admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 18:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-11-17 18:00:58 +00:00
parent 2ec03f8fa7
commit 4b98131b31
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
12 changed files with 528 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
2021/33xxx/CVE-2021-33479.json
View File

@ -4,14 +4,63 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-33479",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "patrick@puiterwijk.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "gocr",
"version": {
"version_data": [
{
"version_value": "gocr 0.53-20200802"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1962861",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962861"
},
{
"refsource": "MISC",
"name": "https://sourceforge.net/p/jocr/bugs/39/",
"url": "https://sourceforge.net/p/jocr/bugs/39/"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A stack-based buffer overflow vulnerability was discovered in gocr through 0.53-20200802 in measure_pitch() in pgm2asc.c."
}
]
}

60
2021/33xxx/CVE-2021-33480.json
View File

@ -4,14 +4,68 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-33480",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "patrick@puiterwijk.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "gocr",
"version": {
"version_data": [
{
"version_value": "gocr 0.53-20200802"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-416"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1962854",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962854"
},
{
"refsource": "MISC",
"name": "https://sourceforge.net/p/jocr/bugs/40/",
"url": "https://sourceforge.net/p/jocr/bugs/40/"
},
{
"refsource": "MISC",
"name": "https://sourceforge.net/p/jocr/bugs/41/",
"url": "https://sourceforge.net/p/jocr/bugs/41/"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An use-after-free vulnerability was discovered in gocr through 0.53-20200802 in context_correction() in pgm2asc.c."
}
]
}

55
2021/33xxx/CVE-2021-33481.json
View File

@ -4,14 +4,63 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-33481",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "patrick@puiterwijk.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "gocr",
"version": {
"version_data": [
{
"version_value": "gocr 0.53-20200802"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1962865",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962865"
},
{
"refsource": "MISC",
"name": "https://sourceforge.net/p/jocr/bugs/42/",
"url": "https://sourceforge.net/p/jocr/bugs/42/"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A stack-based buffer overflow vulnerability was discovered in gocr through 0.53-20200802 in try_to_divide_boxes() in pgm2asc.c."
}
]
}

105
2021/35xxx/CVE-2021-35528.json
View File

@ -1,18 +1,111 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@hitachienergy.com",
"DATE_PUBLIC": "2021-11-04T16:00:00.000Z",
"ID": "CVE-2021-35528",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Authentication Bypass Vulnerability Vulnerability in Retail Operations Product and Counterparty Settlement and Billing (CSB)"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Retail Operations",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "5.7.3",
"version_value": "5.7.3.1"
}
]
}
},
{
"product_name": "Counterparty Settlement and Billing (CSB)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "5.7.3",
"version_value": "5.7.3.1"
}
]
}
}
]
},
"vendor_name": "Hitachi Energy"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper Access Control vulnerability in the application authentication and authorization of Hitachi Energy Retail Operations, Counterparty Settlement and Billing (CSB) allows an attacker to execute a modified signed Java Applet JAR file. A successful exploitation may lead to data extraction or modification of data inside the application. This issue affects: Hitachi Energy Retail Operations 5.7.3 and prior versions. Hitachi Energy Counterparty Settlement and Billing (CSB) 5.7.3 prior versions."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284 Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000067&LanguageCode=en&DocumentPartId=&Action=Launch",
"refsource": "CONFIRM",
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000067&LanguageCode=en&DocumentPartId=&Action=Launch"
},
{
"name": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000068&LanguageCode=en&DocumentPartId=&Action=Launch",
"refsource": "CONFIRM",
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000068&LanguageCode=en&DocumentPartId=&Action=Launch"
}
]
},
"solution": [
{
"lang": "eng",
"value": "- Vulnerability is remediated in Retail Operations v5.7.3.1\n- Vulnerability is remediated in CSB v5.7.3.1"
}
],
"source": {
"discovery": "USER"
}
}

18
2021/3xxx/CVE-2021-3973.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3973",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

5
2021/41xxx/CVE-2021-41720.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/lodash/lodash/issues/5261",
"refsource": "MISC",
"name": "https://github.com/lodash/lodash/issues/5261"
},
{
"refsource": "MISC",
"name": "https://web.archive.org/web/20211004200531/https:/github.com/lodash/lodash/issues/5261",
"url": "https://web.archive.org/web/20211004200531/https:/github.com/lodash/lodash/issues/5261"
}
]
}

104
2021/42xxx/CVE-2021-42360.json
View File

@ -1,18 +1,110 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "security@wordfence.com",
"ID": "CVE-2021-42360",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Starter Templates \u2014 Elementor, Gutenberg & Beaver Builder Templates <= 2.7.0 Authenticated Block Import to Stored XSS"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Starter Templates \u2014 Elementor, Gutenberg & Beaver Builder Templates",
"version": {
"version_data": [
{
"platform": "WordPress",
"version_affected": "<=",
"version_name": "2.7.0",
"version_value": "2.7.0"
}
]
}
}
]
},
"vendor_name": "BrainStormForce"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Ramuel Gall, Wordfence"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "On sites that also had the Elementor plugin for WordPress installed, it was possible for users with the edit_posts capability, which includes Contributor-level users, to import blocks onto any page using the astra-page-elementor-batch-process AJAX action. An attacker could craft and host a block containing malicious JavaScript on a server they controlled, and then use it to overwrite any post or page by sending an AJAX request with the action set to astra-page-elementor-batch-process and the url parameter pointed to their remotely-hosted malicious block, as well as an id parameter containing the post or page to overwrite. Any post or page that had been built with Elementor, including published pages, could be overwritten by the imported block, and the malicious JavaScript in the imported block would then be executed in the browser of any visitors to that page."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284 Improper Access Control"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-99 Improper Control of Resource Identifiers ('Resource Injection')"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://www.wordfence.com/blog/2021/11/over-1-million-sites-impacted-by-vulnerability-in-starter-templates-plugin/",
"name": "https://www.wordfence.com/blog/2021/11/over-1-million-sites-impacted-by-vulnerability-in-starter-templates-plugin/"
}
]
},
"source": {
"discovery": "INTERNAL"
}
}

110
2021/42xxx/CVE-2021-42362.json
View File

@ -1,18 +1,116 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"AKA": "Wordfence",
"ASSIGNER": "security@wordfence.com",
"DATE_PUBLIC": "2021-11-12T13:26:00.000Z",
"ID": "CVE-2021-42362",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "WordPress Popular Posts <= 5.3.2 Authenticated Arbitrary File Upload"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WordPress Popular Posts",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "5.3.2",
"version_value": "5.3.2"
}
]
}
}
]
},
"vendor_name": "WordPress Popular Posts"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Original Researcher: Jerome Bruandet, NinTechNet Exploit Author: Simone Cristofaro"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The WordPress Popular Posts WordPress plugin is vulnerable to arbitrary file uploads due to insufficient input file type validation found in the ~/src/Image.php file which makes it possible for attackers with contributor level access and above to upload malicious files that can be used to obtain remote code execution, in versions up to and including 5.3.2."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": "8.8",
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-434 Unrestricted Upload of File with Dangerous Type"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://blog.nintechnet.com/improper-input-validation-fixed-in-wordpress-popular-posts-plugin/",
"name": "https://blog.nintechnet.com/improper-input-validation-fixed-in-wordpress-popular-posts-plugin/"
},
{
"refsource": "MISC",
"url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2021-42362",
"name": "https://www.wordfence.com/vulnerability-advisories/#CVE-2021-42362"
},
{
"refsource": "MISC",
"url": "https://plugins.trac.wordpress.org/changeset/2542638/wordpress-popular-posts/trunk/src/Image.php",
"name": "https://plugins.trac.wordpress.org/changeset/2542638/wordpress-popular-posts/trunk/src/Image.php"
},
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/bd4f157c-a3d7-4535-a587-0102ba4e3009",
"name": "https://wpscan.com/vulnerability/bd4f157c-a3d7-4535-a587-0102ba4e3009"
}
]
},
"solution": [
{
"lang": "eng",
"value": "Update to version 5.3.3 or newer. "
}
],
"source": {
"discovery": "UNKNOWN"
}
}

18
2021/43xxx/CVE-2021-43338.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-43338",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-43339. Reason: This candidate is a duplicate of CVE-2021-43339. Notes: All CVE users should reference CVE-2021-43339 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}
}

7
2021/43xxx/CVE-2021-43339.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "In Ericsson Network Location before 2021-07-31, it is possible for an authenticated attacker to inject commands via file_name in the export functionality."
"value": "In Ericsson Network Location before 2021-07-31, it is possible for an authenticated attacker to inject commands via file_name in the export functionality. For example, a new admin user could be created."
}
]
},
@ -52,6 +52,11 @@
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.exploit-db.com/exploits/50469",
"url": "https://www.exploit-db.com/exploits/50469"
},
{
"url": "https://pentest.com.tr/blog/RCE-via-Meow-Variant-along-with-an-Example-0day-PacketHackingVillage-Defcon29.html",
"refsource": "MISC",

12
2021/43xxx/CVE-2021-43617.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "Laravel Framework through 8.70.2 does not sufficiently block the upload of executable PHP content because Illuminate/Validation/Concerns/ValidatesAttributes.php lacks a check for .phar files, which are handled as application/x-httpd-php on systems based on Debian. In some use cases, this may be related to file-type validation for image upload (e.g., differences between getClientOriginalExtension and other approaches)."
"value": "Laravel Framework through 8.70.2 does not sufficiently block the upload of executable PHP content because Illuminate/Validation/Concerns/ValidatesAttributes.php lacks a check for .phar files, which are handled as application/x-httpd-php on systems based on Debian. NOTE: this CVE Record is for Laravel Framework, and is unrelated to any reports concerning incorrectly written user applications for image upload."
}
]
},
@ -52,21 +52,11 @@
},
"references": {
"reference_data": [
{
"url": "https://hosein-vita.medium.com/laravel-8-x-image-upload-bypass-zero-day-852bd806019b",
"refsource": "MISC",
"name": "https://hosein-vita.medium.com/laravel-8-x-image-upload-bypass-zero-day-852bd806019b"
},
{
"url": "https://github.com/laravel/framework/blob/2049de73aa099a113a287587df4cc522c90961f5/src/Illuminate/Validation/Concerns/ValidatesAttributes.php#L1331-L1333",
"refsource": "MISC",
"name": "https://github.com/laravel/framework/blob/2049de73aa099a113a287587df4cc522c90961f5/src/Illuminate/Validation/Concerns/ValidatesAttributes.php#L1331-L1333"
},
{
"url": "https://github.com/laravel/framework/blob/2049de73aa099a113a287587df4cc522c90961f5/src/Illuminate/Validation/Concerns/ValidatesAttributes.php#L1130-L1132",
"refsource": "MISC",
"name": "https://github.com/laravel/framework/blob/2049de73aa099a113a287587df4cc522c90961f5/src/Illuminate/Validation/Concerns/ValidatesAttributes.php#L1130-L1132"
},
{
"url": "https://salsa.debian.org/php-team/php/-/commit/dc253886b5b2e9bc8d9e36db787abb083a667fd8",
"refsource": "MISC",

18
2021/43xxx/CVE-2021-43978.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-43978",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}