diff --git a/2002/1xxx/CVE-2002-1912.json b/2002/1xxx/CVE-2002-1912.json index c41d1a9c0c6..9c61167999b 100644 --- a/2002/1xxx/CVE-2002-1912.json +++ b/2002/1xxx/CVE-2002-1912.json @@ -62,15 +62,15 @@ "refsource": "XF", "url": "http://www.iss.net/security_center/static/10380.php" }, - { - "name": "http://www.globalintersec.com/adv/skystream-2002021001.txt", - "refsource": "MISC", - "url": "http://www.globalintersec.com/adv/skystream-2002021001.txt" - }, { "name": "20021016 [GIS 2002021001] SkyStream EMR5000 DVB router DoS.", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/295516" + }, + { + "name": "http://www.globalintersec.com/adv/skystream-2002021001.txt", + "refsource": "MISC", + "url": "http://www.globalintersec.com/adv/skystream-2002021001.txt" } ] } diff --git a/2002/1xxx/CVE-2002-1947.json b/2002/1xxx/CVE-2002-1947.json index 65c5b6d9c0f..75fc6e10810 100644 --- a/2002/1xxx/CVE-2002-1947.json +++ b/2002/1xxx/CVE-2002-1947.json @@ -52,11 +52,6 @@ }, "references": { "reference_data": [ - { - "name": "http://www.webmin.com/changes.html", - "refsource": "CONFIRM", - "url": "http://www.webmin.com/changes.html" - }, { "name": "webmin-identical-ssl-keys(10381)", "refsource": "XF", @@ -71,6 +66,11 @@ "name": "FreeBSD-SA-02:06", "refsource": "FREEBSD", "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02%3A06.asc" + }, + { + "name": "http://www.webmin.com/changes.html", + "refsource": "CONFIRM", + "url": "http://www.webmin.com/changes.html" } ] } diff --git a/2002/1xxx/CVE-2002-1957.json b/2002/1xxx/CVE-2002-1957.json index 7cf7cb9ce26..93f50de3866 100644 --- a/2002/1xxx/CVE-2002-1957.json +++ b/2002/1xxx/CVE-2002-1957.json @@ -57,15 +57,15 @@ "refsource": "XF", "url": "http://www.iss.net/security_center/static/9505.php" }, - { - "name": "http://siag.nu/pen/news-0.9.3.shtml", - "refsource": "CONFIRM", - "url": "http://siag.nu/pen/news-0.9.3.shtml" - }, { "name": "5152", "refsource": "BID", "url": "http://www.securityfocus.com/bid/5152" + }, + { + "name": "http://siag.nu/pen/news-0.9.3.shtml", + "refsource": "CONFIRM", + "url": "http://siag.nu/pen/news-0.9.3.shtml" } ] } diff --git a/2005/0xxx/CVE-2005-0864.json b/2005/0xxx/CVE-2005-0864.json index 24b7c1ba300..46ae4a6c37e 100644 --- a/2005/0xxx/CVE-2005-0864.json +++ b/2005/0xxx/CVE-2005-0864.json @@ -52,16 +52,16 @@ }, "references": { "reference_data": [ - { - "name": "http://exploitlabs.com/files/advisories/EXPL-A-2005-002-samsung-adsl.txt", - "refsource": "MISC", - "url": "http://exploitlabs.com/files/advisories/EXPL-A-2005-002-samsung-adsl.txt" - }, { "name": "12864", "refsource": "BID", "url": "http://www.securityfocus.com/bid/12864" }, + { + "name": "http://exploitlabs.com/files/advisories/EXPL-A-2005-002-samsung-adsl.txt", + "refsource": "MISC", + "url": "http://exploitlabs.com/files/advisories/EXPL-A-2005-002-samsung-adsl.txt" + }, { "name": "http://zone-h.org/en/advisories/read/id=7339/", "refsource": "MISC", diff --git a/2005/0xxx/CVE-2005-0987.json b/2005/0xxx/CVE-2005-0987.json index 810171ecfaa..81e35dcdde5 100644 --- a/2005/0xxx/CVE-2005-0987.json +++ b/2005/0xxx/CVE-2005-0987.json @@ -52,15 +52,15 @@ }, "references": { "reference_data": [ - { - "name": "http://www.ircservices.esper.net/Changes.txt", - "refsource": "CONFIRM", - "url": "http://www.ircservices.esper.net/Changes.txt" - }, { "name": "1013622", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1013622" + }, + { + "name": "http://www.ircservices.esper.net/Changes.txt", + "refsource": "CONFIRM", + "url": "http://www.ircservices.esper.net/Changes.txt" } ] } diff --git a/2021/31xxx/CVE-2021-31478.json b/2021/31xxx/CVE-2021-31478.json index 58029c670cc..09a465162e8 100644 --- a/2021/31xxx/CVE-2021-31478.json +++ b/2021/31xxx/CVE-2021-31478.json @@ -1,67 +1,69 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2021-31478", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Brava! Desktop", - "version": { - "version_data": [ - { - "version_value": "16.6.3.84" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2021-31478", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Brava! Desktop", + "version": { + "version_data": [ + { + "version_value": "16.6.3.84" + } + ] + } + } + ] + }, + "vendor_name": "OpenText" } - } ] - }, - "vendor_name": "OpenText" } - ] - } - }, - "credit": "rgod", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12633." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-122: Heap-based Buffer Overflow" - } + }, + "credit": "rgod", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12633." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-618/" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-122: Heap-based Buffer Overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-618/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-618/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2021/31xxx/CVE-2021-31479.json b/2021/31xxx/CVE-2021-31479.json index b0cdbb4e89f..ac60a9b8de5 100644 --- a/2021/31xxx/CVE-2021-31479.json +++ b/2021/31xxx/CVE-2021-31479.json @@ -1,67 +1,69 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2021-31479", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Brava! Desktop", - "version": { - "version_data": [ - { - "version_value": "16.6.3.84" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2021-31479", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Brava! Desktop", + "version": { + "version_data": [ + { + "version_value": "16.6.3.84" + } + ] + } + } + ] + }, + "vendor_name": "OpenText" } - } ] - }, - "vendor_name": "OpenText" } - ] - } - }, - "credit": "rgod", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PDF files. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12634." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-824: Access of Uninitialized Pointer" - } + }, + "credit": "rgod", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12634." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-619/" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-824: Access of Uninitialized Pointer" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-619/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-619/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2021/31xxx/CVE-2021-31480.json b/2021/31xxx/CVE-2021-31480.json index c24a744a476..b91ea0dea57 100644 --- a/2021/31xxx/CVE-2021-31480.json +++ b/2021/31xxx/CVE-2021-31480.json @@ -1,67 +1,69 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2021-31480", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Brava! Desktop", - "version": { - "version_data": [ - { - "version_value": "16.6.3.84" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2021-31480", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Brava! Desktop", + "version": { + "version_data": [ + { + "version_value": "16.6.3.84" + } + ] + } + } + ] + }, + "vendor_name": "OpenText" } - } ] - }, - "vendor_name": "OpenText" } - ] - } - }, - "credit": "rgod", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12654." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-843: Access of Resource Using Incompatible Type ('Type Confusion')" - } + }, + "credit": "rgod", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12654." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-620/" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-843: Access of Resource Using Incompatible Type ('Type Confusion')" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-620/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-620/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2021/31xxx/CVE-2021-31481.json b/2021/31xxx/CVE-2021-31481.json index c6cd0a83350..4dda5fb171b 100644 --- a/2021/31xxx/CVE-2021-31481.json +++ b/2021/31xxx/CVE-2021-31481.json @@ -1,67 +1,69 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2021-31481", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Brava! Desktop", - "version": { - "version_data": [ - { - "version_value": "16.6.3.84" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2021-31481", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Brava! Desktop", + "version": { + "version_data": [ + { + "version_value": "16.6.3.84" + } + ] + } + } + ] + }, + "vendor_name": "OpenText" } - } ] - }, - "vendor_name": "OpenText" } - ] - } - }, - "credit": "rgod", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of SLDPRT files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12659." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-822: Untrusted Pointer Dereference" - } + }, + "credit": "rgod", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SLDPRT files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12659." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-621/" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-822: Untrusted Pointer Dereference" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-621/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-621/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2021/31xxx/CVE-2021-31482.json b/2021/31xxx/CVE-2021-31482.json index ba3846021f4..674c5fac06a 100644 --- a/2021/31xxx/CVE-2021-31482.json +++ b/2021/31xxx/CVE-2021-31482.json @@ -1,67 +1,69 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2021-31482", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Brava! Desktop", - "version": { - "version_data": [ - { - "version_value": "16.6.3.84" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2021-31482", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Brava! Desktop", + "version": { + "version_data": [ + { + "version_value": "16.6.3.84" + } + ] + } + } + ] + }, + "vendor_name": "OpenText" } - } ] - }, - "vendor_name": "OpenText" } - ] - } - }, - "credit": "rgod", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of DWF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12708." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-787: Out-of-bounds Write" - } + }, + "credit": "rgod", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12708." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-622/" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-787: Out-of-bounds Write" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-622/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-622/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2021/31xxx/CVE-2021-31483.json b/2021/31xxx/CVE-2021-31483.json index 6e938a88bd4..9ec86818e2b 100644 --- a/2021/31xxx/CVE-2021-31483.json +++ b/2021/31xxx/CVE-2021-31483.json @@ -1,67 +1,69 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2021-31483", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Brava! Desktop", - "version": { - "version_data": [ - { - "version_value": "16.6.3.84" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2021-31483", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Brava! Desktop", + "version": { + "version_data": [ + { + "version_value": "16.6.3.84" + } + ] + } + } + ] + }, + "vendor_name": "OpenText" } - } ] - }, - "vendor_name": "OpenText" } - ] - } - }, - "credit": "rgod", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of DWF files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12709." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-122: Heap-based Buffer Overflow" - } + }, + "credit": "rgod", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWF files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12709." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-623/" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-122: Heap-based Buffer Overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-623/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-623/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2021/31xxx/CVE-2021-31484.json b/2021/31xxx/CVE-2021-31484.json index 5a8e02db822..c0de034aafd 100644 --- a/2021/31xxx/CVE-2021-31484.json +++ b/2021/31xxx/CVE-2021-31484.json @@ -1,67 +1,69 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2021-31484", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Brava! Desktop", - "version": { - "version_data": [ - { - "version_value": "16.6.3.84" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2021-31484", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Brava! Desktop", + "version": { + "version_data": [ + { + "version_value": "16.6.3.84" + } + ] + } + } + ] + }, + "vendor_name": "OpenText" } - } ] - }, - "vendor_name": "OpenText" } - ] - } - }, - "credit": "rgod", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of DWF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12710." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-787: Out-of-bounds Write" - } + }, + "credit": "rgod", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12710." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-624/" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-787: Out-of-bounds Write" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-624/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-624/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2021/34xxx/CVE-2021-34706.json b/2021/34xxx/CVE-2021-34706.json new file mode 100644 index 00000000000..7910264be7f --- /dev/null +++ b/2021/34xxx/CVE-2021-34706.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-34706", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/34xxx/CVE-2021-34710.json b/2021/34xxx/CVE-2021-34710.json new file mode 100644 index 00000000000..f4aad16d751 --- /dev/null +++ b/2021/34xxx/CVE-2021-34710.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-34710", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/34xxx/CVE-2021-34711.json b/2021/34xxx/CVE-2021-34711.json new file mode 100644 index 00000000000..aac038bd111 --- /dev/null +++ b/2021/34xxx/CVE-2021-34711.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-34711", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/34xxx/CVE-2021-34714.json b/2021/34xxx/CVE-2021-34714.json new file mode 100644 index 00000000000..0a7ba17dfe5 --- /dev/null +++ b/2021/34xxx/CVE-2021-34714.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-34714", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/34xxx/CVE-2021-34716.json b/2021/34xxx/CVE-2021-34716.json new file mode 100644 index 00000000000..007317f7b16 --- /dev/null +++ b/2021/34xxx/CVE-2021-34716.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-34716", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/34xxx/CVE-2021-34718.json b/2021/34xxx/CVE-2021-34718.json new file mode 100644 index 00000000000..c7d5cf67b46 --- /dev/null +++ b/2021/34xxx/CVE-2021-34718.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-34718", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/34xxx/CVE-2021-34722.json b/2021/34xxx/CVE-2021-34722.json new file mode 100644 index 00000000000..883940bba10 --- /dev/null +++ b/2021/34xxx/CVE-2021-34722.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-34722", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/34xxx/CVE-2021-34745.json b/2021/34xxx/CVE-2021-34745.json new file mode 100644 index 00000000000..1b29c1a3d18 --- /dev/null +++ b/2021/34xxx/CVE-2021-34745.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-34745", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/34xxx/CVE-2021-34746.json b/2021/34xxx/CVE-2021-34746.json new file mode 100644 index 00000000000..98e5b2a7f2f --- /dev/null +++ b/2021/34xxx/CVE-2021-34746.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-34746", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/34xxx/CVE-2021-34780.json b/2021/34xxx/CVE-2021-34780.json new file mode 100644 index 00000000000..71b06f99e73 --- /dev/null +++ b/2021/34xxx/CVE-2021-34780.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-34780", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/34xxx/CVE-2021-34787.json b/2021/34xxx/CVE-2021-34787.json new file mode 100644 index 00000000000..be9b688fb70 --- /dev/null +++ b/2021/34xxx/CVE-2021-34787.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-34787", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/34xxx/CVE-2021-34790.json b/2021/34xxx/CVE-2021-34790.json new file mode 100644 index 00000000000..b0f67407e25 --- /dev/null +++ b/2021/34xxx/CVE-2021-34790.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-34790", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/34xxx/CVE-2021-34791.json b/2021/34xxx/CVE-2021-34791.json new file mode 100644 index 00000000000..acf11e6d3b9 --- /dev/null +++ b/2021/34xxx/CVE-2021-34791.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-34791", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/34xxx/CVE-2021-34796.json b/2021/34xxx/CVE-2021-34796.json new file mode 100644 index 00000000000..2f402a4f998 --- /dev/null +++ b/2021/34xxx/CVE-2021-34796.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-34796", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file