From 4830ac8c8eaef09a0f06d0613e8b02b1f7fbcad2 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 15 Sep 2021 20:00:59 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2016/20xxx/CVE-2016-20012.json | 77 ++++++++++++++++++++++++++++++++++ 2021/37xxx/CVE-2021-37909.json | 7 ++-- 2021/37xxx/CVE-2021-37912.json | 5 ++- 2021/37xxx/CVE-2021-37913.json | 5 ++- 2021/41xxx/CVE-2021-41286.json | 18 ++++++++ 2021/41xxx/CVE-2021-41287.json | 18 ++++++++ 6 files changed, 123 insertions(+), 7 deletions(-) create mode 100644 2016/20xxx/CVE-2016-20012.json create mode 100644 2021/41xxx/CVE-2021-41286.json create mode 100644 2021/41xxx/CVE-2021-41287.json diff --git a/2016/20xxx/CVE-2016-20012.json b/2016/20xxx/CVE-2016-20012.json new file mode 100644 index 00000000000..53ee21dc13e --- /dev/null +++ b/2016/20xxx/CVE-2016-20012.json @@ -0,0 +1,77 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-20012", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/openssh/openssh-portable/pull/270", + "refsource": "MISC", + "name": "https://github.com/openssh/openssh-portable/pull/270" + }, + { + "url": "https://github.com/openssh/openssh-portable/blob/d0fffc88c8fe90c1815c6f4097bc8cbcabc0f3dd/auth2-pubkey.c#L261-L265", + "refsource": "MISC", + "name": "https://github.com/openssh/openssh-portable/blob/d0fffc88c8fe90c1815c6f4097bc8cbcabc0f3dd/auth2-pubkey.c#L261-L265" + }, + { + "url": "https://utcc.utoronto.ca/~cks/space/blog/tech/SSHKeysAreInfoLeak", + "refsource": "MISC", + "name": "https://utcc.utoronto.ca/~cks/space/blog/tech/SSHKeysAreInfoLeak" + }, + { + "url": "https://rushter.com/blog/public-ssh-keys/", + "refsource": "MISC", + "name": "https://rushter.com/blog/public-ssh-keys/" + } + ] + } +} \ No newline at end of file diff --git a/2021/37xxx/CVE-2021-37909.json b/2021/37xxx/CVE-2021-37909.json index 0f1047eeacb..e5029ac74c1 100644 --- a/2021/37xxx/CVE-2021-37909.json +++ b/2021/37xxx/CVE-2021-37909.json @@ -39,7 +39,7 @@ "description_data": [ { "lang": "eng", - "value": "WriteRegistry function in TSSServiSign component does not filter and verify users’ input, remote attackers can rewrite to the registry without permissions thus perform hijack attacks to execute arbitrary code." + "value": "WriteRegistry function in TSSServiSign component does not filter and verify users\u2019 input, remote attackers can rewrite to the registry without permissions thus perform hijack attacks to execute arbitrary code." } ] }, @@ -77,8 +77,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://www.twcert.org.tw/tw/cp-132-5093-76f04-1.html" + "refsource": "MISC", + "url": "https://www.twcert.org.tw/tw/cp-132-5093-76f04-1.html", + "name": "https://www.twcert.org.tw/tw/cp-132-5093-76f04-1.html" } ] }, diff --git a/2021/37xxx/CVE-2021-37912.json b/2021/37xxx/CVE-2021-37912.json index 76f66df1add..2701117aa25 100644 --- a/2021/37xxx/CVE-2021-37912.json +++ b/2021/37xxx/CVE-2021-37912.json @@ -89,8 +89,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://www.twcert.org.tw/tw/cp-132-5091-7e0c5-1.html" + "refsource": "MISC", + "url": "https://www.twcert.org.tw/tw/cp-132-5091-7e0c5-1.html", + "name": "https://www.twcert.org.tw/tw/cp-132-5091-7e0c5-1.html" } ] }, diff --git a/2021/37xxx/CVE-2021-37913.json b/2021/37xxx/CVE-2021-37913.json index 8d093e3dd04..64c9ecae6e1 100644 --- a/2021/37xxx/CVE-2021-37913.json +++ b/2021/37xxx/CVE-2021-37913.json @@ -89,8 +89,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://www.twcert.org.tw/tw/cp-132-5092-f88e2-1.html" + "refsource": "MISC", + "url": "https://www.twcert.org.tw/tw/cp-132-5092-f88e2-1.html", + "name": "https://www.twcert.org.tw/tw/cp-132-5092-f88e2-1.html" } ] }, diff --git a/2021/41xxx/CVE-2021-41286.json b/2021/41xxx/CVE-2021-41286.json new file mode 100644 index 00000000000..9e2265c36b3 --- /dev/null +++ b/2021/41xxx/CVE-2021-41286.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41286", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41287.json b/2021/41xxx/CVE-2021-41287.json new file mode 100644 index 00000000000..31a6e7f7b83 --- /dev/null +++ b/2021/41xxx/CVE-2021-41287.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41287", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file