diff --git a/2014/6xxx/CVE-2014-6271.json b/2014/6xxx/CVE-2014-6271.json index a04124987bb..fe3c6b94501 100644 --- a/2014/6xxx/CVE-2014-6271.json +++ b/2014/6xxx/CVE-2014-6271.json @@ -926,6 +926,11 @@ "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html", + "url": "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html" } ] } diff --git a/2018/5xxx/CVE-2018-5953.json b/2018/5xxx/CVE-2018-5953.json index 59d45eccb6a..3e48afc1ec3 100644 --- a/2018/5xxx/CVE-2018-5953.json +++ b/2018/5xxx/CVE-2018-5953.json @@ -71,6 +71,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update", "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html" + }, + { + "refsource": "CONFIRM", + "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7d63fb3af87aa67aa7d24466e792f9d7c57d8e79", + "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7d63fb3af87aa67aa7d24466e792f9d7c57d8e79" } ] } diff --git a/2020/14xxx/CVE-2020-14882.json b/2020/14xxx/CVE-2020-14882.json index c47ee74b329..4f3a776e3d6 100644 --- a/2020/14xxx/CVE-2020-14882.json +++ b/2020/14xxx/CVE-2020-14882.json @@ -90,6 +90,11 @@ "refsource": "MISC", "name": "http://packetstormsecurity.com/files/160143/Oracle-WebLogic-Server-Administration-Console-Handle-Remote-Code-Execution.html", "url": "http://packetstormsecurity.com/files/160143/Oracle-WebLogic-Server-Administration-Console-Handle-Remote-Code-Execution.html" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/161128/Oracle-WebLogic-Server-12.2.1.0-Remote-Code-Execution.html", + "url": "http://packetstormsecurity.com/files/161128/Oracle-WebLogic-Server-12.2.1.0-Remote-Code-Execution.html" } ] } diff --git a/2020/35xxx/CVE-2020-35729.json b/2020/35xxx/CVE-2020-35729.json index 9c2857a9a3a..7513e0ff311 100644 --- a/2020/35xxx/CVE-2020-35729.json +++ b/2020/35xxx/CVE-2020-35729.json @@ -66,6 +66,11 @@ "refsource": "MISC", "name": "http://packetstormsecurity.com/files/160798/Klog-Server-2.4.1-Command-Injection.html", "url": "http://packetstormsecurity.com/files/160798/Klog-Server-2.4.1-Command-Injection.html" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/161123/Klog-Server-2.4.1-Command-Injection.html", + "url": "http://packetstormsecurity.com/files/161123/Klog-Server-2.4.1-Command-Injection.html" } ] } diff --git a/2020/4xxx/CVE-2020-4889.json b/2020/4xxx/CVE-2020-4889.json index 581e649882d..ddb03b761a8 100644 --- a/2020/4xxx/CVE-2020-4889.json +++ b/2020/4xxx/CVE-2020-4889.json @@ -1,96 +1,96 @@ { - "impact" : { - "cvssv3" : { - "TM" : { - "RC" : "C", - "E" : "U", - "RL" : "O" - }, - "BM" : { - "PR" : "N", - "UI" : "N", - "SCORE" : "4.000", - "AV" : "L", - "I" : "L", - "AC" : "L", - "C" : "N", - "A" : "N", - "S" : "U" - } - } - }, - "data_type" : "CVE", - "description" : { - "description_data" : [ - { - "value" : "IBM Spectrum Scale 5.0.0 through 5.0.5.4 and 5.1.0 could allow a local user to poison log files which could impact support and development efforts. IBM X-Force ID: 190971.", - "lang" : "eng" - } - ] - }, - "CVE_data_meta" : { - "DATE_PUBLIC" : "2021-01-25T00:00:00", - "STATE" : "PUBLIC", - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2020-4889" - }, - "data_format" : "MITRE", - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "version" : { - "version_data" : [ - { - "version_value" : "5.0.0" - }, - { - "version_value" : "5.0.5.4" - }, - { - "version_value" : "5.1" - } - ] - }, - "product_name" : "Spectrum Scale" - } - ] - }, - "vendor_name" : "IBM" + "impact": { + "cvssv3": { + "TM": { + "RC": "C", + "E": "U", + "RL": "O" + }, + "BM": { + "PR": "N", + "UI": "N", + "SCORE": "4.000", + "AV": "L", + "I": "L", + "AC": "L", + "C": "N", + "A": "N", + "S": "U" } - ] - } - }, - "data_version" : "4.0", - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "value" : "File Manipulation", - "lang" : "eng" - } + } + }, + "data_type": "CVE", + "description": { + "description_data": [ + { + "value": "IBM Spectrum Scale 5.0.0 through 5.0.5.4 and 5.1.0 could allow a local user to poison log files which could impact support and development efforts. IBM X-Force ID: 190971.", + "lang": "eng" + } + ] + }, + "CVE_data_meta": { + "DATE_PUBLIC": "2021-01-25T00:00:00", + "STATE": "PUBLIC", + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2020-4889" + }, + "data_format": "MITRE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "5.0.0" + }, + { + "version_value": "5.0.5.4" + }, + { + "version_value": "5.1" + } + ] + }, + "product_name": "Spectrum Scale" + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.ibm.com/support/pages/node/6405776", - "refsource" : "CONFIRM", - "title" : "IBM Security Bulletin 6405776 (Spectrum Scale)", - "url" : "https://www.ibm.com/support/pages/node/6405776" - }, - { - "name" : "ibm-spectrum-cve20204889-log-poisoning (190971)", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/190971", - "title" : "X-Force Vulnerability Report", - "refsource" : "XF" - } - ] - } -} + } + }, + "data_version": "4.0", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "File Manipulation", + "lang": "eng" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.ibm.com/support/pages/node/6405776", + "refsource": "CONFIRM", + "title": "IBM Security Bulletin 6405776 (Spectrum Scale)", + "url": "https://www.ibm.com/support/pages/node/6405776" + }, + { + "name": "ibm-spectrum-cve20204889-log-poisoning (190971)", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/190971", + "title": "X-Force Vulnerability Report", + "refsource": "XF" + } + ] + } +} \ No newline at end of file diff --git a/2020/4xxx/CVE-2020-4949.json b/2020/4xxx/CVE-2020-4949.json index a9dee77ddf4..2c27c4dd48e 100644 --- a/2020/4xxx/CVE-2020-4949.json +++ b/2020/4xxx/CVE-2020-4949.json @@ -1,99 +1,99 @@ { - "references" : { - "reference_data" : [ - { - "title" : "IBM Security Bulletin 6408244 (WebSphere Application Server)", - "url" : "https://www.ibm.com/support/pages/node/6408244", - "refsource" : "CONFIRM", - "name" : "https://www.ibm.com/support/pages/node/6408244" - }, - { - "name" : "ibm-websphere-cve20204949-xxe (192025)", - "refsource" : "XF", - "title" : "X-Force Vulnerability Report", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/192025" - } - ] - }, - "data_format" : "MITRE", - "data_version" : "4.0", - "affects" : { - "vendor" : { - "vendor_data" : [ + "references": { + "reference_data": [ { - "vendor_name" : "IBM", - "product" : { - "product_data" : [ - { - "product_name" : "WebSphere Application Server", - "version" : { - "version_data" : [ - { - "version_value" : "7.0" - }, - { - "version_value" : "8.0" - }, - { - "version_value" : "8.5" - }, - { - "version_value" : "9.0" - } - ] - } - } - ] - } + "title": "IBM Security Bulletin 6408244 (WebSphere Application Server)", + "url": "https://www.ibm.com/support/pages/node/6408244", + "refsource": "CONFIRM", + "name": "https://www.ibm.com/support/pages/node/6408244" + }, + { + "name": "ibm-websphere-cve20204949-xxe (192025)", + "refsource": "XF", + "title": "X-Force Vulnerability Report", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/192025" } - ] - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "value" : "Obtain Information", - "lang" : "eng" - } + ] + }, + "data_format": "MITRE", + "data_version": "4.0", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "WebSphere Application Server", + "version": { + "version_data": [ + { + "version_value": "7.0" + }, + { + "version_value": "8.0" + }, + { + "version_value": "8.5" + }, + { + "version_value": "9.0" + } + ] + } + } + ] + } + } ] - } - ] - }, - "data_type" : "CVE", - "impact" : { - "cvssv3" : { - "BM" : { - "C" : "H", - "A" : "L", - "S" : "U", - "SCORE" : "8.200", - "UI" : "N", - "PR" : "N", - "AV" : "N", - "AC" : "L", - "I" : "N" - }, - "TM" : { - "E" : "U", - "RC" : "C", - "RL" : "O" - } - } - }, - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2020-4949", - "STATE" : "PUBLIC", - "DATE_PUBLIC" : "2021-01-25T00:00:00" - }, - "description" : { - "description_data" : [ - { - "value" : "IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 192025.", - "lang" : "eng" - } - ] - } -} + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "Obtain Information", + "lang": "eng" + } + ] + } + ] + }, + "data_type": "CVE", + "impact": { + "cvssv3": { + "BM": { + "C": "H", + "A": "L", + "S": "U", + "SCORE": "8.200", + "UI": "N", + "PR": "N", + "AV": "N", + "AC": "L", + "I": "N" + }, + "TM": { + "E": "U", + "RC": "C", + "RL": "O" + } + } + }, + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2020-4949", + "STATE": "PUBLIC", + "DATE_PUBLIC": "2021-01-25T00:00:00" + }, + "description": { + "description_data": [ + { + "value": "IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 192025.", + "lang": "eng" + } + ] + } +} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3181.json b/2021/3xxx/CVE-2021-3181.json index beee6e7edcd..f5cf93c8854 100644 --- a/2021/3xxx/CVE-2021-3181.json +++ b/2021/3xxx/CVE-2021-3181.json @@ -86,6 +86,11 @@ "refsource": "GENTOO", "name": "GLSA-202101-25", "url": "https://security.gentoo.org/glsa/202101-25" + }, + { + "refsource": "DEBIAN", + "name": "DSA-4838", + "url": "https://www.debian.org/security/2021/dsa-4838" } ] } diff --git a/2021/3xxx/CVE-2021-3186.json b/2021/3xxx/CVE-2021-3186.json index c665bb8500c..48ae0d93104 100644 --- a/2021/3xxx/CVE-2021-3186.json +++ b/2021/3xxx/CVE-2021-3186.json @@ -56,6 +56,11 @@ "refsource": "MISC", "name": "https://www.hackingarticles.in/exploiting-stored-cross-site-scripting-at-tenda-ac5-ac1200/", "url": "https://www.hackingarticles.in/exploiting-stored-cross-site-scripting-at-tenda-ac5-ac1200/" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/161119/Tenda-AC5-AC1200-Wireless-Cross-Site-Scripting.html", + "url": "http://packetstormsecurity.com/files/161119/Tenda-AC5-AC1200-Wireless-Cross-Site-Scripting.html" } ] }