admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-09-27 17:01:02 +00:00
parent 1fb3a7d306
commit 5b57fdbd10
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
15 changed files with 313 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2017/4xxx/CVE-2017-4995.json
View File

@ -66,6 +66,11 @@
"refsource": "MLIST",
"name": "[cassandra-commits] 20191113 [jira] [Created] (CASSANDRA-15416) CVE-2017-7525 ( jackson-databind is vulnerable to Remote Code Execution) on version 3.11.4",
"url": "https://lists.apache.org/thread.html/4641ed8616ccc2c1fbddac2c3dc9900c96387bc226eaf0232d61909b@%3Ccommits.cassandra.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cassandra-commits] 20210927 [jira] [Commented] (CASSANDRA-15416) CVE-2017-7525 ( jackson-databind is vulnerable to Remote Code Execution) on version 3.11.4",
"url": "https://lists.apache.org/thread.html/rf7f87810c38dc9abf9f93989f76008f504cbf7c1a355214640b2d04c@%3Ccommits.cassandra.apache.org%3E"
}
]
}

5
2017/7xxx/CVE-2017-7525.json
View File

@ -348,6 +348,11 @@
"refsource": "MLIST",
"name": "[spark-issues] 20210223 [jira] [Created] (SPARK-34511) Current Security vulnerabilities in spark libraries",
"url": "https://lists.apache.org/thread.html/r68acf97f4526ba59a33cc6e592261ea4f85d890f99e79c82d57dd589@%3Cissues.spark.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cassandra-commits] 20210927 [jira] [Commented] (CASSANDRA-15416) CVE-2017-7525 ( jackson-databind is vulnerable to Remote Code Execution) on version 3.11.4",
"url": "https://lists.apache.org/thread.html/rf7f87810c38dc9abf9f93989f76008f504cbf7c1a355214640b2d04c@%3Ccommits.cassandra.apache.org%3E"
}
]
}

5
2020/11xxx/CVE-2020-11107.json
View File

@ -56,6 +56,11 @@
"refsource": "CONFIRM",
"name": "https://www.apachefriends.org/blog/new_xampp_20200401.html",
"url": "https://www.apachefriends.org/blog/new_xampp_20200401.html"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/164292/XAMPP-7.4.3-Privilege-Escalation.html",
"url": "http://packetstormsecurity.com/files/164292/XAMPP-7.4.3-Privilege-Escalation.html"
}
]
}

27
2021/23xxx/CVE-2021-23445.json
View File

@ -48,24 +48,29 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-JS-DATATABLESNET-1540544"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JS-DATATABLESNET-1540544",
"name": "https://snyk.io/vuln/SNYK-JS-DATATABLESNET-1540544"
},
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1715371"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1715371",
"name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1715371"
},
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1715376"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1715376",
"name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1715376"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/DataTables/Dist-DataTables/commit/59a8d3f8a3c1138ab08704e783bc52bfe88d7c9b"
"refsource": "MISC",
"url": "https://github.com/DataTables/Dist-DataTables/commit/59a8d3f8a3c1138ab08704e783bc52bfe88d7c9b",
"name": "https://github.com/DataTables/Dist-DataTables/commit/59a8d3f8a3c1138ab08704e783bc52bfe88d7c9b"
},
{
"refsource": "CONFIRM",
"url": "https://cdn.datatables.net/1.11.3/"
"refsource": "MISC",
"url": "https://cdn.datatables.net/1.11.3/",
"name": "https://cdn.datatables.net/1.11.3/"
}
]
},
@ -73,7 +78,7 @@
"description_data": [
{
"lang": "eng",
"value": "This affects the package datatables.net before 1.11.3.\n If an array is passed to the HTML escape entities function it would not have its contents escaped.\r\n\r\n\r\n"
"value": "This affects the package datatables.net before 1.11.3. If an array is passed to the HTML escape entities function it would not have its contents escaped."
}
]
},

5
2021/25xxx/CVE-2021-25410.json
View File

@ -63,6 +63,11 @@
"refsource": "MISC",
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=6",
"name": "https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=6"
},
{
"refsource": "MISC",
"name": "https://blog.oversecured.com/Two-weeks-of-securing-Samsung-devices-Part-2/",
"url": "https://blog.oversecured.com/Two-weeks-of-securing-Samsung-devices-Part-2/"
}
]
},

5
2021/25xxx/CVE-2021-25413.json
View File

@ -63,6 +63,11 @@
"refsource": "MISC",
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=6",
"name": "https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=6"
},
{
"refsource": "MISC",
"name": "https://blog.oversecured.com/Two-weeks-of-securing-Samsung-devices-Part-2/",
"url": "https://blog.oversecured.com/Two-weeks-of-securing-Samsung-devices-Part-2/"
}
]
},

5
2021/25xxx/CVE-2021-25414.json
View File

@ -63,6 +63,11 @@
"refsource": "MISC",
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=6",
"name": "https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=6"
},
{
"refsource": "MISC",
"name": "https://blog.oversecured.com/Two-weeks-of-securing-Samsung-devices-Part-2/",
"url": "https://blog.oversecured.com/Two-weeks-of-securing-Samsung-devices-Part-2/"
}
]
},

5
2021/25xxx/CVE-2021-25426.json
View File

@ -63,6 +63,11 @@
"refsource": "MISC",
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=7",
"name": "https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=7"
},
{
"refsource": "MISC",
"name": "https://blog.oversecured.com/Two-weeks-of-securing-Samsung-devices-Part-2/",
"url": "https://blog.oversecured.com/Two-weeks-of-securing-Samsung-devices-Part-2/"
}
]
},

5
2021/25xxx/CVE-2021-25440.json
View File

@ -63,6 +63,11 @@
"refsource": "MISC",
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=7",
"name": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=7"
},
{
"refsource": "MISC",
"name": "https://blog.oversecured.com/Two-weeks-of-securing-Samsung-devices-Part-2/",
"url": "https://blog.oversecured.com/Two-weeks-of-securing-Samsung-devices-Part-2/"
}
]
},

85
2021/36xxx/CVE-2021-36134.json
View File

@ -1,18 +1,91 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-36134",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-36134",
"STATE": "PUBLIC",
"TITLE": "Out of bounds write in Netop Vision Pro"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Douglas McKee of McAfee ATR"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Out of bounds write vulnerability in the JPEG parsing code of Netop Vision Pro up to and including 9.7.2 allows an adjacent unauthenticated attacker to write to arbitrary memory potentially leading to a Denial of Service (DoS)."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.mcafee.com/blogs/?p=127255&preview=true",
"url": "https://www.mcafee.com/blogs/?p=127255&preview=true"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}

61
2021/37xxx/CVE-2021-37761.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-37761",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-37761",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Zoho ManageEngine ADManager Plus version 7110 and prior is vulnerable to unrestricted file upload, leading to remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.manageengine.com",
"refsource": "MISC",
"name": "https://www.manageengine.com"
},
{
"refsource": "MISC",
"name": "https://www.manageengine.com/products/ad-manager/release-notes.html#7111",
"url": "https://www.manageengine.com/products/ad-manager/release-notes.html#7111"
}
]
}

18
2021/3xxx/CVE-2021-3836.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3836",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

56
2021/40xxx/CVE-2021-40329.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-40329",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-40329",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Authentication API in Ping Identity PingFederate before 10.3 mishandles certain aspects of external password management."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://docs.pingidentity.com/bundle/pingfederate-103/page/cou1615333347158.html",
"url": "https://docs.pingidentity.com/bundle/pingfederate-103/page/cou1615333347158.html"
}
]
}

5
2021/41xxx/CVE-2021-41617.json
View File

@ -66,6 +66,11 @@
"url": "https://www.openssh.com/txt/release-8.8",
"refsource": "MISC",
"name": "https://www.openssh.com/txt/release-8.8"
},
{
"refsource": "CONFIRM",
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1190975",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1190975"
}
]
}

56
2021/41xxx/CVE-2021-41753.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-41753",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-41753",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A denial-of-service attack in WPA2, and WPA3-SAE authentication methods in D-Link DIR-X1560, v1.04B04, and DIR-X6060, v1.11B04 allows a remote unauthenticated attacker to disconnect a wireless client via sending specific spoofed SAE authentication frames."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10243",
"refsource": "MISC",
"name": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10243"
}
]
}