admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 18:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-05-27 00:00:45 +00:00
parent 5b52f36611
commit d06b19066a
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
16 changed files with 345 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2019/1000xxx/CVE-2019-1000018.json
View File

@ -94,6 +94,11 @@
"refsource": "GENTOO",
"name": "GLSA-202007-29",
"url": "https://security.gentoo.org/glsa/202007-29"
},
{
"refsource": "FULLDISC",
"name": "20210526 KL-001-2021-007: CommScope Ruckus IoT Controller Undocumented Account",
"url": "http://seclists.org/fulldisclosure/2021/May/78"
}
]
}

5
2019/3xxx/CVE-2019-3463.json
View File

@ -97,6 +97,11 @@
"refsource": "GENTOO",
"name": "GLSA-202007-29",
"url": "https://security.gentoo.org/glsa/202007-29"
},
{
"refsource": "FULLDISC",
"name": "20210526 KL-001-2021-007: CommScope Ruckus IoT Controller Undocumented Account",
"url": "http://seclists.org/fulldisclosure/2021/May/78"
}
]
}

5
2019/3xxx/CVE-2019-3464.json
View File

@ -97,6 +97,11 @@
"refsource": "GENTOO",
"name": "GLSA-202007-29",
"url": "https://security.gentoo.org/glsa/202007-29"
},
{
"refsource": "FULLDISC",
"name": "20210526 KL-001-2021-007: CommScope Ruckus IoT Controller Undocumented Account",
"url": "http://seclists.org/fulldisclosure/2021/May/78"
}
]
}

5
2020/10xxx/CVE-2020-10753.json
View File

@ -63,6 +63,11 @@
"refsource": "UBUNTU",
"name": "USN-4528-1",
"url": "https://usn.ubuntu.com/4528-1/"
},
{
"refsource": "GENTOO",
"name": "GLSA-202105-39",
"url": "https://security.gentoo.org/glsa/202105-39"
}
]
},

5
2020/1xxx/CVE-2020-1759.json
View File

@ -56,6 +56,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2020-81b9c6cddc",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P3A2UFR5IUIEXJUCF64GQ5OVLCZGODXE/"
},
{
"refsource": "GENTOO",
"name": "GLSA-202105-39",
"url": "https://security.gentoo.org/glsa/202105-39"
}
]
},

5
2020/1xxx/CVE-2020-1760.json
View File

@ -69,6 +69,11 @@
"refsource": "UBUNTU",
"name": "USN-4528-1",
"url": "https://usn.ubuntu.com/4528-1/"
},
{
"refsource": "GENTOO",
"name": "GLSA-202105-39",
"url": "https://security.gentoo.org/glsa/202105-39"
}
]
},

5
2020/25xxx/CVE-2020-25660.json
View File

@ -63,6 +63,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2020-a8f1120195",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UBC4KZ44QUQENTYZPVHORGL4K2KV5V4F/"
},
{
"refsource": "GENTOO",
"name": "GLSA-202105-39",
"url": "https://security.gentoo.org/glsa/202105-39"
}
]
},

5
2020/25xxx/CVE-2020-25678.json
View File

@ -58,6 +58,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2021-93ff9e9103",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OQTBKVXVYP7GPQNZ5VASOIJHMLK7727M/"
},
{
"refsource": "GENTOO",
"name": "GLSA-202105-39",
"url": "https://security.gentoo.org/glsa/202105-39"
}
]
},

5
2020/27xxx/CVE-2020-27781.json
View File

@ -53,6 +53,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2020-fcafbe7225",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZJ7FFROL25FYRL6FMI33VRKOD74LINRP/"
},
{
"refsource": "GENTOO",
"name": "GLSA-202105-39",
"url": "https://security.gentoo.org/glsa/202105-39"
}
]
},

50
2020/27xxx/CVE-2020-27831.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-27831",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "quay",
"version": {
"version_data": [
{
"version_value": "Quay 3.3.3"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1905758",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905758"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A flaw was found in Red Hat Quay, where it does not properly protect the authorization token when authorizing email addresses for repository email notifications. This flaw allows an attacker to add email addresses they do not own to repository notifications."
}
]
}

10
2021/20xxx/CVE-2021-20288.json
View File

@ -58,6 +58,16 @@
"refsource": "FEDORA",
"name": "FEDORA-2021-e65b9fb52e",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5BPIAYTRCWAU4XWCDBK2THEFVXSC4XGK/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-168fbed46f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JVWUKUUS5BCIFWRV3JCUQMAPJ4HIWSED/"
},
{
"refsource": "GENTOO",
"name": "GLSA-202105-39",
"url": "https://security.gentoo.org/glsa/202105-39"
}
]
},

5
2021/22xxx/CVE-2021-22543.json
View File

@ -101,6 +101,11 @@
"refsource": "MLIST",
"name": "[oss-security] 20210526 CVE-2021-22543 - /dev/kvm LPE",
"url": "http://www.openwall.com/lists/oss-security/2021/05/26/3"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20210526 Re: CVE-2021-22543 - /dev/kvm LPE",
"url": "http://www.openwall.com/lists/oss-security/2021/05/26/5"
}
]
},

55
2021/30xxx/CVE-2021-30499.json
View File

@ -4,14 +4,63 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-30499",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "libcaca",
"version": {
"version_data": [
{
"version_value": "master"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1948679",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1948679"
},
{
"refsource": "MISC",
"name": "https://github.com/cacalabs/libcaca/issues/54",
"url": "https://github.com/cacalabs/libcaca/issues/54"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A flaw was found in libcaca. A buffer overflow of export.c in function export_troff might lead to memory corruption and other potential consequences."
}
]
}

60
2021/30xxx/CVE-2021-30500.json
View File

@ -4,14 +4,68 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-30500",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "upx",
"version": {
"version_data": [
{
"version_value": "upx 4.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-476"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1948692",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1948692"
},
{
"refsource": "MISC",
"name": "https://github.com/upx/upx/issues/485",
"url": "https://github.com/upx/upx/issues/485"
},
{
"refsource": "MISC",
"name": "https://github.com/upx/upx/commit/90279abdfcd235172eab99651043051188938dcc",
"url": "https://github.com/upx/upx/commit/90279abdfcd235172eab99651043051188938dcc"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Null pointer dereference was found in upx PackLinuxElf::canUnpack() in p_lx_elf.cpp,in version UPX 4.0.0. That allow attackers to execute arbitrary code and cause a denial of service via a crafted file."
}
]
}

65
2021/30xxx/CVE-2021-30501.json
View File

@ -4,14 +4,73 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-30501",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "upx",
"version": {
"version_data": [
{
"version_value": "upx 4.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1948696",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1948696"
},
{
"refsource": "MISC",
"name": "https://github.com/upx/upx/issues/486",
"url": "https://github.com/upx/upx/issues/486"
},
{
"refsource": "MISC",
"name": "https://github.com/upx/upx/pull/487",
"url": "https://github.com/upx/upx/pull/487"
},
{
"refsource": "MISC",
"name": "https://github.com/upx/upx/commit/28e761cd42211dfe0124b7a29b2f74730f453e46",
"url": "https://github.com/upx/upx/commit/28e761cd42211dfe0124b7a29b2f74730f453e46"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An assertion abort was found in upx MemBuffer::alloc() in mem.cpp, in version UPX 4.0.0. The flow allows attackers to cause a denial of service (abort) via a crafted file."
}
]
}

70
2021/3xxx/CVE-2021-3509.json
View File

@ -4,14 +4,78 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3509",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "ceph-dashboard",
"version": {
"version_data": [
{
"version_value": "as shipped in Red Hat Ceph Storage 4"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1950116",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1950116"
},
{
"refsource": "MISC",
"name": "https://github.com/ceph/ceph/blob/f1557e8f62d31883d3d34ae241a1a26af11d923f/src/pybind/mgr/dashboard/controllers/docs.py#L394-L409",
"url": "https://github.com/ceph/ceph/blob/f1557e8f62d31883d3d34ae241a1a26af11d923f/src/pybind/mgr/dashboard/controllers/docs.py#L394-L409"
},
{
"refsource": "MISC",
"name": "https://github.com/ceph/ceph/commit/adda853e64bdba1288d46bc7d462d23d8f2f10ca",
"url": "https://github.com/ceph/ceph/commit/adda853e64bdba1288d46bc7d462d23d8f2f10ca"
},
{
"refsource": "MISC",
"name": "https://github.com/ceph/ceph/commit/7a1ca8d372da3b6a4fc3d221a0e5f72d1d61c27b",
"url": "https://github.com/ceph/ceph/commit/7a1ca8d372da3b6a4fc3d221a0e5f72d1d61c27b"
},
{
"refsource": "MISC",
"name": "https://github.com/ceph/ceph/commit/af3fffab3b0f13057134d96e5d481e400d8bfd27",
"url": "https://github.com/ceph/ceph/commit/af3fffab3b0f13057134d96e5d481e400d8bfd27"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A flaw was found in Red Hat Ceph Storage 4, in the Dashboard component. In response to CVE-2020-27839, the JWT token was moved from localStorage to an httpOnly cookie. However, token cookies are used in the body of the HTTP response for the documentation, which again makes it available to XSS.The greatest threat to the system is for confidentiality, integrity, and availability."
}
]
}