admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-05-21 18:00:40 +00:00
parent 8da5a09f05
commit 7d964ebd94
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
16 changed files with 366 additions and 114 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
2020/23xxx/CVE-2020-23765.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-23765",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-23765",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A file upload vulnerability was discovered in the file path /bl-plugins/backup/plugin.php on Bludit version 3.12.0. If an attacker is able to gain Administrator rights they will be able to use unsafe plugins to upload a backup file and control the server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/bludit/bludit/issues/1218",
"refsource": "MISC",
"name": "https://github.com/bludit/bludit/issues/1218"
}
]
}

56
2020/23xxx/CVE-2020-23766.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-23766",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-23766",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An arbitrary file deletion vulnerability was discovered on htmly v2.7.5 which allows remote attackers to use any absolute path to delete any file in the server should they gain Administrator privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/danpros/htmly/issues/412",
"refsource": "MISC",
"name": "https://github.com/danpros/htmly/issues/412"
}
]
}

56
2020/23xxx/CVE-2020-23768.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-23768",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-23768",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An information disclosure vulnerability was discovered in alipay_function.php in the log file of Alibaba payment interface on PHPPYUN prior to version 5.0.1. If exploited, this vulnerability will allow attackers to obtain users' personally identifiable information including e-mail address and telephone numbers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/whiskey-jj/w2s2x2222.github.io/issues/1",
"refsource": "MISC",
"name": "https://github.com/whiskey-jj/w2s2x2222.github.io/issues/1"
}
]
}

5
2020/27xxx/CVE-2020-27216.json
View File

@ -705,6 +705,11 @@
"refsource": "MLIST",
"name": "[beam-issues] 20210520 [jira] [Updated] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216",
"url": "https://lists.apache.org/thread.html/r3042a9dd2973aa229e52d022df7813e4d74b67df73bfa6d97bb0caf8@%3Cissues.beam.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[beam-issues] 20210521 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216",
"url": "https://lists.apache.org/thread.html/r0d95e01f52667f44835c40f6dea72bb4397f33cd70a564ea74f3836d@%3Cissues.beam.apache.org%3E"
}
]
}

2
2021/1xxx/CVE-2021-1084.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "NVIDIA vGPU driver contains a vulnerability in the guest kernel mode driver and Virtual GPU Manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure, tampering of data or denial of service. This affects vGPU version 12.x (prior to 12.2) and version 11.x (prior to 11.4)."
"value": "NVIDIA vGPU driver contains a vulnerability in the guest kernel mode driver and Virtual GPU Manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure, tampering of data or denial of service. This affects vGPU version 12.x (prior to 12.2) and version 11.x (prior to 11.4)."
}
]
},

2
2021/1xxx/CVE-2021-1085.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "NVIDIA vGPU driver contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where there is the potential to write to a shared memory location and manipulate the data after the data has been validated, which may lead to denial of service and escalation of privileges and information disclosure but attacker doesn't have control over what information is obtained. This affects vGPU version 12.x (prior to 12.2), version 11.x (prior to 11.4) and version 8.x (prior to 8.7)."
"value": "NVIDIA vGPU driver contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where there is the potential to write to a shared memory location and manipulate the data after the data has been validated, which may lead to denial of service and escalation of privileges and information disclosure but attacker doesn't have control over what information is obtained. This affects vGPU version 12.x (prior to 12.2), version 11.x (prior to 11.4) and version 8.x (prior to 8.7)."
}
]
},

5
2021/21xxx/CVE-2021-21336.json
View File

@ -83,6 +83,11 @@
"name": "https://github.com/zopefoundation/Products.PluggableAuthService/commit/2dad81128250cb2e5d950cddc9d3c0314a80b4bb",
"refsource": "MISC",
"url": "https://github.com/zopefoundation/Products.PluggableAuthService/commit/2dad81128250cb2e5d950cddc9d3c0314a80b4bb"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20210521 Plone security hotfix 20210518",
"url": "http://www.openwall.com/lists/oss-security/2021/05/21/1"
}
]
},

5
2021/21xxx/CVE-2021-21360.json
View File

@ -83,6 +83,11 @@
"name": "https://github.com/zopefoundation/Products.GenericSetup/commit/700319512b3615b3871a1f24e096cf66dc488c57",
"refsource": "MISC",
"url": "https://github.com/zopefoundation/Products.GenericSetup/commit/700319512b3615b3871a1f24e096cf66dc488c57"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20210521 Plone security hotfix 20210518",
"url": "http://www.openwall.com/lists/oss-security/2021/05/21/1"
}
]
},

5
2021/21xxx/CVE-2021-21551.json
View File

@ -71,6 +71,11 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/162604/Dell-DBUtil_2_3.sys-IOCTL-Memory-Read-Write.html",
"url": "http://packetstormsecurity.com/files/162604/Dell-DBUtil_2_3.sys-IOCTL-Memory-Read-Write.html"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/162739/DELL-dbutil_2_3.sys-2.3-Arbitrary-Write-Privilege-Escalation.html",
"url": "http://packetstormsecurity.com/files/162739/DELL-dbutil_2_3.sys-2.3-Arbitrary-Write-Privilege-Escalation.html"
}
]
}

5
2021/26xxx/CVE-2021-26855.json
View File

@ -171,6 +171,11 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/162610/Microsoft-Exchange-2019-Unauthenticated-Email-Download.html",
"url": "http://packetstormsecurity.com/files/162610/Microsoft-Exchange-2019-Unauthenticated-Email-Download.html"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/162736/Microsoft-Exchange-ProxyLogon-Collector.html",
"url": "http://packetstormsecurity.com/files/162736/Microsoft-Exchange-ProxyLogon-Collector.html"
}
]
}

5
2021/27xxx/CVE-2021-27065.json
View File

@ -161,6 +161,11 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/161938/Microsoft-Exchange-ProxyLogon-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/161938/Microsoft-Exchange-ProxyLogon-Remote-Code-Execution.html"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/162736/Microsoft-Exchange-ProxyLogon-Collector.html",
"url": "http://packetstormsecurity.com/files/162736/Microsoft-Exchange-ProxyLogon-Collector.html"
}
]
}

61
2021/27xxx/CVE-2021-27811.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-27811",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-27811",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A code injection vulnerability has been discovered in the Upgrade function of QibosoftX1 v1.0. An attacker is able execute arbitrary PHP code via exploitation of client_upgrade_edition.php and Upgrade.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/whiskey-jj/w2s2x2222.github.io/issues/2",
"refsource": "MISC",
"name": "https://github.com/whiskey-jj/w2s2x2222.github.io/issues/2"
},
{
"url": "https://www.cnvd.org.cn/flaw/show/2297879",
"refsource": "MISC",
"name": "https://www.cnvd.org.cn/flaw/show/2297879"
}
]
}

176
2021/29xxx/CVE-2021-29681.json
View File

@ -1,90 +1,90 @@
{
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "11.7"
}
]
},
"product_name" : "InfoSphere Information Server"
}
]
}
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"UI" : "N",
"PR" : "N",
"C" : "L",
"S" : "U",
"AC" : "H",
"AV" : "A",
"I" : "N",
"SCORE" : "3.100"
},
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
}
}
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM InfoSphere Information Server 11.7 could allow an attacker to obtain sensitive information by injecting parameters into an HTML query. This information could be used in further attacks against the system. IBM X-Force ID: 199918."
}
]
},
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/6454591",
"name" : "https://www.ibm.com/support/pages/node/6454591",
"title" : "IBM Security Bulletin 6454591 (InfoSphere Information Server)"
},
{
"name" : "ibm-infosphere-cve202129681-info-disc (199917)",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/199917",
"refsource" : "XF"
}
]
},
"data_version" : "4.0",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "11.7"
}
]
},
"product_name": "InfoSphere Information Server"
}
]
}
}
]
}
]
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2021-05-20T00:00:00",
"ID" : "CVE-2021-29681",
"STATE" : "PUBLIC"
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"impact": {
"cvssv3": {
"BM": {
"A": "N",
"UI": "N",
"PR": "N",
"C": "L",
"S": "U",
"AC": "H",
"AV": "A",
"I": "N",
"SCORE": "3.100"
},
"TM": {
"RC": "C",
"RL": "O",
"E": "U"
}
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM InfoSphere Information Server 11.7 could allow an attacker to obtain sensitive information by injecting parameters into an HTML query. This information could be used in further attacks against the system. IBM X-Force ID: 199918."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/pages/node/6454591",
"name": "https://www.ibm.com/support/pages/node/6454591",
"title": "IBM Security Bulletin 6454591 (InfoSphere Information Server)"
},
{
"name": "ibm-infosphere-cve202129681-info-disc (199917)",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/199917",
"refsource": "XF"
}
]
},
"data_version": "4.0",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Obtain Information",
"lang": "eng"
}
]
}
]
},
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2021-05-20T00:00:00",
"ID": "CVE-2021-29681",
"STATE": "PUBLIC"
}
}

5
2021/32xxx/CVE-2021-32633.json
View File

@ -81,6 +81,11 @@
"name": "https://github.com/zopefoundation/Zope/commit/1f8456bf1f908ea46012537d52bd7e752a532c91",
"refsource": "MISC",
"url": "https://github.com/zopefoundation/Zope/commit/1f8456bf1f908ea46012537d52bd7e752a532c91"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20210521 Plone security hotfix 20210518",
"url": "http://www.openwall.com/lists/oss-security/2021/05/21/1"
}
]
},

18
2021/33xxx/CVE-2021-33485.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-33485",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/33xxx/CVE-2021-33486.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-33486",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}