From 7a2034ed4e95f5d1d7f2dd0ef98065bde6da77e7 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 21 Apr 2021 19:00:45 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2020/28xxx/CVE-2020-28973.json | 56 ++++++++++++++++++++++++++---- 2021/31xxx/CVE-2021-31523.json | 62 ++++++++++++++++++++++++++++++++++ 2 files changed, 112 insertions(+), 6 deletions(-) create mode 100644 2021/31xxx/CVE-2021-31523.json diff --git a/2020/28xxx/CVE-2020-28973.json b/2020/28xxx/CVE-2020-28973.json index daf72f0c5fe..ebff913031c 100644 --- a/2020/28xxx/CVE-2020-28973.json +++ b/2020/28xxx/CVE-2020-28973.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-28973", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-28973", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The ABUS Secvest wireless alarm system FUAA50000 (v3.01.17) fails to properly authenticate some requests to its built-in HTTPS interface. Someone can use this vulnerability to obtain sensitive information from the system, such as usernames and passwords. This information can then be used to reconfigure or disable the alarm system." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://eye.security/en/blog/breaking-abus-secvest-internet-connected-alarm-systems-cve-2020-28973", + "url": "https://eye.security/en/blog/breaking-abus-secvest-internet-connected-alarm-systems-cve-2020-28973" } ] } diff --git a/2021/31xxx/CVE-2021-31523.json b/2021/31xxx/CVE-2021-31523.json new file mode 100644 index 00000000000..39d77db43e0 --- /dev/null +++ b/2021/31xxx/CVE-2021-31523.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2021-31523", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Debian xscreensaver 5.42+dfsg1-1 package for XScreenSaver has cap_net_raw enabled for the /usr/libexec/xscreensaver/sonar file, which allows local users to gain privileges because this is arguably incompatible with the design of the Mesa 3D Graphics library dependency." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.openwall.com/lists/oss-security/2021/04/17/1", + "refsource": "MISC", + "name": "https://www.openwall.com/lists/oss-security/2021/04/17/1" + } + ] + } +} \ No newline at end of file