admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-21 05:40:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-08-02 17:00:59 +00:00
parent dab0b3e264
commit d31b19d0ec
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
33 changed files with 2055 additions and 584 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2015/8xxx/CVE-2015-8011.json
View File

@ -86,6 +86,11 @@
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-941426.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-941426.pdf"
},
{
"refsource": "MISC",
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-194-07",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-194-07"
}
]
}

5
2019/8xxx/CVE-2019-8460.json
View File

@ -63,6 +63,11 @@
"refsource": "MISC",
"name": "https://research.checkpoint.com/tcp-sack-security-issue-in-openbsd-cve-2019-8460/",
"url": "https://research.checkpoint.com/tcp-sack-security-issue-in-openbsd-cve-2019-8460/"
},
{
"refsource": "MISC",
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-19-253-03",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-19-253-03"
}
]
},

5
2020/27xxx/CVE-2020-27827.json
View File

@ -58,6 +58,11 @@
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-941426.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-941426.pdf"
},
{
"refsource": "MISC",
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-194-07",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-194-07"
}
]
},

68
2020/35xxx/CVE-2020-35137.json
View File

@ -1,71 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-35137",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-35137",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The MobileIron agents through 2021-03-22 for Android and iOS contain a hardcoded API key, used to communicate with the MobileIron SaaS discovery API, as demonstrated by Mobile@Work (aka com.mobileiron). The key is in com/mobileiron/registration/RegisterActivity.java and can be used for api/v1/gateway/customers/servers requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://play.google.com/store/apps/details?id=com.mobileiron&hl=en_US&gl=US",
"refsource": "MISC",
"name": "https://play.google.com/store/apps/details?id=com.mobileiron&hl=en_US&gl=US"
},
{
"refsource": "MISC",
"name": "https://www.optiv.com/explore-optiv-insights/source-zero/mobileiron-mdm-contains-static-key-allowing-account-enumeration",
"url": "https://www.optiv.com/explore-optiv-insights/source-zero/mobileiron-mdm-contains-static-key-allowing-account-enumeration"
},
{
"refsource": "MISC",
"name": "https://github.com/optiv/rustyIron",
"url": "https://github.com/optiv/rustyIron"
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: the reported issue is not a vulnerability or exposure. Notes: This is an opt-in feature to the product - it is not enabled by default and customers cannot enable it without an explicit email to support. At this time, we do not plan change to make any changes to this feature."
}
]
}

204
2021/20xxx/CVE-2021-20539.json
View File

@ -1,105 +1,105 @@
{
"data_version" : "4.0",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"data_type" : "CVE",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Cloud Pak for Security (CP4S) 1.5.0.0, 1.5.1.0, 1.6.0.0, 1.6.1.0, 1.7.0.0, and 1.7.1.0 could disclose sensitive information to an unauthorized user through HTTP GET requests. This information could be used in further attacks against the system. IBM X-Force ID: 198920."
}
]
},
"CVE_data_meta" : {
"DATE_PUBLIC" : "2021-07-30T00:00:00",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2021-20539"
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6476940 (Cloud Pak for Security)",
"url" : "https://www.ibm.com/support/pages/node/6476940",
"name" : "https://www.ibm.com/support/pages/node/6476940",
"refsource" : "CONFIRM"
},
{
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/198920",
"name" : "ibm-cp4s-cve202120539-info-disc (198920)",
"refsource" : "XF"
}
]
},
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"BM" : {
"AC" : "L",
"SCORE" : "5.300",
"AV" : "N",
"A" : "N",
"S" : "U",
"UI" : "N",
"C" : "L",
"I" : "N",
"PR" : "N"
},
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
}
}
},
"affects" : {
"vendor" : {
"vendor_data" : [
"data_version": "4.0",
"problemtype": {
"problemtype_data": [
{
"product" : {
"product_data" : [
{
"product_name" : "Cloud Pak for Security",
"version" : {
"version_data" : [
{
"version_value" : "1.6.0.0"
},
{
"version_value" : "1.5.0.1"
},
{
"version_value" : "1.5.0.0"
},
{
"version_value" : "1.6.0.1"
},
{
"version_value" : "1.7.0.0"
},
{
"version_value" : "1.7.1.0"
}
]
}
}
]
},
"vendor_name" : "IBM"
"description": [
{
"value": "Obtain Information",
"lang": "eng"
}
]
}
]
}
}
}
]
},
"data_type": "CVE",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Cloud Pak for Security (CP4S) 1.5.0.0, 1.5.1.0, 1.6.0.0, 1.6.1.0, 1.7.0.0, and 1.7.1.0 could disclose sensitive information to an unauthorized user through HTTP GET requests. This information could be used in further attacks against the system. IBM X-Force ID: 198920."
}
]
},
"CVE_data_meta": {
"DATE_PUBLIC": "2021-07-30T00:00:00",
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2021-20539"
},
"references": {
"reference_data": [
{
"title": "IBM Security Bulletin 6476940 (Cloud Pak for Security)",
"url": "https://www.ibm.com/support/pages/node/6476940",
"name": "https://www.ibm.com/support/pages/node/6476940",
"refsource": "CONFIRM"
},
{
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/198920",
"name": "ibm-cp4s-cve202120539-info-disc (198920)",
"refsource": "XF"
}
]
},
"data_format": "MITRE",
"impact": {
"cvssv3": {
"BM": {
"AC": "L",
"SCORE": "5.300",
"AV": "N",
"A": "N",
"S": "U",
"UI": "N",
"C": "L",
"I": "N",
"PR": "N"
},
"TM": {
"RL": "O",
"RC": "C",
"E": "U"
}
}
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cloud Pak for Security",
"version": {
"version_data": [
{
"version_value": "1.6.0.0"
},
{
"version_value": "1.5.0.1"
},
{
"version_value": "1.5.0.0"
},
{
"version_value": "1.6.0.1"
},
{
"version_value": "1.7.0.0"
},
{
"version_value": "1.7.1.0"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
}
}

204
2021/20xxx/CVE-2021-20540.json
View File

@ -1,105 +1,105 @@
{
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Cloud Pak for Security (CP4S) 1.5.0.0, 1.5.1.0, 1.6.0.0, 1.6.1.0, 1.7.0.0, and 1.7.1.0 could disclose sensitive information to an unauthorized user through HTTP GET requests. This information could be used in further attacks against the system. IBM X-Force ID: 198923."
}
]
},
"data_type" : "CVE",
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2021-20540",
"DATE_PUBLIC" : "2021-07-30T00:00:00",
"STATE" : "PUBLIC"
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"data_version" : "4.0",
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6476940",
"url" : "https://www.ibm.com/support/pages/node/6476940",
"title" : "IBM Security Bulletin 6476940 (Cloud Pak for Security)"
},
{
"refsource" : "XF",
"name" : "ibm-cp4s-cve202120540-info-disc (198923)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/198923",
"title" : "X-Force Vulnerability Report"
}
]
},
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
},
"BM" : {
"SCORE" : "2.700",
"AC" : "L",
"AV" : "N",
"A" : "N",
"S" : "U",
"C" : "L",
"UI" : "N",
"PR" : "H",
"I" : "N"
}
}
},
"affects" : {
"vendor" : {
"vendor_data" : [
"description": {
"description_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Cloud Pak for Security",
"version" : {
"version_data" : [
{
"version_value" : "1.6.0.0"
},
{
"version_value" : "1.5.0.1"
},
{
"version_value" : "1.5.0.0"
},
{
"version_value" : "1.6.0.1"
},
{
"version_value" : "1.7.0.0"
},
{
"version_value" : "1.7.1.0"
}
]
}
}
]
}
"lang": "eng",
"value": "IBM Cloud Pak for Security (CP4S) 1.5.0.0, 1.5.1.0, 1.6.0.0, 1.6.1.0, 1.7.0.0, and 1.7.1.0 could disclose sensitive information to an unauthorized user through HTTP GET requests. This information could be used in further attacks against the system. IBM X-Force ID: 198923."
}
]
}
}
}
]
},
"data_type": "CVE",
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2021-20540",
"DATE_PUBLIC": "2021-07-30T00:00:00",
"STATE": "PUBLIC"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"data_version": "4.0",
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/pages/node/6476940",
"url": "https://www.ibm.com/support/pages/node/6476940",
"title": "IBM Security Bulletin 6476940 (Cloud Pak for Security)"
},
{
"refsource": "XF",
"name": "ibm-cp4s-cve202120540-info-disc (198923)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/198923",
"title": "X-Force Vulnerability Report"
}
]
},
"data_format": "MITRE",
"impact": {
"cvssv3": {
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
},
"BM": {
"SCORE": "2.700",
"AC": "L",
"AV": "N",
"A": "N",
"S": "U",
"C": "L",
"UI": "N",
"PR": "H",
"I": "N"
}
}
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "Cloud Pak for Security",
"version": {
"version_data": [
{
"version_value": "1.6.0.0"
},
{
"version_value": "1.5.0.1"
},
{
"version_value": "1.5.0.0"
},
{
"version_value": "1.6.0.1"
},
{
"version_value": "1.7.0.0"
},
{
"version_value": "1.7.1.0"
}
]
}
}
]
}
}
]
}
}
}

206
2021/20xxx/CVE-2021-20541.json
View File

@ -1,105 +1,105 @@
{
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Cloud Pak for Security",
"version" : {
"version_data" : [
{
"version_value" : "1.6.0.0"
},
{
"version_value" : "1.5.0.1"
},
{
"version_value" : "1.5.0.0"
},
{
"version_value" : "1.6.0.1"
},
{
"version_value" : "1.7.0.0"
},
{
"version_value" : "1.7.1.0"
}
]
}
}
]
},
"vendor_name" : "IBM"
}
]
}
},
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
},
"BM" : {
"A" : "N",
"AV" : "N",
"SCORE" : "3.700",
"AC" : "H",
"I" : "N",
"PR" : "N",
"C" : "L",
"UI" : "N",
"S" : "U"
}
}
},
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6476940",
"url" : "https://www.ibm.com/support/pages/node/6476940",
"title" : "IBM Security Bulletin 6476940 (Cloud Pak for Security)"
},
{
"name" : "ibm-cp4s-cve202120541-info-disc (198927)",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/198927"
}
]
},
"data_format" : "MITRE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cloud Pak for Security",
"version": {
"version_data": [
{
"version_value": "1.6.0.0"
},
{
"version_value": "1.5.0.1"
},
{
"version_value": "1.5.0.0"
},
{
"version_value": "1.6.0.1"
},
{
"version_value": "1.7.0.0"
},
{
"version_value": "1.7.1.0"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
]
},
"data_version" : "4.0",
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2021-07-30T00:00:00",
"ID" : "CVE-2021-20541",
"ASSIGNER" : "psirt@us.ibm.com"
},
"description" : {
"description_data" : [
{
"value" : "IBM Cloud Pak for Security (CP4S) 1.5.0.0, 1.5.1.0, 1.6.0.0, 1.6.1.0, 1.7.0.0, and 1.7.1.0 could disclose sensitive information to an unauthorized user through HTTP GET requests. This information could be used in further attacks against the system. IBM X-Force ID: 198927.",
"lang" : "eng"
}
]
},
"data_type" : "CVE"
}
}
},
"impact": {
"cvssv3": {
"TM": {
"RL": "O",
"RC": "C",
"E": "U"
},
"BM": {
"A": "N",
"AV": "N",
"SCORE": "3.700",
"AC": "H",
"I": "N",
"PR": "N",
"C": "L",
"UI": "N",
"S": "U"
}
}
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/pages/node/6476940",
"url": "https://www.ibm.com/support/pages/node/6476940",
"title": "IBM Security Bulletin 6476940 (Cloud Pak for Security)"
},
{
"name": "ibm-cp4s-cve202120541-info-disc (198927)",
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/198927"
}
]
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Obtain Information",
"lang": "eng"
}
]
}
]
},
"data_version": "4.0",
"CVE_data_meta": {
"STATE": "PUBLIC",
"DATE_PUBLIC": "2021-07-30T00:00:00",
"ID": "CVE-2021-20541",
"ASSIGNER": "psirt@us.ibm.com"
},
"description": {
"description_data": [
{
"value": "IBM Cloud Pak for Security (CP4S) 1.5.0.0, 1.5.1.0, 1.6.0.0, 1.6.1.0, 1.7.0.0, and 1.7.1.0 could disclose sensitive information to an unauthorized user through HTTP GET requests. This information could be used in further attacks against the system. IBM X-Force ID: 198927.",
"lang": "eng"
}
]
},
"data_type": "CVE"
}

68
2021/22xxx/CVE-2021-22379.json
View File

@ -1,17 +1,73 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22379",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is an Integer Underflow (Wrap or Wraparound) Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause DoS of Samgr."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Integer Underflow (Wrap or Wraparound)"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}

76
2021/22xxx/CVE-2021-22381.json
View File

@ -1,17 +1,81 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22381",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause an infinite loop in DoS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Input Verification Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}

68
2021/22xxx/CVE-2021-22384.json
View File

@ -1,17 +1,73 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22384",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is an Information Disclosure Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to authentication bypass."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}

84
2021/22xxx/CVE-2021-22387.json
View File

@ -1,17 +1,89 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22387",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is an Improper Control of Dynamically Managing Code Resources Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to remotely execute commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Control of Dynamically Managing Code Resources"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}

68
2021/22xxx/CVE-2021-22388.json
View File

@ -1,17 +1,73 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22388",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is an Integer Overflow Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause certain codes to be executed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Integer Overflow Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}

68
2021/22xxx/CVE-2021-22389.json
View File

@ -1,17 +1,73 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22389",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is a Permission Control Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause certain codes to be executed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Permission Control Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}

68
2021/22xxx/CVE-2021-22390.json
View File

@ -1,17 +1,73 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22390",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause certain codes to be executed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Buffer Improper Operation Limit Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}

104
2021/22xxx/CVE-2021-22391.json
View File

@ -1,17 +1,109 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22391",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "9.1.1"
},
{
"version_affected": "=",
"version_value": "9.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
},
{
"version_affected": "=",
"version_value": "2.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is an Incorrect Calculation of Buffer Size in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Incorrect Calculation of Buffer Size"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}

104
2021/22xxx/CVE-2021-22392.json
View File

@ -1,17 +1,109 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22392",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "9.1.1"
},
{
"version_affected": "=",
"version_value": "9.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
},
{
"version_affected": "=",
"version_value": "2.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is an Incorrect Calculation of Buffer Size in Huawei Smartphone.Successful exploitation of this vulnerability may cause verification bypass and directions to abnormal addresses."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Incorrect Calculation of Buffer Size"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}

53
2021/22xxx/CVE-2021-22396.json
View File

@ -4,14 +4,61 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-22396",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "eCNS280_TD;eSE620X vESS",
"version": {
"version_data": [
{
"version_value": "V100R005C00,V100R005C10"
},
{
"version_value": "V100R001C10SPC200,V100R001C20SPC200"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege Escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210714-01-privilege-en",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210714-01-privilege-en"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is a privilege escalation vulnerability in some Huawei products. Due to improper privilege management, a local attacker with common privilege may access some specific files in the affected products. Successful exploit will cause privilege escalation.Affected product versions include:eCNS280_TD V100R005C00,V100R005C10;eSE620X vESS V100R001C10SPC200,V100R001C20SPC200."
}
]
}

50
2021/22xxx/CVE-2021-22397.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-22397",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "ManageOne",
"version": {
"version_data": [
{
"version_value": "8.0.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege Escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210714-01-pe-en",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210714-01-pe-en"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is a privilege escalation vulnerability in Huawei ManageOne 8.0.0. External parameters of some files are lack of verification when they are be called. Attackers can exploit this vulnerability by performing these files to cause privilege escalation attack. This can compromise normal service."
}
]
}

59
2021/22xxx/CVE-2021-22398.json
View File

@ -4,14 +4,67 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-22398",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Hulk-AL00C;Jennifer-AN00C;Jenny-AL10B;OxfordPL-AN10B",
"version": {
"version_data": [
{
"version_value": "9.1.1.201(C00E201R8P1)"
},
{
"version_value": "10.1.1.171(C00E170R6P3)"
},
{
"version_value": "10.1.0.228(C00E220R5P1)"
},
{
"version_value": "10.1.0.116(C00E110R2P1)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Logic Error"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210714-01-smartphone-en",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210714-01-smartphone-en"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is a logic error vulnerability in several smartphones. The software does not properly restrict certain operation when the Digital Balance function is on. Successful exploit could allow the attacker to bypass the Digital Balance limit after a series of operations. Affected product versions include: Hulk-AL00C 9.1.1.201(C00E201R8P1);Jennifer-AN00C 10.1.1.171(C00E170R6P3);Jenny-AL10B 10.1.0.228(C00E220R5P1) and OxfordPL-AN10B 10.1.0.116(C00E110R2P1)."
}
]
}

68
2021/22xxx/CVE-2021-22412.json
View File

@ -1,17 +1,73 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22412",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is an Integer Overflow Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause random kernel address access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Integer Overflow Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}

80
2021/22xxx/CVE-2021-22413.json
View File

@ -1,17 +1,85 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22413",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "9.1.0"
},
{
"version_affected": "=",
"version_value": "8.2"
},
{
"version_affected": "=",
"version_value": "8.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is an Integer Overflow Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Integer Overflow Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}

80
2021/22xxx/CVE-2021-22414.json
View File

@ -1,17 +1,85 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22414",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "9.1.0"
},
{
"version_affected": "=",
"version_value": "8.2"
},
{
"version_affected": "=",
"version_value": "8.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is a Memory Buffer Errors Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Buffer Errors"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}

68
2021/22xxx/CVE-2021-22415.json
View File

@ -1,17 +1,73 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22415",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is an Incorrect Calculation of Buffer Size Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause kernel exceptions with the code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Incorrect Calculation of Buffer Size"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}

68
2021/22xxx/CVE-2021-22427.json
View File

@ -1,17 +1,73 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22427",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is a Heap-based Buffer Overflow Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to authentication bypass."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}

68
2021/22xxx/CVE-2021-22428.json
View File

@ -1,17 +1,73 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22428",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is an Incomplete Cleanup Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to authentication bypass."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Incomplete Cleanup"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}

68
2021/22xxx/CVE-2021-22435.json
View File

@ -1,17 +1,73 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22435",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is a Configuration Defect Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service integrity and availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Configuration Defect"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}

68
2021/22xxx/CVE-2021-22438.json
View File

@ -1,17 +1,73 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22438",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause malicious code to be executed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Buffer Improper Operation Limit Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}

104
2021/22xxx/CVE-2021-22442.json
View File

@ -1,17 +1,109 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22442",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "9.1.1"
},
{
"version_affected": "=",
"version_value": "9.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
},
{
"version_affected": "=",
"version_value": "2.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is an Improper Validation of Integrity Check Value Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Validation of Integrity Check Value"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}

104
2021/22xxx/CVE-2021-22443.json
View File

@ -1,17 +1,109 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22443",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "9.1.1"
},
{
"version_affected": "=",
"version_value": "9.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
},
{
"version_affected": "=",
"version_value": "2.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause random address access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Input Verification Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}

104
2021/22xxx/CVE-2021-22444.json
View File

@ -1,17 +1,109 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22444",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "9.1.1"
},
{
"version_affected": "=",
"version_value": "9.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
},
{
"version_affected": "=",
"version_value": "2.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause code injection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Input Verification Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}

172
2021/29xxx/CVE-2021-29757.json
View File

@ -1,90 +1,90 @@
{
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM QRadar User Behavior Analytics 4.1.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 202168."
}
]
},
"data_version" : "4.0",
"affects" : {
"vendor" : {
"vendor_data" : [
"description": {
"description_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "4.1.1"
}
]
},
"product_name" : "QRadar User Behavior Analytics"
}
]
}
"lang": "eng",
"value": "IBM QRadar User Behavior Analytics 4.1.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 202168."
}
]
}
},
"data_format" : "MITRE",
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2021-07-30T00:00:00",
"STATE" : "PUBLIC",
"ID" : "CVE-2021-29757"
},
"data_type" : "CVE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Access"
}
]
},
"data_version": "4.0",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "4.1.1"
}
]
},
"product_name": "QRadar User Behavior Analytics"
}
]
}
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/pages/node/6477204",
"title" : "IBM Security Bulletin 6477204 (QRadar User Behavior Analytics)",
"name" : "https://www.ibm.com/support/pages/node/6477204",
"refsource" : "CONFIRM"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/202168",
"title" : "X-Force Vulnerability Report",
"name" : "ibm-qradar-cve202129757-csrf (202168)",
"refsource" : "XF"
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
},
"BM" : {
"SCORE" : "4.300",
"A" : "N",
"S" : "U",
"I" : "L",
"PR" : "N",
"AV" : "N",
"UI" : "R",
"AC" : "L",
"C" : "N"
}
}
}
}
}
},
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2021-07-30T00:00:00",
"STATE": "PUBLIC",
"ID": "CVE-2021-29757"
},
"data_type": "CVE",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Access"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.ibm.com/support/pages/node/6477204",
"title": "IBM Security Bulletin 6477204 (QRadar User Behavior Analytics)",
"name": "https://www.ibm.com/support/pages/node/6477204",
"refsource": "CONFIRM"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/202168",
"title": "X-Force Vulnerability Report",
"name": "ibm-qradar-cve202129757-csrf (202168)",
"refsource": "XF"
}
]
},
"impact": {
"cvssv3": {
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
},
"BM": {
"SCORE": "4.300",
"A": "N",
"S": "U",
"I": "L",
"PR": "N",
"AV": "N",
"UI": "R",
"AC": "L",
"C": "N"
}
}
}
}

2
2021/35xxx/CVE-2021-35464.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "ForgeRock AM server 6.x before 7, and OpenAM 14.6.3, has a Java deserialization vulnerability in the jato.pageSession parameter on multiple pages. The exploitation does not require authentication, and remote code execution can be triggered by sending a single crafted /ccversion/Version request to the server. The vulnerability exists due to incorrect usage of Sun ONE Application Framework (JATO)."
"value": "ForgeRock AM server before 7.0 has a Java deserialization vulnerability in the jato.pageSession parameter on multiple pages. The exploitation does not require authentication, and remote code execution can be triggered by sending a single crafted /ccversion/* request to the server. The vulnerability exists due to the usage of Sun ONE Application Framework (JATO) found in versions of Java 8 or earlier"
}
]
},

18
2021/3xxx/CVE-2021-3674.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3674",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}