Pro, QVR Guard: QuTS hero h5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QuTS hero h4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 4.5.4: QVR Guard 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Guard 2.1.3.0 (2021/12/06) and later"
}
]
},
@ -131,8 +131,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.qnap.com/en/security-advisory/qsa-21-59"
"refsource": "MISC",
"url": "https://www.qnap.com/en/security-advisory/qsa-21-59",
"name": "https://www.qnap.com/en/security-advisory/qsa-21-59"
}
]
},

7
2021/38xxx/CVE-2021-38690.json
View File

@ -93,7 +93,7 @@
"description_data": [
{
"lang": "eng",
"value": "A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code.\nWe have already fixed this vulnerability in the following versions of QVR Elite, QVR Pro, QVR Guard:\nQuTS hero h5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later\nQuTS hero h4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later\nQTS 5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later\nQTS 4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later\nQTS 4.5.4: QVR Pro 2.1.3.0 (2021/12/06) and later\nQTS 5.0.0: QVR Pro 2.1.3.0 (2021/12/06) and later\nQTS 4.5.4: QVR Guard 2.1.3.0 (2021/12/06) and later\nQTS 5.0.0: QVR Guard 2.1.3.0 (2021/12/06) and later\n"
"value": "A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of QVR Elite, QVR Pro, QVR Guard: QuTS hero h5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QuTS hero h4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 4.5.4: QVR Guard 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Guard 2.1.3.0 (2021/12/06) and later"
}
]
},
@ -131,8 +131,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.qnap.com/en/security-advisory/qsa-21-59"
"refsource": "MISC",
"url": "https://www.qnap.com/en/security-advisory/qsa-21-59",
"name": "https://www.qnap.com/en/security-advisory/qsa-21-59"
}
]
},

7
2021/38xxx/CVE-2021-38691.json
View File

@ -93,7 +93,7 @@
"description_data": [
{
"lang": "eng",
"value": "A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code.\nWe have already fixed this vulnerability in the following versions of QVR Elite, QVR Pro, QVR Guard:\nQuTS hero h5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later\nQuTS hero h4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later\nQTS 5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later\nQTS 4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later\nQTS 4.5.4: QVR Pro 2.1.3.0 (2021/12/06) and later\nQTS 5.0.0: QVR Pro 2.1.3.0 (2021/12/06) and later\nQTS 4.5.4: QVR Guard 2.1.3.0 (2021/12/06) and later\nQTS 5.0.0: QVR Guard 2.1.3.0 (2021/12/06) and later\n"
"value": "A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of QVR Elite, QVR Pro, QVR Guard: QuTS hero h5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QuTS hero h4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 4.5.4: QVR Guard 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Guard 2.1.3.0 (2021/12/06) and later"
}
]
},
@ -131,8 +131,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.qnap.com/en/security-advisory/qsa-21-59"
"refsource": "MISC",
"url": "https://www.qnap.com/en/security-advisory/qsa-21-59",
"name": "https://www.qnap.com/en/security-advisory/qsa-21-59"
}
]
},

7
2021/38xxx/CVE-2021-38692.json
View File

@ -93,7 +93,7 @@
"description_data": [
{
"lang": "eng",
"value": "A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code.\nWe have already fixed this vulnerability in the following versions of QVR Elite, QVR Pro, QVR Guard:\nQuTS hero h5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later\nQuTS hero h4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later\nQTS 5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later\nQTS 4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later\nQTS 4.5.4: QVR Pro 2.1.3.0 (2021/12/06) and later\nQTS 5.0.0: QVR Pro 2.1.3.0 (2021/12/06) and later\nQTS 4.5.4: QVR Guard 2.1.3.0 (2021/12/06) and later\nQTS 5.0.0: QVR Guard 2.1.3.0 (2021/12/06) and later\n"
"value": "A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of QVR Elite, QVR Pro, QVR Guard: QuTS hero h5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QuTS hero h4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 4.5.4: QVR Guard 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Guard 2.1.3.0 (2021/12/06) and later"
}
]
},
@ -131,8 +131,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.qnap.com/en/security-advisory/qsa-21-59"
"refsource": "MISC",
"url": "https://www.qnap.com/en/security-advisory/qsa-21-59",
"name": "https://www.qnap.com/en/security-advisory/qsa-21-59"
}
]
},

56
2021/46xxx/CVE-2021-46255.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-46255",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-46255",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "eyouCMS V1.5.5-UTF8-SP3_1 suffers from Arbitrary file deletion due to insufficient filtering of the parameter filename."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/eyoucms/eyoucms/issues/21",
"refsource": "MISC",
"name": "https://github.com/eyoucms/eyoucms/issues/21"
}
]
}