admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-07-19 18:00:51 +00:00
parent 375c3f7417
commit 6c7e5f03cb
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
8 changed files with 417 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

62
2020/20xxx/CVE-2020-20248.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-20248",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-20248",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mikrotik RouterOs before stable 6.47 suffers from an uncontrolled resource consumption in the memtest process. An authenticated remote attacker can cause a Denial of Service due to overloading the systems CPU."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/cq674350529/pocs_slides/blob/master/advisory/MikroTik/CVE-2020-20248/README.md",
"url": "https://github.com/cq674350529/pocs_slides/blob/master/advisory/MikroTik/CVE-2020-20248/README.md"
}
]
}

62
2020/20xxx/CVE-2020-20249.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-20249",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-20249",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mikrotik RouterOs before stable 6.47 suffers from a memory corruption vulnerability in the resolver process. By sending a crafted packet, an authenticated remote attacker can cause a Denial of Service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/cq674350529/pocs_slides/blob/master/advisory/MikroTik/CVE-2020-20249/README.md",
"url": "https://github.com/cq674350529/pocs_slides/blob/master/advisory/MikroTik/CVE-2020-20249/README.md"
}
]
}

5
2020/6xxx/CVE-2020-6010.json
View File

@ -58,6 +58,11 @@
"refsource": "MISC",
"name": "https://research.checkpoint.com/2020/e-learning-platforms-getting-schooled-multiple-vulnerabilities-in-wordpress-most-popular-learning-management-system-plugins/",
"url": "https://research.checkpoint.com/2020/e-learning-platforms-getting-schooled-multiple-vulnerabilities-in-wordpress-most-popular-learning-management-system-plugins/"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/163536/WordPress-LearnPress-SQL-Injection.html",
"url": "http://packetstormsecurity.com/files/163536/WordPress-LearnPress-SQL-Injection.html"
}
]
},

5
2020/7xxx/CVE-2020-7995.json
View File

@ -61,6 +61,11 @@
"url": "https://github.com/tufangungor/tufangungor.github.io/blob/master/_posts/2020-01-19-dolibarr-10.0.6-brute-force.md",
"refsource": "MISC",
"name": "https://github.com/tufangungor/tufangungor.github.io/blob/master/_posts/2020-01-19-dolibarr-10.0.6-brute-force.md"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/163541/Dolibarr-ERP-CRM-10.0.6-Login-Brute-Forcer.html",
"url": "http://packetstormsecurity.com/files/163541/Dolibarr-ERP-CRM-10.0.6-Login-Brute-Forcer.html"
}
]
}

103
2021/20xxx/CVE-2021-20698.json
View File

@ -19,7 +19,106 @@
"version": {
"version_data": [
{
"version_value": "UN462A R1.300 and prior to it, UN462VA R1.300 and prior to it, UN492S R1.300 and prior to it, UN492VS R1.300 and prior to it, UN552A R1.300 and prior to it, UN552S R1.300 and prior to it, UN552VS R1.300 and prior to it, UN552 R1.300 and prior to it, UN552V R1.300 and prior to it, UX552S R1.300 and prior to it, UN552 R1.300 and prior to it, V864Q R2.000 and prior to it, C861Q R2.000 and prior to it, P754Q R2.000 and prior to it, V754Q R2.000 and prior to it, C751Q R2.000 and prior to it, V964Q R2.000 and prior to it, C961Q R2.000 and prior to it, P654Q R2.000 and prior to it, V654Q R2.000 and prior to it, C651Q R2.000 and prior to it, V554Q R2.000 and prior to it"
"version_value": "UN462A R1.300 and prior to it"
},
{
"version_value": "UN462VA R1.300 and prior to it"
},
{
"version_value": "UN492S R1.300 and prior to it"
},
{
"version_value": "UN492VS R1.300 and prior to it"
},
{
"version_value": "UN552A R1.300 and prior to it"
},
{
"version_value": "UN552S R1.300 and prior to it"
},
{
"version_value": "UN552VS R1.300 and prior"
},
{
"version_value": "UN552 R1.300 and prior"
},
{
"version_value": "UN552V R1.300 and prior to it"
},
{
"version_value": "UX552S R1.300 and prior to it"
},
{
"version_value": "UN552 R1.300 and prior to it"
},
{
"version_value": "V864Q R2.000 and prior to it"
},
{
"version_value": "C861Q R2.000 and prior to it"
},
{
"version_value": "P754Q R2.000 and prior to it"
},
{
"version_value": "V754Q R2.000 and prior to it"
},
{
"version_value": "C751Q R2.000 and prior to it"
},
{
"version_value": "V964Q R2.000 and prior to it"
},
{
"version_value": "C961Q R2.000 and prior to it"
},
{
"version_value": "P654Q R2.000 and prior to it"
},
{
"version_value": "V654Q R2.000 and prior to it"
},
{
"version_value": "C651Q R2.000 and prior to it"
},
{
"version_value": "V554Q R2.000 and prior to it"
},
{
"version_value": "P404 R3.300 and prior to it"
},
{
"version_value": "P484 R3.300 and prior to it"
},
{
"version_value": "P554 R3.300 and prior to it"
},
{
"version_value": "V404 R3.300 and prior to it"
},
{
"version_value": "V484 R3.300 and prior to it"
},
{
"version_value": "V554 R3.300 and prior to it"
},
{
"version_value": "V404-T R3.300 and prior to it"
},
{
"version_value": "V484-T R3.300 and prior"
},
{
"version_value": "V554-T R3.300 and prior"
},
{
"version_value": "C501 R2.100 and prior"
},
{
"version_value": "C551 R2.100 and prior"
},
{
"version_value": "C431 R2.100 and prior"
}
]
}
@ -55,7 +154,7 @@
"description_data": [
{
"lang": "eng",
"value": "Sharp NEC Displays (UN462A R1.300 and prior to it, UN462VA R1.300 and prior to it, UN492S R1.300 and prior to it, UN492VS R1.300 and prior to it, UN552A R1.300 and prior to it, UN552S R1.300 and prior to it, UN552VS R1.300 and prior to it, UN552 R1.300 and prior to it, UN552V R1.300 and prior to it, UX552S R1.300 and prior to it, UN552 R1.300 and prior to it, V864Q R2.000 and prior to it, C861Q R2.000 and prior to it, P754Q R2.000 and prior to it, V754Q R2.000 and prior to it, C751Q R2.000 and prior to it, V964Q R2.000 and prior to it, C961Q R2.000 and prior to it, P654Q R2.000 and prior to it, V654Q R2.000 and prior to it, C651Q R2.000 and prior to it, V554Q R2.000 and prior to it) allows an attacker to obtain root privileges and execute remote code by sending unintended parameters that contain specific characters in http request."
"value": "Sharp NEC Displays (UN462A R1.300 and prior to it, UN462VA R1.300 and prior to it, UN492S R1.300 and prior to it, UN492VS R1.300 and prior to it, UN552A R1.300 and prior to it, UN552S R1.300 and prior to it, UN552VS R1.300 and prior to it, UN552 R1.300 and prior to it, UN552V R1.300 and prior to it, UX552S R1.300 and prior to it, UN552 R1.300 and prior to it, V864Q R2.000 and prior to it, C861Q R2.000 and prior to it, P754Q R2.000 and prior to it, V754Q R2.000 and prior to it, C751Q R2.000 and prior to it, V964Q R2.000 and prior to it, C961Q R2.000 and prior to it, P654Q R2.000 and prior to it, V654Q R2.000 and prior to it, C651Q R2.000 and prior to it, V554Q R2.000 and prior to it, P404 R3.300 and prior to it, P484 R3.300 and prior to it, P554 R3.300 and prior to it, V404 R3.300 and prior to it, V484 R3.300 and prior to it, V554 R3.300 and prior to it, V404-T R3.300 and prior to it, V484-T R3.300 and prior to it, V554-T R3.300 and prior to it, C501 R2.100 and prior to it, C551 R2.100 and prior to it, C431 R2.100 and prior to it) allows an attacker to obtain root privileges and execute remote code by sending unintended parameters that contain specific characters in http request."
}
]
}

103
2021/20xxx/CVE-2021-20699.json
View File

@ -19,7 +19,106 @@
"version": {
"version_data": [
{
"version_value": "UN462A R1.300 and prior to it, UN462VA R1.300 and prior to it, UN492S R1.300 and prior to it, UN492VS R1.300 and prior to it, UN552A R1.300 and prior to it, UN552S R1.300 and prior to it, UN552VS R1.300 and prior to it, UN552 R1.300 and prior to it, UN552V R1.300 and prior to it, UX552S R1.300 and prior to it, UN552 R1.300 and prior to it, V864Q R2.000 and prior to it, C861Q R2.000 and prior to it, P754Q R2.000 and prior to it, V754Q R2.000 and prior to it, C751Q R2.000 and prior to it, V964Q R2.000 and prior to it, C961Q R2.000 and prior to it, P654Q R2.000 and prior to it, V654Q R2.000 and prior to it, C651Q R2.000 and prior to it, V554Q R2.000 and prior to it"
"version_value": "UN462A R1.300 and prior to it"
},
{
"version_value": "UN462VA R1.300 and prior to it"
},
{
"version_value": "UN492S R1.300 and prior to it"
},
{
"version_value": "UN492VS R1.300 and prior to it"
},
{
"version_value": "UN552A R1.300 and prior to it"
},
{
"version_value": "UN552S R1.300 and prior to it"
},
{
"version_value": "UN552VS R1.300 and prior to it"
},
{
"version_value": "UN552 R1.300 and prior to it"
},
{
"version_value": "UN552V R1.300 and prior to it"
},
{
"version_value": "UX552S R1.300 and prior to it"
},
{
"version_value": "UN552 R1.300 and prior to it"
},
{
"version_value": "V864Q R2.000 and prior to it"
},
{
"version_value": "C861Q R2.000 and prior to it"
},
{
"version_value": "P754Q R2.000 and prior to it"
},
{
"version_value": "V754Q R2.000 and prior to it"
},
{
"version_value": "C751Q R2.000 and prior to it"
},
{
"version_value": "V964Q R2.000 and prior to it"
},
{
"version_value": "C961Q R2.000 and prior to it"
},
{
"version_value": "P654Q R2.000 and prior to it"
},
{
"version_value": "V654Q R2.000 and prior to it"
},
{
"version_value": "C651Q R2.000 and prior to it"
},
{
"version_value": "V554Q R2.000 and prior to it"
},
{
"version_value": "P404 R3.300 and prior to it"
},
{
"version_value": "P484 R3.300 and prior to it"
},
{
"version_value": "P554 R3.300 and prior to it"
},
{
"version_value": "V404 R3.300 and prior to it"
},
{
"version_value": "V484 R3.300 and prior to it"
},
{
"version_value": "V554 R3.300 and prior to it"
},
{
"version_value": "V404-T R3.300 and prior to it"
},
{
"version_value": "V484-T R3.300 and prior"
},
{
"version_value": "V554-T R3.300 and prior"
},
{
"version_value": "C501 R2.100 and prior"
},
{
"version_value": "C551 R2.100 and prior"
},
{
"version_value": "C431 R2.100 and prior"
}
]
}
@ -55,7 +154,7 @@
"description_data": [
{
"lang": "eng",
"value": "Sharp NEC Displays (UN462A R1.300 and prior to it, UN462VA R1.300 and prior to it, UN492S R1.300 and prior to it, UN492VS R1.300 and prior to it, UN552A R1.300 and prior to it, UN552S R1.300 and prior to it, UN552VS R1.300 and prior to it, UN552 R1.300 and prior to it, UN552V R1.300 and prior to it, UX552S R1.300 and prior to it, UN552 R1.300 and prior to it, V864Q R2.000 and prior to it, C861Q R2.000 and prior to it, P754Q R2.000 and prior to it, V754Q R2.000 and prior to it, C751Q R2.000 and prior to it, V964Q R2.000 and prior to it, C961Q R2.000 and prior to it, P654Q R2.000 and prior to it, V654Q R2.000 and prior to it, C651Q R2.000 and prior to it, V554Q R2.000 and prior to it) allows an attacker a buffer overflow and to execute remote code by sending long parameters that contains specific characters in http request."
"value": "Sharp NEC Displays (UN462A R1.300 and prior to it, UN462VA R1.300 and prior to it, UN492S R1.300 and prior to it, UN492VS R1.300 and prior to it, UN552A R1.300 and prior to it, UN552S R1.300 and prior to it, UN552VS R1.300 and prior to it, UN552 R1.300 and prior to it, UN552V R1.300 and prior to it, UX552S R1.300 and prior to it, UN552 R1.300 and prior to it, V864Q R2.000 and prior to it, C861Q R2.000 and prior to it, P754Q R2.000 and prior to it, V754Q R2.000 and prior to it, C751Q R2.000 and prior to it, V964Q R2.000 and prior to it, C961Q R2.000 and prior to it, P654Q R2.000 and prior to it, V654Q R2.000 and prior to it, C651Q R2.000 and prior to it, V554Q R2.000 and prior to it, P404 R3.300 and prior to it, P484 R3.300 and prior to it, P554 R3.300 and prior to it, V404 R3.300 and prior to it, V484 R3.300 and prior to it, V554 R3.300 and prior to it, V404-T R3.300 and prior to it, V484-T R3.300 and prior to it, V554-T R3.300 and prior to it, C501 R2.100 and prior to it, C551 R2.100 and prior to it, C431 R2.100 and prior to it) allows an attacker a buffer overflow and to execute remote code by sending long parameters that contains specific characters in http request."
}
]
}

67
2021/34xxx/CVE-2021-34820.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-34820",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-34820",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Web Path Directory Traversal in the Novus HTTP Server. The Novus HTTP Server is affected by the Directory Traversal for Arbitrary File Access vulnerability. A remote, unauthenticated attacker using an HTTP GET request may be able to exploit this issue to access sensitive data. The issue was discovered in the NMS (Novus Management System) software through 1.51.2"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "FULLDISC",
"name": "20210709 Novus Managment System Vulnerabilities (CVE-2021-34820, CVE-2021-38421)",
"url": "http://seclists.org/fulldisclosure/2021/Jul/20"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/163453/Novus-Management-System-Directory-Traversal-Cross-Site-Scripting.html",
"url": "http://packetstormsecurity.com/files/163453/Novus-Management-System-Directory-Traversal-Cross-Site-Scripting.html"
}
]
}

62
2021/34xxx/CVE-2021-34821.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-34821",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-34821",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross Site Scripting (XSS) vulnerability exists in AAT Novus Management System through 1.51.2. The WebUI has wrong HTTP 404 error handling implemented. A remote, unauthenticated attacker may be able to exploit the issue by sending malicious HTTP requests to non-existing URIs. The value of the URL path filename is copied into the HTML document as plain text tags."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "FULLDISC",
"name": "FULLDISC: 20210709 Novus Managment System Vulnerabilities (CVE-2021-34820, CVE-2021-38421)",
"url": "https://seclists.org/fulldisclosure/2021/Jul/20"
}
]
}