admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 11:06:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-10-21 09:00:55 +00:00
parent 042cd1905d
commit c6f3b83bc0
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
14 changed files with 216 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
2021/35xxx/CVE-2021-35491.json
View File

@ -34,7 +34,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "A Cross-Site Request Forgery (CSRF) vulnerability in Wowza Streaming Engine through 4.8.11+5 allows a remote attacker to delete a user account via the /enginemanager/server/user/delete.htm userName parameter. The application does not implement a CSRF token for the GET request." "value": "A Cross-Site Request Forgery (CSRF) vulnerability in Wowza Streaming Engine through 4.8.11+5 allows a remote attacker to delete a user account via the /enginemanager/server/user/delete.htm userName parameter. The application does not implement a CSRF token for the GET request. This issue was resolved in Wowza Streaming Engine release 4.8.14."
} }
] ]
}, },

5
2021/35xxx/CVE-2021-35590.json
View File

@ -76,6 +76,11 @@
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "url": "https://www.oracle.com/security-alerts/cpuoct2021.html",
"refsource": "MISC", "refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2021.html" "name": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1226/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1226/"
} }
] ]
} }

5
2021/35xxx/CVE-2021-35592.json
View File

@ -72,6 +72,11 @@
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "url": "https://www.oracle.com/security-alerts/cpuoct2021.html",
"refsource": "MISC", "refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2021.html" "name": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1228/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1228/"
} }
] ]
} }

5
2021/35xxx/CVE-2021-35593.json
View File

@ -76,6 +76,11 @@
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "url": "https://www.oracle.com/security-alerts/cpuoct2021.html",
"refsource": "MISC", "refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2021.html" "name": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1229/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1229/"
} }
] ]
} }

5
2021/35xxx/CVE-2021-35594.json
View File

@ -76,6 +76,11 @@
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "url": "https://www.oracle.com/security-alerts/cpuoct2021.html",
"refsource": "MISC", "refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2021.html" "name": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1227/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1227/"
} }
] ]
} }

5
2021/35xxx/CVE-2021-35598.json
View File

@ -76,6 +76,11 @@
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "url": "https://www.oracle.com/security-alerts/cpuoct2021.html",
"refsource": "MISC", "refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2021.html" "name": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1230/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1230/"
} }
] ]
} }

5
2021/35xxx/CVE-2021-35611.json
View File

@ -68,6 +68,11 @@
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "url": "https://www.oracle.com/security-alerts/cpuoct2021.html",
"refsource": "MISC", "refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2021.html" "name": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1231/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1231/"
} }
] ]
} }

5
2021/35xxx/CVE-2021-35621.json
View File

@ -76,6 +76,11 @@
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "url": "https://www.oracle.com/security-alerts/cpuoct2021.html",
"refsource": "MISC", "refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2021.html" "name": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1232/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1232/"
} }
] ]
} }

5
2021/40xxx/CVE-2021-40487.json
View File

@ -76,6 +76,11 @@
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40487", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40487",
"refsource": "MISC", "refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40487" "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40487"
},
{
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1225/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1225/"
} }
] ]
} }

5
2021/41xxx/CVE-2021-41344.json
View File

@ -76,6 +76,11 @@
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41344", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41344",
"refsource": "MISC", "refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41344" "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41344"
},
{
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1224/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1224/"
} }
] ]
} }

5
2021/41xxx/CVE-2021-41511.json
View File

@ -81,6 +81,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://streamable.com/9fq8uw", "name": "https://streamable.com/9fq8uw",
"url": "https://streamable.com/9fq8uw" "url": "https://streamable.com/9fq8uw"
},
{
"refsource": "MISC",
"name": "https://www.nu11secur1ty.com/2021/10/cve-2021-41511.html",
"url": "https://www.nu11secur1ty.com/2021/10/cve-2021-41511.html"
} }
] ]
} }

61
2021/41xxx/CVE-2021-41790.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-41790",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2021-41790",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An issue was discovered in Hyland org.alfresco:alfresco-content-services through 7.0.1.2. Script Action execution allows executing scripts uploaded outside of the Data Dictionary. This could allow a logged-in attacker to execute arbitrary code inside a sandboxed environment."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.themissinglink.com.au/",
"refsource": "MISC",
"name": "https://www.themissinglink.com.au/"
},
{
"refsource": "MISC",
"name": "https://github.com/Alfresco/acs-packaging/blob/master/DISCLOSURES.md",
"url": "https://github.com/Alfresco/acs-packaging/blob/master/DISCLOSURES.md"
} }
] ]
} }

61
2021/41xxx/CVE-2021-41791.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-41791",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2021-41791",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An issue was discovered in Hyland org.alfresco:share through 7.0.0.2 and org.alfresco:community-share through 7.0. An evasion of the XSS filter for HTML input validation in the Alfresco Share User Interface leads to stored XSS that could be exploited by an attacker (given that he has privileges on the content collaboration features)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.themissinglink.com.au/",
"refsource": "MISC",
"name": "https://www.themissinglink.com.au/"
},
{
"refsource": "MISC",
"name": "https://github.com/Alfresco/acs-packaging/blob/master/DISCLOSURES.md",
"url": "https://github.com/Alfresco/acs-packaging/blob/master/DISCLOSURES.md"
} }
] ]
} }

61
2021/41xxx/CVE-2021-41792.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-41792",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2021-41792",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An issue was discovered in Hyland org.alfresco:alfresco-content-services through 6.2.2.18 and org.alfresco:alfresco-transform-services through 1.3. A crafted HTML file, once uploaded, could trigger an unexpected request by the transformation engine. The response to the request is not available to the attacker, i.e., this is blind SSRF."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.themissinglink.com.au/",
"refsource": "MISC",
"name": "https://www.themissinglink.com.au/"
},
{
"refsource": "MISC",
"name": "https://github.com/Alfresco/acs-packaging/blob/master/DISCLOSURES.md",
"url": "https://github.com/Alfresco/acs-packaging/blob/master/DISCLOSURES.md"
} }
] ]
} }