diff --git a/2021/32xxx/CVE-2021-32569.json b/2021/32xxx/CVE-2021-32569.json index a5e202fbfa2..6610f24daf2 100644 --- a/2021/32xxx/CVE-2021-32569.json +++ b/2021/32xxx/CVE-2021-32569.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-32569", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-32569", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** UNSUPPORTED WHEN ASSIGNED ** In OSS-RC systems of the release 18B and older customer documentation browsing libraries under ALEX are subject to Cross-Site Scripting. This problem is completely resolved in new Ericsson library browsing tool ELEX used in systems like Ericsson Network Manager. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. Ericsson Network Manager is a new generation OSS system which OSS-RC customers shall upgrade to." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.gruppotim.it/it/innovazione/servizi-digitali/cybersecurity/red-team.html", + "url": "https://www.gruppotim.it/it/innovazione/servizi-digitali/cybersecurity/red-team.html" } ] } diff --git a/2021/41xxx/CVE-2021-41079.json b/2021/41xxx/CVE-2021-41079.json index 73c30413f74..8fe678f863d 100644 --- a/2021/41xxx/CVE-2021-41079.json +++ b/2021/41xxx/CVE-2021-41079.json @@ -93,6 +93,16 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20211008-0005/", "url": "https://security.netapp.com/advisory/ntap-20211008-0005/" + }, + { + "refsource": "MLIST", + "name": "[tomcat-dev] 20211014 [SECURITY] CVE-2021-42340 Apache Tomcat DoS", + "url": "https://lists.apache.org/thread.html/rb4de81ac647043541a32881099aa6eb5a23f1b7fd116f713f8ab9dbe@%3Cdev.tomcat.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[tomcat-users] 20211014 [SECURITY] CVE-2021-42340 Apache Tomcat DoS", + "url": "https://lists.apache.org/thread.html/r6b6b674e3f168dd010e67dbe6848b866e2acf26371452fdae313b98a@%3Cusers.tomcat.apache.org%3E" } ] }, diff --git a/2021/42xxx/CVE-2021-42224.json b/2021/42xxx/CVE-2021-42224.json index 86d2a524795..8a13eb6eb4d 100644 --- a/2021/42xxx/CVE-2021-42224.json +++ b/2021/42xxx/CVE-2021-42224.json @@ -56,6 +56,11 @@ "url": "https://www.exploit-db.com/exploits/50391", "refsource": "MISC", "name": "https://www.exploit-db.com/exploits/50391" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/164514/IFSC-Code-Finder-Project-1.0-SQL-Injection.html", + "url": "http://packetstormsecurity.com/files/164514/IFSC-Code-Finder-Project-1.0-SQL-Injection.html" } ] } diff --git a/2021/42xxx/CVE-2021-42227.json b/2021/42xxx/CVE-2021-42227.json index ea038cc4bc6..ee7c493fe5b 100644 --- a/2021/42xxx/CVE-2021-42227.json +++ b/2021/42xxx/CVE-2021-42227.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-42227", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-42227", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross SIte Scripting (XSS) vulnerability exists in KindEditor 4.1.x via a Google search inurl:/examples/uploadbutton.html and then the .html file on the website that uses this editor (the file suffix is allowed)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/kindsoft/kindeditor/issues/336", + "url": "https://github.com/kindsoft/kindeditor/issues/336" } ] } diff --git a/2021/42xxx/CVE-2021-42228.json b/2021/42xxx/CVE-2021-42228.json index 437519a7781..f14ac31993b 100644 --- a/2021/42xxx/CVE-2021-42228.json +++ b/2021/42xxx/CVE-2021-42228.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-42228", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-42228", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross Site Request Forgery (CSRF) vulnerability exists in KindEdirot 4.1.x. First, you upload an html file containing csrf on the website that uses a google editor, (you only need to search in google: inurl:/examples/uploadbutton.html) and then use the authority of this website to trick users into clicking your malicious html link." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/kindsoft/kindeditor/issues/337", + "url": "https://github.com/kindsoft/kindeditor/issues/337" } ] } diff --git a/2021/42xxx/CVE-2021-42341.json b/2021/42xxx/CVE-2021-42341.json index 2b9240ea2b3..2fbf12f2f28 100644 --- a/2021/42xxx/CVE-2021-42341.json +++ b/2021/42xxx/CVE-2021-42341.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "checkpath in OpenRC before 0.44.7 uses the direct output of strlen() to allocate strings, which does not account for the '\\0' byte at the end of the string. This results in memory corruption." + "value": "checkpath in OpenRC before 0.44.7 uses the direct output of strlen() to allocate strings, which does not account for the '\\0' byte at the end of the string. This results in memory corruption. CVE-2021-42341 was introduced in git commit 63db2d99e730547339d1bdd28e8437999c380cae, which was introduced as part of OpenRC 0.44.0 development." } ] }, @@ -71,6 +71,16 @@ "url": "https://bugs.gentoo.org/816900", "refsource": "MISC", "name": "https://bugs.gentoo.org/816900" + }, + { + "refsource": "MISC", + "name": "https://github.com/OpenRC/openrc/commit/63db2d99e730547339d1bdd28e8437999c380cae", + "url": "https://github.com/OpenRC/openrc/commit/63db2d99e730547339d1bdd28e8437999c380cae" + }, + { + "refsource": "MISC", + "name": "https://github.com/OpenRC/openrc/issues/418", + "url": "https://github.com/OpenRC/openrc/issues/418" } ] } diff --git a/2021/42xxx/CVE-2021-42357.json b/2021/42xxx/CVE-2021-42357.json new file mode 100644 index 00000000000..f9e2fb5cfc5 --- /dev/null +++ b/2021/42xxx/CVE-2021-42357.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42357", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/42xxx/CVE-2021-42358.json b/2021/42xxx/CVE-2021-42358.json new file mode 100644 index 00000000000..f81843b3286 --- /dev/null +++ b/2021/42xxx/CVE-2021-42358.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42358", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/42xxx/CVE-2021-42359.json b/2021/42xxx/CVE-2021-42359.json new file mode 100644 index 00000000000..fc0b1389d59 --- /dev/null +++ b/2021/42xxx/CVE-2021-42359.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42359", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/42xxx/CVE-2021-42360.json b/2021/42xxx/CVE-2021-42360.json new file mode 100644 index 00000000000..7993cb6d34b --- /dev/null +++ b/2021/42xxx/CVE-2021-42360.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42360", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/42xxx/CVE-2021-42361.json b/2021/42xxx/CVE-2021-42361.json new file mode 100644 index 00000000000..e94787e4000 --- /dev/null +++ b/2021/42xxx/CVE-2021-42361.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42361", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/42xxx/CVE-2021-42362.json b/2021/42xxx/CVE-2021-42362.json new file mode 100644 index 00000000000..4564bda05a1 --- /dev/null +++ b/2021/42xxx/CVE-2021-42362.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42362", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/42xxx/CVE-2021-42363.json b/2021/42xxx/CVE-2021-42363.json new file mode 100644 index 00000000000..4eacf16015b --- /dev/null +++ b/2021/42xxx/CVE-2021-42363.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42363", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/42xxx/CVE-2021-42364.json b/2021/42xxx/CVE-2021-42364.json new file mode 100644 index 00000000000..ae38ace6100 --- /dev/null +++ b/2021/42xxx/CVE-2021-42364.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42364", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/42xxx/CVE-2021-42365.json b/2021/42xxx/CVE-2021-42365.json new file mode 100644 index 00000000000..3461aa30a5c --- /dev/null +++ b/2021/42xxx/CVE-2021-42365.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42365", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/42xxx/CVE-2021-42366.json b/2021/42xxx/CVE-2021-42366.json new file mode 100644 index 00000000000..9c27eb5bed5 --- /dev/null +++ b/2021/42xxx/CVE-2021-42366.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42366", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/42xxx/CVE-2021-42367.json b/2021/42xxx/CVE-2021-42367.json new file mode 100644 index 00000000000..350baf630ce --- /dev/null +++ b/2021/42xxx/CVE-2021-42367.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42367", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file