diff --git a/2020/17xxx/CVE-2020-17518.json b/2020/17xxx/CVE-2020-17518.json index 027e3723fac..dc21962eb89 100644 --- a/2020/17xxx/CVE-2020-17518.json +++ b/2020/17xxx/CVE-2020-17518.json @@ -173,6 +173,11 @@ "refsource": "MLIST", "name": "[flink-dev] 20210121 Re: [VOTE] Release 1.10.3, release candidate #1", "url": "https://lists.apache.org/thread.html/rd2467344f88bcaf108b8209ca92da8ec393c68174bfb8c27d1e20faa@%3Cdev.flink.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[announce] 20210125 Apache Software Foundation Security Report: 2020", + "url": "https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922@%3Cannounce.apache.org%3E" } ] }, diff --git a/2020/35xxx/CVE-2020-35653.json b/2020/35xxx/CVE-2020-35653.json index 111e5aad4c7..24997d7a65a 100644 --- a/2020/35xxx/CVE-2020-35653.json +++ b/2020/35xxx/CVE-2020-35653.json @@ -61,6 +61,11 @@ "refsource": "FEDORA", "name": "FEDORA-2021-a8ddc1ce70", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6BYVI5G44MRIPERKYDQEL3S3YQCZTVHE/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-880aa7bd27", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BF553AMNNNBW7SH4IM4MNE4M6GNZQ7YD/" } ] } diff --git a/2020/35xxx/CVE-2020-35654.json b/2020/35xxx/CVE-2020-35654.json index 98b853297a7..fcd6ad39cc6 100644 --- a/2020/35xxx/CVE-2020-35654.json +++ b/2020/35xxx/CVE-2020-35654.json @@ -61,6 +61,11 @@ "refsource": "FEDORA", "name": "FEDORA-2021-a8ddc1ce70", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6BYVI5G44MRIPERKYDQEL3S3YQCZTVHE/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-880aa7bd27", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BF553AMNNNBW7SH4IM4MNE4M6GNZQ7YD/" } ] } diff --git a/2020/35xxx/CVE-2020-35655.json b/2020/35xxx/CVE-2020-35655.json index 98f53e0456c..671e5f223da 100644 --- a/2020/35xxx/CVE-2020-35655.json +++ b/2020/35xxx/CVE-2020-35655.json @@ -61,6 +61,11 @@ "refsource": "FEDORA", "name": "FEDORA-2021-a8ddc1ce70", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6BYVI5G44MRIPERKYDQEL3S3YQCZTVHE/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-880aa7bd27", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BF553AMNNNBW7SH4IM4MNE4M6GNZQ7YD/" } ] } diff --git a/2021/3xxx/CVE-2021-3177.json b/2021/3xxx/CVE-2021-3177.json index e5fe461189d..9850b096c69 100644 --- a/2021/3xxx/CVE-2021-3177.json +++ b/2021/3xxx/CVE-2021-3177.json @@ -76,11 +76,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-cc3ff94cfc", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NQPARTLNSFQVMMQHPNBFOCOZOO3TMQNA/" - }, - { - "refsource": "GENTOO", - "name": "GLSA-202101-18", - "url": "https://security.gentoo.org/glsa/202101-18" } ] } diff --git a/2021/3xxx/CVE-2021-3186.json b/2021/3xxx/CVE-2021-3186.json index 5d1ed95af87..c665bb8500c 100644 --- a/2021/3xxx/CVE-2021-3186.json +++ b/2021/3xxx/CVE-2021-3186.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-3186", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-3186", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A Stored Cross-site scripting (XSS) vulnerability in /main.html Wifi Settings in Tenda AC5 AC1200 version V15.03.06.47_multi allows remote attackers to inject arbitrary web script or HTML via the Wifi Name parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.hackingarticles.in/exploiting-stored-cross-site-scripting-at-tenda-ac5-ac1200/", + "url": "https://www.hackingarticles.in/exploiting-stored-cross-site-scripting-at-tenda-ac5-ac1200/" } ] } diff --git a/2021/3xxx/CVE-2021-3278.json b/2021/3xxx/CVE-2021-3278.json index 232a7331f39..ae0233fbea0 100644 --- a/2021/3xxx/CVE-2021-3278.json +++ b/2021/3xxx/CVE-2021-3278.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-3278", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-3278", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Local Service Search Engine Management System 1.0 has a vulnerability through authentication bypass using SQL injection . Using this vulnerability, an attacker can bypass the login page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.exploit-db.com/exploits/49163", + "refsource": "MISC", + "name": "https://www.exploit-db.com/exploits/49163" + }, + { + "url": "https://www.sourcecodester.com/php/14607/local-service-search-engine-management-system-using-phpmysqli-source-code.html", + "refsource": "MISC", + "name": "https://www.sourcecodester.com/php/14607/local-service-search-engine-management-system-using-phpmysqli-source-code.html" } ] } diff --git a/2021/3xxx/CVE-2021-3297.json b/2021/3xxx/CVE-2021-3297.json index dec5ca48f78..4abf933e62c 100644 --- a/2021/3xxx/CVE-2021-3297.json +++ b/2021/3xxx/CVE-2021-3297.json @@ -1,71 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-3297", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-3297", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "On Zyxel NBG2105 V1.00(AAGU.2)C0 devices, setting the login cookie to 1 provides administrator access." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zyxel.com/us/en/support/security_advisories.shtml", - "refsource": "MISC", - "name": "https://www.zyxel.com/us/en/support/security_advisories.shtml" - }, - { - "url": "https://www.zyxel.com/support/SupportLandingSR.shtml?c=gb&l=en&kbid=M-01490&md=NBG2105", - "refsource": "MISC", - "name": "https://www.zyxel.com/support/SupportLandingSR.shtml?c=gb&l=en&kbid=M-01490&md=NBG2105" - }, - { - "refsource": "MISC", - "name": "https://github.com/nieldk/vulnerabilities/blob/main/zyxel%20nbg2105/Admin%20bypass", - "url": "https://github.com/nieldk/vulnerabilities/blob/main/zyxel%20nbg2105/Admin%20bypass" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] }