From a4c204fdf885d49fb5c7d128b96872a0b8433a6e Mon Sep 17 00:00:00 2001 From: santosomar Date: Thu, 8 Jul 2021 15:09:33 +0000 Subject: [PATCH 01/35] Adding Cisco CVE-2021-1359 --- 2021/1xxx/CVE-2021-1359.json | 82 +++++++++++++++++++++++++++++++++--- 1 file changed, 75 insertions(+), 7 deletions(-) diff --git a/2021/1xxx/CVE-2021-1359.json b/2021/1xxx/CVE-2021-1359.json index 2ed2bb255e4..0973c092bff 100644 --- a/2021/1xxx/CVE-2021-1359.json +++ b/2021/1xxx/CVE-2021-1359.json @@ -1,18 +1,86 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "DATE_PUBLIC": "2021-07-07T16:00:00", "ID": "CVE-2021-1359", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Cisco Web Security Appliance Privilege Escalation Vulnerability" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cisco Web Security Appliance (WSA) ", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "Cisco" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": " A vulnerability in the configuration management of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to perform command injection and elevate privileges to root. This vulnerability is due to insufficient validation of user-supplied XML input for the web interface. An attacker could exploit this vulnerability by uploading crafted XML configuration files that contain scripting code to a vulnerable device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root. An attacker would need a valid user account with the rights to upload configuration files to exploit this vulnerability. " } ] + }, + "exploit": [ + { + "lang": "eng", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. " + } + ], + "impact": { + "cvss": { + "baseScore": "6.3", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L ", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-112" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20210707 Cisco Web Security Appliance Privilege Escalation Vulnerability", + "refsource": "CISCO", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-scr-web-priv-esc-k3HCGJZ" + } + ] + }, + "source": { + "advisory": "cisco-sa-scr-web-priv-esc-k3HCGJZ", + "defect": [ + [ + "CSCvv81569" + ] + ], + "discovery": "INTERNAL" } -} \ No newline at end of file +} From 7be492cc4173476bdda7ec5f2dab1b7b35aeed2e Mon Sep 17 00:00:00 2001 From: santosomar Date: Thu, 8 Jul 2021 15:09:49 +0000 Subject: [PATCH 02/35] Adding Cisco CVE-2021-1562 --- 2021/1xxx/CVE-2021-1562.json | 82 +++++++++++++++++++++++++++++++++--- 1 file changed, 75 insertions(+), 7 deletions(-) diff --git a/2021/1xxx/CVE-2021-1562.json b/2021/1xxx/CVE-2021-1562.json index b568ba4511f..165ff207484 100644 --- a/2021/1xxx/CVE-2021-1562.json +++ b/2021/1xxx/CVE-2021-1562.json @@ -1,18 +1,86 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "DATE_PUBLIC": "2021-07-07T16:00:00", "ID": "CVE-2021-1562", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Cisco BroadWorks Application Server Information Disclosure Vulnerability" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cisco BroadWorks ", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "Cisco" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "\r A vulnerability in the XSI-Actions interface of Cisco BroadWorks Application Server could allow an authenticated, remote attacker to access sensitive information on an affected system.\r This vulnerability is due to improper input validation and authorization of specific commands that a user can execute within the XSI-Actions interface. An attacker could exploit this vulnerability by authenticating to an affected device and issuing a specific set of commands. A successful exploit could allow the attacker to join a Call Center instance and have calls that they do not have permissions to access distributed to them from the Call Center queue.\r At the time of publication, Cisco had not released updates that address this vulnerability for Cisco BroadWorks Application Server. However, firmware patches are available. " } ] + }, + "exploit": [ + { + "lang": "eng", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. " + } + ], + "impact": { + "cvss": { + "baseScore": "4.3", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N ", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-200" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20210707 Cisco BroadWorks Application Server Information Disclosure Vulnerability", + "refsource": "CISCO", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-broad-as-inf-disc-ZUXGFFXQ" + } + ] + }, + "source": { + "advisory": "cisco-sa-broad-as-inf-disc-ZUXGFFXQ", + "defect": [ + [ + "CSCvv41798" + ] + ], + "discovery": "INTERNAL" } -} \ No newline at end of file +} From 4cdcb397375e3d2e314fd8607899b8a6b12fa07c Mon Sep 17 00:00:00 2001 From: santosomar Date: Thu, 8 Jul 2021 15:09:56 +0000 Subject: [PATCH 03/35] Adding Cisco CVE-2021-1574 --- 2021/1xxx/CVE-2021-1574.json | 84 +++++++++++++++++++++++++++++++++--- 1 file changed, 77 insertions(+), 7 deletions(-) diff --git a/2021/1xxx/CVE-2021-1574.json b/2021/1xxx/CVE-2021-1574.json index 253707bf3b4..58e01f0e367 100644 --- a/2021/1xxx/CVE-2021-1574.json +++ b/2021/1xxx/CVE-2021-1574.json @@ -1,18 +1,88 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "DATE_PUBLIC": "2021-07-07T16:00:00", "ID": "CVE-2021-1574", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Cisco Business Process Automation Privilege Escalation Vulnerabilities" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cisco Business Process Automation (BPA) ", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "Cisco" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple vulnerabilities in the web-based management interface of Cisco Business Process Automation (BPA) could allow an authenticated, remote attacker to elevate privileges to Administrator.\r These vulnerabilities are due to improper authorization enforcement for specific features and for access to log files that contain confidential information. An attacker could exploit these vulnerabilities either by submitting crafted HTTP messages to an affected system and performing unauthorized actions with the privileges of an administrator, or by retrieving sensitive data from the logs and using it to impersonate a legitimate privileged user. A successful exploit could allow the attacker to elevate privileges to Administrator.\r " } ] + }, + "exploit": [ + { + "lang": "eng", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. " + } + ], + "impact": { + "cvss": { + "baseScore": "8.8", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H ", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-285" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20210707 Cisco Business Process Automation Privilege Escalation Vulnerabilities", + "refsource": "CISCO", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bpa-priv-esc-dgubwbH4" + } + ] + }, + "source": { + "advisory": "cisco-sa-bpa-priv-esc-dgubwbH4", + "defect": [ + [ + "CSCvx72502", + "CSCvx72508", + "CSCvx72516" + ] + ], + "discovery": "INTERNAL" } -} \ No newline at end of file +} From da42c07cba8bd4299ea5c685939b2083b3dfa7bd Mon Sep 17 00:00:00 2001 From: santosomar Date: Thu, 8 Jul 2021 15:10:03 +0000 Subject: [PATCH 04/35] Adding Cisco CVE-2021-1575 --- 2021/1xxx/CVE-2021-1575.json | 82 +++++++++++++++++++++++++++++++++--- 1 file changed, 75 insertions(+), 7 deletions(-) diff --git a/2021/1xxx/CVE-2021-1575.json b/2021/1xxx/CVE-2021-1575.json index 72050e58183..a28097e178c 100644 --- a/2021/1xxx/CVE-2021-1575.json +++ b/2021/1xxx/CVE-2021-1575.json @@ -1,18 +1,86 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "DATE_PUBLIC": "2021-07-07T16:00:00", "ID": "CVE-2021-1575", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Cisco Virtualized Voice Browser Cross-Site Scripting Vulnerability" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cisco Virtualized Voice Browser ", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "Cisco" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "\r A vulnerability in the web-based management interface of Cisco Virtualized Voice Browser could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.\r This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.\r " } ] + }, + "exploit": [ + { + "lang": "eng", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. " + } + ], + "impact": { + "cvss": { + "baseScore": "6.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N ", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20210707 Cisco Virtualized Voice Browser Cross-Site Scripting Vulnerability", + "refsource": "CISCO", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vvb-xss-wG4zXRp3" + } + ] + }, + "source": { + "advisory": "cisco-sa-vvb-xss-wG4zXRp3", + "defect": [ + [ + "CSCvx89188" + ] + ], + "discovery": "INTERNAL" } -} \ No newline at end of file +} From 5015eb4673d1f925d7aa8abd5448c496679ae6ca Mon Sep 17 00:00:00 2001 From: santosomar Date: Thu, 8 Jul 2021 15:10:16 +0000 Subject: [PATCH 05/35] Adding Cisco CVE-2021-1576 --- 2021/1xxx/CVE-2021-1576.json | 84 +++++++++++++++++++++++++++++++++--- 1 file changed, 77 insertions(+), 7 deletions(-) diff --git a/2021/1xxx/CVE-2021-1576.json b/2021/1xxx/CVE-2021-1576.json index 7d79325d4a4..ec65c24e1f9 100644 --- a/2021/1xxx/CVE-2021-1576.json +++ b/2021/1xxx/CVE-2021-1576.json @@ -1,18 +1,88 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "DATE_PUBLIC": "2021-07-07T16:00:00", "ID": "CVE-2021-1576", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Cisco Business Process Automation Privilege Escalation Vulnerabilities" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cisco Business Process Automation (BPA) ", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "Cisco" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple vulnerabilities in the web-based management interface of Cisco Business Process Automation (BPA) could allow an authenticated, remote attacker to elevate privileges to Administrator.\r These vulnerabilities are due to improper authorization enforcement for specific features and for access to log files that contain confidential information. An attacker could exploit these vulnerabilities either by submitting crafted HTTP messages to an affected system and performing unauthorized actions with the privileges of an administrator, or by retrieving sensitive data from the logs and using it to impersonate a legitimate privileged user. A successful exploit could allow the attacker to elevate privileges to Administrator.\r " } ] + }, + "exploit": [ + { + "lang": "eng", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. " + } + ], + "impact": { + "cvss": { + "baseScore": "8.8", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H ", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-285" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20210707 Cisco Business Process Automation Privilege Escalation Vulnerabilities", + "refsource": "CISCO", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bpa-priv-esc-dgubwbH4" + } + ] + }, + "source": { + "advisory": "cisco-sa-bpa-priv-esc-dgubwbH4", + "defect": [ + [ + "CSCvx72502", + "CSCvx72508", + "CSCvx72516" + ] + ], + "discovery": "INTERNAL" } -} \ No newline at end of file +} From 28d33ccaad4947f68239d5e5205f86a873dbb26d Mon Sep 17 00:00:00 2001 From: santosomar Date: Thu, 8 Jul 2021 15:10:24 +0000 Subject: [PATCH 06/35] Adding Cisco CVE-2021-1585 --- 2021/1xxx/CVE-2021-1585.json | 82 +++++++++++++++++++++++++++++++++--- 1 file changed, 75 insertions(+), 7 deletions(-) diff --git a/2021/1xxx/CVE-2021-1585.json b/2021/1xxx/CVE-2021-1585.json index e1ef406718c..be7bae7a3a6 100644 --- a/2021/1xxx/CVE-2021-1585.json +++ b/2021/1xxx/CVE-2021-1585.json @@ -1,18 +1,86 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "DATE_PUBLIC": "2021-07-07T16:00:00", "ID": "CVE-2021-1585", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Cisco Adaptive Security Device Manager Remote Code Execution Vulnerability" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cisco Adaptive Security Appliance (ASA) Software ", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "Cisco" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "\r A vulnerability in the Cisco Adaptive Security Device Manager (ASDM) Launcher could allow an unauthenticated, remote attacker to execute arbitrary code on a user's operating system.\r This vulnerability is due to a lack of proper signature verification for specific code exchanged between the ASDM and the Launcher. An attacker could exploit this vulnerability by leveraging a man-in-the-middle position on the network to intercept the traffic between the Launcher and the ASDM and then inject arbitrary code. A successful exploit could allow the attacker to execute arbitrary code on the user's operating system with the level of privileges assigned to the ASDM Launcher. A successful exploit may require the attacker to perform a social engineering attack to persuade the user to initiate communication from the Launcher to the ASDM.\r " } ] + }, + "exploit": [ + { + "lang": "eng", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. " + } + ], + "impact": { + "cvss": { + "baseScore": "7.5", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H ", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-94" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20210707 Cisco Adaptive Security Device Manager Remote Code Execution Vulnerability", + "refsource": "CISCO", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asdm-rce-gqjShXW" + } + ] + }, + "source": { + "advisory": "cisco-sa-asdm-rce-gqjShXW", + "defect": [ + [ + "CSCvw79912" + ] + ], + "discovery": "INTERNAL" } -} \ No newline at end of file +} From 5a0e3a4fe342889ccd15c7b6c5322e6cf11f2efa Mon Sep 17 00:00:00 2001 From: santosomar Date: Thu, 8 Jul 2021 15:10:31 +0000 Subject: [PATCH 07/35] Adding Cisco CVE-2021-1595 --- 2021/1xxx/CVE-2021-1595.json | 82 +++++++++++++++++++++++++++++++++--- 1 file changed, 75 insertions(+), 7 deletions(-) diff --git a/2021/1xxx/CVE-2021-1595.json b/2021/1xxx/CVE-2021-1595.json index 720603ad3d1..305b4d92684 100644 --- a/2021/1xxx/CVE-2021-1595.json +++ b/2021/1xxx/CVE-2021-1595.json @@ -1,18 +1,86 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "DATE_PUBLIC": "2021-07-07T16:00:00", "ID": "CVE-2021-1595", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Cisco Video Surveillance 7000 Series IP Cameras Link Layer Discovery Protocol Memory Leak Vulnerabilities" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cisco Video Surveillance 7000 Series IP Cameras ", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "Cisco" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Video Surveillance 7000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause a memory leak, which could lead to a denial of service (DoS) condition on an affected device.\r These vulnerabilities are due to incorrect processing of certain LLDP packets at ingress time. An attacker could exploit these vulnerabilities by sending crafted LLDP packets to an affected device. A successful exploit could allow the attacker to cause the affected device to continuously consume memory, which could cause the device to crash and reload, resulting in a DoS condition.\r Note: LLDP is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).\r " } ] + }, + "exploit": [ + { + "lang": "eng", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. " + } + ], + "impact": { + "cvss": { + "baseScore": "6.5", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H ", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-401" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20210707 Cisco Video Surveillance 7000 Series IP Cameras Link Layer Discovery Protocol Memory Leak Vulnerabilities", + "refsource": "CISCO", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipcamera-lldp-mem-wGqundTq" + } + ] + }, + "source": { + "advisory": "cisco-sa-ipcamera-lldp-mem-wGqundTq", + "defect": [ + [ + "CSCvy61465" + ] + ], + "discovery": "INTERNAL" } -} \ No newline at end of file +} From 30b2762ee40a7225234b4f9ae83e8cd3c48aa40d Mon Sep 17 00:00:00 2001 From: santosomar Date: Thu, 8 Jul 2021 15:10:39 +0000 Subject: [PATCH 08/35] Adding Cisco CVE-2021-1596 --- 2021/1xxx/CVE-2021-1596.json | 82 +++++++++++++++++++++++++++++++++--- 1 file changed, 75 insertions(+), 7 deletions(-) diff --git a/2021/1xxx/CVE-2021-1596.json b/2021/1xxx/CVE-2021-1596.json index 68bfd1fb5b5..59a706ace3e 100644 --- a/2021/1xxx/CVE-2021-1596.json +++ b/2021/1xxx/CVE-2021-1596.json @@ -1,18 +1,86 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "DATE_PUBLIC": "2021-07-07T16:00:00", "ID": "CVE-2021-1596", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Cisco Video Surveillance 7000 Series IP Cameras Link Layer Discovery Protocol Memory Leak Vulnerabilities" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cisco Video Surveillance 7000 Series IP Cameras ", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "Cisco" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Video Surveillance 7000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause a memory leak, which could lead to a denial of service (DoS) condition on an affected device.\r These vulnerabilities are due to incorrect processing of certain LLDP packets at ingress time. An attacker could exploit these vulnerabilities by sending crafted LLDP packets to an affected device. A successful exploit could allow the attacker to cause the affected device to continuously consume memory, which could cause the device to crash and reload, resulting in a DoS condition.\r Note: LLDP is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).\r " } ] + }, + "exploit": [ + { + "lang": "eng", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. " + } + ], + "impact": { + "cvss": { + "baseScore": "6.5", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H ", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-401" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20210707 Cisco Video Surveillance 7000 Series IP Cameras Link Layer Discovery Protocol Memory Leak Vulnerabilities", + "refsource": "CISCO", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipcamera-lldp-mem-wGqundTq" + } + ] + }, + "source": { + "advisory": "cisco-sa-ipcamera-lldp-mem-wGqundTq", + "defect": [ + [ + "CSCvy61465" + ] + ], + "discovery": "INTERNAL" } -} \ No newline at end of file +} From 725126f693d19202f8741828b06dab3726a8cad2 Mon Sep 17 00:00:00 2001 From: santosomar Date: Thu, 8 Jul 2021 15:10:46 +0000 Subject: [PATCH 09/35] Adding Cisco CVE-2021-1597 --- 2021/1xxx/CVE-2021-1597.json | 82 +++++++++++++++++++++++++++++++++--- 1 file changed, 75 insertions(+), 7 deletions(-) diff --git a/2021/1xxx/CVE-2021-1597.json b/2021/1xxx/CVE-2021-1597.json index 7797024ecc5..023cb6a49c9 100644 --- a/2021/1xxx/CVE-2021-1597.json +++ b/2021/1xxx/CVE-2021-1597.json @@ -1,18 +1,86 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "DATE_PUBLIC": "2021-07-07T16:00:00", "ID": "CVE-2021-1597", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Cisco Video Surveillance 7000 Series IP Cameras Link Layer Discovery Protocol Memory Leak Vulnerabilities" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cisco Video Surveillance 7000 Series IP Cameras ", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "Cisco" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Video Surveillance 7000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause a memory leak, which could lead to a denial of service (DoS) condition on an affected device.\r These vulnerabilities are due to incorrect processing of certain LLDP packets at ingress time. An attacker could exploit these vulnerabilities by sending crafted LLDP packets to an affected device. A successful exploit could allow the attacker to cause the affected device to continuously consume memory, which could cause the device to crash and reload, resulting in a DoS condition.\r Note: LLDP is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).\r " } ] + }, + "exploit": [ + { + "lang": "eng", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. " + } + ], + "impact": { + "cvss": { + "baseScore": "6.5", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H ", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-401" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20210707 Cisco Video Surveillance 7000 Series IP Cameras Link Layer Discovery Protocol Memory Leak Vulnerabilities", + "refsource": "CISCO", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipcamera-lldp-mem-wGqundTq" + } + ] + }, + "source": { + "advisory": "cisco-sa-ipcamera-lldp-mem-wGqundTq", + "defect": [ + [ + "CSCvy61465" + ] + ], + "discovery": "INTERNAL" } -} \ No newline at end of file +} From 8e11a24a1da8df3bd1b00b15e6f32db8ce816b20 Mon Sep 17 00:00:00 2001 From: santosomar Date: Thu, 8 Jul 2021 15:10:53 +0000 Subject: [PATCH 10/35] Adding Cisco CVE-2021-1598 --- 2021/1xxx/CVE-2021-1598.json | 82 +++++++++++++++++++++++++++++++++--- 1 file changed, 75 insertions(+), 7 deletions(-) diff --git a/2021/1xxx/CVE-2021-1598.json b/2021/1xxx/CVE-2021-1598.json index f27e34ac68a..09b44e8008c 100644 --- a/2021/1xxx/CVE-2021-1598.json +++ b/2021/1xxx/CVE-2021-1598.json @@ -1,18 +1,86 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "DATE_PUBLIC": "2021-07-07T16:00:00", "ID": "CVE-2021-1598", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Cisco Video Surveillance 7000 Series IP Cameras Link Layer Discovery Protocol Memory Leak Vulnerabilities" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cisco Video Surveillance 7000 Series IP Cameras ", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "Cisco" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Video Surveillance 7000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause a memory leak, which could lead to a denial of service (DoS) condition on an affected device.\r These vulnerabilities are due to incorrect processing of certain LLDP packets at ingress time. An attacker could exploit these vulnerabilities by sending crafted LLDP packets to an affected device. A successful exploit could allow the attacker to cause the affected device to continuously consume memory, which could cause the device to crash and reload, resulting in a DoS condition.\r Note: LLDP is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).\r " } ] + }, + "exploit": [ + { + "lang": "eng", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. " + } + ], + "impact": { + "cvss": { + "baseScore": "6.5", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H ", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-401" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20210707 Cisco Video Surveillance 7000 Series IP Cameras Link Layer Discovery Protocol Memory Leak Vulnerabilities", + "refsource": "CISCO", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipcamera-lldp-mem-wGqundTq" + } + ] + }, + "source": { + "advisory": "cisco-sa-ipcamera-lldp-mem-wGqundTq", + "defect": [ + [ + "CSCvy61465" + ] + ], + "discovery": "INTERNAL" } -} \ No newline at end of file +} From a9c86fbcb61c7b8c492744509b53305430126193 Mon Sep 17 00:00:00 2001 From: santosomar Date: Thu, 8 Jul 2021 15:11:00 +0000 Subject: [PATCH 11/35] Adding Cisco CVE-2021-1603 --- 2021/1xxx/CVE-2021-1603.json | 86 +++++++++++++++++++++++++++++++++--- 1 file changed, 79 insertions(+), 7 deletions(-) diff --git a/2021/1xxx/CVE-2021-1603.json b/2021/1xxx/CVE-2021-1603.json index 57519de325f..a515ce9639f 100644 --- a/2021/1xxx/CVE-2021-1603.json +++ b/2021/1xxx/CVE-2021-1603.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "DATE_PUBLIC": "2021-07-07T16:00:00", "ID": "CVE-2021-1603", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cisco Identity Services Engine Software ", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "Cisco" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user.\r These vulnerabilities exist because the web-based management interface does not sufficiently validate user-supplied input. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker would need valid administrative credentials.\r " } ] + }, + "exploit": [ + { + "lang": "eng", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. " + } + ], + "impact": { + "cvss": { + "baseScore": "4.8", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N ", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20210707 Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities", + "refsource": "CISCO", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-stored-xss-TWwjVPdL" + } + ] + }, + "source": { + "advisory": "cisco-sa-ise-stored-xss-TWwjVPdL", + "defect": [ + [ + "CSCvv95150", + "CSCvw53652", + "CSCvw53661", + "CSCvw53668", + "CSCvw53683" + ] + ], + "discovery": "INTERNAL" } -} \ No newline at end of file +} From 1e62daa689fe21eb1c6c0a57418e64c0ee27719c Mon Sep 17 00:00:00 2001 From: santosomar Date: Thu, 8 Jul 2021 15:11:13 +0000 Subject: [PATCH 12/35] Adding Cisco CVE-2021-1604 --- 2021/1xxx/CVE-2021-1604.json | 86 +++++++++++++++++++++++++++++++++--- 1 file changed, 79 insertions(+), 7 deletions(-) diff --git a/2021/1xxx/CVE-2021-1604.json b/2021/1xxx/CVE-2021-1604.json index 2ef0467ae5e..20a1e5860e0 100644 --- a/2021/1xxx/CVE-2021-1604.json +++ b/2021/1xxx/CVE-2021-1604.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "DATE_PUBLIC": "2021-07-07T16:00:00", "ID": "CVE-2021-1604", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cisco Identity Services Engine Software ", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "Cisco" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user.\r These vulnerabilities exist because the web-based management interface does not sufficiently validate user-supplied input. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker would need valid administrative credentials.\r " } ] + }, + "exploit": [ + { + "lang": "eng", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. " + } + ], + "impact": { + "cvss": { + "baseScore": "4.8", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N ", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20210707 Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities", + "refsource": "CISCO", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-stored-xss-TWwjVPdL" + } + ] + }, + "source": { + "advisory": "cisco-sa-ise-stored-xss-TWwjVPdL", + "defect": [ + [ + "CSCvv95150", + "CSCvw53652", + "CSCvw53661", + "CSCvw53668", + "CSCvw53683" + ] + ], + "discovery": "INTERNAL" } -} \ No newline at end of file +} From ff1775f8c566209ee05844902079a70352a24690 Mon Sep 17 00:00:00 2001 From: santosomar Date: Thu, 8 Jul 2021 15:11:20 +0000 Subject: [PATCH 13/35] Adding Cisco CVE-2021-1605 --- 2021/1xxx/CVE-2021-1605.json | 86 +++++++++++++++++++++++++++++++++--- 1 file changed, 79 insertions(+), 7 deletions(-) diff --git a/2021/1xxx/CVE-2021-1605.json b/2021/1xxx/CVE-2021-1605.json index ebe8fa14847..3c586006e9c 100644 --- a/2021/1xxx/CVE-2021-1605.json +++ b/2021/1xxx/CVE-2021-1605.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "DATE_PUBLIC": "2021-07-07T16:00:00", "ID": "CVE-2021-1605", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cisco Identity Services Engine Software ", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "Cisco" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user.\r These vulnerabilities exist because the web-based management interface does not sufficiently validate user-supplied input. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker would need valid administrative credentials.\r " } ] + }, + "exploit": [ + { + "lang": "eng", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. " + } + ], + "impact": { + "cvss": { + "baseScore": "4.8", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N ", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20210707 Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities", + "refsource": "CISCO", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-stored-xss-TWwjVPdL" + } + ] + }, + "source": { + "advisory": "cisco-sa-ise-stored-xss-TWwjVPdL", + "defect": [ + [ + "CSCvv95150", + "CSCvw53652", + "CSCvw53661", + "CSCvw53668", + "CSCvw53683" + ] + ], + "discovery": "INTERNAL" } -} \ No newline at end of file +} From 000a31f6d07a0b999767734609e7f6c3cb80c3ec Mon Sep 17 00:00:00 2001 From: santosomar Date: Thu, 8 Jul 2021 15:11:28 +0000 Subject: [PATCH 14/35] Adding Cisco CVE-2021-1606 --- 2021/1xxx/CVE-2021-1606.json | 86 +++++++++++++++++++++++++++++++++--- 1 file changed, 79 insertions(+), 7 deletions(-) diff --git a/2021/1xxx/CVE-2021-1606.json b/2021/1xxx/CVE-2021-1606.json index 64d951a3f9a..124b5411633 100644 --- a/2021/1xxx/CVE-2021-1606.json +++ b/2021/1xxx/CVE-2021-1606.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "DATE_PUBLIC": "2021-07-07T16:00:00", "ID": "CVE-2021-1606", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cisco Identity Services Engine Software ", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "Cisco" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user.\r These vulnerabilities exist because the web-based management interface does not sufficiently validate user-supplied input. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker would need valid administrative credentials.\r " } ] + }, + "exploit": [ + { + "lang": "eng", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. " + } + ], + "impact": { + "cvss": { + "baseScore": "4.8", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N ", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20210707 Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities", + "refsource": "CISCO", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-stored-xss-TWwjVPdL" + } + ] + }, + "source": { + "advisory": "cisco-sa-ise-stored-xss-TWwjVPdL", + "defect": [ + [ + "CSCvv95150", + "CSCvw53652", + "CSCvw53661", + "CSCvw53668", + "CSCvw53683" + ] + ], + "discovery": "INTERNAL" } -} \ No newline at end of file +} From 372b7d79735e68af75dbfe4ef3979b3669552b10 Mon Sep 17 00:00:00 2001 From: santosomar Date: Thu, 8 Jul 2021 15:11:35 +0000 Subject: [PATCH 15/35] Adding Cisco CVE-2021-1607 --- 2021/1xxx/CVE-2021-1607.json | 86 +++++++++++++++++++++++++++++++++--- 1 file changed, 79 insertions(+), 7 deletions(-) diff --git a/2021/1xxx/CVE-2021-1607.json b/2021/1xxx/CVE-2021-1607.json index 148e70340d5..88b5926f2a4 100644 --- a/2021/1xxx/CVE-2021-1607.json +++ b/2021/1xxx/CVE-2021-1607.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "DATE_PUBLIC": "2021-07-07T16:00:00", "ID": "CVE-2021-1607", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cisco Identity Services Engine Software ", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "Cisco" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user.\r These vulnerabilities exist because the web-based management interface does not sufficiently validate user-supplied input. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker would need valid administrative credentials.\r " } ] + }, + "exploit": [ + { + "lang": "eng", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. " + } + ], + "impact": { + "cvss": { + "baseScore": "4.8", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N ", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20210707 Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities", + "refsource": "CISCO", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-stored-xss-TWwjVPdL" + } + ] + }, + "source": { + "advisory": "cisco-sa-ise-stored-xss-TWwjVPdL", + "defect": [ + [ + "CSCvv95150", + "CSCvw53652", + "CSCvw53661", + "CSCvw53668", + "CSCvw53683" + ] + ], + "discovery": "INTERNAL" } -} \ No newline at end of file +} From d25c393b82eeab4f1b75637dc40c8083237e571d Mon Sep 17 00:00:00 2001 From: Scott Moore - IBM Date: Thu, 8 Jul 2021 12:07:01 -0400 Subject: [PATCH 16/35] IBM20210708-1271 Added CVE-2021-29711 --- 2021/29xxx/CVE-2021-29711.json | 132 +++++++++++++++++++++++++++++---- 1 file changed, 117 insertions(+), 15 deletions(-) diff --git a/2021/29xxx/CVE-2021-29711.json b/2021/29xxx/CVE-2021-29711.json index 1c92e9e5c0e..b26ce155208 100644 --- a/2021/29xxx/CVE-2021-29711.json +++ b/2021/29xxx/CVE-2021-29711.json @@ -1,18 +1,120 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-29711", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ + "impact" : { + "cvssv3" : { + "BM" : { + "PR" : "H", + "S" : "U", + "AV" : "N", + "C" : "N", + "I" : "H", + "UI" : "N", + "AC" : "L", + "A" : "N", + "SCORE" : "4.900" + }, + "TM" : { + "RL" : "O", + "RC" : "C", + "E" : "U" + } + } + }, + "data_format" : "MITRE", + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "vendor_name" : "IBM", + "product" : { + "product_data" : [ + { + "product_name" : "UrbanCode Deploy", + "version" : { + "version_data" : [ + { + "version_value" : "6.2.7.3" + }, + { + "version_value" : "7.0.3.0" + }, + { + "version_value" : "7.0.4.0" + }, + { + "version_value" : "7.1.0.0" + }, + { + "version_value" : "6.2.7.4" + }, + { + "version_value" : "6.2.7.8" + }, + { + "version_value" : "7.1.1.0" + }, + { + "version_value" : "6.2.7.9" + }, + { + "version_value" : "7.0.5.4" + }, + { + "version_value" : "7.1.1.1" + }, + { + "version_value" : "7.1.1.2" + } + ] + } + } + ] + } } - ] - } -} \ No newline at end of file + ] + } + }, + "description" : { + "description_data" : [ + { + "value" : "IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 6.2.7.8 , 6.2.7.9, 7.0.3.0, 7.0.4.0, 7.0.5.4, 7.1.0.0, 7.1.1.0, 7.1.1.1, and 7.1.1.2 could allow an authenticated user with certain permissions to initiate an agent upgrade through the CLI interface. IBM X-Force ID: 200965.", + "lang" : "eng" + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "value" : "File Manipulation", + "lang" : "eng" + } + ] + } + ] + }, + "data_version" : "4.0", + "references" : { + "reference_data" : [ + { + "url" : "https://www.ibm.com/support/pages/node/6469941", + "title" : "IBM Security Bulletin 6469941 (UrbanCode Deploy)", + "name" : "https://www.ibm.com/support/pages/node/6469941", + "refsource" : "CONFIRM" + }, + { + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/200965", + "title" : "X-Force Vulnerability Report", + "name" : "ibm-ucd-cve202129711-improper-permissions (200965)", + "refsource" : "XF" + } + ] + }, + "data_type" : "CVE", + "CVE_data_meta" : { + "ID" : "CVE-2021-29711", + "ASSIGNER" : "psirt@us.ibm.com", + "STATE" : "PUBLIC", + "DATE_PUBLIC" : "2021-07-07T00:00:00" + } +} From 6ccc51197783828bb8dab4a50dd0f9dd6f446ab4 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 8 Jul 2021 17:00:55 +0000 Subject: [PATCH 17/35] "-Synchronized-Data." --- 2020/18xxx/CVE-2020-18741.json | 56 +++++++- 2021/24xxx/CVE-2021-24347.json | 5 + 2021/29xxx/CVE-2021-29711.json | 234 ++++++++++++++++----------------- 2021/31xxx/CVE-2021-31985.json | 5 + 2021/34xxx/CVE-2021-34609.json | 50 ++++++- 2021/34xxx/CVE-2021-34614.json | 50 ++++++- 6 files changed, 271 insertions(+), 129 deletions(-) diff --git a/2020/18xxx/CVE-2020-18741.json b/2020/18xxx/CVE-2020-18741.json index 67bc0a9dfc9..cda5fd4d4a5 100644 --- a/2020/18xxx/CVE-2020-18741.json +++ b/2020/18xxx/CVE-2020-18741.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-18741", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-18741", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper Authorization in ThinkSAAS v2.7 allows remote attackers to modify the description of any user's photo via the \"photoid%5B%5D\" and \"photodesc%5B%5D\" parameters in the component \"index.php?app=photo.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/thinksaas/ThinkSAAS/issues/19", + "refsource": "MISC", + "name": "https://github.com/thinksaas/ThinkSAAS/issues/19" } ] } diff --git a/2021/24xxx/CVE-2021-24347.json b/2021/24xxx/CVE-2021-24347.json index 7027e01f542..f8a6f764621 100644 --- a/2021/24xxx/CVE-2021-24347.json +++ b/2021/24xxx/CVE-2021-24347.json @@ -48,6 +48,11 @@ "refsource": "CONFIRM", "url": "https://wpscan.com/vulnerability/8f6e82d5-c0e9-468e-acb8-7cd549f6a45a", "name": "https://wpscan.com/vulnerability/8f6e82d5-c0e9-468e-acb8-7cd549f6a45a" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/163434/WordPress-SP-Project-And-Document-Manager-4.21-Shell-Upload.html", + "url": "http://packetstormsecurity.com/files/163434/WordPress-SP-Project-And-Document-Manager-4.21-Shell-Upload.html" } ] }, diff --git a/2021/29xxx/CVE-2021-29711.json b/2021/29xxx/CVE-2021-29711.json index b26ce155208..bd12c442ee4 100644 --- a/2021/29xxx/CVE-2021-29711.json +++ b/2021/29xxx/CVE-2021-29711.json @@ -1,120 +1,120 @@ { - "impact" : { - "cvssv3" : { - "BM" : { - "PR" : "H", - "S" : "U", - "AV" : "N", - "C" : "N", - "I" : "H", - "UI" : "N", - "AC" : "L", - "A" : "N", - "SCORE" : "4.900" - }, - "TM" : { - "RL" : "O", - "RC" : "C", - "E" : "U" - } - } - }, - "data_format" : "MITRE", - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "vendor_name" : "IBM", - "product" : { - "product_data" : [ - { - "product_name" : "UrbanCode Deploy", - "version" : { - "version_data" : [ - { - "version_value" : "6.2.7.3" - }, - { - "version_value" : "7.0.3.0" - }, - { - "version_value" : "7.0.4.0" - }, - { - "version_value" : "7.1.0.0" - }, - { - "version_value" : "6.2.7.4" - }, - { - "version_value" : "6.2.7.8" - }, - { - "version_value" : "7.1.1.0" - }, - { - "version_value" : "6.2.7.9" - }, - { - "version_value" : "7.0.5.4" - }, - { - "version_value" : "7.1.1.1" - }, - { - "version_value" : "7.1.1.2" - } - ] - } - } - ] - } + "impact": { + "cvssv3": { + "BM": { + "PR": "H", + "S": "U", + "AV": "N", + "C": "N", + "I": "H", + "UI": "N", + "AC": "L", + "A": "N", + "SCORE": "4.900" + }, + "TM": { + "RL": "O", + "RC": "C", + "E": "U" } - ] - } - }, - "description" : { - "description_data" : [ - { - "value" : "IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 6.2.7.8 , 6.2.7.9, 7.0.3.0, 7.0.4.0, 7.0.5.4, 7.1.0.0, 7.1.1.0, 7.1.1.1, and 7.1.1.2 could allow an authenticated user with certain permissions to initiate an agent upgrade through the CLI interface. IBM X-Force ID: 200965.", - "lang" : "eng" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "value" : "File Manipulation", - "lang" : "eng" - } + } + }, + "data_format": "MITRE", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "UrbanCode Deploy", + "version": { + "version_data": [ + { + "version_value": "6.2.7.3" + }, + { + "version_value": "7.0.3.0" + }, + { + "version_value": "7.0.4.0" + }, + { + "version_value": "7.1.0.0" + }, + { + "version_value": "6.2.7.4" + }, + { + "version_value": "6.2.7.8" + }, + { + "version_value": "7.1.1.0" + }, + { + "version_value": "6.2.7.9" + }, + { + "version_value": "7.0.5.4" + }, + { + "version_value": "7.1.1.1" + }, + { + "version_value": "7.1.1.2" + } + ] + } + } + ] + } + } ] - } - ] - }, - "data_version" : "4.0", - "references" : { - "reference_data" : [ - { - "url" : "https://www.ibm.com/support/pages/node/6469941", - "title" : "IBM Security Bulletin 6469941 (UrbanCode Deploy)", - "name" : "https://www.ibm.com/support/pages/node/6469941", - "refsource" : "CONFIRM" - }, - { - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/200965", - "title" : "X-Force Vulnerability Report", - "name" : "ibm-ucd-cve202129711-improper-permissions (200965)", - "refsource" : "XF" - } - ] - }, - "data_type" : "CVE", - "CVE_data_meta" : { - "ID" : "CVE-2021-29711", - "ASSIGNER" : "psirt@us.ibm.com", - "STATE" : "PUBLIC", - "DATE_PUBLIC" : "2021-07-07T00:00:00" - } -} + } + }, + "description": { + "description_data": [ + { + "value": "IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 6.2.7.8 , 6.2.7.9, 7.0.3.0, 7.0.4.0, 7.0.5.4, 7.1.0.0, 7.1.1.0, 7.1.1.1, and 7.1.1.2 could allow an authenticated user with certain permissions to initiate an agent upgrade through the CLI interface. IBM X-Force ID: 200965.", + "lang": "eng" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "File Manipulation", + "lang": "eng" + } + ] + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://www.ibm.com/support/pages/node/6469941", + "title": "IBM Security Bulletin 6469941 (UrbanCode Deploy)", + "name": "https://www.ibm.com/support/pages/node/6469941", + "refsource": "CONFIRM" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/200965", + "title": "X-Force Vulnerability Report", + "name": "ibm-ucd-cve202129711-improper-permissions (200965)", + "refsource": "XF" + } + ] + }, + "data_type": "CVE", + "CVE_data_meta": { + "ID": "CVE-2021-29711", + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC", + "DATE_PUBLIC": "2021-07-07T00:00:00" + } +} \ No newline at end of file diff --git a/2021/31xxx/CVE-2021-31985.json b/2021/31xxx/CVE-2021-31985.json index 06b79b40487..efa99ae2292 100644 --- a/2021/31xxx/CVE-2021-31985.json +++ b/2021/31xxx/CVE-2021-31985.json @@ -56,6 +56,11 @@ "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31985", "refsource": "MISC", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31985" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/163443/MpEngine-ASProtect-Embedded-Runtime-DLL-Memory-Corruption.html", + "url": "http://packetstormsecurity.com/files/163443/MpEngine-ASProtect-Embedded-Runtime-DLL-Memory-Corruption.html" } ] } diff --git a/2021/34xxx/CVE-2021-34609.json b/2021/34xxx/CVE-2021-34609.json index c7653289c49..077af4c124a 100644 --- a/2021/34xxx/CVE-2021-34609.json +++ b/2021/34xxx/CVE-2021-34609.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-34609", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-alert@hpe.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Aruba ClearPass Policy Manager", + "version": { + "version_data": [ + { + "version_value": "Prior to 6.10.0, 6.9.6 and 6.8.9" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "remote SQL injection" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-012.txt", + "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-012.txt" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A remote SQL injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability." } ] } diff --git a/2021/34xxx/CVE-2021-34614.json b/2021/34xxx/CVE-2021-34614.json index 709c816d22f..4f026fc8dad 100644 --- a/2021/34xxx/CVE-2021-34614.json +++ b/2021/34xxx/CVE-2021-34614.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-34614", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-alert@hpe.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Aruba ClearPass Policy Manager", + "version": { + "version_data": [ + { + "version_value": "Prior to 6.10.0, 6.9.6 and 6.8.9" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "remote arbitrary command execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-012.txt", + "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-012.txt" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability." } ] } From 396f9c4d054014ab2d93bca44953281e2ebab07a Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 8 Jul 2021 18:00:49 +0000 Subject: [PATCH 18/35] "-Synchronized-Data." --- 2020/20xxx/CVE-2020-20363.json | 66 ++++++++++++++++++++++++++++++---- 1 file changed, 60 insertions(+), 6 deletions(-) diff --git a/2020/20xxx/CVE-2020-20363.json b/2020/20xxx/CVE-2020-20363.json index bf83aabaac2..ed819b22b03 100644 --- a/2020/20xxx/CVE-2020-20363.json +++ b/2020/20xxx/CVE-2020-20363.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-20363", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-20363", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Crossi Site Scripting (XSS) vulnerability in PbootCMS 2.0.3 in admin.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://pbootcms.com", + "refsource": "MISC", + "name": "http://pbootcms.com" + }, + { + "url": "https://github.com/hnaoyun/PbootCMS", + "refsource": "MISC", + "name": "https://github.com/hnaoyun/PbootCMS" + }, + { + "url": "https://github.com/wind226/CVE/issues/1", + "refsource": "MISC", + "name": "https://github.com/wind226/CVE/issues/1" } ] } From 6651bf0756a2a73c3d8c152532b18afc7f32dfeb Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 8 Jul 2021 19:00:55 +0000 Subject: [PATCH 19/35] "-Synchronized-Data." --- 2020/23xxx/CVE-2020-23580.json | 56 ++++++++++++++++++++++++++++++---- 2021/1xxx/CVE-2021-1359.json | 4 +-- 2021/1xxx/CVE-2021-1562.json | 4 +-- 2021/1xxx/CVE-2021-1574.json | 4 +-- 2021/1xxx/CVE-2021-1575.json | 4 +-- 2021/1xxx/CVE-2021-1576.json | 4 +-- 2021/1xxx/CVE-2021-1585.json | 4 +-- 2021/1xxx/CVE-2021-1595.json | 4 +-- 2021/1xxx/CVE-2021-1596.json | 4 +-- 2021/1xxx/CVE-2021-1597.json | 4 +-- 2021/1xxx/CVE-2021-1598.json | 4 +-- 2021/1xxx/CVE-2021-1603.json | 4 +-- 2021/1xxx/CVE-2021-1604.json | 4 +-- 2021/1xxx/CVE-2021-1605.json | 4 +-- 2021/1xxx/CVE-2021-1606.json | 4 +-- 2021/1xxx/CVE-2021-1607.json | 4 +-- 2021/30xxx/CVE-2021-30485.json | 5 +++ 2021/31xxx/CVE-2021-31229.json | 5 +++ 2021/31xxx/CVE-2021-31347.json | 5 +++ 2021/31xxx/CVE-2021-31348.json | 5 +++ 2021/31xxx/CVE-2021-31598.json | 5 +++ 21 files changed, 105 insertions(+), 36 deletions(-) diff --git a/2020/23xxx/CVE-2020-23580.json b/2020/23xxx/CVE-2020-23580.json index 9c42d0e27c1..0f6f66105a8 100644 --- a/2020/23xxx/CVE-2020-23580.json +++ b/2020/23xxx/CVE-2020-23580.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-23580", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-23580", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Remote Code Execution vulnerability in PbootCMS 2.0.8 in the message board." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/DengyigeFeng/vuln/issues/1", + "refsource": "MISC", + "name": "https://github.com/DengyigeFeng/vuln/issues/1" } ] } diff --git a/2021/1xxx/CVE-2021-1359.json b/2021/1xxx/CVE-2021-1359.json index 0973c092bff..e63a33d56f2 100644 --- a/2021/1xxx/CVE-2021-1359.json +++ b/2021/1xxx/CVE-2021-1359.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": " A vulnerability in the configuration management of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to perform command injection and elevate privileges to root. This vulnerability is due to insufficient validation of user-supplied XML input for the web interface. An attacker could exploit this vulnerability by uploading crafted XML configuration files that contain scripting code to a vulnerable device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root. An attacker would need a valid user account with the rights to upload configuration files to exploit this vulnerability. " + "value": "A vulnerability in the configuration management of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to perform command injection and elevate privileges to root. This vulnerability is due to insufficient validation of user-supplied XML input for the web interface. An attacker could exploit this vulnerability by uploading crafted XML configuration files that contain scripting code to a vulnerable device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root. An attacker would need a valid user account with the rights to upload configuration files to exploit this vulnerability." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2021/1xxx/CVE-2021-1562.json b/2021/1xxx/CVE-2021-1562.json index 165ff207484..f50f7affb2f 100644 --- a/2021/1xxx/CVE-2021-1562.json +++ b/2021/1xxx/CVE-2021-1562.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the XSI-Actions interface of Cisco BroadWorks Application Server could allow an authenticated, remote attacker to access sensitive information on an affected system.\r This vulnerability is due to improper input validation and authorization of specific commands that a user can execute within the XSI-Actions interface. An attacker could exploit this vulnerability by authenticating to an affected device and issuing a specific set of commands. A successful exploit could allow the attacker to join a Call Center instance and have calls that they do not have permissions to access distributed to them from the Call Center queue.\r At the time of publication, Cisco had not released updates that address this vulnerability for Cisco BroadWorks Application Server. However, firmware patches are available. " + "value": "A vulnerability in the XSI-Actions interface of Cisco BroadWorks Application Server could allow an authenticated, remote attacker to access sensitive information on an affected system. This vulnerability is due to improper input validation and authorization of specific commands that a user can execute within the XSI-Actions interface. An attacker could exploit this vulnerability by authenticating to an affected device and issuing a specific set of commands. A successful exploit could allow the attacker to join a Call Center instance and have calls that they do not have permissions to access distributed to them from the Call Center queue. At the time of publication, Cisco had not released updates that address this vulnerability for Cisco BroadWorks Application Server. However, firmware patches are available." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2021/1xxx/CVE-2021-1574.json b/2021/1xxx/CVE-2021-1574.json index 58e01f0e367..59bcce458f7 100644 --- a/2021/1xxx/CVE-2021-1574.json +++ b/2021/1xxx/CVE-2021-1574.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "Multiple vulnerabilities in the web-based management interface of Cisco Business Process Automation (BPA) could allow an authenticated, remote attacker to elevate privileges to Administrator.\r These vulnerabilities are due to improper authorization enforcement for specific features and for access to log files that contain confidential information. An attacker could exploit these vulnerabilities either by submitting crafted HTTP messages to an affected system and performing unauthorized actions with the privileges of an administrator, or by retrieving sensitive data from the logs and using it to impersonate a legitimate privileged user. A successful exploit could allow the attacker to elevate privileges to Administrator.\r " + "value": "Multiple vulnerabilities in the web-based management interface of Cisco Business Process Automation (BPA) could allow an authenticated, remote attacker to elevate privileges to Administrator. These vulnerabilities are due to improper authorization enforcement for specific features and for access to log files that contain confidential information. An attacker could exploit these vulnerabilities either by submitting crafted HTTP messages to an affected system and performing unauthorized actions with the privileges of an administrator, or by retrieving sensitive data from the logs and using it to impersonate a legitimate privileged user. A successful exploit could allow the attacker to elevate privileges to Administrator." } ] }, @@ -85,4 +85,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2021/1xxx/CVE-2021-1575.json b/2021/1xxx/CVE-2021-1575.json index a28097e178c..108f0f1e46f 100644 --- a/2021/1xxx/CVE-2021-1575.json +++ b/2021/1xxx/CVE-2021-1575.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the web-based management interface of Cisco Virtualized Voice Browser could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.\r This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.\r " + "value": "A vulnerability in the web-based management interface of Cisco Virtualized Voice Browser could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2021/1xxx/CVE-2021-1576.json b/2021/1xxx/CVE-2021-1576.json index ec65c24e1f9..3c031a06af2 100644 --- a/2021/1xxx/CVE-2021-1576.json +++ b/2021/1xxx/CVE-2021-1576.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "Multiple vulnerabilities in the web-based management interface of Cisco Business Process Automation (BPA) could allow an authenticated, remote attacker to elevate privileges to Administrator.\r These vulnerabilities are due to improper authorization enforcement for specific features and for access to log files that contain confidential information. An attacker could exploit these vulnerabilities either by submitting crafted HTTP messages to an affected system and performing unauthorized actions with the privileges of an administrator, or by retrieving sensitive data from the logs and using it to impersonate a legitimate privileged user. A successful exploit could allow the attacker to elevate privileges to Administrator.\r " + "value": "Multiple vulnerabilities in the web-based management interface of Cisco Business Process Automation (BPA) could allow an authenticated, remote attacker to elevate privileges to Administrator. These vulnerabilities are due to improper authorization enforcement for specific features and for access to log files that contain confidential information. An attacker could exploit these vulnerabilities either by submitting crafted HTTP messages to an affected system and performing unauthorized actions with the privileges of an administrator, or by retrieving sensitive data from the logs and using it to impersonate a legitimate privileged user. A successful exploit could allow the attacker to elevate privileges to Administrator." } ] }, @@ -85,4 +85,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2021/1xxx/CVE-2021-1585.json b/2021/1xxx/CVE-2021-1585.json index be7bae7a3a6..f0bc8794f56 100644 --- a/2021/1xxx/CVE-2021-1585.json +++ b/2021/1xxx/CVE-2021-1585.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the Cisco Adaptive Security Device Manager (ASDM) Launcher could allow an unauthenticated, remote attacker to execute arbitrary code on a user's operating system.\r This vulnerability is due to a lack of proper signature verification for specific code exchanged between the ASDM and the Launcher. An attacker could exploit this vulnerability by leveraging a man-in-the-middle position on the network to intercept the traffic between the Launcher and the ASDM and then inject arbitrary code. A successful exploit could allow the attacker to execute arbitrary code on the user's operating system with the level of privileges assigned to the ASDM Launcher. A successful exploit may require the attacker to perform a social engineering attack to persuade the user to initiate communication from the Launcher to the ASDM.\r " + "value": "A vulnerability in the Cisco Adaptive Security Device Manager (ASDM) Launcher could allow an unauthenticated, remote attacker to execute arbitrary code on a user's operating system. This vulnerability is due to a lack of proper signature verification for specific code exchanged between the ASDM and the Launcher. An attacker could exploit this vulnerability by leveraging a man-in-the-middle position on the network to intercept the traffic between the Launcher and the ASDM and then inject arbitrary code. A successful exploit could allow the attacker to execute arbitrary code on the user's operating system with the level of privileges assigned to the ASDM Launcher. A successful exploit may require the attacker to perform a social engineering attack to persuade the user to initiate communication from the Launcher to the ASDM." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2021/1xxx/CVE-2021-1595.json b/2021/1xxx/CVE-2021-1595.json index 305b4d92684..2827b455ff4 100644 --- a/2021/1xxx/CVE-2021-1595.json +++ b/2021/1xxx/CVE-2021-1595.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Video Surveillance 7000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause a memory leak, which could lead to a denial of service (DoS) condition on an affected device.\r These vulnerabilities are due to incorrect processing of certain LLDP packets at ingress time. An attacker could exploit these vulnerabilities by sending crafted LLDP packets to an affected device. A successful exploit could allow the attacker to cause the affected device to continuously consume memory, which could cause the device to crash and reload, resulting in a DoS condition.\r Note: LLDP is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).\r " + "value": "Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Video Surveillance 7000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause a memory leak, which could lead to a denial of service (DoS) condition on an affected device. These vulnerabilities are due to incorrect processing of certain LLDP packets at ingress time. An attacker could exploit these vulnerabilities by sending crafted LLDP packets to an affected device. A successful exploit could allow the attacker to cause the affected device to continuously consume memory, which could cause the device to crash and reload, resulting in a DoS condition. Note: LLDP is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent)." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2021/1xxx/CVE-2021-1596.json b/2021/1xxx/CVE-2021-1596.json index 59a706ace3e..ca9a7d3258e 100644 --- a/2021/1xxx/CVE-2021-1596.json +++ b/2021/1xxx/CVE-2021-1596.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Video Surveillance 7000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause a memory leak, which could lead to a denial of service (DoS) condition on an affected device.\r These vulnerabilities are due to incorrect processing of certain LLDP packets at ingress time. An attacker could exploit these vulnerabilities by sending crafted LLDP packets to an affected device. A successful exploit could allow the attacker to cause the affected device to continuously consume memory, which could cause the device to crash and reload, resulting in a DoS condition.\r Note: LLDP is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).\r " + "value": "Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Video Surveillance 7000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause a memory leak, which could lead to a denial of service (DoS) condition on an affected device. These vulnerabilities are due to incorrect processing of certain LLDP packets at ingress time. An attacker could exploit these vulnerabilities by sending crafted LLDP packets to an affected device. A successful exploit could allow the attacker to cause the affected device to continuously consume memory, which could cause the device to crash and reload, resulting in a DoS condition. Note: LLDP is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent)." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2021/1xxx/CVE-2021-1597.json b/2021/1xxx/CVE-2021-1597.json index 023cb6a49c9..d955fdc2436 100644 --- a/2021/1xxx/CVE-2021-1597.json +++ b/2021/1xxx/CVE-2021-1597.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Video Surveillance 7000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause a memory leak, which could lead to a denial of service (DoS) condition on an affected device.\r These vulnerabilities are due to incorrect processing of certain LLDP packets at ingress time. An attacker could exploit these vulnerabilities by sending crafted LLDP packets to an affected device. A successful exploit could allow the attacker to cause the affected device to continuously consume memory, which could cause the device to crash and reload, resulting in a DoS condition.\r Note: LLDP is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).\r " + "value": "Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Video Surveillance 7000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause a memory leak, which could lead to a denial of service (DoS) condition on an affected device. These vulnerabilities are due to incorrect processing of certain LLDP packets at ingress time. An attacker could exploit these vulnerabilities by sending crafted LLDP packets to an affected device. A successful exploit could allow the attacker to cause the affected device to continuously consume memory, which could cause the device to crash and reload, resulting in a DoS condition. Note: LLDP is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent)." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2021/1xxx/CVE-2021-1598.json b/2021/1xxx/CVE-2021-1598.json index 09b44e8008c..0965bfa35ee 100644 --- a/2021/1xxx/CVE-2021-1598.json +++ b/2021/1xxx/CVE-2021-1598.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Video Surveillance 7000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause a memory leak, which could lead to a denial of service (DoS) condition on an affected device.\r These vulnerabilities are due to incorrect processing of certain LLDP packets at ingress time. An attacker could exploit these vulnerabilities by sending crafted LLDP packets to an affected device. A successful exploit could allow the attacker to cause the affected device to continuously consume memory, which could cause the device to crash and reload, resulting in a DoS condition.\r Note: LLDP is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).\r " + "value": "Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Video Surveillance 7000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause a memory leak, which could lead to a denial of service (DoS) condition on an affected device. These vulnerabilities are due to incorrect processing of certain LLDP packets at ingress time. An attacker could exploit these vulnerabilities by sending crafted LLDP packets to an affected device. A successful exploit could allow the attacker to cause the affected device to continuously consume memory, which could cause the device to crash and reload, resulting in a DoS condition. Note: LLDP is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent)." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2021/1xxx/CVE-2021-1603.json b/2021/1xxx/CVE-2021-1603.json index a515ce9639f..6f91dd477b5 100644 --- a/2021/1xxx/CVE-2021-1603.json +++ b/2021/1xxx/CVE-2021-1603.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user.\r These vulnerabilities exist because the web-based management interface does not sufficiently validate user-supplied input. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker would need valid administrative credentials.\r " + "value": "Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user. These vulnerabilities exist because the web-based management interface does not sufficiently validate user-supplied input. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker would need valid administrative credentials." } ] }, @@ -87,4 +87,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2021/1xxx/CVE-2021-1604.json b/2021/1xxx/CVE-2021-1604.json index 20a1e5860e0..0c1bfb41a52 100644 --- a/2021/1xxx/CVE-2021-1604.json +++ b/2021/1xxx/CVE-2021-1604.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user.\r These vulnerabilities exist because the web-based management interface does not sufficiently validate user-supplied input. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker would need valid administrative credentials.\r " + "value": "Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user. These vulnerabilities exist because the web-based management interface does not sufficiently validate user-supplied input. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker would need valid administrative credentials." } ] }, @@ -87,4 +87,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2021/1xxx/CVE-2021-1605.json b/2021/1xxx/CVE-2021-1605.json index 3c586006e9c..4aa6b6987ca 100644 --- a/2021/1xxx/CVE-2021-1605.json +++ b/2021/1xxx/CVE-2021-1605.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user.\r These vulnerabilities exist because the web-based management interface does not sufficiently validate user-supplied input. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker would need valid administrative credentials.\r " + "value": "Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user. These vulnerabilities exist because the web-based management interface does not sufficiently validate user-supplied input. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker would need valid administrative credentials." } ] }, @@ -87,4 +87,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2021/1xxx/CVE-2021-1606.json b/2021/1xxx/CVE-2021-1606.json index 124b5411633..a978d63cfbb 100644 --- a/2021/1xxx/CVE-2021-1606.json +++ b/2021/1xxx/CVE-2021-1606.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user.\r These vulnerabilities exist because the web-based management interface does not sufficiently validate user-supplied input. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker would need valid administrative credentials.\r " + "value": "Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user. These vulnerabilities exist because the web-based management interface does not sufficiently validate user-supplied input. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker would need valid administrative credentials." } ] }, @@ -87,4 +87,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2021/1xxx/CVE-2021-1607.json b/2021/1xxx/CVE-2021-1607.json index 88b5926f2a4..6ff5fc4093f 100644 --- a/2021/1xxx/CVE-2021-1607.json +++ b/2021/1xxx/CVE-2021-1607.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user.\r These vulnerabilities exist because the web-based management interface does not sufficiently validate user-supplied input. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker would need valid administrative credentials.\r " + "value": "Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user. These vulnerabilities exist because the web-based management interface does not sufficiently validate user-supplied input. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker would need valid administrative credentials." } ] }, @@ -87,4 +87,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2021/30xxx/CVE-2021-30485.json b/2021/30xxx/CVE-2021-30485.json index c1eaf609ca7..ad55f9016d9 100644 --- a/2021/30xxx/CVE-2021-30485.json +++ b/2021/30xxx/CVE-2021-30485.json @@ -56,6 +56,11 @@ "refsource": "MISC", "name": "https://sourceforge.net/p/ezxml/bugs/25/", "url": "https://sourceforge.net/p/ezxml/bugs/25/" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20210708 [SECURITY] [DLA 2705-1] scilab security update", + "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00005.html" } ] } diff --git a/2021/31xxx/CVE-2021-31229.json b/2021/31xxx/CVE-2021-31229.json index e8051cbed4c..7c9d1efb24a 100644 --- a/2021/31xxx/CVE-2021-31229.json +++ b/2021/31xxx/CVE-2021-31229.json @@ -56,6 +56,11 @@ "refsource": "MISC", "name": "https://sourceforge.net/p/ezxml/bugs/26/", "url": "https://sourceforge.net/p/ezxml/bugs/26/" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20210708 [SECURITY] [DLA 2705-1] scilab security update", + "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00005.html" } ] } diff --git a/2021/31xxx/CVE-2021-31347.json b/2021/31xxx/CVE-2021-31347.json index 42c153277f1..30c0d8fc5ed 100644 --- a/2021/31xxx/CVE-2021-31347.json +++ b/2021/31xxx/CVE-2021-31347.json @@ -56,6 +56,11 @@ "refsource": "MISC", "name": "https://sourceforge.net/p/ezxml/bugs/27/", "url": "https://sourceforge.net/p/ezxml/bugs/27/" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20210708 [SECURITY] [DLA 2705-1] scilab security update", + "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00005.html" } ] } diff --git a/2021/31xxx/CVE-2021-31348.json b/2021/31xxx/CVE-2021-31348.json index 4be42e00a70..ee07d18b0db 100644 --- a/2021/31xxx/CVE-2021-31348.json +++ b/2021/31xxx/CVE-2021-31348.json @@ -56,6 +56,11 @@ "refsource": "MISC", "name": "https://sourceforge.net/p/ezxml/bugs/27/", "url": "https://sourceforge.net/p/ezxml/bugs/27/" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20210708 [SECURITY] [DLA 2705-1] scilab security update", + "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00005.html" } ] } diff --git a/2021/31xxx/CVE-2021-31598.json b/2021/31xxx/CVE-2021-31598.json index 8b46a94efa9..0226c64d984 100644 --- a/2021/31xxx/CVE-2021-31598.json +++ b/2021/31xxx/CVE-2021-31598.json @@ -56,6 +56,11 @@ "refsource": "MISC", "name": "https://sourceforge.net/p/ezxml/bugs/28/", "url": "https://sourceforge.net/p/ezxml/bugs/28/" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20210708 [SECURITY] [DLA 2705-1] scilab security update", + "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00005.html" } ] } From ebd07c2ba25de96331cbc15a59c8ae2ffa6eb60e Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 8 Jul 2021 20:00:49 +0000 Subject: [PATCH 20/35] "-Synchronized-Data." --- 2021/34xxx/CVE-2021-34612.json | 50 ++++++++++++++++++++++++++++++++-- 2021/34xxx/CVE-2021-34613.json | 50 ++++++++++++++++++++++++++++++++-- 2021/34xxx/CVE-2021-34615.json | 50 ++++++++++++++++++++++++++++++++-- 2021/36xxx/CVE-2021-36236.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36237.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36238.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36239.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36240.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36241.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36242.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36243.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36244.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36245.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36246.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36247.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36248.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36249.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36250.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36251.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36252.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36253.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36254.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36255.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36256.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36257.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36258.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36259.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36260.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36261.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36262.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36263.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36264.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36265.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36266.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36267.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36268.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36269.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36270.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36271.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36272.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36273.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36274.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36275.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36276.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36277.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36278.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36279.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36280.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36281.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36282.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36283.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36284.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36285.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36343.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36344.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36345.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36346.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36347.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36348.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36349.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36350.json | 18 ++++++++++++ 61 files changed, 1185 insertions(+), 9 deletions(-) create mode 100644 2021/36xxx/CVE-2021-36236.json create mode 100644 2021/36xxx/CVE-2021-36237.json create mode 100644 2021/36xxx/CVE-2021-36238.json create mode 100644 2021/36xxx/CVE-2021-36239.json create mode 100644 2021/36xxx/CVE-2021-36240.json create mode 100644 2021/36xxx/CVE-2021-36241.json create mode 100644 2021/36xxx/CVE-2021-36242.json create mode 100644 2021/36xxx/CVE-2021-36243.json create mode 100644 2021/36xxx/CVE-2021-36244.json create mode 100644 2021/36xxx/CVE-2021-36245.json create mode 100644 2021/36xxx/CVE-2021-36246.json create mode 100644 2021/36xxx/CVE-2021-36247.json create mode 100644 2021/36xxx/CVE-2021-36248.json create mode 100644 2021/36xxx/CVE-2021-36249.json create mode 100644 2021/36xxx/CVE-2021-36250.json create mode 100644 2021/36xxx/CVE-2021-36251.json create mode 100644 2021/36xxx/CVE-2021-36252.json create mode 100644 2021/36xxx/CVE-2021-36253.json create mode 100644 2021/36xxx/CVE-2021-36254.json create mode 100644 2021/36xxx/CVE-2021-36255.json create mode 100644 2021/36xxx/CVE-2021-36256.json create mode 100644 2021/36xxx/CVE-2021-36257.json create mode 100644 2021/36xxx/CVE-2021-36258.json create mode 100644 2021/36xxx/CVE-2021-36259.json create mode 100644 2021/36xxx/CVE-2021-36260.json create mode 100644 2021/36xxx/CVE-2021-36261.json create mode 100644 2021/36xxx/CVE-2021-36262.json create mode 100644 2021/36xxx/CVE-2021-36263.json create mode 100644 2021/36xxx/CVE-2021-36264.json create mode 100644 2021/36xxx/CVE-2021-36265.json create mode 100644 2021/36xxx/CVE-2021-36266.json create mode 100644 2021/36xxx/CVE-2021-36267.json create mode 100644 2021/36xxx/CVE-2021-36268.json create mode 100644 2021/36xxx/CVE-2021-36269.json create mode 100644 2021/36xxx/CVE-2021-36270.json create mode 100644 2021/36xxx/CVE-2021-36271.json create mode 100644 2021/36xxx/CVE-2021-36272.json create mode 100644 2021/36xxx/CVE-2021-36273.json create mode 100644 2021/36xxx/CVE-2021-36274.json create mode 100644 2021/36xxx/CVE-2021-36275.json create mode 100644 2021/36xxx/CVE-2021-36276.json create mode 100644 2021/36xxx/CVE-2021-36277.json create mode 100644 2021/36xxx/CVE-2021-36278.json create mode 100644 2021/36xxx/CVE-2021-36279.json create mode 100644 2021/36xxx/CVE-2021-36280.json create mode 100644 2021/36xxx/CVE-2021-36281.json create mode 100644 2021/36xxx/CVE-2021-36282.json create mode 100644 2021/36xxx/CVE-2021-36283.json create mode 100644 2021/36xxx/CVE-2021-36284.json create mode 100644 2021/36xxx/CVE-2021-36285.json create mode 100644 2021/36xxx/CVE-2021-36343.json create mode 100644 2021/36xxx/CVE-2021-36344.json create mode 100644 2021/36xxx/CVE-2021-36345.json create mode 100644 2021/36xxx/CVE-2021-36346.json create mode 100644 2021/36xxx/CVE-2021-36347.json create mode 100644 2021/36xxx/CVE-2021-36348.json create mode 100644 2021/36xxx/CVE-2021-36349.json create mode 100644 2021/36xxx/CVE-2021-36350.json diff --git a/2021/34xxx/CVE-2021-34612.json b/2021/34xxx/CVE-2021-34612.json index a389f0da795..a352b8bd84c 100644 --- a/2021/34xxx/CVE-2021-34612.json +++ b/2021/34xxx/CVE-2021-34612.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-34612", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-alert@hpe.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Aruba ClearPass Policy Manager", + "version": { + "version_data": [ + { + "version_value": "Prior to 6.10.0, 6.9.6 and 6.8.9" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "remote arbitrary command execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-012.txt", + "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-012.txt" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability." } ] } diff --git a/2021/34xxx/CVE-2021-34613.json b/2021/34xxx/CVE-2021-34613.json index 6c5ec274a47..185593387aa 100644 --- a/2021/34xxx/CVE-2021-34613.json +++ b/2021/34xxx/CVE-2021-34613.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-34613", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-alert@hpe.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Aruba ClearPass Policy Manager", + "version": { + "version_data": [ + { + "version_value": "Prior to 6.10.0, 6.9.6 and 6.8.9" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "remote arbitrary command execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-012.txt", + "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-012.txt" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability." } ] } diff --git a/2021/34xxx/CVE-2021-34615.json b/2021/34xxx/CVE-2021-34615.json index 0601c371881..785566241f4 100644 --- a/2021/34xxx/CVE-2021-34615.json +++ b/2021/34xxx/CVE-2021-34615.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-34615", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-alert@hpe.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Aruba ClearPass Policy Manager", + "version": { + "version_data": [ + { + "version_value": "Prior to 6.10.0, 6.9.6 and 6.8.9" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "remote arbitrary command execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-012.txt", + "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-012.txt" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability." } ] } diff --git a/2021/36xxx/CVE-2021-36236.json b/2021/36xxx/CVE-2021-36236.json new file mode 100644 index 00000000000..2a60ceec655 --- /dev/null +++ b/2021/36xxx/CVE-2021-36236.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36236", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36237.json b/2021/36xxx/CVE-2021-36237.json new file mode 100644 index 00000000000..fc0617b7975 --- /dev/null +++ b/2021/36xxx/CVE-2021-36237.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36237", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36238.json b/2021/36xxx/CVE-2021-36238.json new file mode 100644 index 00000000000..de31a39b395 --- /dev/null +++ b/2021/36xxx/CVE-2021-36238.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36238", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36239.json b/2021/36xxx/CVE-2021-36239.json new file mode 100644 index 00000000000..80d74b67b8c --- /dev/null +++ b/2021/36xxx/CVE-2021-36239.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36239", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36240.json b/2021/36xxx/CVE-2021-36240.json new file mode 100644 index 00000000000..34e03e5897d --- /dev/null +++ b/2021/36xxx/CVE-2021-36240.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36240", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36241.json b/2021/36xxx/CVE-2021-36241.json new file mode 100644 index 00000000000..66caa46af3d --- /dev/null +++ b/2021/36xxx/CVE-2021-36241.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36241", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36242.json b/2021/36xxx/CVE-2021-36242.json new file mode 100644 index 00000000000..9bf92f64a4a --- /dev/null +++ b/2021/36xxx/CVE-2021-36242.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36242", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36243.json b/2021/36xxx/CVE-2021-36243.json new file mode 100644 index 00000000000..6be3a71ec29 --- /dev/null +++ b/2021/36xxx/CVE-2021-36243.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36243", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36244.json b/2021/36xxx/CVE-2021-36244.json new file mode 100644 index 00000000000..d58361f0a99 --- /dev/null +++ b/2021/36xxx/CVE-2021-36244.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36244", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36245.json b/2021/36xxx/CVE-2021-36245.json new file mode 100644 index 00000000000..1c77ae0b79f --- /dev/null +++ b/2021/36xxx/CVE-2021-36245.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36245", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36246.json b/2021/36xxx/CVE-2021-36246.json new file mode 100644 index 00000000000..2b83d214b54 --- /dev/null +++ b/2021/36xxx/CVE-2021-36246.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36246", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36247.json b/2021/36xxx/CVE-2021-36247.json new file mode 100644 index 00000000000..f8c5bcb4a9d --- /dev/null +++ b/2021/36xxx/CVE-2021-36247.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36247", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36248.json b/2021/36xxx/CVE-2021-36248.json new file mode 100644 index 00000000000..0abadcc2990 --- /dev/null +++ b/2021/36xxx/CVE-2021-36248.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36248", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36249.json b/2021/36xxx/CVE-2021-36249.json new file mode 100644 index 00000000000..6ee1dd124e9 --- /dev/null +++ b/2021/36xxx/CVE-2021-36249.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36249", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36250.json b/2021/36xxx/CVE-2021-36250.json new file mode 100644 index 00000000000..fa11812d0a1 --- /dev/null +++ b/2021/36xxx/CVE-2021-36250.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36250", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36251.json b/2021/36xxx/CVE-2021-36251.json new file mode 100644 index 00000000000..f767cf76261 --- /dev/null +++ b/2021/36xxx/CVE-2021-36251.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36251", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36252.json b/2021/36xxx/CVE-2021-36252.json new file mode 100644 index 00000000000..f4a4cae6ec0 --- /dev/null +++ b/2021/36xxx/CVE-2021-36252.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36252", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36253.json b/2021/36xxx/CVE-2021-36253.json new file mode 100644 index 00000000000..1f8898ae5a9 --- /dev/null +++ b/2021/36xxx/CVE-2021-36253.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36253", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36254.json b/2021/36xxx/CVE-2021-36254.json new file mode 100644 index 00000000000..ee53d9e2a64 --- /dev/null +++ b/2021/36xxx/CVE-2021-36254.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36254", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36255.json b/2021/36xxx/CVE-2021-36255.json new file mode 100644 index 00000000000..eaba97590bb --- /dev/null +++ b/2021/36xxx/CVE-2021-36255.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36255", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36256.json b/2021/36xxx/CVE-2021-36256.json new file mode 100644 index 00000000000..0621b357aa2 --- /dev/null +++ b/2021/36xxx/CVE-2021-36256.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36256", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36257.json b/2021/36xxx/CVE-2021-36257.json new file mode 100644 index 00000000000..f4869756d08 --- /dev/null +++ b/2021/36xxx/CVE-2021-36257.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36257", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36258.json b/2021/36xxx/CVE-2021-36258.json new file mode 100644 index 00000000000..451b45f266c --- /dev/null +++ b/2021/36xxx/CVE-2021-36258.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36258", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36259.json b/2021/36xxx/CVE-2021-36259.json new file mode 100644 index 00000000000..c79c8f1bae4 --- /dev/null +++ b/2021/36xxx/CVE-2021-36259.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36259", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36260.json b/2021/36xxx/CVE-2021-36260.json new file mode 100644 index 00000000000..0d5936a4a2c --- /dev/null +++ b/2021/36xxx/CVE-2021-36260.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36260", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36261.json b/2021/36xxx/CVE-2021-36261.json new file mode 100644 index 00000000000..8f123e16361 --- /dev/null +++ b/2021/36xxx/CVE-2021-36261.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36261", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36262.json b/2021/36xxx/CVE-2021-36262.json new file mode 100644 index 00000000000..5365365a39e --- /dev/null +++ b/2021/36xxx/CVE-2021-36262.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36262", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36263.json b/2021/36xxx/CVE-2021-36263.json new file mode 100644 index 00000000000..ee791a0a816 --- /dev/null +++ b/2021/36xxx/CVE-2021-36263.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36263", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36264.json b/2021/36xxx/CVE-2021-36264.json new file mode 100644 index 00000000000..ca5de9314a1 --- /dev/null +++ b/2021/36xxx/CVE-2021-36264.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36264", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36265.json b/2021/36xxx/CVE-2021-36265.json new file mode 100644 index 00000000000..27bbcf8bd42 --- /dev/null +++ b/2021/36xxx/CVE-2021-36265.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36265", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36266.json b/2021/36xxx/CVE-2021-36266.json new file mode 100644 index 00000000000..eae434cd016 --- /dev/null +++ b/2021/36xxx/CVE-2021-36266.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36266", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36267.json b/2021/36xxx/CVE-2021-36267.json new file mode 100644 index 00000000000..b7384dbaa6f --- /dev/null +++ b/2021/36xxx/CVE-2021-36267.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36267", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36268.json b/2021/36xxx/CVE-2021-36268.json new file mode 100644 index 00000000000..17c6dbc8762 --- /dev/null +++ b/2021/36xxx/CVE-2021-36268.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36268", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36269.json b/2021/36xxx/CVE-2021-36269.json new file mode 100644 index 00000000000..52370c16c23 --- /dev/null +++ b/2021/36xxx/CVE-2021-36269.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36269", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36270.json b/2021/36xxx/CVE-2021-36270.json new file mode 100644 index 00000000000..93a96d35760 --- /dev/null +++ b/2021/36xxx/CVE-2021-36270.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36270", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36271.json b/2021/36xxx/CVE-2021-36271.json new file mode 100644 index 00000000000..4a2d6a9cbab --- /dev/null +++ b/2021/36xxx/CVE-2021-36271.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36271", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36272.json b/2021/36xxx/CVE-2021-36272.json new file mode 100644 index 00000000000..e17e562d310 --- /dev/null +++ b/2021/36xxx/CVE-2021-36272.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36272", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36273.json b/2021/36xxx/CVE-2021-36273.json new file mode 100644 index 00000000000..693b60dc483 --- /dev/null +++ b/2021/36xxx/CVE-2021-36273.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36273", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36274.json b/2021/36xxx/CVE-2021-36274.json new file mode 100644 index 00000000000..5d52b6b7119 --- /dev/null +++ b/2021/36xxx/CVE-2021-36274.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36274", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36275.json b/2021/36xxx/CVE-2021-36275.json new file mode 100644 index 00000000000..f7c18ea2bde --- /dev/null +++ b/2021/36xxx/CVE-2021-36275.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36275", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36276.json b/2021/36xxx/CVE-2021-36276.json new file mode 100644 index 00000000000..3b63aa51abb --- /dev/null +++ b/2021/36xxx/CVE-2021-36276.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36276", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36277.json b/2021/36xxx/CVE-2021-36277.json new file mode 100644 index 00000000000..381f65538d9 --- /dev/null +++ b/2021/36xxx/CVE-2021-36277.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36277", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36278.json b/2021/36xxx/CVE-2021-36278.json new file mode 100644 index 00000000000..c30e0e7720f --- /dev/null +++ b/2021/36xxx/CVE-2021-36278.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36278", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36279.json b/2021/36xxx/CVE-2021-36279.json new file mode 100644 index 00000000000..c0b5903a18d --- /dev/null +++ b/2021/36xxx/CVE-2021-36279.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36279", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36280.json b/2021/36xxx/CVE-2021-36280.json new file mode 100644 index 00000000000..41b39e4a96a --- /dev/null +++ b/2021/36xxx/CVE-2021-36280.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36280", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36281.json b/2021/36xxx/CVE-2021-36281.json new file mode 100644 index 00000000000..115c68b7902 --- /dev/null +++ b/2021/36xxx/CVE-2021-36281.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36281", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36282.json b/2021/36xxx/CVE-2021-36282.json new file mode 100644 index 00000000000..4017a1116c5 --- /dev/null +++ b/2021/36xxx/CVE-2021-36282.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36282", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36283.json b/2021/36xxx/CVE-2021-36283.json new file mode 100644 index 00000000000..519fec0e372 --- /dev/null +++ b/2021/36xxx/CVE-2021-36283.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36283", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36284.json b/2021/36xxx/CVE-2021-36284.json new file mode 100644 index 00000000000..250ffe503e6 --- /dev/null +++ b/2021/36xxx/CVE-2021-36284.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36284", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36285.json b/2021/36xxx/CVE-2021-36285.json new file mode 100644 index 00000000000..dbf4e53a3f7 --- /dev/null +++ b/2021/36xxx/CVE-2021-36285.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36285", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36343.json b/2021/36xxx/CVE-2021-36343.json new file mode 100644 index 00000000000..4c1f5dc3627 --- /dev/null +++ b/2021/36xxx/CVE-2021-36343.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36343", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36344.json b/2021/36xxx/CVE-2021-36344.json new file mode 100644 index 00000000000..a2b16519171 --- /dev/null +++ b/2021/36xxx/CVE-2021-36344.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36344", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36345.json b/2021/36xxx/CVE-2021-36345.json new file mode 100644 index 00000000000..d7e20efd839 --- /dev/null +++ b/2021/36xxx/CVE-2021-36345.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36345", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36346.json b/2021/36xxx/CVE-2021-36346.json new file mode 100644 index 00000000000..8e381b55f1b --- /dev/null +++ b/2021/36xxx/CVE-2021-36346.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36346", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36347.json b/2021/36xxx/CVE-2021-36347.json new file mode 100644 index 00000000000..293cf3d17d0 --- /dev/null +++ b/2021/36xxx/CVE-2021-36347.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36347", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36348.json b/2021/36xxx/CVE-2021-36348.json new file mode 100644 index 00000000000..b90327208bc --- /dev/null +++ b/2021/36xxx/CVE-2021-36348.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36348", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36349.json b/2021/36xxx/CVE-2021-36349.json new file mode 100644 index 00000000000..4c0bb24fe32 --- /dev/null +++ b/2021/36xxx/CVE-2021-36349.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36349", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36350.json b/2021/36xxx/CVE-2021-36350.json new file mode 100644 index 00000000000..0e8cb52a533 --- /dev/null +++ b/2021/36xxx/CVE-2021-36350.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36350", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file From feb5e399e71fa3a099ff132132a289927451cf7d Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 8 Jul 2021 20:01:07 +0000 Subject: [PATCH 21/35] "-Synchronized-Data." --- 2021/36xxx/CVE-2021-36286.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36287.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36288.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36289.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36290.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36291.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36292.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36293.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36294.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36295.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36296.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36297.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36298.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36299.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36300.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36301.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36302.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36303.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36304.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36305.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36306.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36307.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36308.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36309.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36310.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36311.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36312.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36313.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36314.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36315.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36316.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36317.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36318.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36319.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36320.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36321.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36322.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36323.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36324.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36325.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36326.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36327.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36328.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36329.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36330.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36331.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36332.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36333.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36334.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36335.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36336.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36337.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36338.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36339.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36340.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36341.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36342.json | 18 ++++++++++++++++++ 57 files changed, 1026 insertions(+) create mode 100644 2021/36xxx/CVE-2021-36286.json create mode 100644 2021/36xxx/CVE-2021-36287.json create mode 100644 2021/36xxx/CVE-2021-36288.json create mode 100644 2021/36xxx/CVE-2021-36289.json create mode 100644 2021/36xxx/CVE-2021-36290.json create mode 100644 2021/36xxx/CVE-2021-36291.json create mode 100644 2021/36xxx/CVE-2021-36292.json create mode 100644 2021/36xxx/CVE-2021-36293.json create mode 100644 2021/36xxx/CVE-2021-36294.json create mode 100644 2021/36xxx/CVE-2021-36295.json create mode 100644 2021/36xxx/CVE-2021-36296.json create mode 100644 2021/36xxx/CVE-2021-36297.json create mode 100644 2021/36xxx/CVE-2021-36298.json create mode 100644 2021/36xxx/CVE-2021-36299.json create mode 100644 2021/36xxx/CVE-2021-36300.json create mode 100644 2021/36xxx/CVE-2021-36301.json create mode 100644 2021/36xxx/CVE-2021-36302.json create mode 100644 2021/36xxx/CVE-2021-36303.json create mode 100644 2021/36xxx/CVE-2021-36304.json create mode 100644 2021/36xxx/CVE-2021-36305.json create mode 100644 2021/36xxx/CVE-2021-36306.json create mode 100644 2021/36xxx/CVE-2021-36307.json create mode 100644 2021/36xxx/CVE-2021-36308.json create mode 100644 2021/36xxx/CVE-2021-36309.json create mode 100644 2021/36xxx/CVE-2021-36310.json create mode 100644 2021/36xxx/CVE-2021-36311.json create mode 100644 2021/36xxx/CVE-2021-36312.json create mode 100644 2021/36xxx/CVE-2021-36313.json create mode 100644 2021/36xxx/CVE-2021-36314.json create mode 100644 2021/36xxx/CVE-2021-36315.json create mode 100644 2021/36xxx/CVE-2021-36316.json create mode 100644 2021/36xxx/CVE-2021-36317.json create mode 100644 2021/36xxx/CVE-2021-36318.json create mode 100644 2021/36xxx/CVE-2021-36319.json create mode 100644 2021/36xxx/CVE-2021-36320.json create mode 100644 2021/36xxx/CVE-2021-36321.json create mode 100644 2021/36xxx/CVE-2021-36322.json create mode 100644 2021/36xxx/CVE-2021-36323.json create mode 100644 2021/36xxx/CVE-2021-36324.json create mode 100644 2021/36xxx/CVE-2021-36325.json create mode 100644 2021/36xxx/CVE-2021-36326.json create mode 100644 2021/36xxx/CVE-2021-36327.json create mode 100644 2021/36xxx/CVE-2021-36328.json create mode 100644 2021/36xxx/CVE-2021-36329.json create mode 100644 2021/36xxx/CVE-2021-36330.json create mode 100644 2021/36xxx/CVE-2021-36331.json create mode 100644 2021/36xxx/CVE-2021-36332.json create mode 100644 2021/36xxx/CVE-2021-36333.json create mode 100644 2021/36xxx/CVE-2021-36334.json create mode 100644 2021/36xxx/CVE-2021-36335.json create mode 100644 2021/36xxx/CVE-2021-36336.json create mode 100644 2021/36xxx/CVE-2021-36337.json create mode 100644 2021/36xxx/CVE-2021-36338.json create mode 100644 2021/36xxx/CVE-2021-36339.json create mode 100644 2021/36xxx/CVE-2021-36340.json create mode 100644 2021/36xxx/CVE-2021-36341.json create mode 100644 2021/36xxx/CVE-2021-36342.json diff --git a/2021/36xxx/CVE-2021-36286.json b/2021/36xxx/CVE-2021-36286.json new file mode 100644 index 00000000000..9f362fdcd4c --- /dev/null +++ b/2021/36xxx/CVE-2021-36286.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36286", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36287.json b/2021/36xxx/CVE-2021-36287.json new file mode 100644 index 00000000000..75562f29e70 --- /dev/null +++ b/2021/36xxx/CVE-2021-36287.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36287", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36288.json b/2021/36xxx/CVE-2021-36288.json new file mode 100644 index 00000000000..a71b2264529 --- /dev/null +++ b/2021/36xxx/CVE-2021-36288.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36288", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36289.json b/2021/36xxx/CVE-2021-36289.json new file mode 100644 index 00000000000..b5c047ae6d7 --- /dev/null +++ b/2021/36xxx/CVE-2021-36289.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36289", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36290.json b/2021/36xxx/CVE-2021-36290.json new file mode 100644 index 00000000000..94cbac441f3 --- /dev/null +++ b/2021/36xxx/CVE-2021-36290.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36290", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36291.json b/2021/36xxx/CVE-2021-36291.json new file mode 100644 index 00000000000..9e31aea8ba1 --- /dev/null +++ b/2021/36xxx/CVE-2021-36291.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36291", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36292.json b/2021/36xxx/CVE-2021-36292.json new file mode 100644 index 00000000000..294670ddd0d --- /dev/null +++ b/2021/36xxx/CVE-2021-36292.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36292", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36293.json b/2021/36xxx/CVE-2021-36293.json new file mode 100644 index 00000000000..bba2eca5c8e --- /dev/null +++ b/2021/36xxx/CVE-2021-36293.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36293", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36294.json b/2021/36xxx/CVE-2021-36294.json new file mode 100644 index 00000000000..62725d83f3d --- /dev/null +++ b/2021/36xxx/CVE-2021-36294.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36294", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36295.json b/2021/36xxx/CVE-2021-36295.json new file mode 100644 index 00000000000..f43106b1894 --- /dev/null +++ b/2021/36xxx/CVE-2021-36295.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36295", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36296.json b/2021/36xxx/CVE-2021-36296.json new file mode 100644 index 00000000000..0f881229702 --- /dev/null +++ b/2021/36xxx/CVE-2021-36296.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36296", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36297.json b/2021/36xxx/CVE-2021-36297.json new file mode 100644 index 00000000000..cbb1f773b40 --- /dev/null +++ b/2021/36xxx/CVE-2021-36297.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36297", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36298.json b/2021/36xxx/CVE-2021-36298.json new file mode 100644 index 00000000000..725614368db --- /dev/null +++ b/2021/36xxx/CVE-2021-36298.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36298", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36299.json b/2021/36xxx/CVE-2021-36299.json new file mode 100644 index 00000000000..d6b4c07c397 --- /dev/null +++ b/2021/36xxx/CVE-2021-36299.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36299", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36300.json b/2021/36xxx/CVE-2021-36300.json new file mode 100644 index 00000000000..fb9a59e3e6d --- /dev/null +++ b/2021/36xxx/CVE-2021-36300.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36300", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36301.json b/2021/36xxx/CVE-2021-36301.json new file mode 100644 index 00000000000..5ab7ca62c46 --- /dev/null +++ b/2021/36xxx/CVE-2021-36301.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36301", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36302.json b/2021/36xxx/CVE-2021-36302.json new file mode 100644 index 00000000000..a84ff0c1f39 --- /dev/null +++ b/2021/36xxx/CVE-2021-36302.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36302", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36303.json b/2021/36xxx/CVE-2021-36303.json new file mode 100644 index 00000000000..10d7d298fff --- /dev/null +++ b/2021/36xxx/CVE-2021-36303.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36303", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36304.json b/2021/36xxx/CVE-2021-36304.json new file mode 100644 index 00000000000..473ca33a93b --- /dev/null +++ b/2021/36xxx/CVE-2021-36304.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36304", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36305.json b/2021/36xxx/CVE-2021-36305.json new file mode 100644 index 00000000000..57d70a72300 --- /dev/null +++ b/2021/36xxx/CVE-2021-36305.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36305", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36306.json b/2021/36xxx/CVE-2021-36306.json new file mode 100644 index 00000000000..d3e5891bcd5 --- /dev/null +++ b/2021/36xxx/CVE-2021-36306.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36306", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36307.json b/2021/36xxx/CVE-2021-36307.json new file mode 100644 index 00000000000..86a3d5e8349 --- /dev/null +++ b/2021/36xxx/CVE-2021-36307.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36307", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36308.json b/2021/36xxx/CVE-2021-36308.json new file mode 100644 index 00000000000..880839044fc --- /dev/null +++ b/2021/36xxx/CVE-2021-36308.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36308", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36309.json b/2021/36xxx/CVE-2021-36309.json new file mode 100644 index 00000000000..3c930729476 --- /dev/null +++ b/2021/36xxx/CVE-2021-36309.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36309", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36310.json b/2021/36xxx/CVE-2021-36310.json new file mode 100644 index 00000000000..04681687ce6 --- /dev/null +++ b/2021/36xxx/CVE-2021-36310.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36310", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36311.json b/2021/36xxx/CVE-2021-36311.json new file mode 100644 index 00000000000..4dc439b02d2 --- /dev/null +++ b/2021/36xxx/CVE-2021-36311.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36311", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36312.json b/2021/36xxx/CVE-2021-36312.json new file mode 100644 index 00000000000..07252439458 --- /dev/null +++ b/2021/36xxx/CVE-2021-36312.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36312", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36313.json b/2021/36xxx/CVE-2021-36313.json new file mode 100644 index 00000000000..1a51ee11f15 --- /dev/null +++ b/2021/36xxx/CVE-2021-36313.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36313", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36314.json b/2021/36xxx/CVE-2021-36314.json new file mode 100644 index 00000000000..2def28fc7d4 --- /dev/null +++ b/2021/36xxx/CVE-2021-36314.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36314", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36315.json b/2021/36xxx/CVE-2021-36315.json new file mode 100644 index 00000000000..83c0cd5e50d --- /dev/null +++ b/2021/36xxx/CVE-2021-36315.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36315", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36316.json b/2021/36xxx/CVE-2021-36316.json new file mode 100644 index 00000000000..3840e0a66e1 --- /dev/null +++ b/2021/36xxx/CVE-2021-36316.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36316", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36317.json b/2021/36xxx/CVE-2021-36317.json new file mode 100644 index 00000000000..72d04192c1e --- /dev/null +++ b/2021/36xxx/CVE-2021-36317.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36317", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36318.json b/2021/36xxx/CVE-2021-36318.json new file mode 100644 index 00000000000..8f1ef918ce9 --- /dev/null +++ b/2021/36xxx/CVE-2021-36318.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36318", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36319.json b/2021/36xxx/CVE-2021-36319.json new file mode 100644 index 00000000000..41ddd253dfe --- /dev/null +++ b/2021/36xxx/CVE-2021-36319.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36319", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36320.json b/2021/36xxx/CVE-2021-36320.json new file mode 100644 index 00000000000..41e7d977e86 --- /dev/null +++ b/2021/36xxx/CVE-2021-36320.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36320", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36321.json b/2021/36xxx/CVE-2021-36321.json new file mode 100644 index 00000000000..2fb2254be78 --- /dev/null +++ b/2021/36xxx/CVE-2021-36321.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36321", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36322.json b/2021/36xxx/CVE-2021-36322.json new file mode 100644 index 00000000000..3eb79e9a607 --- /dev/null +++ b/2021/36xxx/CVE-2021-36322.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36322", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36323.json b/2021/36xxx/CVE-2021-36323.json new file mode 100644 index 00000000000..a3159c28570 --- /dev/null +++ b/2021/36xxx/CVE-2021-36323.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36323", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36324.json b/2021/36xxx/CVE-2021-36324.json new file mode 100644 index 00000000000..0d1a2b59790 --- /dev/null +++ b/2021/36xxx/CVE-2021-36324.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36324", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36325.json b/2021/36xxx/CVE-2021-36325.json new file mode 100644 index 00000000000..b660f34aca4 --- /dev/null +++ b/2021/36xxx/CVE-2021-36325.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36325", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36326.json b/2021/36xxx/CVE-2021-36326.json new file mode 100644 index 00000000000..292536cfd55 --- /dev/null +++ b/2021/36xxx/CVE-2021-36326.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36326", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36327.json b/2021/36xxx/CVE-2021-36327.json new file mode 100644 index 00000000000..320835f9491 --- /dev/null +++ b/2021/36xxx/CVE-2021-36327.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36327", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36328.json b/2021/36xxx/CVE-2021-36328.json new file mode 100644 index 00000000000..8ba00bf6896 --- /dev/null +++ b/2021/36xxx/CVE-2021-36328.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36328", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36329.json b/2021/36xxx/CVE-2021-36329.json new file mode 100644 index 00000000000..ebe95a2d824 --- /dev/null +++ b/2021/36xxx/CVE-2021-36329.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36329", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36330.json b/2021/36xxx/CVE-2021-36330.json new file mode 100644 index 00000000000..6e0a3fa8926 --- /dev/null +++ b/2021/36xxx/CVE-2021-36330.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36330", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36331.json b/2021/36xxx/CVE-2021-36331.json new file mode 100644 index 00000000000..20c2cbebb36 --- /dev/null +++ b/2021/36xxx/CVE-2021-36331.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36331", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36332.json b/2021/36xxx/CVE-2021-36332.json new file mode 100644 index 00000000000..2e6940f5b3a --- /dev/null +++ b/2021/36xxx/CVE-2021-36332.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36332", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36333.json b/2021/36xxx/CVE-2021-36333.json new file mode 100644 index 00000000000..1fa5a6f1a64 --- /dev/null +++ b/2021/36xxx/CVE-2021-36333.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36333", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36334.json b/2021/36xxx/CVE-2021-36334.json new file mode 100644 index 00000000000..f91e114bcea --- /dev/null +++ b/2021/36xxx/CVE-2021-36334.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36334", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36335.json b/2021/36xxx/CVE-2021-36335.json new file mode 100644 index 00000000000..72a996c8b76 --- /dev/null +++ b/2021/36xxx/CVE-2021-36335.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36335", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36336.json b/2021/36xxx/CVE-2021-36336.json new file mode 100644 index 00000000000..43efbb14e90 --- /dev/null +++ b/2021/36xxx/CVE-2021-36336.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36336", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36337.json b/2021/36xxx/CVE-2021-36337.json new file mode 100644 index 00000000000..d730f1cde7d --- /dev/null +++ b/2021/36xxx/CVE-2021-36337.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36337", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36338.json b/2021/36xxx/CVE-2021-36338.json new file mode 100644 index 00000000000..9c0a58eb8cc --- /dev/null +++ b/2021/36xxx/CVE-2021-36338.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36338", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36339.json b/2021/36xxx/CVE-2021-36339.json new file mode 100644 index 00000000000..5f67be4a700 --- /dev/null +++ b/2021/36xxx/CVE-2021-36339.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36339", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36340.json b/2021/36xxx/CVE-2021-36340.json new file mode 100644 index 00000000000..a896f187b8c --- /dev/null +++ b/2021/36xxx/CVE-2021-36340.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36340", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36341.json b/2021/36xxx/CVE-2021-36341.json new file mode 100644 index 00000000000..8cc4389e393 --- /dev/null +++ b/2021/36xxx/CVE-2021-36341.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36341", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36342.json b/2021/36xxx/CVE-2021-36342.json new file mode 100644 index 00000000000..31ebd2df5f0 --- /dev/null +++ b/2021/36xxx/CVE-2021-36342.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36342", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file From 2f3248253dd2cdd11bedff91f89952a5ac9ac9b3 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 8 Jul 2021 21:00:50 +0000 Subject: [PATCH 22/35] "-Synchronized-Data." --- 2021/34xxx/CVE-2021-34616.json | 50 ++++++++++++++++++++++++++++++++-- 1 file changed, 47 insertions(+), 3 deletions(-) diff --git a/2021/34xxx/CVE-2021-34616.json b/2021/34xxx/CVE-2021-34616.json index 52f76c2ba1b..8f2c3e4a60e 100644 --- a/2021/34xxx/CVE-2021-34616.json +++ b/2021/34xxx/CVE-2021-34616.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-34616", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-alert@hpe.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Aruba ClearPass Policy Manager", + "version": { + "version_data": [ + { + "version_value": "Prior to 6.10.0, 6.9.6 and 6.8.9" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "remote arbitrary command execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-012.txt", + "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-012.txt" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability." } ] } From f354a3fbed23642f85869b09bc5ed1706b70795e Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 8 Jul 2021 22:00:52 +0000 Subject: [PATCH 23/35] "-Synchronized-Data." --- 2020/36xxx/CVE-2020-36417.json | 18 ++++++++++++++++++ 2020/36xxx/CVE-2020-36418.json | 18 ++++++++++++++++++ 2 files changed, 36 insertions(+) create mode 100644 2020/36xxx/CVE-2020-36417.json create mode 100644 2020/36xxx/CVE-2020-36418.json diff --git a/2020/36xxx/CVE-2020-36417.json b/2020/36xxx/CVE-2020-36417.json new file mode 100644 index 00000000000..cac97110efc --- /dev/null +++ b/2020/36xxx/CVE-2020-36417.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-36417", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/36xxx/CVE-2020-36418.json b/2020/36xxx/CVE-2020-36418.json new file mode 100644 index 00000000000..9f19635910f --- /dev/null +++ b/2020/36xxx/CVE-2020-36418.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-36418", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file From 4c8e9ab210f0374813ebcb3f608da7df19c61145 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 9 Jul 2021 05:00:50 +0000 Subject: [PATCH 24/35] "-Synchronized-Data." --- 2021/3xxx/CVE-2021-3639.json | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 2021/3xxx/CVE-2021-3639.json diff --git a/2021/3xxx/CVE-2021-3639.json b/2021/3xxx/CVE-2021-3639.json new file mode 100644 index 00000000000..174e7c380cc --- /dev/null +++ b/2021/3xxx/CVE-2021-3639.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-3639", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file From e99d4a0626422aea4a35a86333d4d3d0962ff1c3 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 9 Jul 2021 06:00:56 +0000 Subject: [PATCH 25/35] "-Synchronized-Data." --- 2021/3xxx/CVE-2021-3640.json | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 2021/3xxx/CVE-2021-3640.json diff --git a/2021/3xxx/CVE-2021-3640.json b/2021/3xxx/CVE-2021-3640.json new file mode 100644 index 00000000000..36e66dcafff --- /dev/null +++ b/2021/3xxx/CVE-2021-3640.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-3640", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file From 848d1153090f139d9b4f13722d3397777eb19afb Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 9 Jul 2021 09:00:48 +0000 Subject: [PATCH 26/35] "-Synchronized-Data." --- 2020/8xxx/CVE-2020-8296.json | 5 +++++ 2021/22xxx/CVE-2021-22173.json | 5 +++++ 2021/22xxx/CVE-2021-22174.json | 5 +++++ 2021/22xxx/CVE-2021-22191.json | 5 +++++ 2021/22xxx/CVE-2021-22207.json | 5 +++++ 2021/22xxx/CVE-2021-22222.json | 5 +++++ 2021/22xxx/CVE-2021-22877.json | 5 +++++ 2021/22xxx/CVE-2021-22878.json | 5 +++++ 2021/22xxx/CVE-2021-22915.json | 10 ++++++++++ 2021/29xxx/CVE-2021-29477.json | 5 +++++ 2021/29xxx/CVE-2021-29478.json | 5 +++++ 2021/30xxx/CVE-2021-30506.json | 5 +++++ 2021/30xxx/CVE-2021-30507.json | 5 +++++ 2021/30xxx/CVE-2021-30508.json | 5 +++++ 2021/30xxx/CVE-2021-30509.json | 5 +++++ 2021/30xxx/CVE-2021-30510.json | 5 +++++ 2021/30xxx/CVE-2021-30511.json | 5 +++++ 2021/30xxx/CVE-2021-30512.json | 5 +++++ 2021/30xxx/CVE-2021-30513.json | 5 +++++ 2021/30xxx/CVE-2021-30514.json | 5 +++++ 2021/30xxx/CVE-2021-30515.json | 5 +++++ 2021/30xxx/CVE-2021-30516.json | 5 +++++ 2021/30xxx/CVE-2021-30517.json | 5 +++++ 2021/30xxx/CVE-2021-30518.json | 5 +++++ 2021/30xxx/CVE-2021-30519.json | 5 +++++ 2021/30xxx/CVE-2021-30520.json | 5 +++++ 2021/30xxx/CVE-2021-30521.json | 5 +++++ 2021/30xxx/CVE-2021-30522.json | 5 +++++ 2021/30xxx/CVE-2021-30523.json | 5 +++++ 2021/30xxx/CVE-2021-30524.json | 5 +++++ 2021/30xxx/CVE-2021-30525.json | 5 +++++ 2021/30xxx/CVE-2021-30526.json | 5 +++++ 2021/30xxx/CVE-2021-30527.json | 5 +++++ 2021/30xxx/CVE-2021-30528.json | 5 +++++ 2021/30xxx/CVE-2021-30529.json | 5 +++++ 2021/30xxx/CVE-2021-30530.json | 5 +++++ 2021/30xxx/CVE-2021-30531.json | 5 +++++ 2021/30xxx/CVE-2021-30532.json | 5 +++++ 2021/30xxx/CVE-2021-30533.json | 5 +++++ 2021/30xxx/CVE-2021-30534.json | 5 +++++ 2021/30xxx/CVE-2021-30535.json | 5 +++++ 2021/30xxx/CVE-2021-30536.json | 5 +++++ 2021/30xxx/CVE-2021-30537.json | 5 +++++ 2021/30xxx/CVE-2021-30538.json | 5 +++++ 2021/30xxx/CVE-2021-30539.json | 5 +++++ 2021/30xxx/CVE-2021-30540.json | 5 +++++ 2021/30xxx/CVE-2021-30544.json | 5 +++++ 2021/30xxx/CVE-2021-30545.json | 5 +++++ 2021/30xxx/CVE-2021-30546.json | 5 +++++ 2021/30xxx/CVE-2021-30547.json | 5 +++++ 2021/30xxx/CVE-2021-30548.json | 5 +++++ 2021/30xxx/CVE-2021-30549.json | 5 +++++ 2021/30xxx/CVE-2021-30550.json | 5 +++++ 2021/30xxx/CVE-2021-30551.json | 5 +++++ 2021/30xxx/CVE-2021-30552.json | 5 +++++ 2021/30xxx/CVE-2021-30553.json | 5 +++++ 2021/30xxx/CVE-2021-30554.json | 5 +++++ 2021/30xxx/CVE-2021-30555.json | 5 +++++ 2021/30xxx/CVE-2021-30556.json | 5 +++++ 2021/30xxx/CVE-2021-30557.json | 5 +++++ 2021/33xxx/CVE-2021-33586.json | 5 +++++ 61 files changed, 310 insertions(+) diff --git a/2020/8xxx/CVE-2020-8296.json b/2020/8xxx/CVE-2020-8296.json index b241492630a..2b779c128f6 100644 --- a/2020/8xxx/CVE-2020-8296.json +++ b/2020/8xxx/CVE-2020-8296.json @@ -63,6 +63,11 @@ "refsource": "MISC", "name": "https://github.com/nextcloud/server/issues/17439", "url": "https://github.com/nextcloud/server/issues/17439" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-eac0e52f88", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L6BO6P6MP2MOWA6PZRXX32PLWPXN5O4S/" } ] }, diff --git a/2021/22xxx/CVE-2021-22173.json b/2021/22xxx/CVE-2021-22173.json index acd1f4e6164..9af55dd38a2 100644 --- a/2021/22xxx/CVE-2021-22173.json +++ b/2021/22xxx/CVE-2021-22173.json @@ -73,6 +73,11 @@ "url": "https://www.oracle.com/security-alerts/cpuApr2021.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpuApr2021.html" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202107-21", + "url": "https://security.gentoo.org/glsa/202107-21" } ] }, diff --git a/2021/22xxx/CVE-2021-22174.json b/2021/22xxx/CVE-2021-22174.json index 256517bba25..3b4a3370e3d 100644 --- a/2021/22xxx/CVE-2021-22174.json +++ b/2021/22xxx/CVE-2021-22174.json @@ -73,6 +73,11 @@ "url": "https://www.oracle.com/security-alerts/cpuApr2021.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpuApr2021.html" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202107-21", + "url": "https://security.gentoo.org/glsa/202107-21" } ] }, diff --git a/2021/22xxx/CVE-2021-22191.json b/2021/22xxx/CVE-2021-22191.json index ef639f28f26..c2953d01fa9 100644 --- a/2021/22xxx/CVE-2021-22191.json +++ b/2021/22xxx/CVE-2021-22191.json @@ -66,6 +66,11 @@ "url": "https://www.oracle.com/security-alerts/cpuApr2021.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpuApr2021.html" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202107-21", + "url": "https://security.gentoo.org/glsa/202107-21" } ] }, diff --git a/2021/22xxx/CVE-2021-22207.json b/2021/22xxx/CVE-2021-22207.json index 4dd0fb814f3..d794c0b120a 100644 --- a/2021/22xxx/CVE-2021-22207.json +++ b/2021/22xxx/CVE-2021-22207.json @@ -71,6 +71,11 @@ "refsource": "FEDORA", "name": "FEDORA-2021-67691ad99d", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GIWWO27HV4HUKXV6NH6ULHCRAQB26DMD/" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202107-21", + "url": "https://security.gentoo.org/glsa/202107-21" } ] }, diff --git a/2021/22xxx/CVE-2021-22222.json b/2021/22xxx/CVE-2021-22222.json index ffd8f280f8b..50799e57e37 100644 --- a/2021/22xxx/CVE-2021-22222.json +++ b/2021/22xxx/CVE-2021-22222.json @@ -58,6 +58,11 @@ "name": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22222.json", "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22222.json", "refsource": "CONFIRM" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202107-21", + "url": "https://security.gentoo.org/glsa/202107-21" } ] }, diff --git a/2021/22xxx/CVE-2021-22877.json b/2021/22xxx/CVE-2021-22877.json index 139bb01d39a..102eddfb701 100644 --- a/2021/22xxx/CVE-2021-22877.json +++ b/2021/22xxx/CVE-2021-22877.json @@ -63,6 +63,11 @@ "refsource": "MISC", "name": "https://github.com/nextcloud/server/pull/25224", "url": "https://github.com/nextcloud/server/pull/25224" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-eac0e52f88", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L6BO6P6MP2MOWA6PZRXX32PLWPXN5O4S/" } ] }, diff --git a/2021/22xxx/CVE-2021-22878.json b/2021/22xxx/CVE-2021-22878.json index c6be9d6488d..bf58c6333e6 100644 --- a/2021/22xxx/CVE-2021-22878.json +++ b/2021/22xxx/CVE-2021-22878.json @@ -58,6 +58,11 @@ "refsource": "MISC", "name": "https://github.com/nextcloud/server/pull/25234", "url": "https://github.com/nextcloud/server/pull/25234" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-eac0e52f88", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L6BO6P6MP2MOWA6PZRXX32PLWPXN5O4S/" } ] }, diff --git a/2021/22xxx/CVE-2021-22915.json b/2021/22xxx/CVE-2021-22915.json index f6a8c3c6cea..9ec721f0568 100644 --- a/2021/22xxx/CVE-2021-22915.json +++ b/2021/22xxx/CVE-2021-22915.json @@ -53,6 +53,16 @@ "refsource": "MISC", "name": "https://nextcloud.com/security/advisory/?id=NC-SA-2021-009", "url": "https://nextcloud.com/security/advisory/?id=NC-SA-2021-009" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-eac0e52f88", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L6BO6P6MP2MOWA6PZRXX32PLWPXN5O4S/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-afa7968aeb", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AGXGR6HYGQ6MZXISMJEHCOXRGRFRUFMA/" } ] }, diff --git a/2021/29xxx/CVE-2021-29477.json b/2021/29xxx/CVE-2021-29477.json index 04eda1d965b..e29750cbf1c 100644 --- a/2021/29xxx/CVE-2021-29477.json +++ b/2021/29xxx/CVE-2021-29477.json @@ -101,6 +101,11 @@ "refsource": "FEDORA", "name": "FEDORA-2021-0ad4bec5b1", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SN7INTZFE34MIQJO7WDDTIY5LIBGN6GI/" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202107-20", + "url": "https://security.gentoo.org/glsa/202107-20" } ] }, diff --git a/2021/29xxx/CVE-2021-29478.json b/2021/29xxx/CVE-2021-29478.json index 650c7b2b662..2b57c0a3f0d 100644 --- a/2021/29xxx/CVE-2021-29478.json +++ b/2021/29xxx/CVE-2021-29478.json @@ -88,6 +88,11 @@ "refsource": "FEDORA", "name": "FEDORA-2021-8b19c99d6a", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPWBIZXA67JFIB63W2CNVVILCGIC2ME5/" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202107-20", + "url": "https://security.gentoo.org/glsa/202107-20" } ] }, diff --git a/2021/30xxx/CVE-2021-30506.json b/2021/30xxx/CVE-2021-30506.json index 3b5948f080e..b818e4af11b 100644 --- a/2021/30xxx/CVE-2021-30506.json +++ b/2021/30xxx/CVE-2021-30506.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30507.json b/2021/30xxx/CVE-2021-30507.json index 7f02548adfe..461981ce575 100644 --- a/2021/30xxx/CVE-2021-30507.json +++ b/2021/30xxx/CVE-2021-30507.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30508.json b/2021/30xxx/CVE-2021-30508.json index b223704b0d7..b39acb54014 100644 --- a/2021/30xxx/CVE-2021-30508.json +++ b/2021/30xxx/CVE-2021-30508.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30509.json b/2021/30xxx/CVE-2021-30509.json index 0b0f112a944..5a34e8ca4ee 100644 --- a/2021/30xxx/CVE-2021-30509.json +++ b/2021/30xxx/CVE-2021-30509.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30510.json b/2021/30xxx/CVE-2021-30510.json index d0a5a093515..aaac59bb82c 100644 --- a/2021/30xxx/CVE-2021-30510.json +++ b/2021/30xxx/CVE-2021-30510.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30511.json b/2021/30xxx/CVE-2021-30511.json index 73c808feb23..e1c7f4845a9 100644 --- a/2021/30xxx/CVE-2021-30511.json +++ b/2021/30xxx/CVE-2021-30511.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30512.json b/2021/30xxx/CVE-2021-30512.json index e0baaf2fc6d..8bd92b48e23 100644 --- a/2021/30xxx/CVE-2021-30512.json +++ b/2021/30xxx/CVE-2021-30512.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30513.json b/2021/30xxx/CVE-2021-30513.json index a0af34ce235..19e1b3c6a40 100644 --- a/2021/30xxx/CVE-2021-30513.json +++ b/2021/30xxx/CVE-2021-30513.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30514.json b/2021/30xxx/CVE-2021-30514.json index 0085e3b4e7b..f05e2c9652e 100644 --- a/2021/30xxx/CVE-2021-30514.json +++ b/2021/30xxx/CVE-2021-30514.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30515.json b/2021/30xxx/CVE-2021-30515.json index c92b7dbd3a4..c1a8af56a28 100644 --- a/2021/30xxx/CVE-2021-30515.json +++ b/2021/30xxx/CVE-2021-30515.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30516.json b/2021/30xxx/CVE-2021-30516.json index d2e5f512d2a..7a0f7794e43 100644 --- a/2021/30xxx/CVE-2021-30516.json +++ b/2021/30xxx/CVE-2021-30516.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30517.json b/2021/30xxx/CVE-2021-30517.json index 528061f0692..265d0f77020 100644 --- a/2021/30xxx/CVE-2021-30517.json +++ b/2021/30xxx/CVE-2021-30517.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30518.json b/2021/30xxx/CVE-2021-30518.json index 54f5284a9fd..e46dafceea4 100644 --- a/2021/30xxx/CVE-2021-30518.json +++ b/2021/30xxx/CVE-2021-30518.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30519.json b/2021/30xxx/CVE-2021-30519.json index a36c3cc06a1..896974f9744 100644 --- a/2021/30xxx/CVE-2021-30519.json +++ b/2021/30xxx/CVE-2021-30519.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30520.json b/2021/30xxx/CVE-2021-30520.json index 1599cf95706..419728443e9 100644 --- a/2021/30xxx/CVE-2021-30520.json +++ b/2021/30xxx/CVE-2021-30520.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30521.json b/2021/30xxx/CVE-2021-30521.json index 64cdd58b1b2..133e48f71e8 100644 --- a/2021/30xxx/CVE-2021-30521.json +++ b/2021/30xxx/CVE-2021-30521.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30522.json b/2021/30xxx/CVE-2021-30522.json index b5d3df518ff..ca92479de5b 100644 --- a/2021/30xxx/CVE-2021-30522.json +++ b/2021/30xxx/CVE-2021-30522.json @@ -64,6 +64,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30523.json b/2021/30xxx/CVE-2021-30523.json index 1021e6e59e3..7adfef6b7e0 100644 --- a/2021/30xxx/CVE-2021-30523.json +++ b/2021/30xxx/CVE-2021-30523.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30524.json b/2021/30xxx/CVE-2021-30524.json index 4a1f0a089b4..b604830f61d 100644 --- a/2021/30xxx/CVE-2021-30524.json +++ b/2021/30xxx/CVE-2021-30524.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30525.json b/2021/30xxx/CVE-2021-30525.json index 1d0852b4c2b..d6f338483f0 100644 --- a/2021/30xxx/CVE-2021-30525.json +++ b/2021/30xxx/CVE-2021-30525.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30526.json b/2021/30xxx/CVE-2021-30526.json index c3180e3ac04..58fcf848107 100644 --- a/2021/30xxx/CVE-2021-30526.json +++ b/2021/30xxx/CVE-2021-30526.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30527.json b/2021/30xxx/CVE-2021-30527.json index 666f1366c3b..91ae1479add 100644 --- a/2021/30xxx/CVE-2021-30527.json +++ b/2021/30xxx/CVE-2021-30527.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30528.json b/2021/30xxx/CVE-2021-30528.json index d10d028468a..91085a11372 100644 --- a/2021/30xxx/CVE-2021-30528.json +++ b/2021/30xxx/CVE-2021-30528.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30529.json b/2021/30xxx/CVE-2021-30529.json index 19dac827d9f..8b4c93d8bc4 100644 --- a/2021/30xxx/CVE-2021-30529.json +++ b/2021/30xxx/CVE-2021-30529.json @@ -54,6 +54,11 @@ "url": "https://crbug.com/1195278", "refsource": "MISC", "name": "https://crbug.com/1195278" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30530.json b/2021/30xxx/CVE-2021-30530.json index f8e746c14cc..e180add4d2c 100644 --- a/2021/30xxx/CVE-2021-30530.json +++ b/2021/30xxx/CVE-2021-30530.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30531.json b/2021/30xxx/CVE-2021-30531.json index 290f01bb032..642623ea605 100644 --- a/2021/30xxx/CVE-2021-30531.json +++ b/2021/30xxx/CVE-2021-30531.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30532.json b/2021/30xxx/CVE-2021-30532.json index 2ddc3fbe885..3bb664b371c 100644 --- a/2021/30xxx/CVE-2021-30532.json +++ b/2021/30xxx/CVE-2021-30532.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30533.json b/2021/30xxx/CVE-2021-30533.json index c461bfcee2d..4452738cec2 100644 --- a/2021/30xxx/CVE-2021-30533.json +++ b/2021/30xxx/CVE-2021-30533.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30534.json b/2021/30xxx/CVE-2021-30534.json index a21ee5528ad..1f6dfd96da2 100644 --- a/2021/30xxx/CVE-2021-30534.json +++ b/2021/30xxx/CVE-2021-30534.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30535.json b/2021/30xxx/CVE-2021-30535.json index b5fb6c88db6..f9668ab8805 100644 --- a/2021/30xxx/CVE-2021-30535.json +++ b/2021/30xxx/CVE-2021-30535.json @@ -54,6 +54,11 @@ "url": "https://crbug.com/1194899", "refsource": "MISC", "name": "https://crbug.com/1194899" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30536.json b/2021/30xxx/CVE-2021-30536.json index 81443a4524b..3b0907efcf7 100644 --- a/2021/30xxx/CVE-2021-30536.json +++ b/2021/30xxx/CVE-2021-30536.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30537.json b/2021/30xxx/CVE-2021-30537.json index efe172e4ef5..bf12be08d14 100644 --- a/2021/30xxx/CVE-2021-30537.json +++ b/2021/30xxx/CVE-2021-30537.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30538.json b/2021/30xxx/CVE-2021-30538.json index f4db13c1b31..835146f39bb 100644 --- a/2021/30xxx/CVE-2021-30538.json +++ b/2021/30xxx/CVE-2021-30538.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30539.json b/2021/30xxx/CVE-2021-30539.json index 2978e2a157c..8b78ca5bd4c 100644 --- a/2021/30xxx/CVE-2021-30539.json +++ b/2021/30xxx/CVE-2021-30539.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30540.json b/2021/30xxx/CVE-2021-30540.json index e21b9630d3d..c5653574cc2 100644 --- a/2021/30xxx/CVE-2021-30540.json +++ b/2021/30xxx/CVE-2021-30540.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30544.json b/2021/30xxx/CVE-2021-30544.json index a47d16b4676..15e3b437be0 100644 --- a/2021/30xxx/CVE-2021-30544.json +++ b/2021/30xxx/CVE-2021-30544.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30545.json b/2021/30xxx/CVE-2021-30545.json index 5b703931592..de0591d4fe0 100644 --- a/2021/30xxx/CVE-2021-30545.json +++ b/2021/30xxx/CVE-2021-30545.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30546.json b/2021/30xxx/CVE-2021-30546.json index f962d1cb05f..42d8d6d7ff0 100644 --- a/2021/30xxx/CVE-2021-30546.json +++ b/2021/30xxx/CVE-2021-30546.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30547.json b/2021/30xxx/CVE-2021-30547.json index a98eef9dc05..549f716e15c 100644 --- a/2021/30xxx/CVE-2021-30547.json +++ b/2021/30xxx/CVE-2021-30547.json @@ -54,6 +54,11 @@ "url": "https://crbug.com/1210414", "refsource": "MISC", "name": "https://crbug.com/1210414" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30548.json b/2021/30xxx/CVE-2021-30548.json index 91ad054b7ba..6fc4fd4de04 100644 --- a/2021/30xxx/CVE-2021-30548.json +++ b/2021/30xxx/CVE-2021-30548.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30549.json b/2021/30xxx/CVE-2021-30549.json index 36021b75c00..8c0a431aba2 100644 --- a/2021/30xxx/CVE-2021-30549.json +++ b/2021/30xxx/CVE-2021-30549.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30550.json b/2021/30xxx/CVE-2021-30550.json index 184b145e29e..49421087173 100644 --- a/2021/30xxx/CVE-2021-30550.json +++ b/2021/30xxx/CVE-2021-30550.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30551.json b/2021/30xxx/CVE-2021-30551.json index 7923725cf6c..b0c4b8e57eb 100644 --- a/2021/30xxx/CVE-2021-30551.json +++ b/2021/30xxx/CVE-2021-30551.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30552.json b/2021/30xxx/CVE-2021-30552.json index fa74375a522..c91d458835a 100644 --- a/2021/30xxx/CVE-2021-30552.json +++ b/2021/30xxx/CVE-2021-30552.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30553.json b/2021/30xxx/CVE-2021-30553.json index b1b49d5d4ed..3f1a91c32eb 100644 --- a/2021/30xxx/CVE-2021-30553.json +++ b/2021/30xxx/CVE-2021-30553.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30554.json b/2021/30xxx/CVE-2021-30554.json index bb26404a9c1..ed89844cb55 100644 --- a/2021/30xxx/CVE-2021-30554.json +++ b/2021/30xxx/CVE-2021-30554.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30555.json b/2021/30xxx/CVE-2021-30555.json index d48470f0fee..2f4a655ad1f 100644 --- a/2021/30xxx/CVE-2021-30555.json +++ b/2021/30xxx/CVE-2021-30555.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30556.json b/2021/30xxx/CVE-2021-30556.json index 8b56a69f73c..a3ba632b46d 100644 --- a/2021/30xxx/CVE-2021-30556.json +++ b/2021/30xxx/CVE-2021-30556.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/30xxx/CVE-2021-30557.json b/2021/30xxx/CVE-2021-30557.json index 3ce1494d1a8..38a6b3a2529 100644 --- a/2021/30xxx/CVE-2021-30557.json +++ b/2021/30xxx/CVE-2021-30557.json @@ -59,6 +59,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-06", "url": "https://security.gentoo.org/glsa/202107-06" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-f94dadff78", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/" } ] }, diff --git a/2021/33xxx/CVE-2021-33586.json b/2021/33xxx/CVE-2021-33586.json index 847af6f6da8..4cb431151b1 100644 --- a/2021/33xxx/CVE-2021-33586.json +++ b/2021/33xxx/CVE-2021-33586.json @@ -61,6 +61,11 @@ "url": "https://github.com/inspircd/inspircd/commit/4350a11c663b0d75f8119743bffb7736d87abd4d", "refsource": "MISC", "name": "https://github.com/inspircd/inspircd/commit/4350a11c663b0d75f8119743bffb7736d87abd4d" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202107-22", + "url": "https://security.gentoo.org/glsa/202107-22" } ] } From 0f4a356e43b9d13299c3d00befdb2f56c8a0bb06 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 9 Jul 2021 11:00:48 +0000 Subject: [PATCH 27/35] "-Synchronized-Data." --- 2012/1xxx/CVE-2012-1102.json | 63 +++++++++++++++++++++++++---- 2012/2xxx/CVE-2012-2666.json | 73 ++++++++++++++++++++++++++++++---- 2020/1xxx/CVE-2020-1927.json | 5 +++ 2020/1xxx/CVE-2020-1934.json | 5 +++ 2020/35xxx/CVE-2020-35452.json | 5 +++ 2021/26xxx/CVE-2021-26690.json | 5 +++ 2021/26xxx/CVE-2021-26691.json | 5 +++ 2021/30xxx/CVE-2021-30641.json | 5 +++ 2021/31xxx/CVE-2021-31618.json | 5 +++ 2021/32xxx/CVE-2021-32972.json | 50 +++++++++++++++++++++-- 2021/3xxx/CVE-2021-3570.json | 50 +++++++++++++++++++++-- 2021/3xxx/CVE-2021-3571.json | 50 +++++++++++++++++++++-- 2021/3xxx/CVE-2021-3612.json | 55 +++++++++++++++++++++++-- 2021/3xxx/CVE-2021-3637.json | 50 +++++++++++++++++++++-- 14 files changed, 397 insertions(+), 29 deletions(-) diff --git a/2012/1xxx/CVE-2012-1102.json b/2012/1xxx/CVE-2012-1102.json index 1e5e1504084..2e4566e5a3d 100644 --- a/2012/1xxx/CVE-2012-1102.json +++ b/2012/1xxx/CVE-2012-1102.json @@ -1,17 +1,66 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2012-1102", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2012-1102", + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "perl-xml-atom", + "version": { + "version_data": [ + { + "version_value": "perl-xml-atom 0.39" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-611" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://metacpan.org/release/MIYAGAWA/XML-Atom-0.39/source/Changes", + "url": "https://metacpan.org/release/MIYAGAWA/XML-Atom-0.39/source/Changes" + }, + { + "refsource": "MISC", + "name": "https://seclists.org/oss-sec/2012/q1/549", + "url": "https://seclists.org/oss-sec/2012/q1/549" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "It was discovered that the XML::Atom Perl module before version 0.39 did not disable external entities when parsing XML from potentially untrusted sources. This may allow attackers to gain read access to otherwise protected resources, depending on how the library is used." } ] } diff --git a/2012/2xxx/CVE-2012-2666.json b/2012/2xxx/CVE-2012-2666.json index 0e477fb39ab..1299a9826e4 100644 --- a/2012/2xxx/CVE-2012-2666.json +++ b/2012/2xxx/CVE-2012-2666.json @@ -1,17 +1,76 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2012-2666", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2012-2666", + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "go/golang", + "version": { + "version_data": [ + { + "version_value": "go/golang 1.0.2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-377" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2012-2666", + "url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2012-2666" + }, + { + "refsource": "MISC", + "name": "https://bugzilla.suse.com/show_bug.cgi?id=765455", + "url": "https://bugzilla.suse.com/show_bug.cgi?id=765455" + }, + { + "refsource": "MISC", + "name": "https://github.com/golang/go/commit/8ac275bb01588a8c0e6c0fe2de7fd11f08feccdd", + "url": "https://github.com/golang/go/commit/8ac275bb01588a8c0e6c0fe2de7fd11f08feccdd" + }, + { + "refsource": "MISC", + "name": "https://codereview.appspot.com/5992078", + "url": "https://codereview.appspot.com/5992078" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "golang/go in 1.0.2 fixes all.bash on shared machines. dotest() in src/pkg/debug/gosym/pclntab_test.go creates a temporary file with predicable name and executes it as shell script." } ] } diff --git a/2020/1xxx/CVE-2020-1927.json b/2020/1xxx/CVE-2020-1927.json index 314fc6ce8bc..fe92f2944d0 100644 --- a/2020/1xxx/CVE-2020-1927.json +++ b/2020/1xxx/CVE-2020-1927.json @@ -168,6 +168,11 @@ "url": "https://www.oracle.com/security-alerts/cpuApr2021.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpuApr2021.html" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20210709 [SECURITY] [DLA 2706-1] apache2 security update", + "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html" } ] }, diff --git a/2020/1xxx/CVE-2020-1934.json b/2020/1xxx/CVE-2020-1934.json index bc29101e372..2e2893092aa 100644 --- a/2020/1xxx/CVE-2020-1934.json +++ b/2020/1xxx/CVE-2020-1934.json @@ -153,6 +153,11 @@ "refsource": "MLIST", "name": "[httpd-cvs] 20210606 svn commit: r1075470 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d@%3Ccvs.httpd.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20210709 [SECURITY] [DLA 2706-1] apache2 security update", + "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html" } ] }, diff --git a/2020/35xxx/CVE-2020-35452.json b/2020/35xxx/CVE-2020-35452.json index 63fc635703b..d5818030094 100644 --- a/2020/35xxx/CVE-2020-35452.json +++ b/2020/35xxx/CVE-2020-35452.json @@ -238,6 +238,11 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20210702-0001/", "url": "https://security.netapp.com/advisory/ntap-20210702-0001/" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20210709 [SECURITY] [DLA 2706-1] apache2 security update", + "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html" } ] }, diff --git a/2021/26xxx/CVE-2021-26690.json b/2021/26xxx/CVE-2021-26690.json index d0371135dcd..0c7434e4c04 100644 --- a/2021/26xxx/CVE-2021-26690.json +++ b/2021/26xxx/CVE-2021-26690.json @@ -238,6 +238,11 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20210702-0001/", "url": "https://security.netapp.com/advisory/ntap-20210702-0001/" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20210709 [SECURITY] [DLA 2706-1] apache2 security update", + "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html" } ] }, diff --git a/2021/26xxx/CVE-2021-26691.json b/2021/26xxx/CVE-2021-26691.json index ae9fda9d122..70cf5136c88 100644 --- a/2021/26xxx/CVE-2021-26691.json +++ b/2021/26xxx/CVE-2021-26691.json @@ -238,6 +238,11 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20210702-0001/", "url": "https://security.netapp.com/advisory/ntap-20210702-0001/" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20210709 [SECURITY] [DLA 2706-1] apache2 security update", + "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html" } ] }, diff --git a/2021/30xxx/CVE-2021-30641.json b/2021/30xxx/CVE-2021-30641.json index 701adb4ca93..63ccbcf1b8d 100644 --- a/2021/30xxx/CVE-2021-30641.json +++ b/2021/30xxx/CVE-2021-30641.json @@ -113,6 +113,11 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20210702-0001/", "url": "https://security.netapp.com/advisory/ntap-20210702-0001/" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20210709 [SECURITY] [DLA 2706-1] apache2 security update", + "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html" } ] }, diff --git a/2021/31xxx/CVE-2021-31618.json b/2021/31xxx/CVE-2021-31618.json index a0e3c6c2e76..4aa527f33d7 100644 --- a/2021/31xxx/CVE-2021-31618.json +++ b/2021/31xxx/CVE-2021-31618.json @@ -102,6 +102,11 @@ "refsource": "FEDORA", "name": "FEDORA-2021-181f29c392", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A73QJ4HPUMU26I6EULG6SCK67TUEXZYR/" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20210709 [SECURITY] [DLA 2706-1] apache2 security update", + "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html" } ] }, diff --git a/2021/32xxx/CVE-2021-32972.json b/2021/32xxx/CVE-2021-32972.json index 86a1e3a12ad..6ed18cff8ce 100644 --- a/2021/32xxx/CVE-2021-32972.json +++ b/2021/32xxx/CVE-2021-32972.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-32972", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "ics-cert@hq.dhs.gov", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Panasonic FPWIN Pro", + "version": { + "version_data": [ + { + "version_value": "All Versions 7.5.1.1 and prior" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "IMPROPER RESTRICTION OF XML EXTERNAL ENTITY REFERENCE CWE-611" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-180-03", + "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-180-03" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Panasonic FPWIN Pro, all Versions 7.5.1.1 and prior, allows an attacker to craft a project file specifying a URI that causes the XML parser to access the URI and embed the contents, which may allow the attacker to disclose information that is accessible in the context of the user executing software." } ] } diff --git a/2021/3xxx/CVE-2021-3570.json b/2021/3xxx/CVE-2021-3570.json index daba4ef3316..a51eca770d7 100644 --- a/2021/3xxx/CVE-2021-3570.json +++ b/2021/3xxx/CVE-2021-3570.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-3570", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "linuxptp", + "version": { + "version_data": [ + { + "version_value": "linuxptp 3.1.1, linuxptp 2.0.1, linuxptp 1.9.3, linuxptp 1.8.1, linuxptp 1.7.1, linuxptp 1.6.1, linuxptp 1.5.1" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-119" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1966240", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966240" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A flaw was found in the ptp4l program of the linuxptp package. A missing length check when forwarding a PTP message between ports allows a remote attacker to cause an information leak, crash, or potentially remote code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. This flaw affects linuxptp versions before 3.1.1, before 2.0.1, before 1.9.3, before 1.8.1, before 1.7.1, before 1.6.1 and before 1.5.1." } ] } diff --git a/2021/3xxx/CVE-2021-3571.json b/2021/3xxx/CVE-2021-3571.json index 68677cf3d55..5c6a545630d 100644 --- a/2021/3xxx/CVE-2021-3571.json +++ b/2021/3xxx/CVE-2021-3571.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-3571", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "linuxptp", + "version": { + "version_data": [ + { + "version_value": "linuxptp 3.1.1, linuxptp 2.0.1" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-119" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1966241", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966241" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A flaw was found in the ptp4l program of the linuxptp package. When ptp4l is operating on a little-endian architecture as a PTP transparent clock, a remote attacker could send a crafted one-step sync message to cause an information leak or crash. The highest threat from this vulnerability is to data confidentiality and system availability. This flaw affects linuxptp versions before 3.1.1 and before 2.0.1." } ] } diff --git a/2021/3xxx/CVE-2021-3612.json b/2021/3xxx/CVE-2021-3612.json index 88b85d2e946..f3e8ac68694 100644 --- a/2021/3xxx/CVE-2021-3612.json +++ b/2021/3xxx/CVE-2021-3612.json @@ -4,14 +4,63 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-3612", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "kernel", + "version": { + "version_data": [ + { + "version_value": "kernel 5.9-rc1" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-20->CWE-119" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1974079", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974079" + }, + { + "refsource": "MISC", + "name": "https://lore.kernel.org/linux-input/20210620120030.1513655-1-avlarkin82@gmail.com/", + "url": "https://lore.kernel.org/linux-input/20210620120030.1513655-1-avlarkin82@gmail.com/" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability." } ] } diff --git a/2021/3xxx/CVE-2021-3637.json b/2021/3xxx/CVE-2021-3637.json index 0fb5e29acf1..3c0f184dc9e 100644 --- a/2021/3xxx/CVE-2021-3637.json +++ b/2021/3xxx/CVE-2021-3637.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-3637", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "keycloak-model-infinispan", + "version": { + "version_data": [ + { + "version_value": "keycloak 14.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-770" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1979638", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1979638" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A flaw was found in keycloak-model-infinispan in keycloak versions before 14.0.0 where authenticationSessions map in RootAuthenticationSessionEntity grows boundlessly which could lead to a DoS attack." } ] } From 2930957d6ddfbfb3575acae7607ca760ccd6251c Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 9 Jul 2021 12:00:56 +0000 Subject: [PATCH 28/35] "-Synchronized-Data." --- 2012/2xxx/CVE-2012-2689.json | 14 ++++---- 2012/4xxx/CVE-2012-4509.json | 14 ++++---- 2012/5xxx/CVE-2012-5632.json | 14 ++++---- 2012/6xxx/CVE-2012-6688.json | 14 ++++---- 2020/35xxx/CVE-2020-35452.json | 5 +++ 2021/26xxx/CVE-2021-26690.json | 5 +++ 2021/26xxx/CVE-2021-26691.json | 5 +++ 2021/30xxx/CVE-2021-30641.json | 5 +++ 2021/31xxx/CVE-2021-31618.json | 5 +++ 2021/36xxx/CVE-2021-36153.json | 66 ++++++++++++++++++++++++++++++---- 2021/36xxx/CVE-2021-36154.json | 66 ++++++++++++++++++++++++++++++---- 2021/36xxx/CVE-2021-36155.json | 66 ++++++++++++++++++++++++++++++---- 12 files changed, 233 insertions(+), 46 deletions(-) diff --git a/2012/2xxx/CVE-2012-2689.json b/2012/2xxx/CVE-2012-2689.json index 27f88e38526..e6419cb7e41 100644 --- a/2012/2xxx/CVE-2012-2689.json +++ b/2012/2xxx/CVE-2012-2689.json @@ -1,17 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2012-2689", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2012-2689", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none." } ] } diff --git a/2012/4xxx/CVE-2012-4509.json b/2012/4xxx/CVE-2012-4509.json index 574d9c4e67f..0b991d2db45 100644 --- a/2012/4xxx/CVE-2012-4509.json +++ b/2012/4xxx/CVE-2012-4509.json @@ -1,17 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2012-4509", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2012-4509", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none." } ] } diff --git a/2012/5xxx/CVE-2012-5632.json b/2012/5xxx/CVE-2012-5632.json index e077c28b778..3c23baeb86a 100644 --- a/2012/5xxx/CVE-2012-5632.json +++ b/2012/5xxx/CVE-2012-5632.json @@ -1,17 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2012-5632", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2012-5632", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none." } ] } diff --git a/2012/6xxx/CVE-2012-6688.json b/2012/6xxx/CVE-2012-6688.json index bcc8806bfe4..04da29e468a 100644 --- a/2012/6xxx/CVE-2012-6688.json +++ b/2012/6xxx/CVE-2012-6688.json @@ -1,17 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2012-6688", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2012-6688", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none." } ] } diff --git a/2020/35xxx/CVE-2020-35452.json b/2020/35xxx/CVE-2020-35452.json index d5818030094..4a21cc61cd8 100644 --- a/2020/35xxx/CVE-2020-35452.json +++ b/2020/35xxx/CVE-2020-35452.json @@ -243,6 +243,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20210709 [SECURITY] [DLA 2706-1] apache2 security update", "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html" + }, + { + "refsource": "DEBIAN", + "name": "DSA-4937", + "url": "https://www.debian.org/security/2021/dsa-4937" } ] }, diff --git a/2021/26xxx/CVE-2021-26690.json b/2021/26xxx/CVE-2021-26690.json index 0c7434e4c04..092f5e15a26 100644 --- a/2021/26xxx/CVE-2021-26690.json +++ b/2021/26xxx/CVE-2021-26690.json @@ -243,6 +243,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20210709 [SECURITY] [DLA 2706-1] apache2 security update", "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html" + }, + { + "refsource": "DEBIAN", + "name": "DSA-4937", + "url": "https://www.debian.org/security/2021/dsa-4937" } ] }, diff --git a/2021/26xxx/CVE-2021-26691.json b/2021/26xxx/CVE-2021-26691.json index 70cf5136c88..61eb83d13b7 100644 --- a/2021/26xxx/CVE-2021-26691.json +++ b/2021/26xxx/CVE-2021-26691.json @@ -243,6 +243,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20210709 [SECURITY] [DLA 2706-1] apache2 security update", "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html" + }, + { + "refsource": "DEBIAN", + "name": "DSA-4937", + "url": "https://www.debian.org/security/2021/dsa-4937" } ] }, diff --git a/2021/30xxx/CVE-2021-30641.json b/2021/30xxx/CVE-2021-30641.json index 63ccbcf1b8d..ce660e82676 100644 --- a/2021/30xxx/CVE-2021-30641.json +++ b/2021/30xxx/CVE-2021-30641.json @@ -118,6 +118,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20210709 [SECURITY] [DLA 2706-1] apache2 security update", "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html" + }, + { + "refsource": "DEBIAN", + "name": "DSA-4937", + "url": "https://www.debian.org/security/2021/dsa-4937" } ] }, diff --git a/2021/31xxx/CVE-2021-31618.json b/2021/31xxx/CVE-2021-31618.json index 4aa527f33d7..11232b6b11b 100644 --- a/2021/31xxx/CVE-2021-31618.json +++ b/2021/31xxx/CVE-2021-31618.json @@ -107,6 +107,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20210709 [SECURITY] [DLA 2706-1] apache2 security update", "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html" + }, + { + "refsource": "DEBIAN", + "name": "DSA-4937", + "url": "https://www.debian.org/security/2021/dsa-4937" } ] }, diff --git a/2021/36xxx/CVE-2021-36153.json b/2021/36xxx/CVE-2021-36153.json index c55df0d8b9e..a27a3405383 100644 --- a/2021/36xxx/CVE-2021-36153.json +++ b/2021/36xxx/CVE-2021-36153.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-36153", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-36153", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Mismanaged state in GRPCWebToHTTP2ServerCodec.swift in gRPC Swift 1.1.0 and 1.1.1 allows remote attackers to deny service by sending malformed requests." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35267", + "refsource": "MISC", + "name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35267" + }, + { + "url": "https://github.com/grpc/grpc-swift/releases", + "refsource": "MISC", + "name": "https://github.com/grpc/grpc-swift/releases" + }, + { + "refsource": "MISC", + "name": "https://github.com/grpc/grpc-swift/security/advisories/GHSA-2jx2-qcm4-rf9h", + "url": "https://github.com/grpc/grpc-swift/security/advisories/GHSA-2jx2-qcm4-rf9h" } ] } diff --git a/2021/36xxx/CVE-2021-36154.json b/2021/36xxx/CVE-2021-36154.json index 83f3a05e74a..20d0f2f32e7 100644 --- a/2021/36xxx/CVE-2021-36154.json +++ b/2021/36xxx/CVE-2021-36154.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-36154", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-36154", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "HTTP2ToRawGRPCServerCodec in gRPC Swift 1.1.1 and earlier allows remote attackers to deny service via the delivery of many small messages within a single HTTP/2 frame, leading to Uncontrolled Recursion and stack consumption." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/grpc/grpc-swift/releases", + "refsource": "MISC", + "name": "https://github.com/grpc/grpc-swift/releases" + }, + { + "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35274", + "refsource": "MISC", + "name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35274" + }, + { + "refsource": "MISC", + "name": "https://github.com/grpc/grpc-swift/security/advisories/GHSA-4rhq-vq24-88gw", + "url": "https://github.com/grpc/grpc-swift/security/advisories/GHSA-4rhq-vq24-88gw" } ] } diff --git a/2021/36xxx/CVE-2021-36155.json b/2021/36xxx/CVE-2021-36155.json index fb094ff7188..fcd33d48c4a 100644 --- a/2021/36xxx/CVE-2021-36155.json +++ b/2021/36xxx/CVE-2021-36155.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-36155", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-36155", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "LengthPrefixedMessageReader in gRPC Swift 1.1.0 and earlier allocates buffers of arbitrary length, which allows remote attackers to cause uncontrolled resource consumption and deny service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/grpc/grpc-swift/releases", + "refsource": "MISC", + "name": "https://github.com/grpc/grpc-swift/releases" + }, + { + "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35303", + "refsource": "MISC", + "name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35303" + }, + { + "refsource": "MISC", + "name": "https://github.com/grpc/grpc-swift/security/advisories/GHSA-rxmj-hg9v-vp3p", + "url": "https://github.com/grpc/grpc-swift/security/advisories/GHSA-rxmj-hg9v-vp3p" } ] } From e4aa40d732007f7d78b8df2aa967e57036441dce Mon Sep 17 00:00:00 2001 From: snyk-security-bot <66014823+snyk-security-bot@users.noreply.github.com> Date: Fri, 9 Jul 2021 13:37:09 +0100 Subject: [PATCH 29/35] Adds CVE-2021-23405 --- 2021/23xxx/CVE-2021-23405.json | 80 ++++++++++++++++++++++++++++++++-- 1 file changed, 76 insertions(+), 4 deletions(-) diff --git a/2021/23xxx/CVE-2021-23405.json b/2021/23xxx/CVE-2021-23405.json index 87f00324ff2..861ba4d2057 100644 --- a/2021/23xxx/CVE-2021-23405.json +++ b/2021/23xxx/CVE-2021-23405.json @@ -3,16 +3,88 @@ "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "report@snyk.io", + "DATE_PUBLIC": "2021-07-09T12:37:08.277597Z", "ID": "CVE-2021-23405", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "SQL Injection" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "pimcore/pimcore", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.0.7" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "SQL Injection" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "url": "https://snyk.io/vuln/SNYK-PHP-PIMCOREPIMCORE-1316297" + }, + { + "refsource": "CONFIRM", + "url": "https://github.com/pimcore/pimcore/pull/9572" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This affects the package pimcore/pimcore before 10.0.7.\n This issue exists due to the absence of check on the storeId parameter in the method collectionsActionGet and groupsActionGet method within the ClassificationstoreController class.\r\n\r\n" } ] - } + }, + "impact": { + "cvss": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L/E:F/RL:O/RC:C", + "baseScore": 8.3, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "LOW" + } + }, + "credit": [ + { + "lang": "eng", + "value": "Daniele Scanu @SoterITSecurity" + } + ] } \ No newline at end of file From a0c2ecec72b819c75bb8a1fc26a30cf3dcfbce8c Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 9 Jul 2021 13:00:54 +0000 Subject: [PATCH 30/35] "-Synchronized-Data." --- 2012/0xxx/CVE-2012-0816.json | 14 +++++++------- 2012/0xxx/CVE-2012-0832.json | 14 +++++++------- 2012/1xxx/CVE-2012-1609.json | 14 +++++++------- 2012/2xxx/CVE-2012-2659.json | 14 +++++++------- 2021/23xxx/CVE-2021-23405.json | 12 +++++++----- 5 files changed, 35 insertions(+), 33 deletions(-) diff --git a/2012/0xxx/CVE-2012-0816.json b/2012/0xxx/CVE-2012-0816.json index db8c2457628..18ab6fb3d0f 100644 --- a/2012/0xxx/CVE-2012-0816.json +++ b/2012/0xxx/CVE-2012-0816.json @@ -1,17 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2012-0816", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2012-0816", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." } ] } diff --git a/2012/0xxx/CVE-2012-0832.json b/2012/0xxx/CVE-2012-0832.json index b4f844918c8..02abdc589dd 100644 --- a/2012/0xxx/CVE-2012-0832.json +++ b/2012/0xxx/CVE-2012-0832.json @@ -1,17 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2012-0832", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2012-0832", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none." } ] } diff --git a/2012/1xxx/CVE-2012-1609.json b/2012/1xxx/CVE-2012-1609.json index 2a24464ff9b..e7143afda73 100644 --- a/2012/1xxx/CVE-2012-1609.json +++ b/2012/1xxx/CVE-2012-1609.json @@ -1,17 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2012-1609", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2012-1609", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none." } ] } diff --git a/2012/2xxx/CVE-2012-2659.json b/2012/2xxx/CVE-2012-2659.json index 51a2250a341..6d6085656ed 100644 --- a/2012/2xxx/CVE-2012-2659.json +++ b/2012/2xxx/CVE-2012-2659.json @@ -1,17 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2012-2659", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2012-2659", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none." } ] } diff --git a/2021/23xxx/CVE-2021-23405.json b/2021/23xxx/CVE-2021-23405.json index 861ba4d2057..106f002f0bb 100644 --- a/2021/23xxx/CVE-2021-23405.json +++ b/2021/23xxx/CVE-2021-23405.json @@ -48,12 +48,14 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://snyk.io/vuln/SNYK-PHP-PIMCOREPIMCORE-1316297" + "refsource": "MISC", + "url": "https://snyk.io/vuln/SNYK-PHP-PIMCOREPIMCORE-1316297", + "name": "https://snyk.io/vuln/SNYK-PHP-PIMCOREPIMCORE-1316297" }, { - "refsource": "CONFIRM", - "url": "https://github.com/pimcore/pimcore/pull/9572" + "refsource": "MISC", + "url": "https://github.com/pimcore/pimcore/pull/9572", + "name": "https://github.com/pimcore/pimcore/pull/9572" } ] }, @@ -61,7 +63,7 @@ "description_data": [ { "lang": "eng", - "value": "This affects the package pimcore/pimcore before 10.0.7.\n This issue exists due to the absence of check on the storeId parameter in the method collectionsActionGet and groupsActionGet method within the ClassificationstoreController class.\r\n\r\n" + "value": "This affects the package pimcore/pimcore before 10.0.7. This issue exists due to the absence of check on the storeId parameter in the method collectionsActionGet and groupsActionGet method within the ClassificationstoreController class." } ] }, From 03864c3edcf785491803246634b158d8bf4031d7 Mon Sep 17 00:00:00 2001 From: "Shelby J. Cunningham" Date: Fri, 9 Jul 2021 09:56:00 -0400 Subject: [PATCH 31/35] Add CVE-2021-32742 for GHSA-pqwh-c2f3-vxmq --- 2021/32xxx/CVE-2021-32742.json | 82 +++++++++++++++++++++++++++++++--- 1 file changed, 76 insertions(+), 6 deletions(-) diff --git a/2021/32xxx/CVE-2021-32742.json b/2021/32xxx/CVE-2021-32742.json index b3b21a36a57..ddb376dc9e5 100644 --- a/2021/32xxx/CVE-2021-32742.json +++ b/2021/32xxx/CVE-2021-32742.json @@ -1,18 +1,88 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "security-advisories@github.com", "ID": "CVE-2021-32742", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Untrusted data fed into `Data.init(base32Encoded:)` can result in exposing server memory and/or crash" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "vapor", + "version": { + "version_data": [ + { + "version_value": "<= 4.47.1" + } + ] + } + } + ] + }, + "vendor_name": "vapor" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Vapor is a web framework for Swift. In versions 4.47.1 and prior, bug in the `Data.init(base32Encoded:)` function opens up the potential for exposing server memory and/or crashing the server (Denial of Service) for applications where untrusted data can end up in said function. Vapor does not currently use this function itself so this only impact applications that use the impacted function directly or through other dependencies. The vulnerability is patched in version 4.47.2. As a workaround, one may use an alternative to Vapor's built-in `Data.init(base32Encoded:)`." } ] + }, + "impact": { + "cvss": { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-502: Deserialization of Untrusted Data" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/vapor/vapor/security/advisories/GHSA-pqwh-c2f3-vxmq", + "refsource": "CONFIRM", + "url": "https://github.com/vapor/vapor/security/advisories/GHSA-pqwh-c2f3-vxmq" + }, + { + "name": "https://github.com/vapor/vapor/releases/tag/4.47.2", + "refsource": "MISC", + "url": "https://github.com/vapor/vapor/releases/tag/4.47.2" + } + ] + }, + "source": { + "advisory": "GHSA-pqwh-c2f3-vxmq", + "discovery": "UNKNOWN" } } \ No newline at end of file From 71133061d9c9cca33d3aa574532b4c67c1b528fd Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 9 Jul 2021 14:00:56 +0000 Subject: [PATCH 32/35] "-Synchronized-Data." --- 2021/30xxx/CVE-2021-30116.json | 66 ++++++++++++++++++++++++++++++---- 2021/30xxx/CVE-2021-30117.json | 56 +++++++++++++++++++++++++---- 2021/30xxx/CVE-2021-30118.json | 56 +++++++++++++++++++++++++---- 2021/30xxx/CVE-2021-30119.json | 56 +++++++++++++++++++++++++---- 2021/30xxx/CVE-2021-30120.json | 56 +++++++++++++++++++++++++---- 2021/30xxx/CVE-2021-30121.json | 56 +++++++++++++++++++++++++---- 2021/30xxx/CVE-2021-30201.json | 56 +++++++++++++++++++++++++---- 7 files changed, 360 insertions(+), 42 deletions(-) diff --git a/2021/30xxx/CVE-2021-30116.json b/2021/30xxx/CVE-2021-30116.json index 6bc5a507737..3b9073abf84 100644 --- a/2021/30xxx/CVE-2021-30116.json +++ b/2021/30xxx/CVE-2021-30116.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-30116", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-30116", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Kaseya VSA before 9.5.7 allows credential disclosure, as exploited in the wild in July 2021." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://csirt.divd.nl/2021/07/04/Kaseya-Case-Update-2/", + "url": "https://csirt.divd.nl/2021/07/04/Kaseya-Case-Update-2/" + }, + { + "refsource": "MISC", + "name": "https://helpdesk.kaseya.com/hc/en-gb/articles/4403440684689-Important-Notice-July-2nd-2021", + "url": "https://helpdesk.kaseya.com/hc/en-gb/articles/4403440684689-Important-Notice-July-2nd-2021" + }, + { + "refsource": "MISC", + "name": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/", + "url": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/" } ] } diff --git a/2021/30xxx/CVE-2021-30117.json b/2021/30xxx/CVE-2021-30117.json index f62224ba599..a434c9027ae 100644 --- a/2021/30xxx/CVE-2021-30117.json +++ b/2021/30xxx/CVE-2021-30117.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-30117", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-30117", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SQL injection exists in Kaseya VSA before 9.5.6." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/", + "url": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/" } ] } diff --git a/2021/30xxx/CVE-2021-30118.json b/2021/30xxx/CVE-2021-30118.json index 2c67e91016c..1a7918eade3 100644 --- a/2021/30xxx/CVE-2021-30118.json +++ b/2021/30xxx/CVE-2021-30118.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-30118", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-30118", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Kaseya VSA before 9.5.5 allows remote code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/", + "url": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/" } ] } diff --git a/2021/30xxx/CVE-2021-30119.json b/2021/30xxx/CVE-2021-30119.json index f4da5ffe652..c517c10c31e 100644 --- a/2021/30xxx/CVE-2021-30119.json +++ b/2021/30xxx/CVE-2021-30119.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-30119", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-30119", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross Site Scripting (XSS) exists in Kaseya VSA before 9.5.7." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/", + "url": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/" } ] } diff --git a/2021/30xxx/CVE-2021-30120.json b/2021/30xxx/CVE-2021-30120.json index 3031f771467..5784829103c 100644 --- a/2021/30xxx/CVE-2021-30120.json +++ b/2021/30xxx/CVE-2021-30120.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-30120", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-30120", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Kaseya VSA through 9.5.7 allows attackers to bypass the 2FA requirement." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/", + "url": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/" } ] } diff --git a/2021/30xxx/CVE-2021-30121.json b/2021/30xxx/CVE-2021-30121.json index 8b35a19d467..fd734d16161 100644 --- a/2021/30xxx/CVE-2021-30121.json +++ b/2021/30xxx/CVE-2021-30121.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-30121", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-30121", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Local file inclusion exists in Kaseya VSA before 9.5.6." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/", + "url": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/" } ] } diff --git a/2021/30xxx/CVE-2021-30201.json b/2021/30xxx/CVE-2021-30201.json index daea90d858d..3520ede9222 100644 --- a/2021/30xxx/CVE-2021-30201.json +++ b/2021/30xxx/CVE-2021-30201.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-30201", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-30201", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An XML External Entity (XXE) issue exists in Kaseya VSA before 9.5.6." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/", + "url": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/" } ] } From 69b5d0cc4057e39b336d97772093b873701c8e81 Mon Sep 17 00:00:00 2001 From: "Shelby J. Cunningham" Date: Fri, 9 Jul 2021 10:01:46 -0400 Subject: [PATCH 33/35] Add CVE-2021-32752 for GHSA-fp63-499m-hq6m --- 2021/32xxx/CVE-2021-32752.json | 82 +++++++++++++++++++++++++++++++--- 1 file changed, 76 insertions(+), 6 deletions(-) diff --git a/2021/32xxx/CVE-2021-32752.json b/2021/32xxx/CVE-2021-32752.json index d82081be311..63e4e9d0724 100644 --- a/2021/32xxx/CVE-2021-32752.json +++ b/2021/32xxx/CVE-2021-32752.json @@ -1,18 +1,88 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "security-advisories@github.com", "ID": "CVE-2021-32752", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Files or Directories Accessible to External Parties in ether/logs" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "logs", + "version": { + "version_data": [ + { + "version_value": "< 3.0.4" + } + ] + } + } + ] + }, + "vendor_name": "ethercreative" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Ether Logs is a package that allows one to check one's logs in the Craft 3 utilities section. A vulnerability was found in versions prior to 3.0.4 that allowed authenticated admin users to access any file on the server. The vulnerability has been fixed in version 3.0.4. As a workaround, one may disable the plugin if untrustworthy sources have admin access." } ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-552: Files or Directories Accessible to External Parties" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/ethercreative/logs/security/advisories/GHSA-fp63-499m-hq6m", + "refsource": "CONFIRM", + "url": "https://github.com/ethercreative/logs/security/advisories/GHSA-fp63-499m-hq6m" + }, + { + "name": "https://github.com/ethercreative/logs/releases/tag/3.0.4", + "refsource": "MISC", + "url": "https://github.com/ethercreative/logs/releases/tag/3.0.4" + } + ] + }, + "source": { + "advisory": "GHSA-fp63-499m-hq6m", + "discovery": "UNKNOWN" } } \ No newline at end of file From c24d65129ed10c8faabe93397432ea8c1d2c4d8f Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 9 Jul 2021 15:00:52 +0000 Subject: [PATCH 34/35] "-Synchronized-Data." --- 2021/27xxx/CVE-2021-27033.json | 50 ++++++++++++++++++++++++++++++++-- 2021/27xxx/CVE-2021-27034.json | 50 ++++++++++++++++++++++++++++++++-- 2021/27xxx/CVE-2021-27035.json | 50 ++++++++++++++++++++++++++++++++-- 2021/27xxx/CVE-2021-27036.json | 50 ++++++++++++++++++++++++++++++++-- 2021/27xxx/CVE-2021-27037.json | 50 ++++++++++++++++++++++++++++++++-- 2021/27xxx/CVE-2021-27038.json | 50 ++++++++++++++++++++++++++++++++-- 2021/27xxx/CVE-2021-27039.json | 50 ++++++++++++++++++++++++++++++++-- 2021/33xxx/CVE-2021-33012.json | 50 ++++++++++++++++++++++++++++++++-- 2021/36xxx/CVE-2021-36351.json | 18 ++++++++++++ 2021/36xxx/CVE-2021-36352.json | 18 ++++++++++++ 10 files changed, 412 insertions(+), 24 deletions(-) create mode 100644 2021/36xxx/CVE-2021-36351.json create mode 100644 2021/36xxx/CVE-2021-36352.json diff --git a/2021/27xxx/CVE-2021-27033.json b/2021/27xxx/CVE-2021-27033.json index 92313e7c764..14cc855363f 100644 --- a/2021/27xxx/CVE-2021-27033.json +++ b/2021/27xxx/CVE-2021-27033.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-27033", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@autodesk.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Autodesk Design Review", + "version": { + "version_data": [ + { + "version_value": "2018,\u00a02017,\u00a02013, 2012, 2011" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Double Free Vulnerability " + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0003", + "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0003" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A Double Free vulnerability allows remote attackers to execute arbitrary code on PDF files within affected installations of Autodesk Design Review. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file." } ] } diff --git a/2021/27xxx/CVE-2021-27034.json b/2021/27xxx/CVE-2021-27034.json index 7e9cd2b4b61..bc138deee62 100644 --- a/2021/27xxx/CVE-2021-27034.json +++ b/2021/27xxx/CVE-2021-27034.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-27034", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@autodesk.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Autodesk Design Review", + "version": { + "version_data": [ + { + "version_value": "2018,\u00a02017,\u00a02013, 2012, 2011" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Heap Overflow Vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0003", + "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0003" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A heap-based buffer overflow could occur while parsing PICT or TIFF files in Autodesk 2018, 2017, 2013, 2012, 2011. This vulnerability can be exploited to execute arbitrary code." } ] } diff --git a/2021/27xxx/CVE-2021-27035.json b/2021/27xxx/CVE-2021-27035.json index 07b8e691423..566bede993d 100644 --- a/2021/27xxx/CVE-2021-27035.json +++ b/2021/27xxx/CVE-2021-27035.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-27035", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@autodesk.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Autodesk Design Review", + "version": { + "version_data": [ + { + "version_value": "2018,\u00a02017,\u00a02013, 2012, 2011" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-bound Read Vulnerability " + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0003", + "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0003" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A maliciously crafted TIFF, PDF, PICT or DWF files in Autodesk 2018, 2017, 2013, 2012, 2011 can be forced to read beyond allocated boundaries when parsing the TIFF, PDF, PICT or DWF files. This vulnerability can be exploited to execute arbitrary code." } ] } diff --git a/2021/27xxx/CVE-2021-27036.json b/2021/27xxx/CVE-2021-27036.json index 44d47495d3a..bf6356913df 100644 --- a/2021/27xxx/CVE-2021-27036.json +++ b/2021/27xxx/CVE-2021-27036.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-27036", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@autodesk.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Autodesk Design Review", + "version": { + "version_data": [ + { + "version_value": "2018,\u00a02017,\u00a02013, 2012, 2011" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-bound Write Vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0003", + "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0003" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A maliciously crafted PDF, PICT or TIFF file can be used to write beyond the allocated buffer while parsing PDF, PICT or TIFF files in Autodesk 2018, 2017, 2013, 2012, 2011. This vulnerability can be exploited to execute arbitrary code." } ] } diff --git a/2021/27xxx/CVE-2021-27037.json b/2021/27xxx/CVE-2021-27037.json index e78e7a8c009..f46d8b67c59 100644 --- a/2021/27xxx/CVE-2021-27037.json +++ b/2021/27xxx/CVE-2021-27037.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-27037", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@autodesk.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Autodesk Design Review", + "version": { + "version_data": [ + { + "version_value": "2018,\u00a02017,\u00a02013, 2012, 2011" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Use-After-Free Vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0003", + "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0003" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A maliciously crafted PNG, PDF or DWF file in Autodesk 2018, 2017, 2013, 2012, 2011 can be used to attempt to free an object that has already been freed while parsing them. This vulnerability can be exploited by remote attackers to execute arbitrary code." } ] } diff --git a/2021/27xxx/CVE-2021-27038.json b/2021/27xxx/CVE-2021-27038.json index 70c5c3849bf..71fae91ae4e 100644 --- a/2021/27xxx/CVE-2021-27038.json +++ b/2021/27xxx/CVE-2021-27038.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-27038", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@autodesk.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Autodesk Design Review", + "version": { + "version_data": [ + { + "version_value": "2018,\u00a02017,\u00a02013, 2012, 2011" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Type Confusion Vulnerability " + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0003", + "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0003" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A Type Confusion vulnerability in Autodesk 2018, 2017, 2013, 2012, 2011 can occur when processing a maliciously crafted PDF file. An attacker can leverage this to execute arbitrary code." } ] } diff --git a/2021/27xxx/CVE-2021-27039.json b/2021/27xxx/CVE-2021-27039.json index ffde0befba8..c8846692621 100644 --- a/2021/27xxx/CVE-2021-27039.json +++ b/2021/27xxx/CVE-2021-27039.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-27039", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@autodesk.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Autodesk Design Review", + "version": { + "version_data": [ + { + "version_value": "2018,\u00a02017,\u00a02013, 2012, 2011" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Uninitialized Variable Vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0003", + "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0003" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A maliciously crafted TIFF file in Autodesk 2018, 2017, 2013, 2012, 2011 can be forced to read and write beyond allocated boundaries when parsing the TIFF file. This vulnerability can be exploited to execute arbitrary code." } ] } diff --git a/2021/33xxx/CVE-2021-33012.json b/2021/33xxx/CVE-2021-33012.json index 81657721e84..c640c4bcac7 100644 --- a/2021/33xxx/CVE-2021-33012.json +++ b/2021/33xxx/CVE-2021-33012.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-33012", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "ics-cert@hq.dhs.gov", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Rockwell Automation MicroLogix 1100", + "version": { + "version_data": [ + { + "version_value": "All Versions" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "IMPROPER INPUT VALIDATION CWE-20" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-189-01", + "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-189-01" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Rockwell Automation MicroLogix 1100, all versions, allows a remote, unauthenticated attacker sending specially crafted commands to cause the PLC to fault when the controller is switched to RUN mode, which results in a denial-of-service condition. If successfully exploited, this vulnerability will cause the controller to fault whenever the controller is switched to RUN mode." } ] } diff --git a/2021/36xxx/CVE-2021-36351.json b/2021/36xxx/CVE-2021-36351.json new file mode 100644 index 00000000000..e6d15b61b42 --- /dev/null +++ b/2021/36xxx/CVE-2021-36351.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36351", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36352.json b/2021/36xxx/CVE-2021-36352.json new file mode 100644 index 00000000000..ad8bc7d0378 --- /dev/null +++ b/2021/36xxx/CVE-2021-36352.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36352", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file From 2a728ada8e7442b4bdad6d10a97d2b8fbacf117e Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 9 Jul 2021 16:00:48 +0000 Subject: [PATCH 35/35] "-Synchronized-Data." --- 2020/22xxx/CVE-2020-22535.json | 56 ++++++++++++++++++++++++++++++---- 2021/29xxx/CVE-2021-29425.json | 10 ++++++ 2 files changed, 60 insertions(+), 6 deletions(-) diff --git a/2020/22xxx/CVE-2020-22535.json b/2020/22xxx/CVE-2020-22535.json index 217dbff70d3..45728bd4b7b 100644 --- a/2020/22xxx/CVE-2020-22535.json +++ b/2020/22xxx/CVE-2020-22535.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-22535", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-22535", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Incorrect Access Control vulnerability in PbootCMS 2.0.6 via the list parameter in the update function in upgradecontroller.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/Pbootcms/Pbootcms/issues/5", + "refsource": "MISC", + "name": "https://github.com/Pbootcms/Pbootcms/issues/5" } ] } diff --git a/2021/29xxx/CVE-2021-29425.json b/2021/29xxx/CVE-2021-29425.json index f0e12cf83a2..341038dab51 100644 --- a/2021/29xxx/CVE-2021-29425.json +++ b/2021/29xxx/CVE-2021-29425.json @@ -167,6 +167,16 @@ "refsource": "MLIST", "name": "[creadur-dev] 20210621 [jira] [Commented] (RAT-281) Update commons-io to fix CVE-2021-29425 Moderate severity", "url": "https://lists.apache.org/thread.html/r345330b7858304938b7b8029d02537a116d75265a598c98fa333504a@%3Cdev.creadur.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[commons-user] 20210709 commons-fileupload dependency and CVE", + "url": "https://lists.apache.org/thread.html/rad4ae544747df32ccd58fff5a86cd556640396aeb161aa71dd3d192a@%3Cuser.commons.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[commons-user] 20210709 Re: commons-fileupload dependency and CVE", + "url": "https://lists.apache.org/thread.html/r808be7d93b17a7055c1981a8453ae5f0d0fce5855407793c5d0ffffa@%3Cuser.commons.apache.org%3E" } ] },