admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-01-04 19:02:02 +00:00
parent 0610ebc899
commit 764ae609ee
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
16 changed files with 161 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
2017/14xxx/CVE-2017-14170.json
View File

@ -34,7 +34,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "In libavformat/mxfdec.c in FFmpeg 3.3.3, a DoS in mxf_read_index_entry_array() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted MXF file, which claims a large \"nb_index_entries\" field in the header but does not contain sufficient backing data, is provided, the loop would consume huge CPU resources, since there is no EOF check inside the loop. Moreover, this big loop can be invoked multiple times if there is more than one applicable data segment in the crafted MXF file." "value": "In libavformat/mxfdec.c in FFmpeg 3.3.3 -> 2.4, a DoS in mxf_read_index_entry_array() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted MXF file, which claims a large \"nb_index_entries\" field in the header but does not contain sufficient backing data, is provided, the loop would consume huge CPU resources, since there is no EOF check inside the loop. Moreover, this big loop can be invoked multiple times if there is more than one applicable data segment in the crafted MXF file."
} }
] ]
}, },
@ -71,6 +71,11 @@
"name": "DSA-3996", "name": "DSA-3996",
"refsource": "DEBIAN", "refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3996" "url": "http://www.debian.org/security/2017/dsa-3996"
},
{
"refsource": "MISC",
"name": "https://github.com/FFmpeg/FFmpeg/commit/f173cdfe669556aa92857adafe60cbe5f2aa1210",
"url": "https://github.com/FFmpeg/FFmpeg/commit/f173cdfe669556aa92857adafe60cbe5f2aa1210"
} }
] ]
} }

7
2018/14xxx/CVE-2018-14395.json
View File

@ -34,7 +34,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a denial of service (application crash caused by a divide-by-zero error) with a user crafted audio file when converting to the MOV audio format." "value": "libavformat/movenc.c in FFmpeg 3.2 and 4.0.2 allows attackers to cause a denial of service (application crash caused by a divide-by-zero error) with a user crafted audio file when converting to the MOV audio format."
} }
] ]
}, },
@ -66,6 +66,11 @@
"name": "https://github.com/FFmpeg/FFmpeg/commit/fa19fbcf712a6a6cc5a5cfdc3254a97b9bce6582", "name": "https://github.com/FFmpeg/FFmpeg/commit/fa19fbcf712a6a6cc5a5cfdc3254a97b9bce6582",
"refsource": "MISC", "refsource": "MISC",
"url": "https://github.com/FFmpeg/FFmpeg/commit/fa19fbcf712a6a6cc5a5cfdc3254a97b9bce6582" "url": "https://github.com/FFmpeg/FFmpeg/commit/fa19fbcf712a6a6cc5a5cfdc3254a97b9bce6582"
},
{
"refsource": "MISC",
"name": "https://github.com/FFmpeg/FFmpeg/commit/2c0e98a0b478284bdff6d7a4062522605a8beae5",
"url": "https://github.com/FFmpeg/FFmpeg/commit/2c0e98a0b478284bdff6d7a4062522605a8beae5"
} }
] ]
} }

7
2019/11xxx/CVE-2019-11338.json
View File

@ -34,7 +34,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "libavcodec/hevcdec.c in FFmpeg 4.1.2 mishandles detection of duplicate first slices, which allows remote attackers to cause a denial of service (NULL pointer dereference and out-of-array access) or possibly have unspecified other impact via crafted HEVC data." "value": "libavcodec/hevcdec.c in FFmpeg 3.4 and 4.1.2 mishandles detection of duplicate first slices, which allows remote attackers to cause a denial of service (NULL pointer dereference and out-of-array access) or possibly have unspecified other impact via crafted HEVC data."
} }
] ]
}, },
@ -91,6 +91,11 @@
"refsource": "UBUNTU", "refsource": "UBUNTU",
"name": "USN-4431-1", "name": "USN-4431-1",
"url": "https://usn.ubuntu.com/4431-1/" "url": "https://usn.ubuntu.com/4431-1/"
},
{
"refsource": "MISC",
"name": "https://github.com/FFmpeg/FFmpeg/commit/9ccc633068c6fe76989f487c8932bd11886ad65b",
"url": "https://github.com/FFmpeg/FFmpeg/commit/9ccc633068c6fe76989f487c8932bd11886ad65b"
} }
] ]
} }

7
2019/13xxx/CVE-2019-13164.json
View File

@ -34,7 +34,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "qemu-bridge-helper.c in QEMU 4.0.0 does not ensure that a network interface name (obtained from bridge.conf or a --br=bridge option) is limited to the IFNAMSIZ size, which can lead to an ACL bypass." "value": "qemu-bridge-helper.c in QEMU 3.1 and 4.0.0 does not ensure that a network interface name (obtained from bridge.conf or a --br=bridge option) is limited to the IFNAMSIZ size, which can lead to an ACL bypass."
} }
] ]
}, },
@ -121,6 +121,11 @@
"refsource": "GENTOO", "refsource": "GENTOO",
"name": "GLSA-202003-66", "name": "GLSA-202003-66",
"url": "https://security.gentoo.org/glsa/202003-66" "url": "https://security.gentoo.org/glsa/202003-66"
},
{
"refsource": "MISC",
"name": "https://github.com/qemu/qemu/commit/03d7712b4bcd47bfe0fe14ba2fffa87e111fa086",
"url": "https://github.com/qemu/qemu/commit/03d7712b4bcd47bfe0fe14ba2fffa87e111fa086"
} }
] ]
} }

5
2019/15xxx/CVE-2019-15523.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/LINBIT/csync2/pull/13/commits/92742544a56bcbcd9ec99ca15f898b31797e39e2", "url": "https://github.com/LINBIT/csync2/pull/13/commits/92742544a56bcbcd9ec99ca15f898b31797e39e2",
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/LINBIT/csync2/pull/13/commits/92742544a56bcbcd9ec99ca15f898b31797e39e2" "name": "https://github.com/LINBIT/csync2/pull/13/commits/92742544a56bcbcd9ec99ca15f898b31797e39e2"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210104 [SECURITY] [DLA 2515-1] csync2 security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00003.html"
} }
] ]
} }

5
2019/18xxx/CVE-2019-18641.json
View File

@ -66,6 +66,11 @@
"refsource": "FULLDISC", "refsource": "FULLDISC",
"name": "20210103 Multiple vulnerabilities found in Rock RMS including RCE and account takeover", "name": "20210103 Multiple vulnerabilities found in Rock RMS including RCE and account takeover",
"url": "http://seclists.org/fulldisclosure/2021/Jan/1" "url": "http://seclists.org/fulldisclosure/2021/Jan/1"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/160766/Rock-RMS-File-Upload-Account-Takeover-Information-Disclosure.html",
"url": "http://packetstormsecurity.com/files/160766/Rock-RMS-File-Upload-Account-Takeover-Information-Disclosure.html"
} }
] ]
} }

7
2019/9xxx/CVE-2019-9718.json
View File

@ -34,7 +34,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "In FFmpeg 4.1, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because ff_htmlmarkup_to_ass in libavcodec/htmlsubtitles.c has a complex format argument to sscanf." "value": "In FFmpeg 3.2 and 4.1, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because ff_htmlmarkup_to_ass in libavcodec/htmlsubtitles.c has a complex format argument to sscanf."
} }
] ]
}, },
@ -76,6 +76,11 @@
"refsource": "DEBIAN", "refsource": "DEBIAN",
"name": "DSA-4449", "name": "DSA-4449",
"url": "https://www.debian.org/security/2019/dsa-4449" "url": "https://www.debian.org/security/2019/dsa-4449"
},
{
"refsource": "MISC",
"name": "https://github.com/FFmpeg/FFmpeg/commit/23ccf3cabb4baf6e8af4b1af3fcc59c904736f21",
"url": "https://github.com/FFmpeg/FFmpeg/commit/23ccf3cabb4baf6e8af4b1af3fcc59c904736f21"
} }
] ]
} }

5
2020/12xxx/CVE-2020-12658.json
View File

@ -66,6 +66,11 @@
"url": "https://github.com/gssapi/gssproxy/commit/cb761412e299ef907f22cd7c4146d50c8a792003", "url": "https://github.com/gssapi/gssproxy/commit/cb761412e299ef907f22cd7c4146d50c8a792003",
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/gssapi/gssproxy/commit/cb761412e299ef907f22cd7c4146d50c8a792003" "name": "https://github.com/gssapi/gssproxy/commit/cb761412e299ef907f22cd7c4146d50c8a792003"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210104 [SECURITY] [DLA 2516-1] gssproxy security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00004.html"
} }
] ]
} }

27
2020/25xxx/CVE-2020-25507.json
View File

@ -34,7 +34,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "An incorrect permission assignment (chmod 777) of /etc/environment during the installation script of No Magic TeamworkCloud 18.0 through 19.0 allows any local unprivileged user to write to /etc/environment. An attacker can escalate to root by writing arbitrary code to this file, which would be executed by root during the next login, reboot, or sourcing of the environment." "value": "An incorrect permission assignment during the installation script of TeamworkCloud 18.0 thru 19.0 allows a local unprivileged attacker to execute arbitrary code as root. During installation, the user is instructed to set the system enviroment file with world writable permissions (0777 /etc/environment). Any local unprivileged user can execute arbitrary code simply by writing to /etc/environment, which will force all users, including root, to execute arbitrary code during the next login or reboot. In addition, the entire home directory of the twcloud user at /home/twcloud is recursively given world writable permissions. This allows any local unprivileged attacker to execute arbitrary code, as twcloud. This product was previous named Cameo Enterprise Data Warehouse (CEDW)."
} }
] ]
}, },
@ -61,6 +61,31 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2020-002.md", "name": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2020-002.md",
"url": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2020-002.md" "url": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2020-002.md"
},
{
"refsource": "MISC",
"name": "https://sick.codes/sick-2020-002/",
"url": "https://sick.codes/sick-2020-002/"
},
{
"refsource": "CONFIRM",
"name": "https://community.nomagic.com/finding-and-fixing-wrong-file-permission-twc-installation-t7165.html",
"url": "https://community.nomagic.com/finding-and-fixing-wrong-file-permission-twc-installation-t7165.html"
},
{
"refsource": "MISC",
"name": "https://sick.codes/finding-a-vulnerability-in-teamwork-cloud-server-nomagic-3ds-which-is-used-by-gov-enterprise-to-design-rockets-missiles-and-satellites",
"url": "https://sick.codes/finding-a-vulnerability-in-teamwork-cloud-server-nomagic-3ds-which-is-used-by-gov-enterprise-to-design-rockets-missiles-and-satellites"
},
{
"refsource": "MISC",
"name": "https://web.archive.org/web/20201219155833/https://docs.nomagic.com/pages/viewpage.action?pageId=20846937",
"url": "https://web.archive.org/web/20201219155833/https://docs.nomagic.com/pages/viewpage.action?pageId=20846937"
},
{
"refsource": "MISC",
"name": "https://web.archive.org/web/20201219095507/https://docs.nomagic.com/display/TWCloud185SP1/Installation+on+Centos+7.",
"url": "https://web.archive.org/web/20201219095507/https://docs.nomagic.com/display/TWCloud185SP1/Installation+on+Centos+7."
} }
] ]
} }

2
2020/26xxx/CVE-2020-26292.json
View File

@ -35,7 +35,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "Creeper is an experimental dynamic, interpreted language. The binary release of Creeper Interpreter 1.1.3 contains potential malware. The compromised binary release was available for a few hours between December 26, 2020 at 3:22 PM EST to December 26, 2020 at 11:00 PM EST. \n\nIf you used the source code, you are **NOT** affected. This only affects the binary releases.\n\nThe binary of unknown quality has been removed from the release. If you have downloaded the binary, please delete it and run a reputable antivirus scanner to ensure that your computer is clean." "value": "Creeper is an experimental dynamic, interpreted language. The binary release of Creeper Interpreter 1.1.3 contains potential malware. The compromised binary release was available for a few hours between December 26, 2020 at 3:22 PM EST to December 26, 2020 at 11:00 PM EST. If you used the source code, you are **NOT** affected. This only affects the binary releases. The binary of unknown quality has been removed from the release. If you have downloaded the binary, please delete it and run a reputable antivirus scanner to ensure that your computer is clean."
} }
] ]
}, },

2
2020/26xxx/CVE-2020-26293.json
View File

@ -35,7 +35,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "HtmlSanitizer is a .NET library for cleaning HTML fragments and documents from constructs that can lead to XSS attacks. In HtmlSanitizer before version 5.0.372, there is a possible XSS bypass if style tag is allowed.\n\nIf you have explicitly allowed the `<style>` tag, an attacker could craft HTML that includes script after passing through the sanitizer. The default settings disallow the `<style>` tag so there is no risk if you have not explicitly allowed the `<style>` tag.\n\nThe problem has been fixed in version 5.0.372." "value": "HtmlSanitizer is a .NET library for cleaning HTML fragments and documents from constructs that can lead to XSS attacks. In HtmlSanitizer before version 5.0.372, there is a possible XSS bypass if style tag is allowed. If you have explicitly allowed the `<style>` tag, an attacker could craft HTML that includes script after passing through the sanitizer. The default settings disallow the `<style>` tag so there is no risk if you have not explicitly allowed the `<style>` tag. The problem has been fixed in version 5.0.372."
} }
] ]
}, },

2
2020/26xxx/CVE-2020-26294.json
View File

@ -35,7 +35,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "Vela is a Pipeline Automation (CI/CD) framework built on Linux container technology written in Golang. In Vela compiler before version 0.6.1 there is a vulnerability which allows exposure of server configuration. It impacts all users of Vela.\n\nAn attacker can use Sprig's `env` function to retrieve configuration information, see referenced GHSA for an example.\n\nThis has been fixed in version 0.6.1. In addition to upgrading, it is recommended to rotate all secrets.\n" "value": "Vela is a Pipeline Automation (CI/CD) framework built on Linux container technology written in Golang. In Vela compiler before version 0.6.1 there is a vulnerability which allows exposure of server configuration. It impacts all users of Vela. An attacker can use Sprig's `env` function to retrieve configuration information, see referenced GHSA for an example. This has been fixed in version 0.6.1. In addition to upgrading, it is recommended to rotate all secrets."
} }
] ]
}, },

2
2020/26xxx/CVE-2020-26297.json
View File

@ -35,7 +35,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "mdBook is a utility to create modern online books from Markdown files and is written in Rust. In mdBook before version 0.4.5, there is a vulnerability affecting the search feature of mdBook, which could allow an attacker to execute arbitrary JavaScript code on the page.\n\nThe search feature of mdBook (introduced in version 0.1.4) was affected by a cross site scripting vulnerability that allowed an attacker to execute arbitrary JavaScript code on an user's browser by tricking the user into typing a malicious search query, or tricking the user into clicking a link to the search page with the malicious search query prefilled.\n\nmdBook 0.4.5 fixes the vulnerability by properly escaping the search query.\n\nOwners of websites built with mdBook have to upgrade to mdBook 0.4.5 or greater and rebuild their website contents with it." "value": "mdBook is a utility to create modern online books from Markdown files and is written in Rust. In mdBook before version 0.4.5, there is a vulnerability affecting the search feature of mdBook, which could allow an attacker to execute arbitrary JavaScript code on the page. The search feature of mdBook (introduced in version 0.1.4) was affected by a cross site scripting vulnerability that allowed an attacker to execute arbitrary JavaScript code on an user's browser by tricking the user into typing a malicious search query, or tricking the user into clicking a link to the search page with the malicious search query prefilled. mdBook 0.4.5 fixes the vulnerability by properly escaping the search query. Owners of websites built with mdBook have to upgrade to mdBook 0.4.5 or greater and rebuild their website contents with it."
} }
] ]
}, },

2
2020/35xxx/CVE-2020-35717.json
View File

@ -34,7 +34,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "zonote through 0.4.0 allows XSS via a crafted note, with resultant Remote Code Execution (because nodeIntegration in webPreferences is true)." "value": "zonote <=0.4.0 allows XSS via crafted note, with resultant Remote Code Execution (because Node.js integration is enabled)."
} }
] ]
}, },

18
2021/3xxx/CVE-2021-3013.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3013",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

67
2021/3xxx/CVE-2021-3014.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-3014",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In MikroTik RouterOS through 2021-01-04, the hotspot login page is vulnerable to reflected XSS via the target parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://m4dm0e.github.io/2021/01/04/mikrotik-xss-reflected.html",
"refsource": "MISC",
"name": "https://m4dm0e.github.io/2021/01/04/mikrotik-xss-reflected.html"
},
{
"url": "https://github.com/M4DM0e/m4dm0e.github.io/blob/gh-pages/_posts/2021-01-04-mikrotik-xss-reflected.md",
"refsource": "MISC",
"name": "https://github.com/M4DM0e/m4dm0e.github.io/blob/gh-pages/_posts/2021-01-04-mikrotik-xss-reflected.md"
}
]
}
}