admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 19:17:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-04-26 15:00:55 +00:00
parent 5c766663ec
commit c31f550a92
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
3 changed files with 124 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2021/2xxx/CVE-2021-2264.json
View File

@ -64,6 +64,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2021.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2021.html"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20210426 virtualbox: CVE-2021-2264: vboxautostart-service.sh allows injection of parameters in 'su' invocation",
"url": "http://www.openwall.com/lists/oss-security/2021/04/26/1"
}
]
}

75
2021/3xxx/CVE-2021-3472.json
View File

@ -4,14 +4,83 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3472",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "xorg-x11-server",
"version": {
"version_data": [
{
"version_value": "xorg-x11-server 1.20.11"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-191"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "DEBIAN",
"name": "DSA-4893",
"url": "https://www.debian.org/security/2021/dsa-4893"
},
{
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-463/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-463/"
},
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1944167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1944167"
},
{
"refsource": "MISC",
"name": "https://lists.x.org/archives/xorg-announce/2021-April/003080.html",
"url": "https://lists.x.org/archives/xorg-announce/2021-April/003080.html"
},
{
"refsource": "MISC",
"name": "https://seclists.org/oss-sec/2021/q2/20",
"url": "https://seclists.org/oss-sec/2021/q2/20"
},
{
"refsource": "MISC",
"name": "https://www.tenable.com/plugins/nessus/148701",
"url": "https://www.tenable.com/plugins/nessus/148701"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A flaw was found in xorg-x11-server in versions before 1.20.11. An integer underflow can occur in xserver which can lead to a local privilege escalation. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability."
}
]
}

50
2021/3xxx/CVE-2021-3494.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3494",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "foreman",
"version": {
"version_data": [
{
"version_value": "foreman 2.5.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-319"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1948005",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1948005"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A smart proxy that provides a restful API to various sub-systems of the Foreman is affected by the flaw which can cause a Man-in-the-Middle attack. The FreeIPA module of Foreman smart proxy does not check the SSL certificate, thus, an unauthenticated attacker can perform actions in FreeIPA if certain conditions are met. The highest threat from this flaw is to system confidentiality. This flaw affects Foreman versions before 2.5.0."
}
]
}