admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-07-23 11:00:50 +00:00
parent 11446d94ed
commit bc5421cd73
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
3 changed files with 122 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
2020/14xxx/CVE-2020-14032.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-14032",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-14032",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "ASRock 4x4 BOX-R1000 before BIOS P1.40 allows privilege escalation via code execution in the SMM."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.asrock.com/support/index.us.asp?cat=BIOS",
"refsource": "MISC",
"name": "https://www.asrock.com/support/index.us.asp?cat=BIOS"
},
{
"refsource": "MISC",
"name": "https://dannyodler.medium.com/attacking-the-golden-ring-on-amd-mini-pc-b7bfb217b437",
"url": "https://dannyodler.medium.com/attacking-the-golden-ring-on-amd-mini-pc-b7bfb217b437"
}
]
}

29
2021/21xxx/CVE-2021-21043.json
View File

@ -1,10 +1,10 @@
{
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "NoneT23:00:00.000Z",
"DATE_PUBLIC": "2021-02-01T23:00:00.000Z",
"ID": "CVE-2021-21043",
"STATE": "PUBLIC",
"TITLE": "Adobe InDesign CoolType out of bounds write vulnerability could lead to arbitrary stack manipulation"
"TITLE": "Reflected Cross-site Scripting (XSS) on version-compare and page-compare tools"
},
"affects": {
"vendor": {
@ -13,12 +13,12 @@
"product": {
"product_data": [
{
"product_name": "InDesign",
"product_name": "Experience Manager",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_value": "16.0"
"version_value": "4.9.2"
},
{
"version_affected": "<=",
@ -49,7 +49,7 @@
"description_data": [
{
"lang": "eng",
"value": "Acrobat InDesign version 16.0 (and earlier) is affected by an Out-of-bounds Write vulnerability in the CoolType library. An unauthenticated attacker could leverage this vulnerability to achieve remote code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
"value": "ACS Commons version 4.9.2 (and earlier) suffers from a Reflected Cross-site Scripting (XSS) vulnerability in version-compare and page-compare due to invalid JCR characters that are not handled correctly. An attacker could potentially exploit this vulnerability to inject malicious JavaScript content into vulnerable form fields and execute it within the context of the victim's browser. Exploitation of this issue requires user interaction in order to be successful."
}
]
},
@ -57,15 +57,15 @@
"cvss": {
"attackComplexity": "Low",
"attackVector": "Network",
"availabilityImpact": "High",
"baseScore": 8.8,
"availabilityImpact": "None",
"baseScore": 7.4,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"confidentialityImpact": "Low",
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Unchanged",
"scope": "Changed",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
@ -75,7 +75,7 @@
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write (CWE-787)"
"value": "Cross-site Scripting (Reflected XSS) (CWE-79)"
}
]
}
@ -87,11 +87,6 @@
"refsource": "MISC",
"url": "https://github.com/Adobe-Consulting-Services/acs-aem-commons/security/advisories/GHSA-f92j-qf46-p6vm",
"name": "https://github.com/Adobe-Consulting-Services/acs-aem-commons/security/advisories/GHSA-f92j-qf46-p6vm"
},
{
"refsource": "MISC",
"name": "https://helpx.adobe.com/security/products/indesign/apsb21-22.html",
"url": "https://helpx.adobe.com/security/products/indesign/apsb21-22.html"
}
]
},

61
2021/26xxx/CVE-2021-26799.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-26799",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-26799",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross Site Scripting (XSS) vulnerability in admin/files/edit in Omeka Classic <=2.7 allows remote attackers to inject arbitrary web script or HTML."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/omeka/Omeka/issues/935",
"url": "https://github.com/omeka/Omeka/issues/935"
},
{
"refsource": "MISC",
"name": "https://github.com/omeka/Omeka/commit/08bfdf470e234edb68e5307a2fef8c899d89256c",
"url": "https://github.com/omeka/Omeka/commit/08bfdf470e234edb68e5307a2fef8c899d89256c"
}
]
}