diff --git a/2013/0xxx/CVE-2013-0340.json b/2013/0xxx/CVE-2013-0340.json index f52c5d84152..97e2a7a521d 100644 --- a/2013/0xxx/CVE-2013-0340.json +++ b/2013/0xxx/CVE-2013-0340.json @@ -156,6 +156,21 @@ "refsource": "MLIST", "name": "[oss-security] 20211007 CVE-2021-40439: Apache OpenOffice: Billion Laughs", "url": "http://www.openwall.com/lists/oss-security/2021/10/07/4" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-10 Additional information for APPLE-SA-2021-09-20-2 watchOS 8", + "url": "http://seclists.org/fulldisclosure/2021/Oct/62" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-11 Additional information for APPLE-SA-2021-09-20-3 tvOS 15", + "url": "http://seclists.org/fulldisclosure/2021/Oct/63" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-9 Additional information for APPLE-SA-2021-09-20-1 iOS 15 and iPadOS 15", + "url": "http://seclists.org/fulldisclosure/2021/Oct/61" } ] } diff --git a/2020/21xxx/CVE-2020-21250.json b/2020/21xxx/CVE-2020-21250.json index 932707c038d..c1326cebf70 100644 --- a/2020/21xxx/CVE-2020-21250.json +++ b/2020/21xxx/CVE-2020-21250.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-21250", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-21250", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "CSZ CMS v1.2.4 was discovered to contain an arbitrary file upload vulnerability in the component /core/MY_Security.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/cskaza/cszcms/issues/22", + "refsource": "MISC", + "name": "https://github.com/cskaza/cszcms/issues/22" } ] } diff --git a/2021/30xxx/CVE-2021-30810.json b/2021/30xxx/CVE-2021-30810.json index a5d6c19ebdb..37cc53b78f9 100644 --- a/2021/30xxx/CVE-2021-30810.json +++ b/2021/30xxx/CVE-2021-30810.json @@ -81,6 +81,21 @@ "refsource": "MISC", "url": "https://support.apple.com/en-us/HT212815", "name": "https://support.apple.com/en-us/HT212815" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-10 Additional information for APPLE-SA-2021-09-20-2 watchOS 8", + "url": "http://seclists.org/fulldisclosure/2021/Oct/62" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-11 Additional information for APPLE-SA-2021-09-20-3 tvOS 15", + "url": "http://seclists.org/fulldisclosure/2021/Oct/63" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-9 Additional information for APPLE-SA-2021-09-20-1 iOS 15 and iPadOS 15", + "url": "http://seclists.org/fulldisclosure/2021/Oct/61" } ] }, diff --git a/2021/30xxx/CVE-2021-30811.json b/2021/30xxx/CVE-2021-30811.json index 0eb0f763588..e8f2b109a5e 100644 --- a/2021/30xxx/CVE-2021-30811.json +++ b/2021/30xxx/CVE-2021-30811.json @@ -65,6 +65,16 @@ "refsource": "MISC", "url": "https://support.apple.com/en-us/HT212819", "name": "https://support.apple.com/en-us/HT212819" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-10 Additional information for APPLE-SA-2021-09-20-2 watchOS 8", + "url": "http://seclists.org/fulldisclosure/2021/Oct/62" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-9 Additional information for APPLE-SA-2021-09-20-1 iOS 15 and iPadOS 15", + "url": "http://seclists.org/fulldisclosure/2021/Oct/61" } ] }, diff --git a/2021/30xxx/CVE-2021-30815.json b/2021/30xxx/CVE-2021-30815.json index 0e9b0b31ed3..275b33e274f 100644 --- a/2021/30xxx/CVE-2021-30815.json +++ b/2021/30xxx/CVE-2021-30815.json @@ -49,6 +49,11 @@ "refsource": "MISC", "url": "https://support.apple.com/en-us/HT212814", "name": "https://support.apple.com/en-us/HT212814" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-9 Additional information for APPLE-SA-2021-09-20-1 iOS 15 and iPadOS 15", + "url": "http://seclists.org/fulldisclosure/2021/Oct/61" } ] }, diff --git a/2021/30xxx/CVE-2021-30819.json b/2021/30xxx/CVE-2021-30819.json index 7e5d9e5ddb5..3343b87a638 100644 --- a/2021/30xxx/CVE-2021-30819.json +++ b/2021/30xxx/CVE-2021-30819.json @@ -49,6 +49,11 @@ "refsource": "MISC", "url": "https://support.apple.com/en-us/HT212814", "name": "https://support.apple.com/en-us/HT212814" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-9 Additional information for APPLE-SA-2021-09-20-1 iOS 15 and iPadOS 15", + "url": "http://seclists.org/fulldisclosure/2021/Oct/61" } ] }, diff --git a/2021/30xxx/CVE-2021-30825.json b/2021/30xxx/CVE-2021-30825.json index 48745712088..dfc77df73ce 100644 --- a/2021/30xxx/CVE-2021-30825.json +++ b/2021/30xxx/CVE-2021-30825.json @@ -49,6 +49,11 @@ "refsource": "MISC", "url": "https://support.apple.com/en-us/HT212814", "name": "https://support.apple.com/en-us/HT212814" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-9 Additional information for APPLE-SA-2021-09-20-1 iOS 15 and iPadOS 15", + "url": "http://seclists.org/fulldisclosure/2021/Oct/61" } ] }, diff --git a/2021/30xxx/CVE-2021-30826.json b/2021/30xxx/CVE-2021-30826.json index ab58b00ea6d..7a4658a989c 100644 --- a/2021/30xxx/CVE-2021-30826.json +++ b/2021/30xxx/CVE-2021-30826.json @@ -49,6 +49,11 @@ "refsource": "MISC", "url": "https://support.apple.com/en-us/HT212814", "name": "https://support.apple.com/en-us/HT212814" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-9 Additional information for APPLE-SA-2021-09-20-1 iOS 15 and iPadOS 15", + "url": "http://seclists.org/fulldisclosure/2021/Oct/61" } ] }, diff --git a/2021/30xxx/CVE-2021-30835.json b/2021/30xxx/CVE-2021-30835.json index dc4e4103a39..46487628870 100644 --- a/2021/30xxx/CVE-2021-30835.json +++ b/2021/30xxx/CVE-2021-30835.json @@ -113,6 +113,21 @@ "refsource": "MISC", "url": "https://support.apple.com/en-us/HT212817", "name": "https://support.apple.com/en-us/HT212817" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-10 Additional information for APPLE-SA-2021-09-20-2 watchOS 8", + "url": "http://seclists.org/fulldisclosure/2021/Oct/62" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-11 Additional information for APPLE-SA-2021-09-20-3 tvOS 15", + "url": "http://seclists.org/fulldisclosure/2021/Oct/63" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-9 Additional information for APPLE-SA-2021-09-20-1 iOS 15 and iPadOS 15", + "url": "http://seclists.org/fulldisclosure/2021/Oct/61" } ] }, diff --git a/2021/30xxx/CVE-2021-30837.json b/2021/30xxx/CVE-2021-30837.json index 56d21790150..f0c35eb053c 100644 --- a/2021/30xxx/CVE-2021-30837.json +++ b/2021/30xxx/CVE-2021-30837.json @@ -81,6 +81,21 @@ "refsource": "MISC", "url": "https://support.apple.com/en-us/HT212815", "name": "https://support.apple.com/en-us/HT212815" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-10 Additional information for APPLE-SA-2021-09-20-2 watchOS 8", + "url": "http://seclists.org/fulldisclosure/2021/Oct/62" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-11 Additional information for APPLE-SA-2021-09-20-3 tvOS 15", + "url": "http://seclists.org/fulldisclosure/2021/Oct/63" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-9 Additional information for APPLE-SA-2021-09-20-1 iOS 15 and iPadOS 15", + "url": "http://seclists.org/fulldisclosure/2021/Oct/61" } ] }, diff --git a/2021/30xxx/CVE-2021-30838.json b/2021/30xxx/CVE-2021-30838.json index 6630e8ea8bd..994442b6c33 100644 --- a/2021/30xxx/CVE-2021-30838.json +++ b/2021/30xxx/CVE-2021-30838.json @@ -49,6 +49,11 @@ "refsource": "MISC", "url": "https://support.apple.com/en-us/HT212814", "name": "https://support.apple.com/en-us/HT212814" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-9 Additional information for APPLE-SA-2021-09-20-1 iOS 15 and iPadOS 15", + "url": "http://seclists.org/fulldisclosure/2021/Oct/61" } ] }, diff --git a/2021/30xxx/CVE-2021-30841.json b/2021/30xxx/CVE-2021-30841.json index 54130ba4618..84952b6e583 100644 --- a/2021/30xxx/CVE-2021-30841.json +++ b/2021/30xxx/CVE-2021-30841.json @@ -129,6 +129,21 @@ "refsource": "MISC", "url": "https://support.apple.com/en-us/HT212815", "name": "https://support.apple.com/en-us/HT212815" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-10 Additional information for APPLE-SA-2021-09-20-2 watchOS 8", + "url": "http://seclists.org/fulldisclosure/2021/Oct/62" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-11 Additional information for APPLE-SA-2021-09-20-3 tvOS 15", + "url": "http://seclists.org/fulldisclosure/2021/Oct/63" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-9 Additional information for APPLE-SA-2021-09-20-1 iOS 15 and iPadOS 15", + "url": "http://seclists.org/fulldisclosure/2021/Oct/61" } ] }, diff --git a/2021/30xxx/CVE-2021-30842.json b/2021/30xxx/CVE-2021-30842.json index 4ca91a57133..a6bae470085 100644 --- a/2021/30xxx/CVE-2021-30842.json +++ b/2021/30xxx/CVE-2021-30842.json @@ -129,6 +129,21 @@ "refsource": "MISC", "url": "https://support.apple.com/en-us/HT212815", "name": "https://support.apple.com/en-us/HT212815" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-10 Additional information for APPLE-SA-2021-09-20-2 watchOS 8", + "url": "http://seclists.org/fulldisclosure/2021/Oct/62" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-11 Additional information for APPLE-SA-2021-09-20-3 tvOS 15", + "url": "http://seclists.org/fulldisclosure/2021/Oct/63" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-9 Additional information for APPLE-SA-2021-09-20-1 iOS 15 and iPadOS 15", + "url": "http://seclists.org/fulldisclosure/2021/Oct/61" } ] }, diff --git a/2021/30xxx/CVE-2021-30843.json b/2021/30xxx/CVE-2021-30843.json index ef545095ea1..c5f7ed7da31 100644 --- a/2021/30xxx/CVE-2021-30843.json +++ b/2021/30xxx/CVE-2021-30843.json @@ -129,6 +129,21 @@ "refsource": "MISC", "url": "https://support.apple.com/en-us/HT212815", "name": "https://support.apple.com/en-us/HT212815" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-10 Additional information for APPLE-SA-2021-09-20-2 watchOS 8", + "url": "http://seclists.org/fulldisclosure/2021/Oct/62" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-11 Additional information for APPLE-SA-2021-09-20-3 tvOS 15", + "url": "http://seclists.org/fulldisclosure/2021/Oct/63" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-9 Additional information for APPLE-SA-2021-09-20-1 iOS 15 and iPadOS 15", + "url": "http://seclists.org/fulldisclosure/2021/Oct/61" } ] }, diff --git a/2021/30xxx/CVE-2021-30846.json b/2021/30xxx/CVE-2021-30846.json index 4b42820155f..d97b7b0cce5 100644 --- a/2021/30xxx/CVE-2021-30846.json +++ b/2021/30xxx/CVE-2021-30846.json @@ -128,6 +128,26 @@ "refsource": "MLIST", "name": "[oss-security] 20211027 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006", "url": "http://www.openwall.com/lists/oss-security/2021/10/27/2" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-8 Additional information for APPLE-SA-2021-09-20-5 Safari 15", + "url": "http://seclists.org/fulldisclosure/2021/Oct/60" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-10 Additional information for APPLE-SA-2021-09-20-2 watchOS 8", + "url": "http://seclists.org/fulldisclosure/2021/Oct/62" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-11 Additional information for APPLE-SA-2021-09-20-3 tvOS 15", + "url": "http://seclists.org/fulldisclosure/2021/Oct/63" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-9 Additional information for APPLE-SA-2021-09-20-1 iOS 15 and iPadOS 15", + "url": "http://seclists.org/fulldisclosure/2021/Oct/61" } ] }, diff --git a/2021/30xxx/CVE-2021-30847.json b/2021/30xxx/CVE-2021-30847.json index 7103cac2fa6..c477d9db889 100644 --- a/2021/30xxx/CVE-2021-30847.json +++ b/2021/30xxx/CVE-2021-30847.json @@ -134,6 +134,21 @@ "refsource": "MISC", "url": "https://support.apple.com/en-us/HT212817", "name": "https://support.apple.com/en-us/HT212817" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-10 Additional information for APPLE-SA-2021-09-20-2 watchOS 8", + "url": "http://seclists.org/fulldisclosure/2021/Oct/62" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-11 Additional information for APPLE-SA-2021-09-20-3 tvOS 15", + "url": "http://seclists.org/fulldisclosure/2021/Oct/63" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-9 Additional information for APPLE-SA-2021-09-20-1 iOS 15 and iPadOS 15", + "url": "http://seclists.org/fulldisclosure/2021/Oct/61" } ] }, diff --git a/2021/30xxx/CVE-2021-30848.json b/2021/30xxx/CVE-2021-30848.json index 5daca56abc8..117c43dd340 100644 --- a/2021/30xxx/CVE-2021-30848.json +++ b/2021/30xxx/CVE-2021-30848.json @@ -96,6 +96,16 @@ "refsource": "MLIST", "name": "[oss-security] 20211027 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006", "url": "http://www.openwall.com/lists/oss-security/2021/10/27/2" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-8 Additional information for APPLE-SA-2021-09-20-5 Safari 15", + "url": "http://seclists.org/fulldisclosure/2021/Oct/60" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-9 Additional information for APPLE-SA-2021-09-20-1 iOS 15 and iPadOS 15", + "url": "http://seclists.org/fulldisclosure/2021/Oct/61" } ] }, diff --git a/2021/30xxx/CVE-2021-30849.json b/2021/30xxx/CVE-2021-30849.json index 61e5f7d270b..7697c314f74 100644 --- a/2021/30xxx/CVE-2021-30849.json +++ b/2021/30xxx/CVE-2021-30849.json @@ -144,6 +144,26 @@ "refsource": "MLIST", "name": "[oss-security] 20211027 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006", "url": "http://www.openwall.com/lists/oss-security/2021/10/27/2" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-8 Additional information for APPLE-SA-2021-09-20-5 Safari 15", + "url": "http://seclists.org/fulldisclosure/2021/Oct/60" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-10 Additional information for APPLE-SA-2021-09-20-2 watchOS 8", + "url": "http://seclists.org/fulldisclosure/2021/Oct/62" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-11 Additional information for APPLE-SA-2021-09-20-3 tvOS 15", + "url": "http://seclists.org/fulldisclosure/2021/Oct/63" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-9 Additional information for APPLE-SA-2021-09-20-1 iOS 15 and iPadOS 15", + "url": "http://seclists.org/fulldisclosure/2021/Oct/61" } ] }, diff --git a/2021/30xxx/CVE-2021-30850.json b/2021/30xxx/CVE-2021-30850.json index 35604c5ad42..ae7977a79b0 100644 --- a/2021/30xxx/CVE-2021-30850.json +++ b/2021/30xxx/CVE-2021-30850.json @@ -81,6 +81,11 @@ "refsource": "MISC", "url": "https://support.apple.com/en-us/HT212815", "name": "https://support.apple.com/en-us/HT212815" + }, + { + "refsource": "FULLDISC", + "name": "20211027 APPLE-SA-2021-10-26-11 Additional information for APPLE-SA-2021-09-20-3 tvOS 15", + "url": "http://seclists.org/fulldisclosure/2021/Oct/63" } ] }, diff --git a/2021/34xxx/CVE-2021-34754.json b/2021/34xxx/CVE-2021-34754.json index 590cde1fc32..fdcf7e23ca3 100644 --- a/2021/34xxx/CVE-2021-34754.json +++ b/2021/34xxx/CVE-2021-34754.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "Multiple vulnerabilities in the payload inspection for Ethernet Industrial Protocol (ENIP) traffic for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured rules for ENIP traffic.\r These vulnerabilities are due to incomplete processing during deep packet inspection for ENIP packets. An attacker could exploit these vulnerabilities by sending a crafted ENIP packet to the targeted interface. A successful exploit could allow the attacker to bypass configured access control and intrusion policies that should be activated for the ENIP packet.\r " + "value": "Multiple vulnerabilities in the payload inspection for Ethernet Industrial Protocol (ENIP) traffic for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured rules for ENIP traffic. These vulnerabilities are due to incomplete processing during deep packet inspection for ENIP packets. An attacker could exploit these vulnerabilities by sending a crafted ENIP packet to the targeted interface. A successful exploit could allow the attacker to bypass configured access control and intrusion policies that should be activated for the ENIP packet." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2021/40xxx/CVE-2021-40125.json b/2021/40xxx/CVE-2021-40125.json index 6b0868f538d..670b0ba405f 100644 --- a/2021/40xxx/CVE-2021-40125.json +++ b/2021/40xxx/CVE-2021-40125.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the Internet Key Exchange Version 2 (IKEv2) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to trigger a denial of service (DoS) condition on an affected device.\r This vulnerability is due to improper control of a resource. An attacker with the ability to spoof a trusted IKEv2 site-to-site VPN peer and in possession of valid IKEv2 credentials for that peer could exploit this vulnerability by sending malformed, authenticated IKEv2 messages to an affected device. A successful exploit could allow the attacker to trigger a reload of the device.\r " + "value": "A vulnerability in the Internet Key Exchange Version 2 (IKEv2) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to trigger a denial of service (DoS) condition on an affected device. This vulnerability is due to improper control of a resource. An attacker with the ability to spoof a trusted IKEv2 site-to-site VPN peer and in possession of valid IKEv2 credentials for that peer could exploit this vulnerability by sending malformed, authenticated IKEv2 messages to an affected device. A successful exploit could allow the attacker to trigger a reload of the device." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file