From ddc672053e1a5f5a05eb811593306b66cf4cdd37 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 2 Nov 2021 11:01:06 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2020/27xxx/CVE-2020-27406.json | 61 ++++++++++++++++++++++++++++++---- 2020/35xxx/CVE-2020-35249.json | 56 +++++++++++++++++++++++++++---- 2021/0xxx/CVE-2021-0283.json | 2 +- 2021/0xxx/CVE-2021-0284.json | 2 +- 2021/27xxx/CVE-2021-27722.json | 61 ++++++++++++++++++++++++++++++---- 2021/27xxx/CVE-2021-27723.json | 61 ++++++++++++++++++++++++++++++---- 2021/32xxx/CVE-2021-32558.json | 5 +++ 2021/32xxx/CVE-2021-32686.json | 5 +++ 2021/35xxx/CVE-2021-35550.json | 5 +++ 2021/35xxx/CVE-2021-35556.json | 5 +++ 2021/35xxx/CVE-2021-35559.json | 5 +++ 2021/35xxx/CVE-2021-35561.json | 5 +++ 2021/35xxx/CVE-2021-35564.json | 5 +++ 2021/35xxx/CVE-2021-35565.json | 5 +++ 2021/35xxx/CVE-2021-35567.json | 5 +++ 2021/35xxx/CVE-2021-35578.json | 5 +++ 2021/35xxx/CVE-2021-35586.json | 5 +++ 2021/35xxx/CVE-2021-35603.json | 5 +++ 18 files changed, 277 insertions(+), 26 deletions(-) diff --git a/2020/27xxx/CVE-2020-27406.json b/2020/27xxx/CVE-2020-27406.json index 9593123136e..f5678202ced 100644 --- a/2020/27xxx/CVE-2020-27406.json +++ b/2020/27xxx/CVE-2020-27406.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-27406", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-27406", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross Site Scripting (XSS) vulnerability in DynPG 4.9.1, allows authenticated attackers to execute arbitrary code via the groupname." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://dynpg.com", + "refsource": "MISC", + "name": "http://dynpg.com" + }, + { + "refsource": "MISC", + "name": "https://www.exploit-db.com/exploits/48865", + "url": "https://www.exploit-db.com/exploits/48865" } ] } diff --git a/2020/35xxx/CVE-2020-35249.json b/2020/35xxx/CVE-2020-35249.json index 3e60c31a022..6638984ce38 100644 --- a/2020/35xxx/CVE-2020-35249.json +++ b/2020/35xxx/CVE-2020-35249.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-35249", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-35249", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross Site Scripting (XSS) vulnerability in ElkarBackup 1.3.3, allows attackers to execute arbitrary code via the name parameter to the add client feature." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.exploit-db.com/exploits/48756", + "refsource": "MISC", + "name": "https://www.exploit-db.com/exploits/48756" } ] } diff --git a/2021/0xxx/CVE-2021-0283.json b/2021/0xxx/CVE-2021-0283.json index 719c3e56fab..ccbf6d5dd82 100644 --- a/2021/0xxx/CVE-2021-0283.json +++ b/2021/0xxx/CVE-2021-0283.json @@ -143,7 +143,7 @@ "description_data": [ { "lang": "eng", - "value": "A buffer overflow vulnerability in the TCP/IP stack of Juniper Networks Junos OS allows an attacker to send specific sequences of packets to the device thereby causing a Denial of Service (DoS).\n\nBy repeatedly sending these sequences of packets to the device, an attacker can sustain the Denial of Service (DoS) condition.\n\nThe device will abnormally shut down as a result of these sent packets. A potential indicator of compromise will be the following message in the log files:\n \"eventd[13955]: SYSTEM_ABNORMAL_SHUTDOWN: System abnormally shut down\"\n\nThese issue are only triggered by traffic destined to the device. Transit traffic will not trigger these issues.\nThis issue affects:\nJuniper Networks Junos OS\n12.3 versions prior to 12.3R12-S19;\n15.1 versions prior to 15.1R7-S10;\n16.1 version 16.1R1 and later versions;\n16.2 version 16.2R1 and later versions;\n17.1 version 17.1R1 and later versions;\n17.2 version 17.2R1 and later versions;\n17.3 versions prior to 17.3R3-S12;\n17.4 version 17.4R1 and later versions;\n18.1 versions prior to 18.1R3-S13;\n18.2 version 18.2R1 and later versions;\n18.3 versions prior to 18.3R3-S5;\n18.4 versions prior to 18.4R2-S9, 18.4R3-S9;\n19.1 versions prior to 19.1R3-S6;\n19.2 versions prior to 19.2R1-S7, 19.2R3-S3;\n19.3 versions prior to 19.3R2-S7, 19.3R3-S3;\n19.4 versions prior to 19.4R3-S5;\n20.1 versions prior to 20.1R2-S2, 20.1R3-S1;\n20.2 versions prior to 20.2R3-S2;\n20.3 versions prior to 20.3R3;\n20.4 versions prior to 20.4R2-S1, 20.4R3;\n21.1 versions prior to 21.1R1-S1, 21.1R2;\n21.2 versions prior to 21.2R1-S1, 21.2R2." + "value": "A buffer overflow vulnerability in the TCP/IP stack of Juniper Networks Junos OS allows an attacker to send specific sequences of packets to the device thereby causing a Denial of Service (DoS). By repeatedly sending these sequences of packets to the device, an attacker can sustain the Denial of Service (DoS) condition. The device will abnormally shut down as a result of these sent packets. A potential indicator of compromise will be the following message in the log files: \"eventd[13955]: SYSTEM_ABNORMAL_SHUTDOWN: System abnormally shut down\" These issue are only triggered by traffic destined to the device. Transit traffic will not trigger these issues. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S19; 15.1 versions prior to 15.1R7-S10; 16.1 version 16.1R1 and later versions; 16.2 version 16.2R1 and later versions; 17.1 version 17.1R1 and later versions; 17.2 version 17.2R1 and later versions; 17.3 versions prior to 17.3R3-S12; 17.4 version 17.4R1 and later versions; 18.1 versions prior to 18.1R3-S13; 18.2 version 18.2R1 and later versions; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R2-S9, 18.4R3-S9; 19.1 versions prior to 19.1R3-S6; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 19.3R2-S7, 19.3R3-S3; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R2-S2, 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R2-S1, 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2; 21.2 versions prior to 21.2R1-S1, 21.2R2." } ] }, diff --git a/2021/0xxx/CVE-2021-0284.json b/2021/0xxx/CVE-2021-0284.json index f53f98b8096..b45b6888570 100644 --- a/2021/0xxx/CVE-2021-0284.json +++ b/2021/0xxx/CVE-2021-0284.json @@ -103,7 +103,7 @@ "description_data": [ { "lang": "eng", - "value": "A buffer overflow vulnerability in the TCP/IP stack of Juniper Networks Junos OS allows an attacker to send specific sequences of packets to the device thereby causing a Denial of Service (DoS).\n\nBy repeatedly sending these sequences of packets to the device, an attacker can sustain the Denial of Service (DoS) condition.\n\nThe device will abnormally shut down as a result of these sent packets. A potential indicator of compromise will be the following message in the log files:\n \"eventd[13955]: SYSTEM_ABNORMAL_SHUTDOWN: System abnormally shut down\"\n\nThis issue is only triggered by traffic destined to the device. Transit traffic will not trigger this issue.\nThis issue affects:\nJuniper Networks Junos OS\n12.3 versions prior to 12.3R12-S19;\n15.1 versions prior to 15.1R7-S10;\n17.3 versions prior to 17.3R3-S12;\n18.4 versions prior to 18.4R2-S9, 18.4R3-S9;\n19.1 versions prior to 19.1R3-S7;\n19.2 versions prior to 19.2R1-S7, 19.2R3-S3;\n19.3 versions prior to 19.3R2-S7, 19.3R3-S3;\n19.4 versions prior to 19.4R3-S5;\n20.1 versions prior to 20.1R3-S1;\n20.2 versions prior to 20.2R3-S2;\n20.3 versions prior to 20.3R3-S1;\n20.4 versions prior to 20.4R2-S2, 20.4R3;\n21.1 versions prior to 21.1R2;\n21.2 versions prior to 21.2R1-S1, 21.2R2." + "value": "A buffer overflow vulnerability in the TCP/IP stack of Juniper Networks Junos OS allows an attacker to send specific sequences of packets to the device thereby causing a Denial of Service (DoS). By repeatedly sending these sequences of packets to the device, an attacker can sustain the Denial of Service (DoS) condition. The device will abnormally shut down as a result of these sent packets. A potential indicator of compromise will be the following message in the log files: \"eventd[13955]: SYSTEM_ABNORMAL_SHUTDOWN: System abnormally shut down\" This issue is only triggered by traffic destined to the device. Transit traffic will not trigger this issue. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S19; 15.1 versions prior to 15.1R7-S10; 17.3 versions prior to 17.3R3-S12; 18.4 versions prior to 18.4R2-S9, 18.4R3-S9; 19.1 versions prior to 19.1R3-S7; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 19.3R2-S7, 19.3R3-S3; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R2-S2, 20.4R3; 21.1 versions prior to 21.1R2; 21.2 versions prior to 21.2R1-S1, 21.2R2." } ] }, diff --git a/2021/27xxx/CVE-2021-27722.json b/2021/27xxx/CVE-2021-27722.json index 2b459a22c30..19680707082 100644 --- a/2021/27xxx/CVE-2021-27722.json +++ b/2021/27xxx/CVE-2021-27722.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-27722", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-27722", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Nsasoft US LLC SpotAuditor 5.3.5. The program can be crashed by entering 300 bytes char data into the \"Key\" or \"Name\" field while registering." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.exploit-db.com/exploits/49590", + "refsource": "MISC", + "name": "https://www.exploit-db.com/exploits/49590" + }, + { + "refsource": "MISC", + "name": "https://www.exploit-db.com/exploits/49638", + "url": "https://www.exploit-db.com/exploits/49638" } ] } diff --git a/2021/27xxx/CVE-2021-27723.json b/2021/27xxx/CVE-2021-27723.json index 90d3474a8d3..39d81a194bb 100644 --- a/2021/27xxx/CVE-2021-27723.json +++ b/2021/27xxx/CVE-2021-27723.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-27723", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-27723", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Nsasoft US LLC Product Key Explorer 4.2.7. The program can be crashed by entering 300 bytes char data into the \"Key\" or \"Name\" field while registering." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.exploit-db.com/exploits/49590", + "refsource": "MISC", + "name": "https://www.exploit-db.com/exploits/49590" + }, + { + "refsource": "MISC", + "name": "https://www.exploit-db.com/exploits/49638", + "url": "https://www.exploit-db.com/exploits/49638" } ] } diff --git a/2021/32xxx/CVE-2021-32558.json b/2021/32xxx/CVE-2021-32558.json index 786e1bf32c2..64679d1486b 100644 --- a/2021/32xxx/CVE-2021-32558.json +++ b/2021/32xxx/CVE-2021-32558.json @@ -76,6 +76,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20210804 [SECURITY] [DLA 2729-1] asterisk security update", "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00005.html" + }, + { + "refsource": "DEBIAN", + "name": "DSA-4999", + "url": "https://www.debian.org/security/2021/dsa-4999" } ] } diff --git a/2021/32xxx/CVE-2021-32686.json b/2021/32xxx/CVE-2021-32686.json index 842dfa58169..66de3fd917a 100644 --- a/2021/32xxx/CVE-2021-32686.json +++ b/2021/32xxx/CVE-2021-32686.json @@ -88,6 +88,11 @@ "name": "https://github.com/pjsip/pjproject/releases/tag/2.11.1", "refsource": "MISC", "url": "https://github.com/pjsip/pjproject/releases/tag/2.11.1" + }, + { + "refsource": "DEBIAN", + "name": "DSA-4999", + "url": "https://www.debian.org/security/2021/dsa-4999" } ] }, diff --git a/2021/35xxx/CVE-2021-35550.json b/2021/35xxx/CVE-2021-35550.json index 9df5c4af411..f60af5fc601 100644 --- a/2021/35xxx/CVE-2021-35550.json +++ b/2021/35xxx/CVE-2021-35550.json @@ -115,6 +115,11 @@ "refsource": "FEDORA", "name": "FEDORA-2021-107c8c5063", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" + }, + { + "refsource": "DEBIAN", + "name": "DSA-5000", + "url": "https://www.debian.org/security/2021/dsa-5000" } ] } diff --git a/2021/35xxx/CVE-2021-35556.json b/2021/35xxx/CVE-2021-35556.json index e3db3796cfc..085577a3e8d 100644 --- a/2021/35xxx/CVE-2021-35556.json +++ b/2021/35xxx/CVE-2021-35556.json @@ -119,6 +119,11 @@ "refsource": "FEDORA", "name": "FEDORA-2021-107c8c5063", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" + }, + { + "refsource": "DEBIAN", + "name": "DSA-5000", + "url": "https://www.debian.org/security/2021/dsa-5000" } ] } diff --git a/2021/35xxx/CVE-2021-35559.json b/2021/35xxx/CVE-2021-35559.json index ba83b3f1b32..b9e9a9b66cc 100644 --- a/2021/35xxx/CVE-2021-35559.json +++ b/2021/35xxx/CVE-2021-35559.json @@ -119,6 +119,11 @@ "refsource": "FEDORA", "name": "FEDORA-2021-107c8c5063", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" + }, + { + "refsource": "DEBIAN", + "name": "DSA-5000", + "url": "https://www.debian.org/security/2021/dsa-5000" } ] } diff --git a/2021/35xxx/CVE-2021-35561.json b/2021/35xxx/CVE-2021-35561.json index c14a346549c..0bb57b43ef9 100644 --- a/2021/35xxx/CVE-2021-35561.json +++ b/2021/35xxx/CVE-2021-35561.json @@ -119,6 +119,11 @@ "refsource": "FEDORA", "name": "FEDORA-2021-107c8c5063", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" + }, + { + "refsource": "DEBIAN", + "name": "DSA-5000", + "url": "https://www.debian.org/security/2021/dsa-5000" } ] } diff --git a/2021/35xxx/CVE-2021-35564.json b/2021/35xxx/CVE-2021-35564.json index 463fe848841..6bb3238003e 100644 --- a/2021/35xxx/CVE-2021-35564.json +++ b/2021/35xxx/CVE-2021-35564.json @@ -119,6 +119,11 @@ "refsource": "FEDORA", "name": "FEDORA-2021-107c8c5063", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" + }, + { + "refsource": "DEBIAN", + "name": "DSA-5000", + "url": "https://www.debian.org/security/2021/dsa-5000" } ] } diff --git a/2021/35xxx/CVE-2021-35565.json b/2021/35xxx/CVE-2021-35565.json index bec2012a9bc..c130acda17e 100644 --- a/2021/35xxx/CVE-2021-35565.json +++ b/2021/35xxx/CVE-2021-35565.json @@ -115,6 +115,11 @@ "refsource": "FEDORA", "name": "FEDORA-2021-107c8c5063", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" + }, + { + "refsource": "DEBIAN", + "name": "DSA-5000", + "url": "https://www.debian.org/security/2021/dsa-5000" } ] } diff --git a/2021/35xxx/CVE-2021-35567.json b/2021/35xxx/CVE-2021-35567.json index 1e48f1c6ec6..b09b9ff797c 100644 --- a/2021/35xxx/CVE-2021-35567.json +++ b/2021/35xxx/CVE-2021-35567.json @@ -100,6 +100,11 @@ "refsource": "FEDORA", "name": "FEDORA-2021-107c8c5063", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" + }, + { + "refsource": "DEBIAN", + "name": "DSA-5000", + "url": "https://www.debian.org/security/2021/dsa-5000" } ] } diff --git a/2021/35xxx/CVE-2021-35578.json b/2021/35xxx/CVE-2021-35578.json index 9e66f9f4ace..48482db75c7 100644 --- a/2021/35xxx/CVE-2021-35578.json +++ b/2021/35xxx/CVE-2021-35578.json @@ -100,6 +100,11 @@ "refsource": "FEDORA", "name": "FEDORA-2021-107c8c5063", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" + }, + { + "refsource": "DEBIAN", + "name": "DSA-5000", + "url": "https://www.debian.org/security/2021/dsa-5000" } ] } diff --git a/2021/35xxx/CVE-2021-35586.json b/2021/35xxx/CVE-2021-35586.json index 5dc388d7170..9a018d54336 100644 --- a/2021/35xxx/CVE-2021-35586.json +++ b/2021/35xxx/CVE-2021-35586.json @@ -104,6 +104,11 @@ "refsource": "FEDORA", "name": "FEDORA-2021-107c8c5063", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" + }, + { + "refsource": "DEBIAN", + "name": "DSA-5000", + "url": "https://www.debian.org/security/2021/dsa-5000" } ] } diff --git a/2021/35xxx/CVE-2021-35603.json b/2021/35xxx/CVE-2021-35603.json index ebf375e2b67..d02548a943b 100644 --- a/2021/35xxx/CVE-2021-35603.json +++ b/2021/35xxx/CVE-2021-35603.json @@ -104,6 +104,11 @@ "refsource": "FEDORA", "name": "FEDORA-2021-107c8c5063", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" + }, + { + "refsource": "DEBIAN", + "name": "DSA-5000", + "url": "https://www.debian.org/security/2021/dsa-5000" } ] }