mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
"-Synchronized-Data."
This commit is contained in:
parent
a506c7d8e5
commit
3c4156896e
@ -66,6 +66,11 @@
|
||||
"name": "4167",
|
||||
"refsource": "BID",
|
||||
"url": "http://www.securityfocus.com/bid/4167"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History",
|
||||
"url": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -66,6 +66,11 @@
|
||||
"name": "20030522 XMB 1.8 Partagium cross site scripting vulnerability",
|
||||
"refsource": "BUGTRAQ",
|
||||
"url": "http://marc.info/?l=bugtraq&m=105363936402228&w=2"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History",
|
||||
"url": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -56,6 +56,11 @@
|
||||
"name": "20030623 Many XSS Vulnerabilities in XMB Forum.",
|
||||
"refsource": "BUGTRAQ",
|
||||
"url": "http://marc.info/?l=bugtraq&m=105638720409307&w=2"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History",
|
||||
"url": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -81,6 +81,11 @@
|
||||
"name": "20040223 [waraxe-2004-SA#004] - Multiple vulnerabilities in XMB 1.8 Partagium Final SP2",
|
||||
"refsource": "BUGTRAQ",
|
||||
"url": "http://marc.info/?l=bugtraq&m=107756526625179&w=2"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History",
|
||||
"url": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -81,6 +81,11 @@
|
||||
"name": "20040326 [waraxe-2004-SA#012 - Multiple vulnerabilities in XMB Forum 1.8 SP3 and 1.9 beta]",
|
||||
"refsource": "BUGTRAQ",
|
||||
"url": "http://archives.neohapsis.com/archives/bugtraq/2004-03/0265.html"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History",
|
||||
"url": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -96,6 +96,11 @@
|
||||
"name": "14986",
|
||||
"refsource": "OSVDB",
|
||||
"url": "http://osvdb.org/14986"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History",
|
||||
"url": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -86,6 +86,11 @@
|
||||
"name": "14991",
|
||||
"refsource": "OSVDB",
|
||||
"url": "http://www.osvdb.org/14991"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History",
|
||||
"url": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -76,6 +76,11 @@
|
||||
"name": "16886",
|
||||
"refsource": "OSVDB",
|
||||
"url": "http://www.osvdb.org/16886"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History",
|
||||
"url": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -81,6 +81,11 @@
|
||||
"name": "20040326 [waraxe-2004-SA#012 - Multiple vulnerabilities in XMB Forum 1.8 SP3 and 1.9 beta]",
|
||||
"refsource": "BUGTRAQ",
|
||||
"url": "http://archives.neohapsis.com/archives/bugtraq/2004-03/0265.html"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History",
|
||||
"url": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -61,6 +61,11 @@
|
||||
"name": "1013515",
|
||||
"refsource": "SECTRACK",
|
||||
"url": "http://securitytracker.com/id?1013515"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History",
|
||||
"url": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -61,6 +61,11 @@
|
||||
"name": "http://forums.xmbforum.com/viewthread.php?tid=754523",
|
||||
"refsource": "MISC",
|
||||
"url": "http://forums.xmbforum.com/viewthread.php?tid=754523"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History",
|
||||
"url": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -61,6 +61,11 @@
|
||||
"name": "14523",
|
||||
"refsource": "BID",
|
||||
"url": "http://www.securityfocus.com/bid/14523"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History",
|
||||
"url": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -76,6 +76,11 @@
|
||||
"name": "17458",
|
||||
"refsource": "SECUNIA",
|
||||
"url": "http://secunia.com/advisories/17458"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History",
|
||||
"url": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -81,6 +81,11 @@
|
||||
"name": "1015237",
|
||||
"refsource": "SECTRACK",
|
||||
"url": "http://securitytracker.com/id?1015237"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History",
|
||||
"url": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -76,6 +76,11 @@
|
||||
"name": "ADV-2005-2488",
|
||||
"refsource": "VUPEN",
|
||||
"url": "http://www.vupen.com/english/advisories/2005/2488"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History",
|
||||
"url": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -66,6 +66,11 @@
|
||||
"name": "20060118 XMB Forum HTML Code Injection",
|
||||
"refsource": "BUGTRAQ",
|
||||
"url": "http://www.securityfocus.com/archive/1/422277/100/0/threaded"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History",
|
||||
"url": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -96,6 +96,11 @@
|
||||
"name": "http://www.gulftech.org/?node=research&article_id=00100-02122006",
|
||||
"refsource": "MISC",
|
||||
"url": "http://www.gulftech.org/?node=research&article_id=00100-02122006"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History",
|
||||
"url": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -86,6 +86,11 @@
|
||||
"name": "http://www.gulftech.org/?node=research&article_id=00100-02122006",
|
||||
"refsource": "MISC",
|
||||
"url": "http://www.gulftech.org/?node=research&article_id=00100-02122006"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History",
|
||||
"url": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -66,6 +66,11 @@
|
||||
"name": "20060409 XMB Forum 1.9.5-Final XSS",
|
||||
"refsource": "BUGTRAQ",
|
||||
"url": "http://www.securityfocus.com/archive/1/430432/100/0/threaded"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History",
|
||||
"url": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -76,6 +76,11 @@
|
||||
"name": "ADV-2006-3088",
|
||||
"refsource": "VUPEN",
|
||||
"url": "http://www.vupen.com/english/advisories/2006/3088"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History",
|
||||
"url": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -91,6 +91,11 @@
|
||||
"name": "19494",
|
||||
"refsource": "BID",
|
||||
"url": "http://www.securityfocus.com/bid/19494"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History",
|
||||
"url": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -71,6 +71,11 @@
|
||||
"name": "http://aria-security.com/forum/showthread.php?p=129",
|
||||
"refsource": "MISC",
|
||||
"url": "http://aria-security.com/forum/showthread.php?p=129"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History",
|
||||
"url": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -56,6 +56,11 @@
|
||||
"name": "http://forum.antichat.ru/showpost.php?p=340740",
|
||||
"refsource": "MISC",
|
||||
"url": "http://forum.antichat.ru/showpost.php?p=340740"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History",
|
||||
"url": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -1,17 +1,61 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2020-21992",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2020-21992",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Inim Electronics SmartLiving SmartLAN/G/SI <=6.x suffers from an authenticated remote command injection vulnerability. The issue exist due to the 'par' POST parameter not being sanitized when called with the 'testemail' module through web.cgi binary. The vulnerable CGI binary (ELF 32-bit LSB executable, ARM) is calling the 'sh' executable via the system() function to issue a command using the mailx service and its vulnerable string format parameter allowing for OS command injection with root privileges. An attacker can remotely execute system commands as the root user using default credentials and bypass access controls in place."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5544.php",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5544.php"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -1,17 +1,66 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2020-21995",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2020-21995",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Inim Electronics Smartliving SmartLAN/G/SI <=6.x uses default hardcoded credentials. An attacker could exploit this to gain Telnet, SSH and FTP access to the system."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5546.php",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5546.php"
|
||||
},
|
||||
{
|
||||
"refsource": "EXPLOIT-DB",
|
||||
"name": "Exploit Database",
|
||||
"url": "https://www.exploit-db.com/exploits/47763"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -1,17 +1,66 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2020-21997",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2020-21997",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Smartwares HOME easy <=1.0.9 is vulnerable to an unauthenticated database backup download and information disclosure vulnerability. An attacker could disclose sensitive and clear-text information resulting in authentication bypass, session hijacking and full system control."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5541.php",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5541.php"
|
||||
},
|
||||
{
|
||||
"refsource": "EXPLOIT-DB",
|
||||
"name": "Exploit Database",
|
||||
"url": "https://www.exploit-db.com/exploits/47596"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -1,17 +1,66 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2020-22002",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2020-22002",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "An Unauthenticated Server-Side Request Forgery (SSRF) vulnerability exists in Inim Electronics Smartliving SmartLAN/G/SI <=6.x within the GetImage functionality. The application parses user supplied data in the GET parameter 'host' to construct an image request to the service through onvif.cgi. Since no validation is carried out on the parameter, an attacker can specify an external domain and force the application to make an HTTP request to an arbitrary destination host."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5545.php",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5545.php"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/172839",
|
||||
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/172839"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -267,6 +267,11 @@
|
||||
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1640",
|
||||
"refsource": "MISC",
|
||||
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1640"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-493/",
|
||||
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-493/"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -4,14 +4,58 @@
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2021-20090",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "vulnreport@tenable.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Buffalo WSR-2533DHPL2, Buffalo WSR-2533DHP3",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "WSR-2533DHPL2 <=1.02, WSR-2533DHP3 <= 1.24"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Path Traversal"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.tenable.com/security/research/tra-2021-13",
|
||||
"url": "https://www.tenable.com/security/research/tra-2021-13"
|
||||
}
|
||||
]
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 could allow unauthenticated remote attackers to bypass authentication."
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -4,14 +4,58 @@
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2021-20091",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "vulnreport@tenable.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Buffalo WSR-2533DHPL2, Buffalo WSR-2533DHP3",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "WSR-2533DHPL2 <=1.02, WSR-2533DHP3 <= 1.24"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Static Code Injection"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.tenable.com/security/research/tra-2021-13",
|
||||
"url": "https://www.tenable.com/security/research/tra-2021-13"
|
||||
}
|
||||
]
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "The web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 do not properly sanitize user input. An authenticated remote attacker could leverage this vulnerability to alter device configuration, potentially gaining remote code execution."
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -4,14 +4,58 @@
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2021-20092",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "vulnreport@tenable.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Buffalo WSR-2533DHPL2, Buffalo WSR-2533DHP3",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "WSR-2533DHPL2 <=1.02, WSR-2533DHP3 <= 1.24"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Improper Access Control"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.tenable.com/security/research/tra-2021-13",
|
||||
"url": "https://www.tenable.com/security/research/tra-2021-13"
|
||||
}
|
||||
]
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "The web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 do not properly restrict access to sensitive information from an unauthorized actor."
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -4,14 +4,58 @@
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2021-20095",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "vulnreport@tenable.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Babel",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "2.9.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Directory Traversal / Arbitrary Code Execution"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.tenable.com/security/research/tra-2021-14",
|
||||
"url": "https://www.tenable.com/security/research/tra-2021-14"
|
||||
}
|
||||
]
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Relative Path Traversal in Babel 2.9.0 allows an attacker to load arbitrary locale files on disk and execute arbitrary code."
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -115,6 +115,16 @@
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20210428 ISC discloses three BIND vulnerabilities (CVE-2021-25214, CVE-2021-25215, and CVE-2021-25216)",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2021/04/29/1"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20210429 Re: ISC discloses three BIND vulnerabilities (CVE-2021-25214, CVE-2021-25215, and CVE-2021-25216)",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2021/04/29/2"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20210429 Re: ISC discloses three BIND vulnerabilities (CVE-2021-25214, CVE-2021-25215, and CVE-2021-25216)",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2021/04/29/3"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -111,6 +111,16 @@
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20210428 ISC discloses three BIND vulnerabilities (CVE-2021-25214, CVE-2021-25215, and CVE-2021-25216)",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2021/04/29/1"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20210429 Re: ISC discloses three BIND vulnerabilities (CVE-2021-25214, CVE-2021-25215, and CVE-2021-25216)",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2021/04/29/2"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20210429 Re: ISC discloses three BIND vulnerabilities (CVE-2021-25214, CVE-2021-25215, and CVE-2021-25216)",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2021/04/29/3"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -111,6 +111,16 @@
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20210428 ISC discloses three BIND vulnerabilities (CVE-2021-25214, CVE-2021-25215, and CVE-2021-25216)",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2021/04/29/1"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20210429 Re: ISC discloses three BIND vulnerabilities (CVE-2021-25214, CVE-2021-25215, and CVE-2021-25216)",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2021/04/29/2"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20210429 Re: ISC discloses three BIND vulnerabilities (CVE-2021-25214, CVE-2021-25215, and CVE-2021-25216)",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2021/04/29/3"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -282,6 +282,46 @@
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-482/",
|
||||
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-482/"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-499/",
|
||||
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-499/"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-494/",
|
||||
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-494/"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-497/",
|
||||
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-497/"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-501/",
|
||||
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-501/"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-500/",
|
||||
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-500/"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-496/",
|
||||
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-496/"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-498/",
|
||||
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-498/"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-495/",
|
||||
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-495/"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -4,14 +4,97 @@
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2021-27651",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "security@pega.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Pegasystems",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Pega Infinity",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": ">=",
|
||||
"version_value": "8.2.1"
|
||||
},
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_value": "8.5.2"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"credit": "Samuel Curry (@samwcyo), Brett Buerhaus (@bbuerhaus), Maik Robert (@xEHLE_), Justin Rhinehart (@sshell_)",
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-287: Improper Authentication"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvssv3": {
|
||||
"BM": {
|
||||
"AV": "N",
|
||||
"AC": "L",
|
||||
"PR": "N",
|
||||
"UI": "N",
|
||||
"S": "U",
|
||||
"C": "H",
|
||||
"I": "H",
|
||||
"A": "H",
|
||||
"SCORE": "9.8"
|
||||
},
|
||||
"TM": {
|
||||
"E": "F",
|
||||
"RL": "O",
|
||||
"RC": "C"
|
||||
},
|
||||
"EM": {
|
||||
"CR": "H",
|
||||
"IR": "H",
|
||||
"AR": "H",
|
||||
"MAV": "N",
|
||||
"MAC": "L",
|
||||
"MPR": "N",
|
||||
"MUI": "R",
|
||||
"MS": "U",
|
||||
"MC": "L",
|
||||
"MI": "L",
|
||||
"MA": "L"
|
||||
}
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://collaborate.pega.com/discussion/pega-security-advisory-a21-hotfix-matrix",
|
||||
"url": "https://collaborate.pega.com/discussion/pega-security-advisory-a21-hotfix-matrix"
|
||||
}
|
||||
]
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "In versions 8.2.1 through 8.5.2 of Pega Infinity, the password reset functionality for local accounts can be used to bypass local authentication checks."
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -1,17 +1,81 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2021-28280",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2021-28280",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "CSRF + Cross-site scripting (XSS) vulnerability in search.php in PHPFusion 9.03.110 allows remote attackers to inject arbitrary web script or HTML"
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://anotepad.com/notes/2skndayt",
|
||||
"refsource": "MISC",
|
||||
"name": "https://anotepad.com/notes/2skndayt"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/PHPFusion/PHPFusion/commit/08d6c2ea49bd06fcce32275252f5f25abe61965c",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/PHPFusion/PHPFusion/commit/08d6c2ea49bd06fcce32275252f5f25abe61965c"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/PHPFusion/PHPFusion/commit/fda266c3bb35c650a8c4c51b6923abdfb66ef5cd",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/PHPFusion/PHPFusion/commit/fda266c3bb35c650a8c4c51b6923abdfb66ef5cd"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/PHPFusion/PHPFusion/commit/1c2b32321cf11ed1cd3ff835f8da0d172c849ce6",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/PHPFusion/PHPFusion/commit/1c2b32321cf11ed1cd3ff835f8da0d172c849ce6"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/PHPFusion/PHPFusion/commit/da9f89ae70219f357fba6fffd2dae1ec886d8a3b",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/PHPFusion/PHPFusion/commit/da9f89ae70219f357fba6fffd2dae1ec886d8a3b"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -1,17 +1,61 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2021-28899",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2021-28899",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Vulnerability in the AC3AudioFileServerMediaSubsession, ADTSAudioFileServerMediaSubsession, and AMRAudioFileServerMediaSubsessionLive OnDemandServerMediaSubsession subclasses in Networks LIVE555 Streaming Media before 2021.3.16."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "http://lists.live555.com/pipermail/live-devel/2021-March/021891.html",
|
||||
"refsource": "MISC",
|
||||
"name": "http://lists.live555.com/pipermail/live-devel/2021-March/021891.html"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -1,17 +1,66 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2021-30027",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2021-30027",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "md_analyze_line in md4c.c in md4c 0.4.7 allows attackers to trigger use of uninitialized memory, and cause a denial of service via a malformed Markdown document."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://github.com/mity/md4c/issues/155",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/mity/md4c/issues/155"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/mity/md4c/commit/4fc808d8fe8d8904f8525bb4231d854f45e23a19",
|
||||
"url": "https://github.com/mity/md4c/commit/4fc808d8fe8d8904f8525bb4231d854f45e23a19"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -1,17 +1,66 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2021-30218",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2021-30218",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "samurai 1.2 has a NULL pointer dereference in writefile() in util.c via a crafted build file."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://github.com/michaelforney/samurai/issues/67",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/michaelforney/samurai/issues/67"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/michaelforney/samurai/commit/e84b6d99c85043fa1ba54851ee500540ec206918",
|
||||
"url": "https://github.com/michaelforney/samurai/commit/e84b6d99c85043fa1ba54851ee500540ec206918"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -1,17 +1,66 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2021-30219",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2021-30219",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "samurai 1.2 has a NULL pointer dereference in printstatus() function in build.c via a crafted build file."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://github.com/michaelforney/samurai/issues/68",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/michaelforney/samurai/issues/68"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/michaelforney/samurai/commit/d2af3bc375e2a77139c3a28d6128c60cd8d08655",
|
||||
"url": "https://github.com/michaelforney/samurai/commit/d2af3bc375e2a77139c3a28d6128c60cd8d08655"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -1,17 +1,66 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2021-30224",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2021-30224",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Cross Site Request Forgery (CSRF) in Rukovoditel v2.8.3 allows attackers to create an admin user with an arbitrary credentials."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://forum.rukovoditel.net/viewtopic.php?f=19&t=2760",
|
||||
"url": "https://forum.rukovoditel.net/viewtopic.php?f=19&t=2760"
|
||||
},
|
||||
{
|
||||
"url": "https://gist.github.com/victomteng1997/d5f2db1d37aed5792c28685068ec41e2",
|
||||
"refsource": "MISC",
|
||||
"name": "https://gist.github.com/victomteng1997/d5f2db1d37aed5792c28685068ec41e2"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -73,6 +73,16 @@
|
||||
"refsource": "MISC",
|
||||
"url": "https://lists.apache.org/thread.html/r37dab61fc7f7088d4311e7f995ef4117d58d86a675f0256caa6991eb%40%3Cusers.tapestry.apache.org%3E",
|
||||
"name": "https://lists.apache.org/thread.html/r37dab61fc7f7088d4311e7f995ef4117d58d86a675f0256caa6991eb%40%3Cusers.tapestry.apache.org%3E"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20210427 CVE-2021-30638: An Information Disclosure due to insufficient input validation exists in Apache Tapestry 5.4.0 and later",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2021/04/27/3"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-491/",
|
||||
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-491/"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
Loading…
x
Reference in New Issue
Block a user