admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-21 05:40:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-04-07 22:00:40 +00:00
parent 9f1381c5ec
commit a951b0ae89
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
13 changed files with 353 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2020/13xxx/CVE-2020-13933.json
View File

@ -108,6 +108,11 @@
"refsource": "MLIST",
"name": "[shiro-dev] 20210331 Re: Request for assistance to backport CVE-2020-13933 fix",
"url": "https://lists.apache.org/thread.html/r9d93dfb5df016b1a71a808486bc8f9fbafebbdbc8533625f91253f1d@%3Cdev.shiro.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[shiro-dev] 20210407 Re: Request for assistance to backport CVE-2020-13933 fix",
"url": "https://lists.apache.org/thread.html/re25b8317b00a50272a7252c4552cf1a81a97984cc2111ef7728e48e0@%3Cdev.shiro.apache.org%3E"
}
]
},

5
2020/14xxx/CVE-2020-14166.json
View File

@ -58,6 +58,11 @@
"url": "https://jira.atlassian.com/browse/JSDSERVER-6895",
"refsource": "MISC",
"name": "https://jira.atlassian.com/browse/JSDSERVER-6895"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/162107/Atlassian-Jira-Service-Desk-4.9.1-Cross-Site-Scripting.html",
"url": "http://packetstormsecurity.com/files/162107/Atlassian-Jira-Service-Desk-4.9.1-Cross-Site-Scripting.html"
}
]
}

5
2020/16xxx/CVE-2020-16040.json
View File

@ -59,6 +59,11 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/162087/Google-Chrome-86.0.4240-V8-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/162087/Google-Chrome-86.0.4240-V8-Remote-Code-Execution.html"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/162106/Google-Chrome-86.0.4240-V8-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/162106/Google-Chrome-86.0.4240-V8-Remote-Code-Execution.html"
}
]
},

5
2020/17xxx/CVE-2020-17510.json
View File

@ -78,6 +78,11 @@
"refsource": "MLIST",
"name": "[shiro-dev] 20210331 Re: Request for assistance to backport CVE-2020-13933 fix",
"url": "https://lists.apache.org/thread.html/r9d93dfb5df016b1a71a808486bc8f9fbafebbdbc8533625f91253f1d@%3Cdev.shiro.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[shiro-dev] 20210407 Re: Request for assistance to backport CVE-2020-13933 fix",
"url": "https://lists.apache.org/thread.html/re25b8317b00a50272a7252c4552cf1a81a97984cc2111ef7728e48e0@%3Cdev.shiro.apache.org%3E"
}
]
},

5
2020/17xxx/CVE-2020-17523.json
View File

@ -63,6 +63,11 @@
"refsource": "MLIST",
"name": "[shiro-dev] 20210331 Re: Request for assistance to backport CVE-2020-13933 fix",
"url": "https://lists.apache.org/thread.html/r9d93dfb5df016b1a71a808486bc8f9fbafebbdbc8533625f91253f1d@%3Cdev.shiro.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[shiro-dev] 20210407 Re: Request for assistance to backport CVE-2020-13933 fix",
"url": "https://lists.apache.org/thread.html/re25b8317b00a50272a7252c4552cf1a81a97984cc2111ef7728e48e0@%3Cdev.shiro.apache.org%3E"
}
]
},

5
2020/5xxx/CVE-2020-5377.json
View File

@ -66,6 +66,11 @@
"refsource": "MISC",
"url": "https://www.dell.com/support/article/en-us/sln322304/dsa-2020-172-dell-emc-openmanage-server-administrator-omsa-path-traversal-vulnerability?lang=en",
"name": "https://www.dell.com/support/article/en-us/sln322304/dsa-2020-172-dell-emc-openmanage-server-administrator-omsa-path-traversal-vulnerability?lang=en"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/162110/Dell-OpenManage-Server-Administrator-9.4.0.0-File-Read.html",
"url": "http://packetstormsecurity.com/files/162110/Dell-OpenManage-Server-Administrator-9.4.0.0-File-Read.html"
}
]
}

5
2020/6xxx/CVE-2020-6507.json
View File

@ -64,6 +64,11 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/162088/Google-Chrome-81.0.4044-V8-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/162088/Google-Chrome-81.0.4044-V8-Remote-Code-Execution.html"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/162105/Google-Chrome-81.0.4044-V8-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/162105/Google-Chrome-81.0.4044-V8-Remote-Code-Execution.html"
}
]
},

71
2021/29xxx/CVE-2021-29641.json
View File

@ -1,17 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-29641",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-29641",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Directus 8 before 8.8.2 allows remote authenticated users to execute arbitrary code because file-upload permissions include the ability to upload a .php file to the main upload directory and/or upload a .php file and a .htaccess file to a subdirectory. Exploitation succeeds only for certain installations with the Apache HTTP Server and the local-storage driver (e.g., when the product was obtained from hub.docker.com)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://hub.docker.com/layers/directus/directus/v8.8.2-apache/images/sha256-d9898b6442b0150c3c377b50e706757f35d2d563bd82ddaf97f3ae4ba450a6e6?context=explore",
"refsource": "MISC",
"name": "https://hub.docker.com/layers/directus/directus/v8.8.2-apache/images/sha256-d9898b6442b0150c3c377b50e706757f35d2d563bd82ddaf97f3ae4ba450a6e6?context=explore"
},
{
"refsource": "FULLDISC",
"name": "20210407 SEC Consult SA-20210407-0 :: Arbitrary File Upload and Bypassing .htaccess Rules in Monospace Directus Headless CMS",
"url": "http://seclists.org/fulldisclosure/2021/Apr/14"
},
{
"refsource": "MISC",
"name": "https://sec-consult.com/de/vulnerability-lab/advisory/arbitrary-file-upload-and-bypassing-htaccess-rules-in-monospace-directus-headless-cms/",
"url": "https://sec-consult.com/de/vulnerability-lab/advisory/arbitrary-file-upload-and-bypassing-htaccess-rules-in-monospace-directus-headless-cms/"
},
{
"refsource": "MISC",
"name": "https://sec-consult.com/vulnerability-lab/advisory/arbitrary-file-upload-and-bypassing-htaccess-rules-in-monospace-directus-headless-cms/",
"url": "https://sec-consult.com/vulnerability-lab/advisory/arbitrary-file-upload-and-bypassing-htaccess-rules-in-monospace-directus-headless-cms/"
}
]
}

5
2021/30xxx/CVE-2021-30150.json
View File

@ -56,6 +56,11 @@
"url": "https://gitlab.com/composr-foundation/composr/commit/833a06466",
"refsource": "MISC",
"name": "https://gitlab.com/composr-foundation/composr/commit/833a06466"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/162111/Composr-CMS-10.0.36-Cross-Site-Scripting.html",
"url": "http://packetstormsecurity.com/files/162111/Composr-CMS-10.0.36-Cross-Site-Scripting.html"
}
]
}

62
2021/30xxx/CVE-2021-30454.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-30454",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the outer_cgi crate before 0.2.1 for Rust. A user-provided Read instance receives an uninitialized memory buffer from KeyValueReader."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://rustsec.org/advisories/RUSTSEC-2021-0051.html",
"refsource": "MISC",
"name": "https://rustsec.org/advisories/RUSTSEC-2021-0051.html"
}
]
}
}

62
2021/30xxx/CVE-2021-30455.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-30455",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the id-map crate through 2021-02-26 for Rust. A double free can occur in IdMap::clone_from upon a .clone panic."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://rustsec.org/advisories/RUSTSEC-2021-0052.html",
"refsource": "MISC",
"name": "https://rustsec.org/advisories/RUSTSEC-2021-0052.html"
}
]
}
}

62
2021/30xxx/CVE-2021-30456.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-30456",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the id-map crate through 2021-02-26 for Rust. A double free can occur in get_or_insert upon a panic of a user-provided f function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://rustsec.org/advisories/RUSTSEC-2021-0052.html",
"refsource": "MISC",
"name": "https://rustsec.org/advisories/RUSTSEC-2021-0052.html"
}
]
}
}

62
2021/30xxx/CVE-2021-30457.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-30457",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the id-map crate through 2021-02-26 for Rust. A double free can occur in remove_set upon a panic in a Drop impl."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://rustsec.org/advisories/RUSTSEC-2021-0052.html",
"refsource": "MISC",
"name": "https://rustsec.org/advisories/RUSTSEC-2021-0052.html"
}
]
}
}