admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-01-26 18:07:03 +00:00
parent 5513dfc2e2
commit 85862c32c1
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
73 changed files with 1570 additions and 82 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2014/8xxx/CVE-2014-8361.json
View File

@ -76,6 +76,11 @@
"name": "37169",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/37169/"
},
{
"refsource": "JVN",
"name": "JVN#47580234",
"url": "http://jvn.jp/en/jp/JVN47580234/index.html"
}
]
}

5
2020/15xxx/CVE-2020-15961.json
View File

@ -99,6 +99,11 @@
"refsource": "DEBIAN",
"name": "DSA-4824",
"url": "https://www.debian.org/security/2021/dsa-4824"
},
{
"refsource": "GENTOO",
"name": "GLSA-202101-30",
"url": "https://security.gentoo.org/glsa/202101-30"
}
]
},

5
2020/15xxx/CVE-2020-15966.json
View File

@ -99,6 +99,11 @@
"refsource": "DEBIAN",
"name": "DSA-4824",
"url": "https://www.debian.org/security/2021/dsa-4824"
},
{
"refsource": "GENTOO",
"name": "GLSA-202101-30",
"url": "https://security.gentoo.org/glsa/202101-30"
}
]
},

5
2020/15xxx/CVE-2020-15969.json
View File

@ -129,6 +129,11 @@
"refsource": "DEBIAN",
"name": "DSA-4824",
"url": "https://www.debian.org/security/2021/dsa-4824"
},
{
"refsource": "GENTOO",
"name": "GLSA-202101-30",
"url": "https://security.gentoo.org/glsa/202101-30"
}
]
},

5
2020/15xxx/CVE-2020-15972.json
View File

@ -79,6 +79,11 @@
"refsource": "DEBIAN",
"name": "DSA-4824",
"url": "https://www.debian.org/security/2021/dsa-4824"
},
{
"refsource": "GENTOO",
"name": "GLSA-202101-30",
"url": "https://security.gentoo.org/glsa/202101-30"
}
]
},

5
2020/15xxx/CVE-2020-15978.json
View File

@ -79,6 +79,11 @@
"refsource": "DEBIAN",
"name": "DSA-4824",
"url": "https://www.debian.org/security/2021/dsa-4824"
},
{
"refsource": "GENTOO",
"name": "GLSA-202101-30",
"url": "https://security.gentoo.org/glsa/202101-30"
}
]
},

5
2020/15xxx/CVE-2020-15985.json
View File

@ -79,6 +79,11 @@
"refsource": "DEBIAN",
"name": "DSA-4824",
"url": "https://www.debian.org/security/2021/dsa-4824"
},
{
"refsource": "GENTOO",
"name": "GLSA-202101-30",
"url": "https://security.gentoo.org/glsa/202101-30"
}
]
},

5
2020/15xxx/CVE-2020-15989.json
View File

@ -79,6 +79,11 @@
"refsource": "DEBIAN",
"name": "DSA-4824",
"url": "https://www.debian.org/security/2021/dsa-4824"
},
{
"refsource": "GENTOO",
"name": "GLSA-202101-30",
"url": "https://security.gentoo.org/glsa/202101-30"
}
]
},

5
2020/16xxx/CVE-2020-16001.json
View File

@ -79,6 +79,11 @@
"refsource": "DEBIAN",
"name": "DSA-4824",
"url": "https://www.debian.org/security/2021/dsa-4824"
},
{
"refsource": "GENTOO",
"name": "GLSA-202101-30",
"url": "https://security.gentoo.org/glsa/202101-30"
}
]
},

5
2020/16xxx/CVE-2020-16002.json
View File

@ -79,6 +79,11 @@
"refsource": "DEBIAN",
"name": "DSA-4824",
"url": "https://www.debian.org/security/2021/dsa-4824"
},
{
"refsource": "GENTOO",
"name": "GLSA-202101-30",
"url": "https://security.gentoo.org/glsa/202101-30"
}
]
},

50
2020/17xxx/CVE-2020-17522.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-17522",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@apache.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Apache Traffic Control",
"version": {
"version_data": [
{
"version_value": "Traffic Control 3.0.0 to 3.1.0, 4.0.0 to 4.1.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r3de212a3da73bcf98fa2db7eafb75b2eb8e131ff466e6efc4284df09%40%3Cdev.trafficcontrol.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r3de212a3da73bcf98fa2db7eafb75b2eb8e131ff466e6efc4284df09%40%3Cdev.trafficcontrol.apache.org%3E"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "When ORT (now via atstccfg) generates ip_allow.config files in Apache Traffic Control 3.0.0 to 3.1.0 and 4.0.0 to 4.1.0, those files include permissions that allow bad actors to push arbitrary content into and remove arbitrary content from CDN cache servers. Additionally, these permissions are potentially extended to IP addresses outside the desired range, resulting in them being granted to clients possibly outside the CDN arcitechture."
}
]
}

91
2020/25xxx/CVE-2020-25169.json
View File

@ -1,18 +1,91 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2021-01-20T05:00:00.000Z",
"ID": "CVE-2020-25169",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Reolink P2P Cameras"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "RLC-4XX series",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "RLC-5XX series",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "RLN-X10 series",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
}
]
},
"vendor_name": "Reolink"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The affected Reolink P2P products do not sufficiently protect data transferred between the local device and Reolink servers. This can allow an attacker to access sensitive information, such as camera feeds."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CLEARTEXT TRANSMISSION OF SENSITIVE INFORMATION CWE-319"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-019-02",
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-019-02"
}
]
},
"source": {
"advisory": "ICSA-21-019-02",
"discovery": "UNKNOWN"
}
}

91
2020/25xxx/CVE-2020-25173.json
View File

@ -1,18 +1,91 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2021-01-20T05:00:00.000Z",
"ID": "CVE-2020-25173",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Reolink P2P Cameras"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "RLC-4XX series",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "RLC-5XX series",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "RLN-X10 series",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
}
]
},
"vendor_name": "Reolink"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An attacker with local network access can obtain a fixed cryptography key which may allow for further compromise of Reolink P2P cameras outside of local network access"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "USE OF HARD-CODED CRYPTOGRAPHIC KEY CWE-321"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-019-02",
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-019-02"
}
]
},
"source": {
"advisory": "ICSA-21-019-02",
"discovery": "UNKNOWN"
}
}

50
2020/27xxx/CVE-2020-27280.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-27280",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "ISPSoft",
"version": {
"version_data": [
{
"version_value": "v3.12 and prior"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "USE AFTER FREE CWE-416"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-021-01",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-021-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A use after free issue has been identified in the way ISPSoft(v3.12 and prior) processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution."
}
]
}

50
2020/27xxx/CVE-2020-27284.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-27284",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "TPEditor",
"version": {
"version_data": [
{
"version_value": "v1.98 and prior"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "OUT-OF-BOUNDS WRITE CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-021-02",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-021-02"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "TPEditor (v1.98 and prior) is vulnerable to two out-of-bounds write instances in the way it processes project files, allowing an attacker to craft a special project file that may permit arbitrary code execution."
}
]
}

50
2020/27xxx/CVE-2020-27288.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-27288",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "TPEditor",
"version": {
"version_data": [
{
"version_value": "v1.98 and prior"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "UNTRUSTED POINTER DEREFERENCE CWE-822"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-021-02",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-021-02"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An untrusted pointer dereference has been identified in the way TPEditor(v1.98 and prior) processes project files, allowing an attacker to craft a special project file that may permit arbitrary code execution."
}
]
}

5
2020/28xxx/CVE-2020-28948.json
View File

@ -91,6 +91,11 @@
"refsource": "DEBIAN",
"name": "DSA-4817",
"url": "https://www.debian.org/security/2020/dsa-4817"
},
{
"refsource": "GENTOO",
"name": "GLSA-202101-23",
"url": "https://security.gentoo.org/glsa/202101-23"
}
]
}

5
2020/28xxx/CVE-2020-28949.json
View File

@ -96,6 +96,11 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/161095/PEAR-Archive_Tar-Arbitrary-File-Write.html",
"url": "http://packetstormsecurity.com/files/161095/PEAR-Archive_Tar-Arbitrary-File-Write.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-202101-23",
"url": "https://security.gentoo.org/glsa/202101-23"
}
]
}

67
2020/36xxx/CVE-2020-36011.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-36011",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-36011",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A cross-site scripting (XSS) issue in Add Patient Form in QDOCS Smart Hospital Management System 3.1 allows a remote attacker to inject arbitrary code via the Name, Guardian Name, Email, Address, Remarks, or Any Known Allergies field."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://qdocs.com",
"refsource": "MISC",
"name": "http://qdocs.com"
},
{
"refsource": "MISC",
"name": "https://www.exploit-db.com/exploits/49290",
"url": "https://www.exploit-db.com/exploits/49290"
}
]
}

5
2020/36xxx/CVE-2020-36193.json
View File

@ -61,6 +61,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210121 [SECURITY] [DLA-2530-1] drupal7 security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00018.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-202101-23",
"url": "https://security.gentoo.org/glsa/202101-23"
}
]
}

5
2020/6xxx/CVE-2020-6467.json
View File

@ -84,6 +84,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2020-77f89ab772",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLFZ5N4EK6I4ZJP5YSKLLVN3ELXEB4XT/"
},
{
"refsource": "GENTOO",
"name": "GLSA-202101-30",
"url": "https://security.gentoo.org/glsa/202101-30"
}
]
},

5
2020/6xxx/CVE-2020-6476.json
View File

@ -84,6 +84,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2020-77f89ab772",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLFZ5N4EK6I4ZJP5YSKLLVN3ELXEB4XT/"
},
{
"refsource": "GENTOO",
"name": "GLSA-202101-30",
"url": "https://security.gentoo.org/glsa/202101-30"
}
]
},

5
2020/6xxx/CVE-2020-6481.json
View File

@ -84,6 +84,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2020-77f89ab772",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLFZ5N4EK6I4ZJP5YSKLLVN3ELXEB4XT/"
},
{
"refsource": "GENTOO",
"name": "GLSA-202101-30",
"url": "https://security.gentoo.org/glsa/202101-30"
}
]
},

5
2020/6xxx/CVE-2020-6483.json
View File

@ -84,6 +84,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2020-77f89ab772",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLFZ5N4EK6I4ZJP5YSKLLVN3ELXEB4XT/"
},
{
"refsource": "GENTOO",
"name": "GLSA-202101-30",
"url": "https://security.gentoo.org/glsa/202101-30"
}
]
},

5
2020/6xxx/CVE-2020-6490.json
View File

@ -84,6 +84,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2020-77f89ab772",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLFZ5N4EK6I4ZJP5YSKLLVN3ELXEB4XT/"
},
{
"refsource": "GENTOO",
"name": "GLSA-202101-30",
"url": "https://security.gentoo.org/glsa/202101-30"
}
]
},

10
2020/6xxx/CVE-2020-6506.json
View File

@ -89,6 +89,16 @@
"refsource": "MLIST",
"name": "[cordova-issues] 20201117 [GitHub] [cordova-plugin-inappbrowser] NiklasMerz merged pull request #792: fix(android): Add mitigation strategy for CVE-2020-6506",
"url": "https://lists.apache.org/thread.html/rc81e12fc9287f8743d59099b1af40f968f1cfec9eac98a63c2c62c69@%3Cissues.cordova.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cordova-commits] 20201117 [cordova-plugin-inappbrowser] branch master updated: fix(android): Add mitigation strategy for CVE-2020-6506 (#792)",
"url": "https://lists.apache.org/thread.html/rf082834ad237f78a63671aec0cef8874f9232b7614529cc3d3e304c5@%3Ccommits.cordova.apache.org%3E"
},
{
"refsource": "GENTOO",
"name": "GLSA-202101-30",
"url": "https://security.gentoo.org/glsa/202101-30"
}
]
},

5
2020/6xxx/CVE-2020-6513.json
View File

@ -99,6 +99,11 @@
"refsource": "DEBIAN",
"name": "DSA-4824",
"url": "https://www.debian.org/security/2021/dsa-4824"
},
{
"refsource": "GENTOO",
"name": "GLSA-202101-30",
"url": "https://security.gentoo.org/glsa/202101-30"
}
]
},

5
2020/6xxx/CVE-2020-6524.json
View File

@ -94,6 +94,11 @@
"refsource": "DEBIAN",
"name": "DSA-4824",
"url": "https://www.debian.org/security/2021/dsa-4824"
},
{
"refsource": "GENTOO",
"name": "GLSA-202101-30",
"url": "https://security.gentoo.org/glsa/202101-30"
}
]
},

5
2020/6xxx/CVE-2020-6529.json
View File

@ -94,6 +94,11 @@
"refsource": "DEBIAN",
"name": "DSA-4824",
"url": "https://www.debian.org/security/2021/dsa-4824"
},
{
"refsource": "GENTOO",
"name": "GLSA-202101-30",
"url": "https://security.gentoo.org/glsa/202101-30"
}
]
},

5
2020/6xxx/CVE-2020-6534.json
View File

@ -94,6 +94,11 @@
"refsource": "DEBIAN",
"name": "DSA-4824",
"url": "https://www.debian.org/security/2021/dsa-4824"
},
{
"refsource": "GENTOO",
"name": "GLSA-202101-30",
"url": "https://security.gentoo.org/glsa/202101-30"
}
]
},

5
2020/6xxx/CVE-2020-6542.json
View File

@ -69,6 +69,11 @@
"refsource": "DEBIAN",
"name": "DSA-4824",
"url": "https://www.debian.org/security/2021/dsa-4824"
},
{
"refsource": "GENTOO",
"name": "GLSA-202101-30",
"url": "https://security.gentoo.org/glsa/202101-30"
}
]
},

5
2020/6xxx/CVE-2020-6545.json
View File

@ -64,6 +64,11 @@
"refsource": "DEBIAN",
"name": "DSA-4824",
"url": "https://www.debian.org/security/2021/dsa-4824"
},
{
"refsource": "GENTOO",
"name": "GLSA-202101-30",
"url": "https://security.gentoo.org/glsa/202101-30"
}
]
},

5
2020/6xxx/CVE-2020-6548.json
View File

@ -64,6 +64,11 @@
"refsource": "DEBIAN",
"name": "DSA-4824",
"url": "https://www.debian.org/security/2021/dsa-4824"
},
{
"refsource": "GENTOO",
"name": "GLSA-202101-30",
"url": "https://security.gentoo.org/glsa/202101-30"
}
]
},

5
2020/6xxx/CVE-2020-6550.json
View File

@ -69,6 +69,11 @@
"refsource": "DEBIAN",
"name": "DSA-4824",
"url": "https://www.debian.org/security/2021/dsa-4824"
},
{
"refsource": "GENTOO",
"name": "GLSA-202101-30",
"url": "https://security.gentoo.org/glsa/202101-30"
}
]
},

5
2020/6xxx/CVE-2020-6555.json
View File

@ -69,6 +69,11 @@
"refsource": "DEBIAN",
"name": "DSA-4824",
"url": "https://www.debian.org/security/2021/dsa-4824"
},
{
"refsource": "GENTOO",
"name": "GLSA-202101-30",
"url": "https://security.gentoo.org/glsa/202101-30"
}
]
},

5
2020/6xxx/CVE-2020-6559.json
View File

@ -79,6 +79,11 @@
"refsource": "DEBIAN",
"name": "DSA-4824",
"url": "https://www.debian.org/security/2021/dsa-4824"
},
{
"refsource": "GENTOO",
"name": "GLSA-202101-30",
"url": "https://security.gentoo.org/glsa/202101-30"
}
]
},

5
2020/6xxx/CVE-2020-6562.json
View File

@ -79,6 +79,11 @@
"refsource": "DEBIAN",
"name": "DSA-4824",
"url": "https://www.debian.org/security/2021/dsa-4824"
},
{
"refsource": "GENTOO",
"name": "GLSA-202101-30",
"url": "https://security.gentoo.org/glsa/202101-30"
}
]
},

5
2020/6xxx/CVE-2020-6571.json
View File

@ -79,6 +79,11 @@
"refsource": "DEBIAN",
"name": "DSA-4824",
"url": "https://www.debian.org/security/2021/dsa-4824"
},
{
"refsource": "GENTOO",
"name": "GLSA-202101-30",
"url": "https://security.gentoo.org/glsa/202101-30"
}
]
},

55
2020/9xxx/CVE-2020-9492.json
View File

@ -4,14 +4,63 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-9492",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@apache.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Apache Hadoop",
"version": {
"version_data": [
{
"version_value": "Apache Hadoop 3.2.0 to 3.2.1, 3.0.0-alpha1 to 3.1.3, 2.0.0-alpha to 2.10.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege Escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r513758942356ccd0d14538ba18a09903fc72716d74be1cb727ea91ff%40%3Cgeneral.hadoop.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r513758942356ccd0d14538ba18a09903fc72716d74be1cb727ea91ff%40%3Cgeneral.hadoop.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[announce] 20210125 [CVE-2020-9492] Apache Hadoop Potential privilege escalation",
"url": "https://lists.apache.org/thread.html/rca4516b00b55b347905df45e5d0432186248223f30497db87aba8710@%3Cannounce.apache.org%3E"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In Apache Hadoop 3.2.0 to 3.2.1, 3.0.0-alpha1 to 3.1.3, and 2.0.0-alpha to 2.10.0, WebHDFS client might send SPNEGO authorization header to remote URL without proper verification."
}
]
}

8
2021/21xxx/CVE-2021-21615.json
View File

@ -1,7 +1,8 @@
{
"CVE_data_meta": {
"ID": "CVE-2021-21615",
"ASSIGNER": "jenkinsci-cert@googlegroups.com"
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
@ -60,6 +61,11 @@
"name": "https://www.jenkins.io/security/advisory/2021-01-26/#SECURITY-2197",
"url": "https://www.jenkins.io/security/advisory/2021-01-26/#SECURITY-2197",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20210126 Vulnerability in Jenkins",
"url": "http://www.openwall.com/lists/oss-security/2021/01/26/2"
}
]
}

18
2021/23xxx/CVE-2021-23136.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-23136",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/23xxx/CVE-2021-23140.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-23140",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/23xxx/CVE-2021-23146.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-23146",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/23xxx/CVE-2021-23155.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-23155",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/23xxx/CVE-2021-23162.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-23162",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/23xxx/CVE-2021-23167.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-23167",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/23xxx/CVE-2021-23182.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-23182",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/23xxx/CVE-2021-23185.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-23185",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/23xxx/CVE-2021-23193.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-23193",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/23xxx/CVE-2021-23197.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-23197",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/23xxx/CVE-2021-23199.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-23199",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/23xxx/CVE-2021-23204.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-23204",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/23xxx/CVE-2021-23205.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-23205",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/23xxx/CVE-2021-23211.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-23211",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/23xxx/CVE-2021-23212.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-23212",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/23xxx/CVE-2021-23220.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-23220",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/23xxx/CVE-2021-23224.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-23224",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/23xxx/CVE-2021-23230.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-23230",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/23xxx/CVE-2021-23232.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-23232",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

62
2021/25xxx/CVE-2021-25863.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-25863",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-25863",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Open5GS 2.1.3 listens on 0.0.0.0:3000 and has a default password of 1423 for the admin account."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/open5gs/open5gs/issues/764",
"refsource": "MISC",
"name": "https://github.com/open5gs/open5gs/issues/764"
}
]
}

62
2021/25xxx/CVE-2021-25864.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-25864",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-25864",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "node-red-contrib-huemagic 3.0.0 is affected by hue/assets/..%2F Directory Traversal.in the res.sendFile API, used in file hue-magic.js, to fetch an arbitrary file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/Foddy/node-red-contrib-huemagic/issues/217",
"refsource": "MISC",
"name": "https://github.com/Foddy/node-red-contrib-huemagic/issues/217"
}
]
}

18
2021/26xxx/CVE-2021-26246.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-26246",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

62
2021/26xxx/CVE-2021-26266.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-26266",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "cPanel before 92.0.9 allows a Reseller to bypass the suspension lock (SEC-578)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://docs.cpanel.net/changelogs/92-change-log/",
"refsource": "MISC",
"name": "https://docs.cpanel.net/changelogs/92-change-log/"
}
]
}
}

62
2021/26xxx/CVE-2021-26267.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-26267",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "cPanel before 92.0.9 allows a MySQL user (who has an old-style password hash) to bypass suspension (SEC-579)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://docs.cpanel.net/changelogs/92-change-log/",
"refsource": "MISC",
"name": "https://docs.cpanel.net/changelogs/92-change-log/"
}
]
}
}

18
2021/26xxx/CVE-2021-26268.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-26268",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/26xxx/CVE-2021-26269.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-26269",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

67
2021/3xxx/CVE-2021-3114.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3114",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-3114",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://groups.google.com/g/golang-announce/c/mperVMGa98w",
"url": "https://groups.google.com/g/golang-announce/c/mperVMGa98w"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/golang/go/commit/d95ca9138026cbe40e0857d76a81a16d03230871",
"url": "https://github.com/golang/go/commit/d95ca9138026cbe40e0857d76a81a16d03230871"
}
]
}

67
2021/3xxx/CVE-2021-3115.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3115",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-3115",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the \"go get\" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://groups.google.com/g/golang-announce/c/mperVMGa98w",
"url": "https://groups.google.com/g/golang-announce/c/mperVMGa98w"
},
{
"refsource": "CONFIRM",
"name": "https://blog.golang.org/path-security",
"url": "https://blog.golang.org/path-security"
}
]
}

5
2021/3xxx/CVE-2021-3181.json
View File

@ -81,6 +81,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210120 [SECURITY] [DLA 2529-1] mutt security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00017.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-202101-25",
"url": "https://security.gentoo.org/glsa/202101-25"
}
]
}

67
2021/3xxx/CVE-2021-3223.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3223",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-3223",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Node-RED-Dashboard before 2.26.2 allows ui_base/js/..%2f directory traversal to read files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/node-red/node-red-dashboard/issues/669",
"refsource": "MISC",
"name": "https://github.com/node-red/node-red-dashboard/issues/669"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/node-red/node-red-dashboard/releases/tag/2.26.2",
"url": "https://github.com/node-red/node-red-dashboard/releases/tag/2.26.2"
}
]
}

62
2021/3xxx/CVE-2021-3291.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3291",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-3291",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Zen Cart 1.5.7b allows admins to execute arbitrary OS commands by inspecting an HTML radio input element (within the modules edit page) and inserting a command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/MucahitSaratar/zencart_auth_rce_poc",
"url": "https://github.com/MucahitSaratar/zencart_auth_rce_poc"
}
]
}

72
2021/3xxx/CVE-2021-3297.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3297",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-3297",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "On Zyxel NBG2105 V1.00(AAGU.2)C0 devices, setting the login cookie to 1 provides administrator access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.zyxel.com/us/en/support/security_advisories.shtml",
"refsource": "MISC",
"name": "https://www.zyxel.com/us/en/support/security_advisories.shtml"
},
{
"url": "https://www.zyxel.com/support/SupportLandingSR.shtml?c=gb&l=en&kbid=M-01490&md=NBG2105",
"refsource": "MISC",
"name": "https://www.zyxel.com/support/SupportLandingSR.shtml?c=gb&l=en&kbid=M-01490&md=NBG2105"
},
{
"refsource": "MISC",
"name": "https://github.com/nieldk/vulnerabilities/blob/main/zyxel%20nbg2105/Admin%20bypass",
"url": "https://github.com/nieldk/vulnerabilities/blob/main/zyxel%20nbg2105/Admin%20bypass"
}
]
}

62
2021/3xxx/CVE-2021-3304.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3304",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-3304",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sagemcom F@ST 3686 v2 3.495 devices have a buffer overflow via a long sessionKey to the goform/login URI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://twitter.com/j0nh4t/status/1349649975479840769",
"refsource": "MISC",
"name": "https://twitter.com/j0nh4t/status/1349649975479840769"
}
]
}