admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-03-22 14:00:42 +00:00
parent d2c08cb152
commit cd3f061d14
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
3 changed files with 142 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
2020/9xxx/CVE-2020-9759.json
View File

@ -1,8 +1,10 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_PUBLIC": "2020-10-08T02:19:00.000Z",
"ID": "CVE-2020-9759",
"STATE": "PUBLIC"
"STATE": "PUBLIC",
"TITLE": "webOS TV Emulator privilege escalation vulnerability"
},
"affects": {
"vendor": {
@ -34,10 +36,29 @@
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in WeeChat before 2.7.1 (0.4.0 to 2.7 are affected). A malformed message 352 (who) can cause a NULL pointer dereference in the callback function, resulting in a crash."
"value": "A Vulnerability of LG Electronic web OS TV Emulator could allow an attacker to escalate privileges and overwrite certain files. This vulnerability is due to wrong environment setting. An attacker could exploit this vulnerability through crafted configuration files and executable files."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
@ -53,25 +74,13 @@
"references": {
"reference_data": [
{
"url": "https://weechat.org/doc/security/",
"refsource": "MISC",
"name": "https://weechat.org/doc/security/"
},
{
"url": "https://github.com/weechat/weechat/commit/9904cb6d2eb40f679d8ff6557c22d53a3e3dc75a",
"refsource": "MISC",
"name": "https://github.com/weechat/weechat/commit/9904cb6d2eb40f679d8ff6557c22d53a3e3dc75a"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20200324 [SECURITY] [DLA 2157-1] weechat security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00031.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-202003-51",
"url": "https://security.gentoo.org/glsa/202003-51"
"refsource": "CONFIRM",
"name": "https://blog.recurity-labs.com/2021-02-03/webOS_Pt1.html",
"url": "https://blog.recurity-labs.com/2021-02-03/webOS_Pt1.html"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}

64
2021/27xxx/CVE-2021-27962.json
View File

@ -1,18 +1,70 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-27962",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-27962",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Grafana Enterprise 7.2.x and 7.3.x before 7.3.10 and 7.4.x before 7.4.5 allows a dashboard editor to bypass a permission check concerning a data source they should not be able to access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://community.grafana.com",
"refsource": "MISC",
"name": "https://community.grafana.com"
},
{
"refsource": "CONFIRM",
"name": "http://www.openwall.com/lists/oss-security/2021/03/19/5",
"url": "http://www.openwall.com/lists/oss-security/2021/03/19/5"
}
]
},
"source": {
"discovery": "INTERNAL"
}
}

61
2021/28xxx/CVE-2021-28146.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-28146",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-28146",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The team sync HTTP API in Grafana Enterprise 7.4.x before 7.4.5 has an Incorrect Access Control issue. On Grafana instances using an external authentication service, this vulnerability allows any authenticated user to add external groups to existing teams. This can be used to grant a user team permissions that the user isn't supposed to have."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://grafana.com/products/enterprise/",
"refsource": "MISC",
"name": "https://grafana.com/products/enterprise/"
},
{
"refsource": "CONFIRM",
"name": "https://www.openwall.com/lists/oss-security/2021/03/19/5",
"url": "https://www.openwall.com/lists/oss-security/2021/03/19/5"
}
]
}