admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-03-29 16:00:41 +00:00
parent aad90ca7f2
commit c49f649207
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
5 changed files with 325 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

73
2019/5xxx/CVE-2019-5317.json
View File

@ -1,17 +1,76 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5317",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5317",
"ASSIGNER": "security-alert@hpe.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Aruba Instant Access Points",
"version": {
"version_data": [
{
"version_value": "Aruba Instant 6.4.x: 6.4.4.8-4.2.4.18 and below"
},
{
"version_value": "Aruba Instant 6.5.x: 6.5.4.15 and below"
},
{
"version_value": "Aruba Instant 8.3.x: 8.3.0.11 and below"
},
{
"version_value": "Aruba Instant 8.4.x: 8.4.0.5 and below"
},
{
"version_value": "Aruba Instant 8.5.x: 8.5.0.6 and below"
},
{
"version_value": "Aruba Instant 8.6.x: 8.6.0.2 and below"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "local authentication bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-007.txt",
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-007.txt"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A local authentication bypass vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x: 6.5.4.15 and below; Aruba Instant 8.3.x: 8.3.0.11 and below; Aruba Instant 8.4.x: 8.4.0.5 and below; Aruba Instant 8.5.x: 8.5.0.6 and below; Aruba Instant 8.6.x: 8.6.0.2 and below. Aruba has released patches for Aruba Instant that address this security vulnerability."
}
]
}

93
2020/7xxx/CVE-2020-7850.json
View File

@ -1,18 +1,99 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "vuln@krcert.or.kr",
"ID": "CVE-2020-7850",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Douzone ActiveX File Download and Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NBBDownloader.ocx",
"version": {
"version_data": [
{
"platform": "x86, x64",
"version_affected": "<=",
"version_name": "1.0.0.13",
"version_value": "1.0.0.12"
}
]
}
}
]
},
"vendor_name": "DOUZONE ICT GROUP."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "NBBDownloader.ocx ActiveX Control in Groupware contains a vulnerability that could allow remote files to be downloaded and executed by setting the arguments to the activex method. A remote attacker could induce a user to access a crafted web page, causing damage such as malicious code infection."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-88 Argument Injection or Modification"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35982",
"name": "https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35982"
},
{
"refsource": "MISC",
"url": "http://help.neobizbox.com/",
"name": "http://help.neobizbox.com/"
}
]
},
"solution": [
{
"lang": "eng",
"value": "Update software over NBBDownloader.ocx ActiveX Control 1.0.0.13 version or higher."
}
],
"source": {
"discovery": "EXTERNAL"
}
}

50
2021/21xxx/CVE-2021-21727.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-21727",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@zte.com.cn",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "<ZXHN F623>",
"version": {
"version_data": [
{
"version_value": "<ZXHN Z500 V1.0.0.2B1.1000 & ZXHN F670L V1.1.10P1N2E>"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DoS"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1014744",
"url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1014744"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A ZTE product has a DoS vulnerability. A remote attacker can amplify traffic by sending carefully constructed IPv6 packets to the affected devices, which eventually leads to device denial of service. This affects:<ZXHN F623><All versions up to V6.0.0P3T33>"
}
]
}

76
2021/27xxx/CVE-2021-27352.json
View File

@ -1,17 +1,81 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-27352",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-27352",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An open redirect vulnerability in Ilch CMS version 2.1.42 allows attackers to redirect users to an attacker's site after a successful login."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://drive.google.com/file/d/1kSDlPASBCgJEINxTSIsjMWrU4u4T5XCc/view?usp=sharing",
"refsource": "MISC",
"name": "https://drive.google.com/file/d/1kSDlPASBCgJEINxTSIsjMWrU4u4T5XCc/view?usp=sharing"
},
{
"url": "https://s1.demo.opensourcecms.com/ilch/",
"refsource": "MISC",
"name": "https://s1.demo.opensourcecms.com/ilch/"
},
{
"url": "https://www.ilch.de/",
"refsource": "MISC",
"name": "https://www.ilch.de/"
},
{
"url": "https://www.opensourcecms.com/ilch/",
"refsource": "MISC",
"name": "https://www.opensourcecms.com/ilch/"
},
{
"refsource": "MISC",
"name": "https://github.com/xoffense/POC/blob/main/Ilch%202.1.42%20Open%20redirect",
"url": "https://github.com/xoffense/POC/blob/main/Ilch%202.1.42%20Open%20redirect"
}
]
}

61
2021/29xxx/CVE-2021-29267.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-29267",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-29267",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Sherlock SherlockIM through 2021-03-29 allows Cross Site Scripting (XSS) by leveraging the api/Files/Attachment URI to attack help-desk staff via the chatbot feature."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://sherlockim.ae",
"refsource": "MISC",
"name": "https://sherlockim.ae"
},
{
"refsource": "MISC",
"name": "https://github.com/Security-AVS/CVE-2021-29267",
"url": "https://github.com/Security-AVS/CVE-2021-29267"
}
]
}