mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
"-Synchronized-Data."
This commit is contained in:
CVE Team
parent
92579aab75
commit
b6f3680b2f
@ -66,6 +66,11 @@
|
||||
"refsource": "MISC",
|
||||
"name": "http://packetstormsecurity.com/files/155502/WordPress-Plainview-Activity-Monitor-20161228-Remote-Command-Execution.html",
|
||||
"url": "http://packetstormsecurity.com/files/155502/WordPress-Plainview-Activity-Monitor-20161228-Remote-Command-Execution.html"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "http://packetstormsecurity.com/files/163425/WordPress-Plainview-Activity-Monitor-20161228-Remote-Code-Execution.html",
|
||||
"url": "http://packetstormsecurity.com/files/163425/WordPress-Plainview-Activity-Monitor-20161228-Remote-Code-Execution.html"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -55,7 +55,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A privilege escalation vulnerability exists in the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O write requests. During IOCTL 0x9c40a0d8, the first dword passed in the input buffer is the device port to write to and the byte at offset 4 is the value to write via the OUT instruction. A local attacker can send a malicious IRP to trigger this vulnerability."
|
||||
"value": "A privilege escalation vulnerability exists in the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O write requests. During IOCTL 0x9c40a0d8, the first dword passed in the input buffer is the device port to write to and the byte at offset 4 is the value to write via the OUT instruction. The OUT instruction can write one byte to the given I/O device port, potentially leading to escalated privileges of unprivileged users."
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -55,7 +55,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A privilege escalation vulnerability exists in the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O write requests. During IOCTL 0x9c40a0dc, the first dword passed in the input buffer is the device port to write to and the word at offset 4 is the value to write via the OUT instruction A local attacker can send a malicious IRP to trigger this vulnerability."
|
||||
"value": "A privilege escalation vulnerability exists in the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O write requests. During IOCTL 0x9c40a0dc, the first dword passed in the input buffer is the device port to write to and the word at offset 4 is the value to write via the OUT instruction. The OUT instruction can write one byte to the given I/O device port, potentially leading to escalated privileges of unprivileged users. A local attacker can send a malicious IRP to trigger this vulnerability."
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -46,8 +46,8 @@
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1254\"",
|
||||
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1254\""
|
||||
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1254",
|
||||
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1254"
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -55,7 +55,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A privilege escalation vulnerability exists in the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O write requests. During IOCTL 0x9c40a0e0, the first dword passed in the input buffer is the device port to write to and the dword at offset 4 is the value to write via the OUT instruction.. A local attacker can send a malicious IRP to trigger this vulnerability."
|
||||
"value": "A privilege escalation vulnerability exists in the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O write requests. During IOCTL 0x9c40a0e0, the first dword passed in the input buffer is the device port to write to and the dword at offset 4 is the value to write via the OUT instruction. A local attacker can send a malicious IRP to trigger this vulnerability."
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -53,6 +53,11 @@
|
||||
"refsource": "MISC",
|
||||
"name": "http://packetstormsecurity.com/files/162997/Rocket.Chat-3.12.1-NoSQL-Injection-Code-Execution.html",
|
||||
"url": "http://packetstormsecurity.com/files/162997/Rocket.Chat-3.12.1-NoSQL-Injection-Code-Execution.html"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "http://packetstormsecurity.com/files/163419/Rocket.Chat-3.12.1-NoSQL-Injection-Code-Execution.html",
|
||||
"url": "http://packetstormsecurity.com/files/163419/Rocket.Chat-3.12.1-NoSQL-Injection-Code-Execution.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -66,6 +66,11 @@
|
||||
"url": "https://www.docker.com/legal/trademark-guidelines",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.docker.com/legal/trademark-guidelines"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "http://packetstormsecurity.com/files/163416/Docker-Dashboard-Remote-Command-Execution.html",
|
||||
"url": "http://packetstormsecurity.com/files/163416/Docker-Dashboard-Remote-Command-Execution.html"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -56,6 +56,11 @@
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://www.okta.com/security-advisories/cve-2021-28113",
|
||||
"url": "https://www.okta.com/security-advisories/cve-2021-28113"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "http://packetstormsecurity.com/files/163428/Okta-Access-Gateway-2020.5.5-Authenticated-Remote-Root.html",
|
||||
"url": "http://packetstormsecurity.com/files/163428/Okta-Access-Gateway-2020.5.5-Authenticated-Remote-Root.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
67
2021/36xxx/CVE-2021-36217.json
Normal file
67
2021/36xxx/CVE-2021-36217.json
Normal file
@ -0,0 +1,67 @@
|
||||
{
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"ID": "CVE-2021-36217",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Avahi 0.8 allows a local denial of service (NULL pointer dereference and daemon crash) against avahi-daemon via the D-Bus interface or a \"ping .local\" command."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://github.com/lathiat/avahi/commit/9d31939e55280a733d930b15ac9e4dda4497680c",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/lathiat/avahi/commit/9d31939e55280a733d930b15ac9e4dda4497680c"
|
||||
},
|
||||
{
|
||||
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1188083",
|
||||
"refsource": "MISC",
|
||||
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1188083"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
Loading…
x
Reference in New Issue
Block a user