admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #549 from CVEProject/master

Browse Source 
XFA Rebase
This commit is contained in:
Scott Moore 2022-01-11 11:24:26 -05:00 committed by GitHub
commit 40ecddaff4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
646 changed files with 20008 additions and 1046 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2009/0xxx/CVE-2009-0182.json
View File

@ -66,6 +66,11 @@
"name": "4923",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4923"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/165489/VUPlayer-2.49-Buffer-Overflow.html",
"url": "http://packetstormsecurity.com/files/165489/VUPlayer-2.49-Buffer-Overflow.html"
}
]
}

5
2017/17xxx/CVE-2017-17087.json
View File

@ -81,6 +81,11 @@
"refsource": "UBUNTU",
"name": "USN-4582-1",
"url": "https://usn.ubuntu.com/4582-1/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20220110 [SECURITY] [DLA 2876-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00003.html"
}
]
}

15
2019/1010xxx/CVE-2019-1010238.json
View File

@ -52,11 +52,6 @@
},
"references": {
"reference_data": [
{
"url": "https://gitlab.gnome.org/GNOME/pango/blob/master/pango/pango-bidi-type.c",
"refsource": "MISC",
"name": "https://gitlab.gnome.org/GNOME/pango/blob/master/pango/pango-bidi-type.c"
},
{
"refsource": "UBUNTU",
"name": "USN-4081-1",
@ -116,6 +111,16 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"refsource": "MISC",
"name": "https://gitlab.gnome.org/GNOME/pango/-/commits/main/pango/pango-bidi-type.c",
"url": "https://gitlab.gnome.org/GNOME/pango/-/commits/main/pango/pango-bidi-type.c"
},
{
"refsource": "MISC",
"name": "https://gitlab.gnome.org/GNOME/pango/-/issues/342",
"url": "https://gitlab.gnome.org/GNOME/pango/-/issues/342"
}
]
}

5
2019/20xxx/CVE-2019-20807.json
View File

@ -81,6 +81,11 @@
"refsource": "UBUNTU",
"name": "USN-4582-1",
"url": "https://usn.ubuntu.com/4582-1/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20220110 [SECURITY] [DLA 2876-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00003.html"
}
]
}

90
2020/10xxx/CVE-2020-10137.json
View File

@ -1,18 +1,96 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"DATE_PUBLIC": "2021-12-27T05:00:00.000Z",
"ID": "CVE-2020-10137",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UZB-7",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "7.00"
}
]
}
}
]
},
"vendor_name": "Silicon Labs"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Carlos Nkuba Kayembe, PhD, Sven Dietrich, PhD, and Heejo Lee"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Z-Wave devices based on Silicon Labs 700 series chipsets using S2 do not adequately authenticate or encrypt FIND_NODE_IN_RANGE frames, allowing a remote, unauthenticated attacker to inject a FIND_NODE_IN_RANGE frame with an invalid random payload, denying service by blocking the processing of upcoming events."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-345 Insufficient Verification of Data Authenticity"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.cert.org/vuls/id/142629",
"refsource": "CERT-VN",
"url": "https://kb.cert.org/vuls/id/142629"
},
{
"name": "https://ieeexplore.ieee.org/document/9663293",
"refsource": "MISC",
"url": "https://ieeexplore.ieee.org/document/9663293"
},
{
"name": "https://github.com/CNK2100/VFuzz-public",
"refsource": "MISC",
"url": "https://github.com/CNK2100/VFuzz-public"
},
{
"name": "https://doi.org/10.1109/ACCESS.2021.3138768",
"refsource": "MISC",
"url": "https://doi.org/10.1109/ACCESS.2021.3138768"
},
{
"refsource": "CERT-VN",
"name": "VU#142629",
"url": "https://www.kb.cert.org/vuls/id/142629"
}
]
},
"source": {
"discovery": "INTERNAL"
}
}

12
2020/15xxx/CVE-2020-15795.json
View File

@ -14,16 +14,6 @@
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Capital VSTAR",
"version": {
"version_data": [
{
"version_value": "Versions including affected DNS modules"
}
]
}
},
{
"product_name": "Nucleus NET",
"version": {
@ -66,7 +56,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Capital VSTAR (Versions including affected DNS modules), Nucleus NET (All versions < V5.2), Nucleus Source Code (Versions including affected DNS modules). The DNS domain name label parsing functionality does not properly validate the names in DNS-responses. The parsing of malformed responses could result in a write past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to execute code in the context of the current process or cause a denial-of-service condition."
"value": "A vulnerability has been identified in Nucleus NET (All versions < V5.2), Nucleus Source Code (Versions including affected DNS modules). The DNS domain name label parsing functionality does not properly validate the names in DNS-responses. The parsing of malformed responses could result in a write past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to execute code in the context of the current process or cause a denial-of-service condition."
}
]
},

61
2020/25xxx/CVE-2020-25427.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-25427",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-25427",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Null pointer dereference vulnerability exits in MP4Box - GPAC version 0.8.0-rev177-g51a8ef874-master via the gf_isom_get_track_id function, which causes a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/gpac/gpac/commit/8e585e623b1d666b4ef736ed609264639cb27701",
"refsource": "MISC",
"name": "https://github.com/gpac/gpac/commit/8e585e623b1d666b4ef736ed609264639cb27701"
},
{
"refsource": "MISC",
"name": "https://github.com/gpac/gpac/issues/1406",
"url": "https://github.com/gpac/gpac/issues/1406"
}
]
}

20
2020/25xxx/CVE-2020-25697.json
View File

@ -54,20 +54,20 @@
"name": "[mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar",
"url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E"
},
{
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2020/11/09/3,",
"url": "http://www.openwall.com/lists/oss-security/2020/11/09/3,"
},
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1895295,",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1895295,"
},
{
"refsource": "MISC",
"name": "https://seclists.org/oss-sec/2020/q4/105",
"url": "https://seclists.org/oss-sec/2020/q4/105"
},
{
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2020/11/09/3",
"url": "http://www.openwall.com/lists/oss-security/2020/11/09/3"
},
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1895295",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1895295"
}
]
},

12
2020/27xxx/CVE-2020-27009.json
View File

@ -14,16 +14,6 @@
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Capital VSTAR",
"version": {
"version_data": [
{
"version_value": "Versions including affected DNS modules"
}
]
}
},
{
"product_name": "Nucleus NET",
"version": {
@ -66,7 +56,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Capital VSTAR (Versions including affected DNS modules), Nucleus NET (All versions < V5.2), Nucleus Source Code (Versions including affected DNS modules). The DNS domain name record decompression functionality does not properly validate the pointer offset values. The parsing of malformed responses could result in a write past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to execute code in the context of the current process or cause a denial-of-service condition."
"value": "A vulnerability has been identified in Nucleus NET (All versions < V5.2), Nucleus Source Code (Versions including affected DNS modules). The DNS domain name record decompression functionality does not properly validate the pointer offset values. The parsing of malformed responses could result in a write past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to execute code in the context of the current process or cause a denial-of-service condition."
}
]
},

12
2020/27xxx/CVE-2020-27736.json
View File

@ -14,16 +14,6 @@
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Capital VSTAR",
"version": {
"version_data": [
{
"version_value": "Versions including affected DNS modules"
}
]
}
},
{
"product_name": "Nucleus NET",
"version": {
@ -96,7 +86,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Capital VSTAR (Versions including affected DNS modules), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0). The DNS domain name label parsing functionality does not properly validate the null-terminated name in DNS-responses. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the read memory."
"value": "A vulnerability has been identified in Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0). The DNS domain name label parsing functionality does not properly validate the null-terminated name in DNS-responses. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the read memory."
}
]
},

12
2020/27xxx/CVE-2020-27737.json
View File

@ -14,16 +14,6 @@
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Capital VSTAR",
"version": {
"version_data": [
{
"version_value": "Versions including affected DNS modules"
}
]
}
},
{
"product_name": "Nucleus NET",
"version": {
@ -96,7 +86,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Capital VSTAR (Versions including affected DNS modules), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0). The DNS response parsing functionality does not properly validate various length and counts of the records. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the memory past the allocated structure."
"value": "A vulnerability has been identified in Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0). The DNS response parsing functionality does not properly validate various length and counts of the records. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the memory past the allocated structure."
}
]
},

12
2020/27xxx/CVE-2020-27738.json
View File

@ -14,16 +14,6 @@
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Capital VSTAR",
"version": {
"version_data": [
{
"version_value": "Versions including affected DNS modules"
}
]
}
},
{
"product_name": "Nucleus NET",
"version": {
@ -96,7 +86,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Capital VSTAR (Versions including affected DNS modules), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0). The DNS domain name record decompression functionality does not properly validate the pointer offset values. The parsing of malformed responses could result in a read access past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition."
"value": "A vulnerability has been identified in Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0). The DNS domain name record decompression functionality does not properly validate the pointer offset values. The parsing of malformed responses could result in a read access past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition."
}
]
},

56
2020/28xxx/CVE-2020-28102.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-28102",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-28102",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "cscms v4.1 allows for SQL injection via the \"js_del\" function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/chshcms/cscms/issues/9",
"refsource": "MISC",
"name": "https://github.com/chshcms/cscms/issues/9"
}
]
}

56
2020/28xxx/CVE-2020-28103.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-28103",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-28103",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "cscms v4.1 allows for SQL injection via the \"page_del\" function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/chshcms/cscms/issues/8",
"refsource": "MISC",
"name": "https://github.com/chshcms/cscms/issues/8"
}
]
}

56
2020/28xxx/CVE-2020-28679.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-28679",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-28679",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability in the showReports module of Zoho ManageEngine Applications Manager before build 14550 allows authenticated attackers to execute a SQL injection via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.manageengine.com/products/applications_manager/issues.html#v14550",
"refsource": "MISC",
"name": "https://www.manageengine.com/products/applications_manager/issues.html#v14550"
}
]
}

5
2020/9xxx/CVE-2020-9057.json
View File

@ -133,6 +133,11 @@
"name": "https://doi.org/10.1109/ACCESS.2021.3138768",
"refsource": "MISC",
"url": "https://doi.org/10.1109/ACCESS.2021.3138768"
},
{
"refsource": "CERT-VN",
"name": "VU#142629",
"url": "https://www.kb.cert.org/vuls/id/142629"
}
]
},

5
2020/9xxx/CVE-2020-9058.json
View File

@ -136,6 +136,11 @@
"name": "https://doi.org/10.1109/ACCESS.2021.3138768",
"refsource": "MISC",
"url": "https://doi.org/10.1109/ACCESS.2021.3138768"
},
{
"refsource": "CERT-VN",
"name": "VU#142629",
"url": "https://www.kb.cert.org/vuls/id/142629"
}
]
},

5
2020/9xxx/CVE-2020-9059.json
View File

@ -100,6 +100,11 @@
"name": "https://doi.org/10.1109/ACCESS.2021.3138768",
"refsource": "MISC",
"url": "https://doi.org/10.1109/ACCESS.2021.3138768"
},
{
"refsource": "CERT-VN",
"name": "VU#142629",
"url": "https://www.kb.cert.org/vuls/id/142629"
}
]
},

5
2020/9xxx/CVE-2020-9060.json
View File

@ -166,6 +166,11 @@
"name": "https://doi.org/10.1109/ACCESS.2021.3138768",
"refsource": "MISC",
"url": "https://doi.org/10.1109/ACCESS.2021.3138768"
},
{
"refsource": "CERT-VN",
"name": "VU#142629",
"url": "https://www.kb.cert.org/vuls/id/142629"
}
]
},

5
2020/9xxx/CVE-2020-9061.json
View File

@ -158,6 +158,11 @@
"name": "https://doi.org/10.1109/ACCESS.2021.3138768",
"refsource": "MISC",
"url": "https://doi.org/10.1109/ACCESS.2021.3138768"
},
{
"refsource": "CERT-VN",
"name": "VU#142629",
"url": "https://www.kb.cert.org/vuls/id/142629"
}
]
},

95
2021/21xxx/CVE-2021-21408.json
View File

@ -1,18 +1,101 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-21408",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Access to restricted PHP code by dynamic static class access in smarty"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "smarty",
"version": {
"version_data": [
{
"version_value": "< 3.1.43"
},
{
"version_value": ">= 4.0.0, < 4.0.3"
}
]
}
}
]
},
"vendor_name": "smarty-php"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versions 3.1.43 and 4.0.3, template authors could run restricted static php methods. Users should upgrade to version 3.1.43 or 4.0.3 to receive a patch."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/smarty-php/smarty/security/advisories/GHSA-4h9c-v5vg-5m6m",
"refsource": "CONFIRM",
"url": "https://github.com/smarty-php/smarty/security/advisories/GHSA-4h9c-v5vg-5m6m"
},
{
"name": "https://github.com/smarty-php/smarty/commit/19ae410bf56007a5ef24441cdc6414619cfaf664",
"refsource": "MISC",
"url": "https://github.com/smarty-php/smarty/commit/19ae410bf56007a5ef24441cdc6414619cfaf664"
},
{
"name": "https://github.com/smarty-php/smarty/releases/tag/v3.1.43",
"refsource": "MISC",
"url": "https://github.com/smarty-php/smarty/releases/tag/v3.1.43"
},
{
"name": "https://github.com/smarty-php/smarty/releases/tag/v4.0.3",
"refsource": "MISC",
"url": "https://github.com/smarty-php/smarty/releases/tag/v4.0.3"
}
]
},
"source": {
"advisory": "GHSA-4h9c-v5vg-5m6m",
"discovery": "UNKNOWN"
}
}

50
2021/22xxx/CVE-2021-22060.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-22060",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@vmware.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Spring Framework",
"version": {
"version_data": [
{
"version_value": "Spring Framework 5.3.0 - 5.3.13, 5.2.0 - 5.2.18, and older unsupported versions"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Malicious input to cause the insertion of additional log entries."
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://tanzu.vmware.com/security/cve-2021-22060",
"url": "https://tanzu.vmware.com/security/cve-2021-22060"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In Spring Framework versions 5.3.0 - 5.3.13, 5.2.0 - 5.2.18, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries. This is a follow-up to CVE-2021-22096 that protects against additional types of input and in more places of the Spring Framework codebase."
}
]
}

94
2021/23xxx/CVE-2021-23154.json Normal file
View File

@ -0,0 +1,94 @@
{
"CVE_data_meta": {
"ASSIGNER": "psirt@mirantis.com",
"ID": "CVE-2021-23154",
"STATE": "PUBLIC",
"TITLE": "Command injection in Lens causes arbitrary shell command execution when malicious custom helm chart configuration provided"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Lens",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "5.3",
"version_value": "5.3.3"
}
]
}
}
]
},
"vendor_name": "Mirantis"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Eren Karahasan (locomoco.dev@gmail.com)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Lens prior to 5.3.4, custom helm chart configuration creates helm commands from string concatenation of provided arguments which are then executed in the user's shell. Arguments can be provided which cause arbitrary shell commands to run on the system."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-94 Improper Control of Generation of Code ('Code Injection')"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://github.com/Mirantis/security/blob/main/advisories/0003.md",
"name": "https://github.com/Mirantis/security/blob/main/advisories/0003.md"
}
]
},
"source": {
"advisory": "0003",
"discovery": "UNKNOWN"
}
}

96
2021/23xxx/CVE-2021-23173.json
View File

@ -1,18 +1,102 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2022-01-06T23:05:00.000Z",
"ID": "CVE-2021-23173",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "ICSMA-22-006-01 Philips Engage Software"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Engage Software",
"version": {
"version_data": [
{
"platform": "NA",
"version_affected": "<",
"version_name": "all",
"version_value": "6.2.1"
}
]
}
}
]
},
"vendor_name": "Philips"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Parnassia and S-Unit reported this vulnerability to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The affected product is vulnerable to an improper access control, which may allow an authenticated user to gain unauthorized access to sensitive data."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284 Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsma-22-006-01",
"name": "https://www.cisa.gov/uscert/ics/advisories/icsma-22-006-01"
}
]
},
"solution": [
{
"lang": "eng",
"value": "Philips released and deployed updated Version 6.2.2 in September of 2021, which mitigated this vulnerability. Engage is a hosted application and users don\u2019t need to take any action."
}
],
"source": {
"advisory": "ICSMA-22-006-01",
"discovery": "UNKNOWN"
}
}

94
2021/23xxx/CVE-2021-23218.json Normal file
View File

@ -0,0 +1,94 @@
{
"CVE_data_meta": {
"ASSIGNER": "psirt@mirantis.com",
"ID": "CVE-2021-23218",
"STATE": "PUBLIC",
"TITLE": "Memory Leak in Mirantis Container Runtime (MCR) running in FIPS mode causes a Denial of Service"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Mirantis Container Runtime",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "20.10",
"version_value": "20.10.8"
}
]
}
}
]
},
"vendor_name": "Mirantis"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "When running with FIPS mode enabled, Mirantis Container Runtime 20.10.8 leaks memory during TLS Handshakes which could be abused to cause a denial of service."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-401 Improper Release of Memory Before Removing Last Reference"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://github.com/Mirantis/security/blob/main/advisories/0002.md",
"name": "https://github.com/Mirantis/security/blob/main/advisories/0002.md"
}
]
},
"source": {
"advisory": "0002",
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "eng",
"value": "Disable FIPS mode"
}
]
}

86
2021/23xxx/CVE-2021-23543.json
View File

@ -3,16 +3,94 @@
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "report@snyk.io",
"DATE_PUBLIC": "2022-01-07T20:00:07.913941Z",
"ID": "CVE-2021-23543",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Sandbox Bypass"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "realms-shim",
"version": {
"version_data": [
{
"version_affected": ">=",
"version_value": "0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Sandbox Bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://www.npmjs.com/package/realms-shim",
"name": "https://www.npmjs.com/package/realms-shim"
},
{
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JS-REALMSSHIM-2309908",
"name": "https://snyk.io/vuln/SNYK-JS-REALMSSHIM-2309908"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "All versions of package realms-shim are vulnerable to Sandbox Bypass via a Prototype Pollution attack vector."
}
]
}
},
"impact": {
"cvss": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
}
},
"credit": [
{
"lang": "eng",
"value": "Cristian-Alexandru Staicu"
},
{
"lang": "eng",
"value": "Abdullah Alhamdan"
}
]
}

92
2021/23xxx/CVE-2021-23568.json
View File

@ -3,16 +3,100 @@
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "report@snyk.io",
"DATE_PUBLIC": "2022-01-07T20:00:12.624176Z",
"ID": "CVE-2021-23568",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Prototype Pollution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "extend2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "1.0.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Prototype Pollution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JS-EXTEND2-2320315",
"name": "https://snyk.io/vuln/SNYK-JS-EXTEND2-2320315"
},
{
"refsource": "MISC",
"url": "https://github.com/eggjs/extend2/blob/master/index.js%23L50-L60",
"name": "https://github.com/eggjs/extend2/blob/master/index.js%23L50-L60"
},
{
"refsource": "MISC",
"url": "https://github.com/eggjs/extend2/commit/aa332a59116c8398976434b57ea477c6823054f8",
"name": "https://github.com/eggjs/extend2/commit/aa332a59116c8398976434b57ea477c6823054f8"
},
{
"refsource": "MISC",
"url": "https://github.com/eggjs/extend2/pull/2",
"name": "https://github.com/eggjs/extend2/pull/2"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The package extend2 before 1.0.1 are vulnerable to Prototype Pollution via the extend function due to unsafe recursive merge."
}
]
}
},
"impact": {
"cvss": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
}
},
"credit": [
{
"lang": "eng",
"value": "Bob \"Wombat\" Hogg"
}
]
}

86
2021/23xxx/CVE-2021-23594.json
View File

@ -3,16 +3,94 @@
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "report@snyk.io",
"DATE_PUBLIC": "2022-01-07T20:00:01.989761Z",
"ID": "CVE-2021-23594",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Sandbox Bypass"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "realms-shim",
"version": {
"version_data": [
{
"version_affected": ">=",
"version_value": "0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Sandbox Bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JS-REALMSSHIM-2309907",
"name": "https://snyk.io/vuln/SNYK-JS-REALMSSHIM-2309907"
},
{
"refsource": "MISC",
"url": "https://www.npmjs.com/package/realms-shim",
"name": "https://www.npmjs.com/package/realms-shim"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "All versions of package realms-shim are vulnerable to Sandbox Bypass via a Prototype Pollution attack vector."
}
]
}
},
"impact": {
"cvss": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
}
},
"credit": [
{
"lang": "eng",
"value": "Cristian-Alexandru Staicu"
},
{
"lang": "eng",
"value": "Abdullah Alhamdan"
}
]
}

10
2021/24xxx/CVE-2021-24848.json
View File

@ -3,7 +3,7 @@
"ID": "CVE-2021-24848",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Mediamatic <= 2.7 - Subscriber+ SQL Injection"
"TITLE": "Mediamatic < 2.8.1 - Subscriber+ SQL Injection"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -21,9 +21,9 @@
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.7",
"version_value": "2.7"
"version_affected": "<",
"version_name": "2.8.1",
"version_value": "2.8.1"
}
]
}
@ -38,7 +38,7 @@
"description_data": [
{
"lang": "eng",
"value": "The mediamaticAjaxRenameCategory AJAX action of the Mediamatic WordPress plugin through 2.7, available to any authenticated user, does not sanitise the categoryID parameter before using it in a SQL statement, leading to an SQL injection"
"value": "The mediamaticAjaxRenameCategory AJAX action of the Mediamatic WordPress plugin before 2.8.1, available to any authenticated user, does not sanitise the categoryID parameter before using it in a SQL statement, leading to an SQL injection"
}
]
},

87
2021/24xxx/CVE-2021-24862.json
View File

@ -1,18 +1,75 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24862",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-24862",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "RegistrationMagic < 5.0.1.6 - Admin+ SQL Injection"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "RegistrationMagic Custom Registration Forms, User Registration and User Login Plugin",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "5.0.1.6",
"version_value": "5.0.1.6"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The RegistrationMagic WordPress plugin before 5.0.1.6 does not escape user input in its rm_chronos_ajax AJAX action before using it in a SQL statement when duplicating tasks in batches, which could lead to a SQL injection issue"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/7d3af3b5-5548-419d-aa32-1f7b51622615",
"name": "https://wpscan.com/vulnerability/7d3af3b5-5548-419d-aa32-1f7b51622615"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-89 SQL Injection",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "JrXnm"
}
],
"source": {
"discovery": "EXTERNAL"
}
}

97
2021/24xxx/CVE-2021-24948.json
View File

@ -1,18 +1,85 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24948",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-24948",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "The Plus Addons for Elementor Pro < 5.0.7 - Sensitive Data Disclosure"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "The Plus Addons for Elementor - Pro",
"version": {
"version_data": [
{
"version_affected": ">=",
"version_name": "5.0.4",
"version_value": "5.0.4"
},
{
"version_affected": "<",
"version_name": "5.0.7",
"version_value": "5.0.7"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Plus Addons for Elementor - Pro WordPress plugin before 5.0.7 does not validate the qvquery parameter of the tp_get_dl_post_info_ajax AJAX action, which could allow unauthenticated users to retrieve sensitive information, such as private and draft posts"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/2b67005a-476e-4772-b15c-3191911a50b0",
"name": "https://wpscan.com/vulnerability/2b67005a-476e-4772-b15c-3191911a50b0"
},
{
"refsource": "MISC",
"url": "https://roadmap.theplusaddons.com/updates",
"name": "https://roadmap.theplusaddons.com/updates"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-200 Information Exposure",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Nicolas Vidal from TEHTRIS"
}
],
"source": {
"discovery": "EXTERNAL"
}
}

79
2021/24xxx/CVE-2021-24949.json
View File

@ -1,18 +1,85 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-24949",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "The Plus Addons for Elementor Pro < 5.0.7 - Unauthenticated SQL Injection"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "The Plus Addons for Elementor - Pro",
"version": {
"version_data": [
{
"version_affected": ">=",
"version_name": "5.0.4",
"version_value": "5.0.4"
},
{
"version_affected": "<",
"version_name": "5.0.7",
"version_value": "5.0.7"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The \"WP Search Filters\" widget of The Plus Addons for Elementor - Pro WordPress plugin before 5.0.7 does not sanitise and escape the option parameter before using it in a SQL statement, which could lead to SQL injection"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://roadmap.theplusaddons.com/updates",
"name": "https://roadmap.theplusaddons.com/updates"
},
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/9d7f8ba8-a5d5-4ec3-a48f-5cd4b115e8d5",
"name": "https://wpscan.com/vulnerability/9d7f8ba8-a5d5-4ec3-a48f-5cd4b115e8d5"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-89 SQL Injection",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Nicolas Vidal from TEHTRIS"
}
],
"source": {
"discovery": "EXTERNAL"
}
}

116
2021/25xxx/CVE-2021-25032.json
View File

@ -1,18 +1,102 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-25032",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-25032",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "PublishPress Capabilities < 2.3.1 - Unauthenticated Arbitrary Options Update to Blog Compromise"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "PublishPress Capabilities User Role Access, Editor Permissions, Admin Menus",
"version": {
"version_data": [
{
"version_affected": ">=",
"version_name": "2.0",
"version_value": "2.0"
},
{
"version_affected": "<",
"version_name": "2.3.1",
"version_value": "2.3.1"
}
]
}
},
{
"product_name": "PublishPress Capabilities Pro",
"version": {
"version_data": [
{
"version_affected": ">=",
"version_name": "2.0",
"version_value": "2.0"
},
{
"version_affected": "<",
"version_name": "2.3.1",
"version_value": "2.3.1"
}
]
}
}
]
}
}
]
}
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The PublishPress Capabilities WordPress plugin before 2.3.1, PublishPress Capabilities Pro WordPress plugin before 2.3.1 does not have authorisation and CSRF checks when updating the plugin's settings via the init hook, and does not ensure that the options to be updated belong to the plugin. As a result, unauthenticated attackers could update arbitrary blog options, such as the default role and make any new registered user with an administrator role."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/2f0f1a32-0c7a-48e6-8617-e0b2dcf62727",
"name": "https://wpscan.com/vulnerability/2f0f1a32-0c7a-48e6-8617-e0b2dcf62727"
},
{
"refsource": "CONFIRM",
"url": "https://plugins.trac.wordpress.org/changeset/2640161",
"name": "https://plugins.trac.wordpress.org/changeset/2640161"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-862 Missing Authorization",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Krzysztof Zając"
}
],
"source": {
"discovery": "EXTERNAL"
}
}

92
2021/25xxx/CVE-2021-25043.json
View File

@ -1,18 +1,80 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-25043",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-25043",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "WOOCS < 1.3.7.3 - Reflected Cross-Site Scripting"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "WOOCS Currency Switcher for WooCommerce. Professional and Free multi currency plugin Pay in selected currency",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.3.7.3",
"version_value": "1.3.7.3"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WOOCS WordPress plugin before 1.3.7.3 does not sanitise and escape the custom_prices parameter before outputting it back in the response, leading to a Reflected Cross-Site Scripting issue"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/8601bd21-becf-4809-8c11-d053d1121eae",
"name": "https://wpscan.com/vulnerability/8601bd21-becf-4809-8c11-d053d1121eae"
},
{
"refsource": "CONFIRM",
"url": "https://plugins.trac.wordpress.org/changeset/2640621/woocommerce-currency-switcher",
"name": "https://plugins.trac.wordpress.org/changeset/2640621/woocommerce-currency-switcher"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Krzysztof Zając"
}
],
"source": {
"discovery": "EXTERNAL"
}
}

89
2021/25xxx/CVE-2021-25047.json
View File

@ -1,18 +1,75 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-25047",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-25047",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "10Web Social Photo Feed < 1.4.29 - Reflected Cross-Site Scripting (XSS)"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "10Web Social Photo Feed",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.4.29",
"version_value": "1.4.29"
}
]
}
}
]
}
}
]
}
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The 10Web Social Photo Feed WordPress plugin before 1.4.29 was affected by a reflected Cross-Site Scripting (XSS) vulnerability in the wdi_apply_changes admin page, allowing an attacker to perform such attack against any logged in users"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/d33241cc-17b6-491a-b836-dd9368652316",
"name": "https://wpscan.com/vulnerability/d33241cc-17b6-491a-b836-dd9368652316"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Krzysztof Zając"
}
],
"source": {
"discovery": "EXTERNAL"
}
}

94
2021/25xxx/CVE-2021-25051.json
View File

@ -1,18 +1,80 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-25051",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-25051",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Modal Window < 5.2.2 - RFI leading to RCE via CSRF"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Modal Window create popup modal window",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "5.2.2",
"version_value": "5.2.2"
}
]
}
}
]
}
}
]
}
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Modal Window WordPress plugin before 5.2.2 within the wow-company admin menu page allows to include() arbitrary file with PHP extension (as well as with data:// or http:// protocols), thus leading to CSRF RCE."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/566ff8dc-f820-412b-b2d3-fa789bce528e",
"name": "https://wpscan.com/vulnerability/566ff8dc-f820-412b-b2d3-fa789bce528e"
},
{
"refsource": "CONFIRM",
"url": "https://plugins.trac.wordpress.org/changeset/2641645/modal-window",
"name": "https://plugins.trac.wordpress.org/changeset/2641645/modal-window"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Krzysztof Zając"
}
],
"source": {
"discovery": "EXTERNAL"
}
}

94
2021/25xxx/CVE-2021-25052.json
View File

@ -1,18 +1,80 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-25052",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-25052",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Button Generator < 2.3.3 - RFI leading to RCE via CSRF"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Button Generator easily Button Builder",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.3.3",
"version_value": "2.3.3"
}
]
}
}
]
}
}
]
}
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Button Generator WordPress plugin before 2.3.3 within the wow-company admin menu page allows to include() arbitrary file with PHP extension (as well as with data:// or http:// protocols), thus leading to CSRF RCE."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/a01844a0-0c43-4d96-b738-57fe5bfbd67a",
"name": "https://wpscan.com/vulnerability/a01844a0-0c43-4d96-b738-57fe5bfbd67a"
},
{
"refsource": "CONFIRM",
"url": "https://plugins.trac.wordpress.org/changeset/2641639/button-generation",
"name": "https://plugins.trac.wordpress.org/changeset/2641639/button-generation"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Krzysztof Zając"
}
],
"source": {
"discovery": "EXTERNAL"
}
}

94
2021/25xxx/CVE-2021-25053.json
View File

@ -1,18 +1,80 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-25053",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-25053",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "WP Coder < 2.5.2 - RFI leading to RCE via CSRF"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "WP Coder add custom html, css and js code",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.5.2",
"version_value": "2.5.2"
}
]
}
}
]
}
}
]
}
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WP Coder WordPress plugin before 2.5.2 within the wow-company admin menu page allows to include() arbitrary file with PHP extension (as well as with data:// or http:// protocols), thus leading to CSRF RCE."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/a5448599-64de-43b0-b04d-c6492366eab1",
"name": "https://wpscan.com/vulnerability/a5448599-64de-43b0-b04d-c6492366eab1"
},
{
"refsource": "CONFIRM",
"url": "https://plugins.trac.wordpress.org/changeset/2641650/wp-coder",
"name": "https://plugins.trac.wordpress.org/changeset/2641650/wp-coder"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Krzysztof Zając"
}
],
"source": {
"discovery": "EXTERNAL"
}
}

87
2021/25xxx/CVE-2021-25054.json
View File

@ -1,18 +1,75 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-25054",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-25054",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "WPcalc <= 2.1 - Authenticated SQL Injection"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "WPcalc create any online calculators",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.1",
"version_value": "2.1"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WPcalc WordPress plugin through 2.1 does not sanitize user input into the 'did' parameter and uses it in a SQL statement, leading to an authenticated SQL Injection vulnerability."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/200969eb-e2a4-4200-82d7-0c313de089af",
"name": "https://wpscan.com/vulnerability/200969eb-e2a4-4200-82d7-0c313de089af"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-89 SQL Injection",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "0xdecafbad"
}
],
"source": {
"discovery": "EXTERNAL"
}
}

12
2021/25xxx/CVE-2021-25677.json
View File

@ -14,16 +14,6 @@
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Capital VSTAR",
"version": {
"version_data": [
{
"version_value": "Versions including affected DNS modules"
}
]
}
},
{
"product_name": "Nucleus NET",
"version": {
@ -106,7 +96,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Capital VSTAR (Versions including affected DNS modules), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0). The DNS client does not properly randomize DNS transaction IDs. That could allow an attacker to poison the DNS cache or spoof DNS resolving."
"value": "A vulnerability has been identified in Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0). The DNS client does not properly randomize DNS transaction IDs. That could allow an attacker to poison the DNS cache or spoof DNS resolving."
}
]
},

12
2021/27xxx/CVE-2021-27393.json
View File

@ -14,16 +14,6 @@
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Capital VSTAR",
"version": {
"version_data": [
{
"version_value": "Versions including affected DNS modules"
}
]
}
},
{
"product_name": "Nucleus NET",
"version": {
@ -76,7 +66,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Capital VSTAR (Versions including affected DNS modules), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2013.08), Nucleus Source Code (Versions including affected DNS modules). The DNS client does not properly randomize UDP port numbers of DNS requests. That could allow an attacker to poison the DNS cache or spoof DNS resolving."
"value": "A vulnerability has been identified in Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2013.08), Nucleus Source Code (Versions including affected DNS modules). The DNS client does not properly randomize UDP port numbers of DNS requests. That could allow an attacker to poison the DNS cache or spoof DNS resolving."
}
]
},

105
2021/29xxx/CVE-2021-29454.json
View File

@ -1,18 +1,111 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-29454",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Sandbox Escape by math function in smarty"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "smarty",
"version": {
"version_data": [
{
"version_value": "< 3.1.42"
},
{
"version_value": ">= 4.0.0, < 4.0.2"
}
]
}
}
]
},
"vendor_name": "smarty-php"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versions 3.1.42 and 4.0.2, template authors could run arbitrary PHP code by crafting a malicious math string. If a math string was passed through as user provided data to the math function, external users could run arbitrary PHP code by crafting a malicious math string. Users should upgrade to version 3.1.42 or 4.0.2 to receive a patch."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/smarty-php/smarty/security/advisories/GHSA-29gp-2c3m-3j6m",
"refsource": "CONFIRM",
"url": "https://github.com/smarty-php/smarty/security/advisories/GHSA-29gp-2c3m-3j6m"
},
{
"name": "https://github.com/smarty-php/smarty/commit/215d81a9fa3cd63d82fb3ab56ecaf97cf1e7db71",
"refsource": "MISC",
"url": "https://github.com/smarty-php/smarty/commit/215d81a9fa3cd63d82fb3ab56ecaf97cf1e7db71"
},
{
"name": "https://github.com/smarty-php/smarty/releases/tag/v3.1.42",
"refsource": "MISC",
"url": "https://github.com/smarty-php/smarty/releases/tag/v3.1.42"
},
{
"name": "https://github.com/smarty-php/smarty/releases/tag/v4.0.2",
"refsource": "MISC",
"url": "https://github.com/smarty-php/smarty/releases/tag/v4.0.2"
},
{
"name": "https://packagist.org/packages/smarty/smarty",
"refsource": "MISC",
"url": "https://packagist.org/packages/smarty/smarty"
},
{
"name": "https://www.smarty.net/docs/en/language.function.math.tpl",
"refsource": "MISC",
"url": "https://www.smarty.net/docs/en/language.function.math.tpl"
}
]
},
"source": {
"advisory": "GHSA-29gp-2c3m-3j6m",
"discovery": "UNKNOWN"
}
}

55
2021/30xxx/CVE-2021-30360.json
View File

@ -4,14 +4,63 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-30360",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@checkpoint.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Check Point Remote Access Client",
"version": {
"version_data": [
{
"version_value": "before E86.20"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-427: Uncontrolled Search Path Element"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://supportcontent.checkpoint.com/solutions?id=sk176853",
"url": "https://supportcontent.checkpoint.com/solutions?id=sk176853"
},
{
"refsource": "MISC",
"name": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0001/MNDT-2022-0001.md",
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0001/MNDT-2022-0001.md"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Users have access to the directory where the installation repair occurs. Since the MS Installer allows regular users to run the repair, an attacker can initiate the installation repair and place a specially crafted EXE in the repair folder which runs with the Check Point Remote Access Client privileges."
}
]
}

17
2021/31xxx/CVE-2021-31344.json
View File

@ -274,6 +274,16 @@
]
}
},
{
"product_name": "PLUSCONTROL 1st Gen",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "TALON TC Compact (BACnet)",
"version": {
@ -316,7 +326,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions), APOGEE PXC Compact (P2 Ethernet) (All versions), APOGEE PXC Modular (BACnet) (All versions), APOGEE PXC Modular (P2 Ethernet) (All versions), Capital VSTAR (All versions with enabled Ethernet options), Desigo PXC00-E.D (All versions >= V2.3), Desigo PXC00-U (All versions >= V2.3), Desigo PXC001-E.D (All versions >= V2.3), Desigo PXC100-E.D (All versions >= V2.3), Desigo PXC12-E.D (All versions >= V2.3), Desigo PXC128-U (All versions >= V2.3), Desigo PXC200-E.D (All versions >= V2.3), Desigo PXC22-E.D (All versions >= V2.3), Desigo PXC22.1-E.D (All versions >= V2.3), Desigo PXC36.1-E.D (All versions >= V2.3), Desigo PXC50-E.D (All versions >= V2.3), Desigo PXC64-U (All versions >= V2.3), Desigo PXM20-E (All versions >= V2.3), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.1), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions), TALON TC Modular (BACnet) (All versions). ICMP echo packets with fake IP options allow sending ICMP echo reply messages to arbitrary hosts on the network. (FSMD-2021-0004)"
"value": "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions), APOGEE PXC Compact (P2 Ethernet) (All versions), APOGEE PXC Modular (BACnet) (All versions), APOGEE PXC Modular (P2 Ethernet) (All versions), Capital VSTAR (All versions with enabled Ethernet options), Desigo PXC00-E.D (All versions >= V2.3), Desigo PXC00-U (All versions >= V2.3), Desigo PXC001-E.D (All versions >= V2.3), Desigo PXC100-E.D (All versions >= V2.3), Desigo PXC12-E.D (All versions >= V2.3), Desigo PXC128-U (All versions >= V2.3), Desigo PXC200-E.D (All versions >= V2.3), Desigo PXC22-E.D (All versions >= V2.3), Desigo PXC22.1-E.D (All versions >= V2.3), Desigo PXC36.1-E.D (All versions >= V2.3), Desigo PXC50-E.D (All versions >= V2.3), Desigo PXC64-U (All versions >= V2.3), Desigo PXM20-E (All versions >= V2.3), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.1), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions), TALON TC Modular (BACnet) (All versions). ICMP echo packets with fake IP options allow sending ICMP echo reply messages to arbitrary hosts on the network. (FSMD-2021-0004)"
}
]
},
@ -336,6 +346,11 @@
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf"
},
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf"
}
]
}

17
2021/31xxx/CVE-2021-31345.json
View File

@ -264,6 +264,16 @@
]
}
},
{
"product_name": "PLUSCONTROL 1st Gen",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "TALON TC Compact (BACnet)",
"version": {
@ -306,7 +316,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions), APOGEE PXC Compact (P2 Ethernet) (All versions), APOGEE PXC Modular (BACnet) (All versions), APOGEE PXC Modular (P2 Ethernet) (All versions), Capital VSTAR (All versions with enabled Ethernet options), Desigo PXC00-E.D (All versions >= V2.3), Desigo PXC00-U (All versions >= V2.3), Desigo PXC001-E.D (All versions >= V2.3), Desigo PXC100-E.D (All versions >= V2.3), Desigo PXC12-E.D (All versions >= V2.3), Desigo PXC128-U (All versions >= V2.3), Desigo PXC200-E.D (All versions >= V2.3), Desigo PXC22-E.D (All versions >= V2.3), Desigo PXC22.1-E.D (All versions >= V2.3), Desigo PXC36.1-E.D (All versions >= V2.3), Desigo PXC50-E.D (All versions >= V2.3), Desigo PXC64-U (All versions >= V2.3), Desigo PXM20-E (All versions >= V2.3), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions), TALON TC Modular (BACnet) (All versions). The total length of an UDP payload (set in the IP header) is unchecked. This may lead to various side effects, including Information Leak and Denial-of-Service conditions, depending on a user-defined applications that runs on top of the UDP protocol. (FSMD-2021-0006)"
"value": "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions), APOGEE PXC Compact (P2 Ethernet) (All versions), APOGEE PXC Modular (BACnet) (All versions), APOGEE PXC Modular (P2 Ethernet) (All versions), Capital VSTAR (All versions with enabled Ethernet options), Desigo PXC00-E.D (All versions >= V2.3), Desigo PXC00-U (All versions >= V2.3), Desigo PXC001-E.D (All versions >= V2.3), Desigo PXC100-E.D (All versions >= V2.3), Desigo PXC12-E.D (All versions >= V2.3), Desigo PXC128-U (All versions >= V2.3), Desigo PXC200-E.D (All versions >= V2.3), Desigo PXC22-E.D (All versions >= V2.3), Desigo PXC22.1-E.D (All versions >= V2.3), Desigo PXC36.1-E.D (All versions >= V2.3), Desigo PXC50-E.D (All versions >= V2.3), Desigo PXC64-U (All versions >= V2.3), Desigo PXM20-E (All versions >= V2.3), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions), TALON TC Modular (BACnet) (All versions). The total length of an UDP payload (set in the IP header) is unchecked. This may lead to various side effects, including Information Leak and Denial-of-Service conditions, depending on a user-defined applications that runs on top of the UDP protocol. (FSMD-2021-0006)"
}
]
},
@ -326,6 +336,11 @@
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf"
},
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf"
}
]
}

17
2021/31xxx/CVE-2021-31346.json
View File

@ -274,6 +274,16 @@
]
}
},
{
"product_name": "PLUSCONTROL 1st Gen",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "TALON TC Compact (BACnet)",
"version": {
@ -316,7 +326,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions), APOGEE PXC Compact (P2 Ethernet) (All versions), APOGEE PXC Modular (BACnet) (All versions), APOGEE PXC Modular (P2 Ethernet) (All versions), Capital VSTAR (All versions with enabled Ethernet options), Desigo PXC00-E.D (All versions >= V2.3), Desigo PXC00-U (All versions >= V2.3), Desigo PXC001-E.D (All versions >= V2.3), Desigo PXC100-E.D (All versions >= V2.3), Desigo PXC12-E.D (All versions >= V2.3), Desigo PXC128-U (All versions >= V2.3), Desigo PXC200-E.D (All versions >= V2.3), Desigo PXC22-E.D (All versions >= V2.3), Desigo PXC22.1-E.D (All versions >= V2.3), Desigo PXC36.1-E.D (All versions >= V2.3), Desigo PXC50-E.D (All versions >= V2.3), Desigo PXC64-U (All versions >= V2.3), Desigo PXM20-E (All versions >= V2.3), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.1), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions), TALON TC Modular (BACnet) (All versions). The total length of an ICMP payload (set in the IP header) is unchecked. This may lead to various side effects, including Information Leak and Denial-of-Service conditions, depending on the network buffer organization in memory. (FSMD-2021-0007)"
"value": "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions), APOGEE PXC Compact (P2 Ethernet) (All versions), APOGEE PXC Modular (BACnet) (All versions), APOGEE PXC Modular (P2 Ethernet) (All versions), Capital VSTAR (All versions with enabled Ethernet options), Desigo PXC00-E.D (All versions >= V2.3), Desigo PXC00-U (All versions >= V2.3), Desigo PXC001-E.D (All versions >= V2.3), Desigo PXC100-E.D (All versions >= V2.3), Desigo PXC12-E.D (All versions >= V2.3), Desigo PXC128-U (All versions >= V2.3), Desigo PXC200-E.D (All versions >= V2.3), Desigo PXC22-E.D (All versions >= V2.3), Desigo PXC22.1-E.D (All versions >= V2.3), Desigo PXC36.1-E.D (All versions >= V2.3), Desigo PXC50-E.D (All versions >= V2.3), Desigo PXC64-U (All versions >= V2.3), Desigo PXM20-E (All versions >= V2.3), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.1), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions), TALON TC Modular (BACnet) (All versions). The total length of an ICMP payload (set in the IP header) is unchecked. This may lead to various side effects, including Information Leak and Denial-of-Service conditions, depending on the network buffer organization in memory. (FSMD-2021-0007)"
}
]
},
@ -336,6 +346,11 @@
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf"
},
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf"
}
]
}

17
2021/31xxx/CVE-2021-31885.json
View File

@ -264,6 +264,16 @@
]
}
},
{
"product_name": "PLUSCONTROL 1st Gen",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "TALON TC Compact (BACnet)",
"version": {
@ -306,7 +316,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions), APOGEE PXC Compact (P2 Ethernet) (All versions), APOGEE PXC Modular (BACnet) (All versions), APOGEE PXC Modular (P2 Ethernet) (All versions), Desigo PXC00-E.D (All versions >= V2.3), Desigo PXC00-U (All versions >= V2.3), Desigo PXC001-E.D (All versions >= V2.3), Desigo PXC100-E.D (All versions >= V2.3), Desigo PXC12-E.D (All versions >= V2.3), Desigo PXC128-U (All versions >= V2.3), Desigo PXC200-E.D (All versions >= V2.3), Desigo PXC22-E.D (All versions >= V2.3), Desigo PXC22.1-E.D (All versions >= V2.3), Desigo PXC36.1-E.D (All versions >= V2.3), Desigo PXC50-E.D (All versions >= V2.3), Desigo PXC64-U (All versions >= V2.3), Desigo PXM20-E (All versions >= V2.3), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.1), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions), TALON TC Modular (BACnet) (All versions). TFTP server application allows for reading the contents of the TFTP memory buffer via sending malformed TFTP commands. (FSMD-2021-0009)"
"value": "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions), APOGEE PXC Compact (P2 Ethernet) (All versions), APOGEE PXC Modular (BACnet) (All versions), APOGEE PXC Modular (P2 Ethernet) (All versions), Desigo PXC00-E.D (All versions >= V2.3), Desigo PXC00-U (All versions >= V2.3), Desigo PXC001-E.D (All versions >= V2.3), Desigo PXC100-E.D (All versions >= V2.3), Desigo PXC12-E.D (All versions >= V2.3), Desigo PXC128-U (All versions >= V2.3), Desigo PXC200-E.D (All versions >= V2.3), Desigo PXC22-E.D (All versions >= V2.3), Desigo PXC22.1-E.D (All versions >= V2.3), Desigo PXC36.1-E.D (All versions >= V2.3), Desigo PXC50-E.D (All versions >= V2.3), Desigo PXC64-U (All versions >= V2.3), Desigo PXM20-E (All versions >= V2.3), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.1), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions), TALON TC Modular (BACnet) (All versions). TFTP server application allows for reading the contents of the TFTP memory buffer via sending malformed TFTP commands. (FSMD-2021-0009)"
}
]
},
@ -321,6 +331,11 @@
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf"
},
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf"
}
]
}

17
2021/31xxx/CVE-2021-31889.json
View File

@ -264,6 +264,16 @@
]
}
},
{
"product_name": "PLUSCONTROL 1st Gen",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "TALON TC Compact (BACnet)",
"version": {
@ -306,7 +316,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions), APOGEE PXC Compact (P2 Ethernet) (All versions), APOGEE PXC Modular (BACnet) (All versions), APOGEE PXC Modular (P2 Ethernet) (All versions), Capital VSTAR (All versions with enabled Ethernet options), Desigo PXC00-E.D (All versions >= V2.3), Desigo PXC00-U (All versions >= V2.3), Desigo PXC001-E.D (All versions >= V2.3), Desigo PXC100-E.D (All versions >= V2.3), Desigo PXC12-E.D (All versions >= V2.3), Desigo PXC128-U (All versions >= V2.3), Desigo PXC200-E.D (All versions >= V2.3), Desigo PXC22-E.D (All versions >= V2.3), Desigo PXC22.1-E.D (All versions >= V2.3), Desigo PXC36.1-E.D (All versions >= V2.3), Desigo PXC50-E.D (All versions >= V2.3), Desigo PXC64-U (All versions >= V2.3), Desigo PXM20-E (All versions >= V2.3), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions), TALON TC Modular (BACnet) (All versions). Malformed TCP packets with a corrupted SACK option leads to Information Leaks and Denial-of-Service conditions. (FSMD-2021-0015)"
"value": "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions), APOGEE PXC Compact (P2 Ethernet) (All versions), APOGEE PXC Modular (BACnet) (All versions), APOGEE PXC Modular (P2 Ethernet) (All versions), Capital VSTAR (All versions with enabled Ethernet options), Desigo PXC00-E.D (All versions >= V2.3), Desigo PXC00-U (All versions >= V2.3), Desigo PXC001-E.D (All versions >= V2.3), Desigo PXC100-E.D (All versions >= V2.3), Desigo PXC12-E.D (All versions >= V2.3), Desigo PXC128-U (All versions >= V2.3), Desigo PXC200-E.D (All versions >= V2.3), Desigo PXC22-E.D (All versions >= V2.3), Desigo PXC22.1-E.D (All versions >= V2.3), Desigo PXC36.1-E.D (All versions >= V2.3), Desigo PXC50-E.D (All versions >= V2.3), Desigo PXC64-U (All versions >= V2.3), Desigo PXM20-E (All versions >= V2.3), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions), TALON TC Modular (BACnet) (All versions). Malformed TCP packets with a corrupted SACK option leads to Information Leaks and Denial-of-Service conditions. (FSMD-2021-0015)"
}
]
},
@ -326,6 +336,11 @@
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf"
},
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf"
}
]
}

17
2021/31xxx/CVE-2021-31890.json
View File

@ -274,6 +274,16 @@
]
}
},
{
"product_name": "PLUSCONTROL 1st Gen",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "TALON TC Compact (BACnet)",
"version": {
@ -316,7 +326,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions), APOGEE PXC Compact (P2 Ethernet) (All versions), APOGEE PXC Modular (BACnet) (All versions), APOGEE PXC Modular (P2 Ethernet) (All versions), Capital VSTAR (All versions with enabled Ethernet options), Desigo PXC00-E.D (All versions >= V2.3), Desigo PXC00-U (All versions >= V2.3), Desigo PXC001-E.D (All versions >= V2.3), Desigo PXC100-E.D (All versions >= V2.3), Desigo PXC12-E.D (All versions >= V2.3), Desigo PXC128-U (All versions >= V2.3), Desigo PXC200-E.D (All versions >= V2.3), Desigo PXC22-E.D (All versions >= V2.3), Desigo PXC22.1-E.D (All versions >= V2.3), Desigo PXC36.1-E.D (All versions >= V2.3), Desigo PXC50-E.D (All versions >= V2.3), Desigo PXC64-U (All versions >= V2.3), Desigo PXM20-E (All versions >= V2.3), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.1), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions), TALON TC Modular (BACnet) (All versions). The total length of an TCP payload (set in the IP header) is unchecked. This may lead to various side effects, including Information Leak and Denial-of-Service conditions, depending on the network buffer organization in memory. (FSMD-2021-0017)"
"value": "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions), APOGEE PXC Compact (P2 Ethernet) (All versions), APOGEE PXC Modular (BACnet) (All versions), APOGEE PXC Modular (P2 Ethernet) (All versions), Capital VSTAR (All versions with enabled Ethernet options), Desigo PXC00-E.D (All versions >= V2.3), Desigo PXC00-U (All versions >= V2.3), Desigo PXC001-E.D (All versions >= V2.3), Desigo PXC100-E.D (All versions >= V2.3), Desigo PXC12-E.D (All versions >= V2.3), Desigo PXC128-U (All versions >= V2.3), Desigo PXC200-E.D (All versions >= V2.3), Desigo PXC22-E.D (All versions >= V2.3), Desigo PXC22.1-E.D (All versions >= V2.3), Desigo PXC36.1-E.D (All versions >= V2.3), Desigo PXC50-E.D (All versions >= V2.3), Desigo PXC64-U (All versions >= V2.3), Desigo PXM20-E (All versions >= V2.3), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.1), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions), TALON TC Modular (BACnet) (All versions). The total length of an TCP payload (set in the IP header) is unchecked. This may lead to various side effects, including Information Leak and Denial-of-Service conditions, depending on the network buffer organization in memory. (FSMD-2021-0017)"
}
]
},
@ -336,6 +346,11 @@
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf"
},
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf"
}
]
}

89
2021/32xxx/CVE-2021-32996.json
View File

@ -1,18 +1,95 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2021-12-07T17:00:00.000Z",
"ID": "CVE-2021-32996",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "R-30iA, R-30iA Mate",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": " v7",
"version_value": "v7.70"
}
]
}
},
{
"product_name": "R-30iB, R-30iB Mate, R-30iB Compact",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "v8",
"version_value": "v8.36"
}
]
}
},
{
"product_name": "R-30iB Plus, R-30iB Mate Plus, R-30iB Compact Plus, R-30iB Mini Plus",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "V9",
"version_value": "v9.40"
}
]
}
}
]
},
"vendor_name": "FANUC"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The FANUC R-30iA and R-30iB series controllers are vulnerable to integer coercion errors, which cause the device to crash. A restart is required."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-192 INTEGER COERCION ERROR"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-243-02",
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-243-02"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}

89
2021/32xxx/CVE-2021-32998.json
View File

@ -1,18 +1,95 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2021-12-07T17:00:00.000Z",
"ID": "CVE-2021-32998",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "R-30iA, R-30iA Mate",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": " v7",
"version_value": "v7.70"
}
]
}
},
{
"product_name": "R-30iB, R-30iB Mate, R-30iB Compact",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "v8",
"version_value": "v8.36"
}
]
}
},
{
"product_name": "R-30iB Plus, R-30iB Mate Plus, R-30iB Compact Plus, R-30iB Mini Plus",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "V9",
"version_value": "v9.40"
}
]
}
}
]
},
"vendor_name": "FANUC"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The FANUC R-30iA and R-30iB series controllers are vulnerable to an out-of-bounds write, which may allow an attacker to remotely execute arbitrary code. INIT START/restore from backup required."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787 Out-of-bounds Write"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-243-02",
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-243-02"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}

4
2021/33xxx/CVE-2021-33669.json
View File

@ -61,9 +61,9 @@
"references": {
"reference_data": [
{
"url": "https://github.com/SAP/scimono/security/advisories/GHSA-r2j9-h6q9-cq8g",
"url": "https://github.com/SAP/mobilesdk-certificateprovider/security/advisories/GHSA-r2j9-h6q9-cq8g",
"refsource": "MISC",
"name": "https://github.com/SAP/scimono/security/advisories/GHSA-r2j9-h6q9-cq8g"
"name": "https://github.com/SAP/mobilesdk-certificateprovider/security/advisories/GHSA-r2j9-h6q9-cq8g"
}
]
}

71
2021/34xxx/CVE-2021-34086.json
View File

@ -1,17 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-34086",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-34086",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In Ultimaker S3 3D printer, Ultimaker S5 3D printer, Ultimaker 3 3D printer S-line through 6.3 and Ultimaker 3 through 5.2.16, the local webserver hosts APIs vulnerable to CSRF. They do not verify incoming requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://ultimaker.com/3d-printers/ultimaker-s3",
"refsource": "MISC",
"name": "https://ultimaker.com/3d-printers/ultimaker-s3"
},
{
"url": "https://ultimaker.com/3d-printers/ultimaker-s5",
"refsource": "MISC",
"name": "https://ultimaker.com/3d-printers/ultimaker-s5"
},
{
"url": "https://ultimaker.com/3d-printers/ultimaker-3",
"refsource": "MISC",
"name": "https://ultimaker.com/3d-printers/ultimaker-3"
},
{
"refsource": "MISC",
"name": "https://kth.diva-portal.org/smash/get/diva2:1623489/FULLTEXT01.pdf",
"url": "https://kth.diva-portal.org/smash/get/diva2:1623489/FULLTEXT01.pdf"
}
]
}

66
2021/34xxx/CVE-2021-34087.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-34087",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-34087",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In Ultimaker S3 3D printer, Ultimaker S5 3D printer, Ultimaker 3 3D printer S-line through 6.3 and Ultimaker 3 through 5.2.16, the local webserver can be used for clickjacking. This includes the settings page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://ultimaker.com/3d-printers/ultimaker-s3",
"refsource": "MISC",
"name": "https://ultimaker.com/3d-printers/ultimaker-s3"
},
{
"url": "https://ultimaker.com/3d-printers/ultimaker-s5",
"refsource": "MISC",
"name": "https://ultimaker.com/3d-printers/ultimaker-s5"
},
{
"refsource": "MISC",
"name": "https://kth.diva-portal.org/smash/get/diva2:1623489/FULLTEXT01.pdf",
"url": "https://kth.diva-portal.org/smash/get/diva2:1623489/FULLTEXT01.pdf"
}
]
}

91
2021/35xxx/CVE-2021-35247.json
View File

@ -1,18 +1,97 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@solarwinds.com",
"DATE_PUBLIC": "2022-01-05T09:21:00.000Z",
"ID": "CVE-2021-35247",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Improper Input Validation Vulnerability in Serv-U "
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Serv-U",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "15.2.5 and previous versions ",
"version_value": "15.3"
}
]
}
}
]
},
"vendor_name": "SolarWinds"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "SolarWinds would like to thank Jonathan Bar Or of Microsoft (@yo_yo_yo_jbo) for reporting this vulnerability "
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Serv-U web login screen was allowing characters that were not sanitized by the authentication mechanism. SolarWinds has updated the authentication mechanism to remedy this issue and prevent unauthorized parameters to be used in the Serv-U login screen With the Log4j issue in the wild, input fields across the internet have been tested for vulnerability. Although Serv-U was not affected by the log4j issue, It was discovered that better input validation could be implemented."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35247",
"name": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35247"
}
]
},
"source": {
"defect": [
"CVE-2021-35247"
],
"discovery": "UNKNOWN"
}
}

56
2021/35xxx/CVE-2021-35452.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-35452",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-35452",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Incorrect Access Control vulnerability exists in libde265 v1.0.8 due to a SEGV in slice.cc."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/strukturag/libde265/issues/298",
"refsource": "MISC",
"name": "https://github.com/strukturag/libde265/issues/298"
}
]
}

56
2021/36xxx/CVE-2021-36408.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-36408",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-36408",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in libde265 v1.0.8.There is a Heap-use-after-free in intrapred.h when decoding file using dec265."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/strukturag/libde265/issues/299",
"refsource": "MISC",
"name": "https://github.com/strukturag/libde265/issues/299"
}
]
}

56
2021/36xxx/CVE-2021-36409.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-36409",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-36409",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is an Assertion `scaling_list_pred_matrix_id_delta==1' failed at sps.cc:925 in libde265 v1.0.8 when decoding file, which allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file or possibly have unspecified other impact."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/strukturag/libde265/issues/300",
"refsource": "MISC",
"name": "https://github.com/strukturag/libde265/issues/300"
}
]
}

56
2021/36xxx/CVE-2021-36410.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-36410",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-36410",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A stack-buffer-overflow exists in libde265 v1.0.8 via fallback-motion.cc in function put_epel_hv_fallback when running program dec265."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/strukturag/libde265/issues/301",
"refsource": "MISC",
"name": "https://github.com/strukturag/libde265/issues/301"
}
]
}

56
2021/36xxx/CVE-2021-36411.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-36411",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-36411",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue has been found in libde265 v1.0.8 due to incorrect access control. A SEGV caused by a READ memory access in function derive_boundaryStrength of deblock.cc has occurred. The vulnerability causes a segmentation fault and application crash, which leads to remote denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/strukturag/libde265/issues/302",
"refsource": "MISC",
"name": "https://github.com/strukturag/libde265/issues/302"
}
]
}

56
2021/36xxx/CVE-2021-36412.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-36412",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-36412",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A heap-based buffer overflow vulnerability exists in MP4Box in GPAC 1.0.1 via the gp_rtp_builder_do_mpeg12_video function, which allows attackers to possibly have unspecified other impact via a crafted file in the MP4Box command,"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/gpac/gpac/issues/1838",
"refsource": "MISC",
"name": "https://github.com/gpac/gpac/issues/1838"
}
]
}

56
2021/36xxx/CVE-2021-36414.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-36414",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-36414",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A heab-based buffer overflow vulnerability exists in MP4Box in GPAC 1.0.1 via media.c, which allows attackers to cause a denial of service or execute arbitrary code via a crafted file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/gpac/gpac/issues/1840",
"refsource": "MISC",
"name": "https://github.com/gpac/gpac/issues/1840"
}
]
}

56
2021/37xxx/CVE-2021-37195.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2021-37195",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-37195",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "COMOS",
"version": {
"version_data": [
{
"version_value": "All versions < V10.4.1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in COMOS (All versions < V10.4.1). The COMOS Web component of COMOS accepts arbitrary code as attachment to tasks. This could allow an attacker to inject malicious code that is executed when loading the attachment."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-995338.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-995338.pdf"
}
]
}

56
2021/37xxx/CVE-2021-37196.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2021-37196",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-37196",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "COMOS",
"version": {
"version_data": [
{
"version_value": "All versions < V10.4.1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-23: Relative Path Traversal"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in COMOS (All versions < V10.4.1). The COMOS Web component of COMOS unpacks specially crafted archive files to relative paths. This vulnerability could allow an attacker to store files in any folder accessible by the COMOS Web webservice."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-995338.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-995338.pdf"
}
]
}

56
2021/37xxx/CVE-2021-37197.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2021-37197",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-37197",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "COMOS",
"version": {
"version_data": [
{
"version_value": "All versions < V10.4.1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in COMOS (All versions < V10.4.1). The COMOS Web component of COMOS is vulnerable to SQL injections. This could allow an attacker to execute arbitrary SQL statements."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-995338.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-995338.pdf"
}
]
}

56
2021/37xxx/CVE-2021-37198.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2021-37198",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-37198",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "COMOS",
"version": {
"version_data": [
{
"version_value": "All versions < V10.4.1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352: Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in COMOS (All versions < V10.4.1). The COMOS Web component of COMOS uses a flawed implementation of CSRF prevention. An attacker could exploit this vulnerability to perform Cross-Site-Request-Forgery attacks."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-995338.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-995338.pdf"
}
]
}

5
2021/37xxx/CVE-2021-37979.json
View File

@ -59,6 +59,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2021-5093f11905",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RNARCF5HEZK7GJXZRN5TQ45AQDCRM2WO/"
},
{
"refsource": "MISC",
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2021-1372",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2021-1372"
}
]
},

96
2021/38xxx/CVE-2021-38894.json
View File

@ -1,18 +1,96 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-38894",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"DATE_PUBLIC": "2022-01-06T00:00:00",
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2021-38894"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 209515.",
"lang": "eng"
}
]
}
},
"impact": {
"cvssv3": {
"TM": {
"RL": "O",
"RC": "C",
"E": "U"
},
"BM": {
"SCORE": "2.700",
"S": "U",
"UI": "N",
"AV": "N",
"PR": "H",
"AC": "L",
"I": "N",
"C": "L",
"A": "N"
}
}
},
"data_type": "CVE",
"data_version": "4.0",
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/pages/node/6538418",
"title": "IBM Security Bulletin 6538418 (Security Verify Access)",
"name": "https://www.ibm.com/support/pages/node/6538418"
},
{
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"name": "ibm-sv-cve202138894-info-disc (209515)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/209515"
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "10.0.0"
},
{
"version_value": "10.0.2.0"
},
{
"version_value": "10.0.1.0"
}
]
},
"product_name": "Security Verify Access"
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"data_format": "MITRE"
}

90
2021/38xxx/CVE-2021-38895.json
View File

@ -1,17 +1,95 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"DATE_PUBLIC": "2022-01-06T00:00:00",
"ID": "CVE-2021-38895",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 209563."
}
]
},
"impact": {
"cvssv3": {
"BM": {
"A": "N",
"C": "L",
"I": "N",
"AC": "H",
"PR": "L",
"UI": "R",
"AV": "N",
"S": "C",
"SCORE": "3.000"
},
"TM": {
"RL": "O",
"RC": "C",
"E": "H"
}
}
},
"data_type": "CVE",
"data_version": "4.0",
"data_format": "MITRE",
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/pages/node/6538418",
"title": "IBM Security Bulletin 6538418 (Security Verify Access)",
"url": "https://www.ibm.com/support/pages/node/6538418"
},
{
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"name": "ibm-sv-cve202138895-xss (209563)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/209563"
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "10.0.0"
},
{
"version_value": "10.0.2.0"
},
{
"version_value": "10.0.1.0"
}
]
},
"product_name": "Security Verify Access"
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
}

94
2021/38xxx/CVE-2021-38921.json
View File

@ -1,18 +1,96 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-38921",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/pages/node/6538418",
"title": "IBM Security Bulletin 6538418 (Security Verify Access)",
"url": "https://www.ibm.com/support/pages/node/6538418"
},
{
"name": "ibm-sam-cve202138921-info-disc (210067)",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/210067",
"refsource": "XF"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Obtain Information",
"lang": "eng"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Security Verify Access",
"version": {
"version_data": [
{
"version_value": "10.0.0"
},
{
"version_value": "10.0.2.0"
},
{
"version_value": "10.0.1.0"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 210067.",
"lang": "eng"
}
]
},
"CVE_data_meta": {
"STATE": "PUBLIC",
"ID": "CVE-2021-38921",
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2022-01-06T00:00:00"
},
"data_version": "4.0",
"data_type": "CVE",
"impact": {
"cvssv3": {
"BM": {
"AC": "H",
"I": "N",
"C": "H",
"A": "N",
"SCORE": "5.900",
"S": "U",
"PR": "N",
"UI": "N",
"AV": "N"
},
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
}
}
}
}

90
2021/38xxx/CVE-2021-38956.json
View File

@ -1,18 +1,96 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"references": {
"reference_data": [
{
"name": "https://www.ibm.com/support/pages/node/6538418",
"title": "IBM Security Bulletin 6538418 (Security Verify Access)",
"url": "https://www.ibm.com/support/pages/node/6538418",
"refsource": "CONFIRM"
},
{
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/212038",
"name": "ibm-sv-cve202138956-info-disc (212038)",
"title": "X-Force Vulnerability Report"
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "10.0.0"
},
{
"version_value": "10.0.2.0"
},
{
"version_value": "10.0.1.0"
}
]
},
"product_name": "Security Verify Access"
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"CVE_data_meta": {
"STATE": "PUBLIC",
"ID": "CVE-2021-38956",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2022-01-06T00:00:00"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 could disclose sensitive version information in HTTP response headers that could aid in further attacks against the system. IBM X-Force ID: 212038"
}
]
}
},
"data_type": "CVE",
"impact": {
"cvssv3": {
"TM": {
"RC": "C",
"RL": "O",
"E": "U"
},
"BM": {
"AC": "L",
"C": "L",
"I": "N",
"A": "N",
"S": "U",
"SCORE": "5.300",
"UI": "N",
"PR": "N",
"AV": "N"
}
}
},
"data_version": "4.0"
}

88
2021/38xxx/CVE-2021-38957.json
View File

@ -1,17 +1,95 @@
{
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "10.0.0"
},
{
"version_value": "10.0.2.0"
},
{
"version_value": "10.0.1.0"
}
]
},
"product_name": "Security Verify Access"
}
]
},
"vendor_name": "IBM"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.ibm.com/support/pages/node/6538418",
"title": "IBM Security Bulletin 6538418 (Security Verify Access)",
"url": "https://www.ibm.com/support/pages/node/6538418",
"refsource": "CONFIRM"
},
{
"name": "ibm-sv-cve202138957-info-disc (212040)",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/212040",
"refsource": "XF"
}
]
},
"data_format": "MITRE",
"impact": {
"cvssv3": {
"BM": {
"SCORE": "3.100",
"S": "U",
"PR": "N",
"UI": "R",
"AV": "N",
"I": "N",
"C": "L",
"AC": "H",
"A": "N"
},
"TM": {
"E": "U",
"RL": "O",
"RC": "C"
}
}
},
"data_type": "CVE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-38957",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"DATE_PUBLIC": "2022-01-06T00:00:00",
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2021-38957"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 could disclose sensitive information due to hazardous input validation during QR code generation. IBM X-Force ID: 212040."
}
]
}

101
2021/38xxx/CVE-2021-38990.json
View File

@ -1,17 +1,108 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "7.1"
},
{
"version_value": "7.2"
}
]
},
"product_name": "AIX"
},
{
"version": {
"version_data": [
{
"version_value": "3.1"
}
]
},
"product_name": "VIOS "
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Gain Privileges",
"lang": "eng"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 6515496 (Security Key Lifecycle Manager)",
"name": "https://www.ibm.com/support/pages/node/6515496",
"url": "https://www.ibm.com/support/pages/node/6515496"
},
{
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/pages/node/6538700",
"title": "IBM Security Bulletin 6538700 (AIX)",
"name": "https://www.ibm.com/support/pages/node/6538700"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/212952",
"name": "ibm-aix-cve202138990-code-exec (212952)",
"title": "X-Force Vulnerability Report",
"refsource": "XF"
}
]
},
"data_type": "CVE",
"impact": {
"cvssv3": {
"BM": {
"AV": "L",
"UI": "N",
"PR": "N",
"S": "U",
"SCORE": "8.400",
"A": "H",
"AC": "L",
"C": "H",
"I": "H"
},
"TM": {
"E": "U",
"RL": "O",
"RC": "C"
}
}
},
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-38990",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2022-01-06T00:00:00",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the mount command which could lead to code execution. IBM X-Force ID: 212952.",
"lang": "eng"
}
]
}

5
2021/39xxx/CVE-2021-39458.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/evildrummer/CVE-2021-XYZ2",
"refsource": "MISC",
"name": "https://github.com/evildrummer/CVE-2021-XYZ2"
},
{
"refsource": "MISC",
"name": "https://github.com/evildrummer/MyOwnCVEs/tree/main/CVE-2021-39458",
"url": "https://github.com/evildrummer/MyOwnCVEs/tree/main/CVE-2021-39458"
}
]
}

5
2021/39xxx/CVE-2021-39459.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/evildrummer/CVE-2021-XYZ",
"refsource": "MISC",
"name": "https://github.com/evildrummer/CVE-2021-XYZ"
},
{
"refsource": "MISC",
"name": "https://github.com/evildrummer/MyOwnCVEs/tree/main/CVE-2021-39459",
"url": "https://github.com/evildrummer/MyOwnCVEs/tree/main/CVE-2021-39459"
}
]
}

53
2021/39xxx/CVE-2021-39993.json
View File

@ -4,14 +4,61 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-39993",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.0"
},
{
"version_value": "Magic UI 4.0.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Integer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://consumer.huawei.com/en/support/bulletin/2021/12/",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/12/"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is an Integer overflow vulnerability with ACPU in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access."
}
]
}

61
2021/39xxx/CVE-2021-39996.json
View File

@ -4,14 +4,69 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-39996",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI;HarmonyOS",
"version": {
"version_data": [
{
"version_value": "EMUI 10.0.0,EMUI 10.1.0,EMUI 10.1.1,EMUI 11.0.0,EMUI 11.0.1"
},
{
"version_value": "Magic UI 3.0.0,Magic UI 3.1.0,Magic UI 3.1.1,Magic UI 4.0.0"
},
{
"version_value": "HarmonyOS 2.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap-based buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202112-0000001183296718",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202112-0000001183296718"
},
{
"refsource": "MISC",
"name": "https://consumer.huawei.com/en/support/bulletin/2021/12/",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/12/"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is a Heap-based buffer overflow vulnerability with the NFC module in smartphones. Successful exploitation of this vulnerability may cause memory overflow."
}
]
}

61
2021/39xxx/CVE-2021-39998.json
View File

@ -4,14 +4,69 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-39998",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI;HarmonyOS",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.0,EMUI 11.0.1"
},
{
"version_value": "Magic UI 4.0.0"
},
{
"version_value": "HarmonyOS 2.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Concurrently called for multiple times"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202112-0000001183296718",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202112-0000001183296718"
},
{
"refsource": "MISC",
"name": "https://consumer.huawei.com/en/support/bulletin/2021/12/",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/12/"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is Vulnerability of APIs being concurrently called for multiple times in HwConnectivityExService a in smartphones. Successful exploitation of this vulnerability may cause the system to crash and restart."
}
]
}

5
2021/3xxx/CVE-2021-3778.json
View File

@ -99,6 +99,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2021-6988830606",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7K4JJBIH3OQSZRVTWKCJCDLGMFGQ5DOH/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20220110 [SECURITY] [DLA 2876-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00003.html"
}
]
},

5
2021/3xxx/CVE-2021-3796.json
View File

@ -99,6 +99,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2021-6988830606",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7K4JJBIH3OQSZRVTWKCJCDLGMFGQ5DOH/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20220110 [SECURITY] [DLA 2876-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00003.html"
}
]
},

57
2021/40xxx/CVE-2021-40000.json
View File

@ -1,17 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40000",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Bluetooth module has an out-of-bounds write vulnerability. Successful exploitation of this vulnerability may result in malicious command execution at the remote end."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202112-0000001183296718",
"refsource": "MISC",
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202112-0000001183296718"
}
]
}

57
2021/40xxx/CVE-2021-40001.json
View File

@ -1,17 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40001",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The CaasKit module has a path traversal vulnerability. Successful exploitation of this vulnerability may cause the MeeTime application to be unavailable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Path Traversal"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202112-0000001183296718",
"refsource": "MISC",
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202112-0000001183296718"
}
]
}

57
2021/40xxx/CVE-2021-40002.json
View File

@ -1,17 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40002",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Bluetooth module has an out-of-bounds write vulnerability. Successful exploitation of this vulnerability may result in malicious command execution at the remote end."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202112-0000001183296718",
"refsource": "MISC",
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202112-0000001183296718"
}
]
}

57
2021/40xxx/CVE-2021-40003.json
View File

@ -1,17 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40003",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "HwPCAssistant has a path traversal vulnerability. Successful exploitation of this vulnerability may affect data confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Path Traversal"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202112-0000001183296718",
"refsource": "MISC",
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202112-0000001183296718"
}
]
}

57
2021/40xxx/CVE-2021-40004.json
View File

@ -1,17 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40004",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The cellular module has a vulnerability in permission management. Successful exploitation of this vulnerability may affect data confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Exposure of Sensitive Information to an Unauthorized Actor"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202112-0000001183296718",
"refsource": "MISC",
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202112-0000001183296718"
}
]
}

57
2021/40xxx/CVE-2021-40005.json
View File

@ -1,17 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40005",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The distributed data service component has a vulnerability in data access control. Successful exploitation of this vulnerability may affect data confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202112-0000001183296718",
"refsource": "MISC",
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202112-0000001183296718"
}
]
}

57
2021/40xxx/CVE-2021-40006.json
View File

@ -1,17 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40006",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The fingerprint module has a security risk of brute force cracking. Successful exploitation of this vulnerability may affect data confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Security Features"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202112-0000001183296718",
"refsource": "MISC",
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202112-0000001183296718"
}
]
}

88
2021/40xxx/CVE-2021-40009.json
View File

@ -1,17 +1,93 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40009",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is an Out-of-bounds write vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds write vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/",
"refsource": "MISC",
"name": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331",
"refsource": "MISC",
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
}
]
}

57
2021/40xxx/CVE-2021-40010.json
View File

@ -1,17 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40010",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The bone voice ID trusted application (TA) has a heap overflow vulnerability. Successful exploitation of this vulnerability may result in malicious code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap Overflow "
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331",
"refsource": "MISC",
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
}
]
}

104
2021/40xxx/CVE-2021-40011.json
View File

@ -1,17 +1,109 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40011",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "9.1.1"
},
{
"version_affected": "=",
"version_value": "9.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
},
{
"version_affected": "=",
"version_value": "2.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is an Uncontrolled resource consumption vulnerability in the display module in smartphones. Successful exploitation of this vulnerability may affect service integrity."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Uncontrolled resource consumption"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/",
"refsource": "MISC",
"name": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
}
]
}

57
2021/40xxx/CVE-2021-40014.json
View File

@ -1,17 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40014",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The bone voice ID trusted application (TA) has a heap overflow vulnerability. Successful exploitation of this vulnerability may affect data confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Management Errors"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331",
"refsource": "MISC",
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
}
]
}

57
2021/40xxx/CVE-2021-40018.json
View File

@ -1,17 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40018",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The eID module has a null pointer reference vulnerability. Successful exploitation of this vulnerability may affect data confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Null Pointer Reference"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331",
"refsource": "MISC",
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
}
]
}

92
2021/40xxx/CVE-2021-40020.json
View File

@ -1,17 +1,97 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40020",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is an Out-of-bounds array read vulnerability in the security storage module in smartphones. Successful exploitation of this vulnerability may affect service confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds array read"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/",
"refsource": "MISC",
"name": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
}
]
}

57
2021/40xxx/CVE-2021-40021.json
View File

@ -1,17 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40021",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The eID module has an out-of-bounds memory write vulnerability,Successful exploitation of this vulnerability may affect data confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds write "
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331",
"refsource": "MISC",
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
}
]
}

57
2021/40xxx/CVE-2021-40022.json
View File

@ -1,17 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40022",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The weaver module has a vulnerability in parameter type verification,Successful exploitation of this vulnerability may affect data confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331",
"refsource": "MISC",
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
}
]
}

57
2021/40xxx/CVE-2021-40025.json
View File

@ -1,17 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40025",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The eID module has a vulnerability that causes the memory to be used without being initialized,Successful exploitation of this vulnerability may affect data confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Management Errors"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331",
"refsource": "MISC",
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
}
]
}

88
2021/40xxx/CVE-2021-40026.json
View File

@ -1,17 +1,93 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40026",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is a Heap-based buffer overflow vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap-based buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/",
"refsource": "MISC",
"name": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331",
"refsource": "MISC",
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
}
]
}

57
2021/40xxx/CVE-2021-40027.json
View File

@ -1,17 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40027",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The bone voice ID TA has a vulnerability in calculating the buffer length,Successful exploitation of this vulnerability may affect data confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Incorrect Calculation of Buffer Size"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331",
"refsource": "MISC",
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
}
]
}

57
2021/40xxx/CVE-2021-40028.json
View File

@ -1,17 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40028",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The eID module has an out-of-bounds memory write vulnerability,Successful exploitation of this vulnerability may affect data integrity."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds write"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331",
"refsource": "MISC",
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
}
]
}

116
2021/40xxx/CVE-2021-40029.json
View File

@ -1,17 +1,121 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40029",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer overflow vulnerability due to a boundary error with the Samba server"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/",
"refsource": "MISC",
"name": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331",
"refsource": "MISC",
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
}
]
}

Some files were not shown because too many files have changed in this diff Show More