From 7cccf733febf569cd30fed623c69bf4e4d84c28d Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 22 Jul 2021 13:00:50 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2019/20xxx/CVE-2019-20467.json | 61 +++++++++++++++++++++++++++---- 2020/35xxx/CVE-2020-35653.json | 5 +++ 2021/25xxx/CVE-2021-25290.json | 5 +++ 2021/28xxx/CVE-2021-28676.json | 5 +++ 2021/28xxx/CVE-2021-28677.json | 5 +++ 2021/30xxx/CVE-2021-30110.json | 66 ++++++++++++++++++++++++++++++---- 2021/34xxx/CVE-2021-34552.json | 5 +++ 7 files changed, 140 insertions(+), 12 deletions(-) diff --git a/2019/20xxx/CVE-2019-20467.json b/2019/20xxx/CVE-2019-20467.json index af7c15c7e02..8ecf94adade 100644 --- a/2019/20xxx/CVE-2019-20467.json +++ b/2019/20xxx/CVE-2019-20467.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20467", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20467", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 devices. The device by default has a TELNET interface available (which is not advertised or functionally used, but is nevertheless available). Two backdoor accounts (root and default) exist that can be used on this interface. The usernames and passwords of the backdoor accounts are the same on all devices. Attackers can use these backdoor accounts to obtain access and execute code as root within the device." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.sannce.com", + "refsource": "MISC", + "name": "https://www.sannce.com" + }, + { + "refsource": "MISC", + "name": "https://www.eurofins-cybersecurity.com/news/connected-devices-baby-monitors-part-2/", + "url": "https://www.eurofins-cybersecurity.com/news/connected-devices-baby-monitors-part-2/" } ] } diff --git a/2020/35xxx/CVE-2020-35653.json b/2020/35xxx/CVE-2020-35653.json index 24997d7a65a..7b8e741c6f0 100644 --- a/2020/35xxx/CVE-2020-35653.json +++ b/2020/35xxx/CVE-2020-35653.json @@ -66,6 +66,11 @@ "refsource": "FEDORA", "name": "FEDORA-2021-880aa7bd27", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BF553AMNNNBW7SH4IM4MNE4M6GNZQ7YD/" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20210722 [SECURITY] [DLA 2716-1] pillow security update", + "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00018.html" } ] } diff --git a/2021/25xxx/CVE-2021-25290.json b/2021/25xxx/CVE-2021-25290.json index 265a3efc80e..67d02ce60f2 100644 --- a/2021/25xxx/CVE-2021-25290.json +++ b/2021/25xxx/CVE-2021-25290.json @@ -61,6 +61,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-33", "url": "https://security.gentoo.org/glsa/202107-33" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20210722 [SECURITY] [DLA 2716-1] pillow security update", + "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00018.html" } ] } diff --git a/2021/28xxx/CVE-2021-28676.json b/2021/28xxx/CVE-2021-28676.json index d724e6bff20..13a3d4af14c 100644 --- a/2021/28xxx/CVE-2021-28676.json +++ b/2021/28xxx/CVE-2021-28676.json @@ -71,6 +71,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-33", "url": "https://security.gentoo.org/glsa/202107-33" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20210722 [SECURITY] [DLA 2716-1] pillow security update", + "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00018.html" } ] } diff --git a/2021/28xxx/CVE-2021-28677.json b/2021/28xxx/CVE-2021-28677.json index 63f9354914e..dc60444d44b 100644 --- a/2021/28xxx/CVE-2021-28677.json +++ b/2021/28xxx/CVE-2021-28677.json @@ -71,6 +71,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-33", "url": "https://security.gentoo.org/glsa/202107-33" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20210722 [SECURITY] [DLA 2716-1] pillow security update", + "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00018.html" } ] } diff --git a/2021/30xxx/CVE-2021-30110.json b/2021/30xxx/CVE-2021-30110.json index 21c0e206313..a24dc18d94e 100644 --- a/2021/30xxx/CVE-2021-30110.json +++ b/2021/30xxx/CVE-2021-30110.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-30110", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-30110", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "dttray.exe in Greyware Automation Products Inc Domain Time II before 5.2.b.20210331 allows remote attackers to execute arbitrary code via a URL to a malicious update in a spoofed response to the UDP query used to check for updates." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.greyware.com/software/domaintime/", + "refsource": "MISC", + "name": "https://www.greyware.com/software/domaintime/" + }, + { + "refsource": "MISC", + "name": "https://blog.grimm-co.com/2021/04/time-for-upgrade.html", + "url": "https://blog.grimm-co.com/2021/04/time-for-upgrade.html" + }, + { + "refsource": "MISC", + "name": "https://www.greyware.com/software/domaintime/v5/installation/v5x.asp#currentVersion", + "url": "https://www.greyware.com/software/domaintime/v5/installation/v5x.asp#currentVersion" } ] } diff --git a/2021/34xxx/CVE-2021-34552.json b/2021/34xxx/CVE-2021-34552.json index 8c73ce13395..8bb9b022f70 100644 --- a/2021/34xxx/CVE-2021-34552.json +++ b/2021/34xxx/CVE-2021-34552.json @@ -61,6 +61,11 @@ "refsource": "MISC", "name": "https://pillow.readthedocs.io/en/stable/releasenotes/8.3.0.html#buffer-overflow", "url": "https://pillow.readthedocs.io/en/stable/releasenotes/8.3.0.html#buffer-overflow" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20210722 [SECURITY] [DLA 2716-1] pillow security update", + "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00018.html" } ] }