diff --git a/2013/7xxx/CVE-2013-7470.json b/2013/7xxx/CVE-2013-7470.json index ea7cdb3be25..110b41b0413 100644 --- a/2013/7xxx/CVE-2013-7470.json +++ b/2013/7xxx/CVE-2013-7470.json @@ -71,11 +71,6 @@ "refsource": "CONFIRM", "name": "https://support.f5.com/csp/article/K21914362", "url": "https://support.f5.com/csp/article/K21914362" - }, - { - "refsource": "MISC", - "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/7098-security-advisory-40", - "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/7098-security-advisory-40" } ] } diff --git a/2014/0xxx/CVE-2014-0224.json b/2014/0xxx/CVE-2014-0224.json index cb059868a58..01458bb4294 100644 --- a/2014/0xxx/CVE-2014-0224.json +++ b/2014/0xxx/CVE-2014-0224.json @@ -1571,11 +1571,6 @@ "refsource": "CONFIRM", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf" - }, - { - "refsource": "MISC", - "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/941-security-advisory-0005", - "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/941-security-advisory-0005" } ] } diff --git a/2014/3xxx/CVE-2014-3566.json b/2014/3xxx/CVE-2014-3566.json index c24b7215e0d..ac1685c719a 100644 --- a/2014/3xxx/CVE-2014-3566.json +++ b/2014/3xxx/CVE-2014-3566.json @@ -1371,11 +1371,6 @@ "refsource": "MLIST", "name": "[cxf-commits] 20210616 svn commit: r1075801 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2021-30468.txt.asc security-advisories.html", "url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E" - }, - { - "refsource": "MISC", - "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1015-security-advisory-7", - "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1015-security-advisory-7" } ] } diff --git a/2014/6xxx/CVE-2014-6271.json b/2014/6xxx/CVE-2014-6271.json index a7ebecdbae3..fe3c6b94501 100644 --- a/2014/6xxx/CVE-2014-6271.json +++ b/2014/6xxx/CVE-2014-6271.json @@ -931,11 +931,6 @@ "refsource": "MISC", "name": "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html", "url": "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html" - }, - { - "refsource": "MISC", - "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006", - "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006" } ] } diff --git a/2014/6xxx/CVE-2014-6278.json b/2014/6xxx/CVE-2014-6278.json index 5267fbcdf2b..7d0114ce885 100644 --- a/2014/6xxx/CVE-2014-6278.json +++ b/2014/6xxx/CVE-2014-6278.json @@ -621,11 +621,6 @@ "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879" - }, - { - "refsource": "MISC", - "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006", - "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006" } ] } diff --git a/2014/7xxx/CVE-2014-7169.json b/2014/7xxx/CVE-2014-7169.json index 5e8cf8868eb..adfa2f372a0 100644 --- a/2014/7xxx/CVE-2014-7169.json +++ b/2014/7xxx/CVE-2014-7169.json @@ -876,11 +876,6 @@ "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879" - }, - { - "refsource": "MISC", - "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006", - "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006" } ] } diff --git a/2014/9xxx/CVE-2014-9293.json b/2014/9xxx/CVE-2014-9293.json index 4a6c63fde13..4ca68be18d3 100644 --- a/2014/9xxx/CVE-2014-9293.json +++ b/2014/9xxx/CVE-2014-9293.json @@ -156,11 +156,6 @@ "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1176032", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1176032" - }, - { - "refsource": "MISC", - "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1047-security-advisory-8", - "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1047-security-advisory-8" } ] } diff --git a/2014/9xxx/CVE-2014-9294.json b/2014/9xxx/CVE-2014-9294.json index 7d106388cfd..d252c40f46c 100644 --- a/2014/9xxx/CVE-2014-9294.json +++ b/2014/9xxx/CVE-2014-9294.json @@ -156,11 +156,6 @@ "name": "MDVSA-2015:003", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:003" - }, - { - "refsource": "MISC", - "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1047-security-advisory-8", - "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1047-security-advisory-8" } ] } diff --git a/2014/9xxx/CVE-2014-9295.json b/2014/9xxx/CVE-2014-9295.json index 1f4a6122b5f..5e47f6fc2ce 100644 --- a/2014/9xxx/CVE-2014-9295.json +++ b/2014/9xxx/CVE-2014-9295.json @@ -191,11 +191,6 @@ "name": "http://bugs.ntp.org/show_bug.cgi?id=2669", "refsource": "CONFIRM", "url": "http://bugs.ntp.org/show_bug.cgi?id=2669" - }, - { - "refsource": "MISC", - "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1047-security-advisory-8", - "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1047-security-advisory-8" } ] } diff --git a/2014/9xxx/CVE-2014-9296.json b/2014/9xxx/CVE-2014-9296.json index f752e2910b4..3a3890e6a70 100644 --- a/2014/9xxx/CVE-2014-9296.json +++ b/2014/9xxx/CVE-2014-9296.json @@ -146,11 +146,6 @@ "name": "MDVSA-2015:003", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:003" - }, - { - "refsource": "MISC", - "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1047-security-advisory-8", - "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1047-security-advisory-8" } ] } diff --git a/2015/0xxx/CVE-2015-0235.json b/2015/0xxx/CVE-2015-0235.json index e9dc31c8b55..50c9ee38ab2 100644 --- a/2015/0xxx/CVE-2015-0235.json +++ b/2015/0xxx/CVE-2015-0235.json @@ -496,11 +496,6 @@ "refsource": "MISC", "name": "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html", "url": "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html" - }, - { - "refsource": "MISC", - "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1053-security-advisory-9", - "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1053-security-advisory-9" } ] } diff --git a/2015/10xxx/CVE-2015-10001.json b/2015/10xxx/CVE-2015-10001.json deleted file mode 100644 index 12d243005eb..00000000000 --- a/2015/10xxx/CVE-2015-10001.json +++ /dev/null @@ -1,80 +0,0 @@ -{ - "CVE_data_meta": { - "ID": "CVE-2015-10001", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "WP-Stats < 2.5.2 - CSRF to Stored Cross-Site Scripting (XSS)" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "WP-Stats", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "2.52", - "version_value": "2.52" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The WP-Stats WordPress plugin before 2.52 does not have CSRF check when saving its settings, and did not escape some of them when outputting them, allowing attacker to make logged in high privilege users change them and set Cross-Site Scripting payloads" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/f5c3dfea-7203-4a98-88ff-aa6a24d03734", - "name": "https://wpscan.com/vulnerability/f5c3dfea-7203-4a98-88ff-aa6a24d03734" - }, - { - "refsource": "MISC", - "url": "https://www.openwall.com/lists/oss-security/2015/06/17/6", - "name": "https://www.openwall.com/lists/oss-security/2015/06/17/6" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-352 Cross-Site Request Forgery (CSRF)", - "lang": "eng" - } - ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "Sebastian Wolfgang Kraemer" - } - ], - "source": { - "discovery": "EXTERNAL" - } -} diff --git a/2015/1xxx/CVE-2015-1789.json b/2015/1xxx/CVE-2015-1789.json index acb4daa3df1..6496bdd86cd 100644 --- a/2015/1xxx/CVE-2015-1789.json +++ b/2015/1xxx/CVE-2015-1789.json @@ -321,11 +321,6 @@ "name": "HPSBGN03371", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=143654156615516&w=2" - }, - { - "refsource": "MISC", - "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1144-security-advisory-11", - "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1144-security-advisory-11" } ] } diff --git a/2015/1xxx/CVE-2015-1790.json b/2015/1xxx/CVE-2015-1790.json index 5e1e9ca8843..b9e4642bcf2 100644 --- a/2015/1xxx/CVE-2015-1790.json +++ b/2015/1xxx/CVE-2015-1790.json @@ -311,11 +311,6 @@ "name": "HPSBGN03371", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=143654156615516&w=2" - }, - { - "refsource": "MISC", - "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1144-security-advisory-11", - "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1144-security-advisory-11" } ] } diff --git a/2015/1xxx/CVE-2015-1791.json b/2015/1xxx/CVE-2015-1791.json index a7da868e6c9..edff44f1c8a 100644 --- a/2015/1xxx/CVE-2015-1791.json +++ b/2015/1xxx/CVE-2015-1791.json @@ -296,11 +296,6 @@ "name": "https://www.openssl.org/news/secadv_20150611.txt", "refsource": "CONFIRM", "url": "https://www.openssl.org/news/secadv_20150611.txt" - }, - { - "refsource": "MISC", - "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1144-security-advisory-11", - "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1144-security-advisory-11" } ] } diff --git a/2015/20xxx/CVE-2015-20019.json b/2015/20xxx/CVE-2015-20019.json index fbc7a679e31..037586f2307 100644 --- a/2015/20xxx/CVE-2015-20019.json +++ b/2015/20xxx/CVE-2015-20019.json @@ -1,85 +1,18 @@ { + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2015-20019", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Content text slider on post < 6.9 - Authenticated Stored Cross-Site Scripting (XSS)" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Content text slider on post", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "6.9", - "version_value": "6.9" - } - ] - } - } - ] - } - } - ] - } + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "The Content text slider on post WordPress plugin before 6.9 does not sanitise and escape the Title and Message/Content settings, which could lead to Cross-Site Scripting issues" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://seclists.org/bugtraq/2015/Dec/124", - "name": "https://seclists.org/bugtraq/2015/Dec/124" - }, - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/4f92b211-e09c-4ed0-bc98-27e0b51b1f86", - "name": "https://wpscan.com/vulnerability/4f92b211-e09c-4ed0-bc98-27e0b51b1f86" - }, - { - "refsource": "CONFIRM", - "url": "https://plugins.trac.wordpress.org/changeset/1393044/content-text-slider-on-post", - "name": "https://plugins.trac.wordpress.org/changeset/1393044/content-text-slider-on-post" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-79 Cross-site Scripting (XSS)", - "lang": "eng" - } - ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "ALIREZA_PROMIS" - } - ], - "source": { - "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2015/20xxx/CVE-2015-20067.json b/2015/20xxx/CVE-2015-20067.json index 92374a9d225..35f787c87a5 100644 --- a/2015/20xxx/CVE-2015-20067.json +++ b/2015/20xxx/CVE-2015-20067.json @@ -1,85 +1,18 @@ { + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2015-20067", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "WP Attachment Export < 0.2.4 - Unauthenticated Posts Download" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "WP Attachment Export", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "0.2.4", - "version_value": "0.2.4" - } - ] - } - } - ] - } - } - ] - } + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "The WP Attachment Export WordPress plugin before 0.2.4 does not have proper access controls, allowing unauthenticated users to download the XML data that holds all the details of attachments/posts on a Wordpress" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://seclists.org/fulldisclosure/2015/Jul/73", - "name": "https://seclists.org/fulldisclosure/2015/Jul/73" - }, - { - "refsource": "MISC", - "url": "https://github.com/espreto/wpsploit/blob/master/modules/auxiliary/scanner/http/wp_attachment_export_file_download.rb", - "name": "https://github.com/espreto/wpsploit/blob/master/modules/auxiliary/scanner/http/wp_attachment_export_file_download.rb" - }, - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/d1a9ed65-baf3-4c85-b077-1f37d8c7793a", - "name": "https://wpscan.com/vulnerability/d1a9ed65-baf3-4c85-b077-1f37d8c7793a" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-862 Missing Authorization", - "lang": "eng" - } - ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "Nitin Venkatesh" - } - ], - "source": { - "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3456.json b/2015/3xxx/CVE-2015-3456.json index 99b6f11d373..6e7369033f4 100644 --- a/2015/3xxx/CVE-2015-3456.json +++ b/2015/3xxx/CVE-2015-3456.json @@ -291,11 +291,6 @@ "name": "RHSA-2015:1000", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-1000.html" - }, - { - "refsource": "MISC", - "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1128-security-advisory-10", - "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1128-security-advisory-10" } ] } diff --git a/2015/5xxx/CVE-2015-5278.json b/2015/5xxx/CVE-2015-5278.json index 8dc15b3aead..197290d536a 100644 --- a/2015/5xxx/CVE-2015-5278.json +++ b/2015/5xxx/CVE-2015-5278.json @@ -86,11 +86,6 @@ "refsource": "MISC", "name": "http://www.openwall.com/lists/oss-security/2015/09/15/2", "url": "http://www.openwall.com/lists/oss-security/2015/09/15/2" - }, - { - "refsource": "MISC", - "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1188-security-advisory-14", - "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1188-security-advisory-14" } ] } diff --git a/2015/5xxx/CVE-2015-5279.json b/2015/5xxx/CVE-2015-5279.json index 0ad04551bf0..6a84318bec0 100644 --- a/2015/5xxx/CVE-2015-5279.json +++ b/2015/5xxx/CVE-2015-5279.json @@ -136,11 +136,6 @@ "name": "GLSA-201602-01", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201602-01" - }, - { - "refsource": "MISC", - "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1188-security-advisory-14", - "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1188-security-advisory-14" } ] } diff --git a/2015/5xxx/CVE-2015-5600.json b/2015/5xxx/CVE-2015-5600.json index 56c3e2c5f0f..f324c4c9eeb 100644 --- a/2015/5xxx/CVE-2015-5600.json +++ b/2015/5xxx/CVE-2015-5600.json @@ -206,11 +206,6 @@ "name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" - }, - { - "refsource": "MISC", - "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1174-security-advisory-12", - "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1174-security-advisory-12" } ] } diff --git a/2015/6xxx/CVE-2015-6815.json b/2015/6xxx/CVE-2015-6815.json index d3de9dfc9ec..b6492338543 100644 --- a/2015/6xxx/CVE-2015-6815.json +++ b/2015/6xxx/CVE-2015-6815.json @@ -111,11 +111,6 @@ "refsource": "CONFIRM", "name": "https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg05832.html", "url": "https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg05832.html" - }, - { - "refsource": "MISC", - "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1188-security-advisory-14", - "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1188-security-advisory-14" } ] } diff --git a/2015/6xxx/CVE-2015-6855.json b/2015/6xxx/CVE-2015-6855.json index 12476054948..9826f35a737 100644 --- a/2015/6xxx/CVE-2015-6855.json +++ b/2015/6xxx/CVE-2015-6855.json @@ -126,11 +126,6 @@ "name": "GLSA-201602-01", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201602-01" - }, - { - "refsource": "MISC", - "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1188-security-advisory-14", - "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1188-security-advisory-14" } ] } diff --git a/2015/7xxx/CVE-2015-7704.json b/2015/7xxx/CVE-2015-7704.json index cad5d1309d4..c5189ec5682 100644 --- a/2015/7xxx/CVE-2015-7704.json +++ b/2015/7xxx/CVE-2015-7704.json @@ -146,11 +146,6 @@ "refsource": "CONFIRM", "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10284", "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10284" - }, - { - "refsource": "MISC", - "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1212-security-advisory-0016", - "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1212-security-advisory-0016" } ] } diff --git a/2015/7xxx/CVE-2015-7705.json b/2015/7xxx/CVE-2015-7705.json index 452bc938310..f9231ea4ea9 100644 --- a/2015/7xxx/CVE-2015-7705.json +++ b/2015/7xxx/CVE-2015-7705.json @@ -226,11 +226,6 @@ "refsource": "MISC", "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11", "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11" - }, - { - "refsource": "MISC", - "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1212-security-advisory-0016", - "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1212-security-advisory-0016" } ] } diff --git a/2015/8xxx/CVE-2015-8138.json b/2015/8xxx/CVE-2015-8138.json index 44013a06082..d669df20c36 100644 --- a/2015/8xxx/CVE-2015-8138.json +++ b/2015/8xxx/CVE-2015-8138.json @@ -206,11 +206,6 @@ "refsource": "CONFIRM", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf" - }, - { - "refsource": "MISC", - "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1332-security-advisory-19", - "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1332-security-advisory-19" } ] } diff --git a/2016/1xxx/CVE-2016-1516.json b/2016/1xxx/CVE-2016-1516.json index b9267c9a8eb..d240cdde641 100644 --- a/2016/1xxx/CVE-2016-1516.json +++ b/2016/1xxx/CVE-2016-1516.json @@ -66,11 +66,6 @@ "name": "https://arxiv.org/pdf/1701.04739.pdf", "refsource": "MISC", "url": "https://arxiv.org/pdf/1701.04739.pdf" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211030 [SECURITY] [DLA 2799-1] opencv security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html" } ] } diff --git a/2016/1xxx/CVE-2016-1547.json b/2016/1xxx/CVE-2016-1547.json index c438a0ba64b..c9d089faa1a 100644 --- a/2016/1xxx/CVE-2016-1547.json +++ b/2016/1xxx/CVE-2016-1547.json @@ -141,11 +141,6 @@ "refsource": "CONFIRM", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf" - }, - { - "refsource": "MISC", - "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1332-security-advisory-19", - "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1332-security-advisory-19" } ] } diff --git a/2016/1xxx/CVE-2016-1548.json b/2016/1xxx/CVE-2016-1548.json index 016a0b3f1f7..fd5a44e55f8 100644 --- a/2016/1xxx/CVE-2016-1548.json +++ b/2016/1xxx/CVE-2016-1548.json @@ -233,11 +233,6 @@ "refsource": "MISC", "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11", "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11" - }, - { - "refsource": "MISC", - "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1332-security-advisory-19", - "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1332-security-advisory-19" } ] } diff --git a/2016/1xxx/CVE-2016-1550.json b/2016/1xxx/CVE-2016-1550.json index ca31b94feab..d9c9c097f30 100644 --- a/2016/1xxx/CVE-2016-1550.json +++ b/2016/1xxx/CVE-2016-1550.json @@ -236,11 +236,6 @@ "refsource": "MISC", "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11", "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11" - }, - { - "refsource": "MISC", - "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1332-security-advisory-19", - "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1332-security-advisory-19" } ] } diff --git a/2016/2xxx/CVE-2016-2177.json b/2016/2xxx/CVE-2016-2177.json index 9a769fc14b0..bb7fcff6b6a 100644 --- a/2016/2xxx/CVE-2016-2177.json +++ b/2016/2xxx/CVE-2016-2177.json @@ -236,136 +236,6 @@ "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", "refsource": "CONFIRM", "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759" - }, - { - "refsource": "MLIST", - "name": "[oss-security] 20160608 CVE-2016-2177: OpenSSL undefined pointer arithmetic", - "url": "http://www.openwall.com/lists/oss-security/2016/06/08/9" - }, - { - "refsource": "CONFIRM", - "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10215", - "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10215" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2017:2700", - "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.html" - }, - { - "refsource": "UBUNTU", - "name": "USN-3087-1", - "url": "http://www.ubuntu.com/usn/USN-3087-1" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2469", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.html" - }, - { - "refsource": "CISCO", - "name": "20160927 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016", - "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160927-openssl" - }, - { - "refsource": "SUSE", - "name": "openSUSE-SU-2016:2537", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00029.html" - }, - { - "refsource": "UBUNTU", - "name": "USN-3087-2", - "url": "http://www.ubuntu.com/usn/USN-3087-2" - }, - { - "refsource": "BUGTRAQ", - "name": "20170801 [security bulletin] HPESBHF03763 rev.1 - HPE Comware 7, IMC, VCX products using OpenSSL, Remote Denial of Service (DoS)", - "url": "http://www.securityfocus.com/archive/1/540957/100/0/threaded" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2017:2699", - "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.html" - }, - { - "refsource": "BUGTRAQ", - "name": "20170801 [security bulletin] HPESBHF03763 rev.1 - HPE Comware 7, IMC, VCX products using OpenSSL, Remote Denial of Service (DoS)", - "url": "http://www.securityfocus.com/archive/1/archive/1/540957/100/0/threaded" - }, - { - "refsource": "SUSE", - "name": "openSUSE-SU-2016:2407", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.html" - }, - { - "refsource": "FULLDISC", - "name": "20170717 Orion Elite Hidden IP Browser Pro - All Versions - Multiple Known Vulnerabilities", - "url": "http://seclists.org/fulldisclosure/2017/Jul/31" - }, - { - "refsource": "UBUNTU", - "name": "USN-3181-1", - "url": "http://www.ubuntu.com/usn/USN-3181-1" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2458", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.html" - }, - { - "refsource": "CONFIRM", - "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en&docId=emr_na-hpesbhf03856en_us", - "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en&docId=emr_na-hpesbhf03856en_us" - }, - { - "refsource": "CONFIRM", - "name": "https://support.f5.com/csp/article/K23873366", - "url": "https://support.f5.com/csp/article/K23873366" - }, - { - "refsource": "DEBIAN", - "name": "DSA-3673", - "url": "http://www.debian.org/security/2016/dsa-3673" - }, - { - "refsource": "SUSE", - "name": "openSUSE-SU-2016:2391", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.html" - }, - { - "refsource": "SUSE", - "name": "openSUSE-SU-2018:0458", - "url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00032.html" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2387", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.html" - }, - { - "refsource": "CONFIRM", - "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05302448", - "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05302448" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2468", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.html" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2394", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.html" - }, - { - "refsource": "CONFIRM", - "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en", - "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en" - }, - { - "refsource": "MISC", - "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24", - "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24" } ] } diff --git a/2016/2xxx/CVE-2016-2178.json b/2016/2xxx/CVE-2016-2178.json index a707224722a..9ce7a6534dd 100644 --- a/2016/2xxx/CVE-2016-2178.json +++ b/2016/2xxx/CVE-2016-2178.json @@ -231,166 +231,6 @@ "name": "http://eprint.iacr.org/2016/594.pdf", "refsource": "MISC", "url": "http://eprint.iacr.org/2016/594.pdf" - }, - { - "refsource": "CONFIRM", - "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10215", - "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10215" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2017:2700", - "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.html" - }, - { - "refsource": "UBUNTU", - "name": "USN-3087-1", - "url": "http://www.ubuntu.com/usn/USN-3087-1" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2469", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.html" - }, - { - "refsource": "CISCO", - "name": "20160927 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016", - "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160927-openssl" - }, - { - "refsource": "MLIST", - "name": "[oss-security] 20160608 Re: CVE-2016-2178: OpenSSL DSA follows a non-constant time codepath for certain operations", - "url": "http://www.openwall.com/lists/oss-security/2016/06/08/8" - }, - { - "refsource": "MLIST", - "name": "[oss-security] 20160608 Re: CVE-2016-2178: OpenSSL DSA follows a non-constant time codepath for certain operations", - "url": "http://www.openwall.com/lists/oss-security/2016/06/08/4" - }, - { - "refsource": "SUSE", - "name": "openSUSE-SU-2016:2537", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00029.html" - }, - { - "refsource": "MLIST", - "name": "[oss-security] 20160608 Re: CVE-2016-2178: OpenSSL DSA follows a non-constant time codepath for certain operations", - "url": "http://www.openwall.com/lists/oss-security/2016/06/08/6" - }, - { - "refsource": "CONFIRM", - "name": "https://support.f5.com/csp/article/K53084033", - "url": "https://support.f5.com/csp/article/K53084033" - }, - { - "refsource": "UBUNTU", - "name": "USN-3087-2", - "url": "http://www.ubuntu.com/usn/USN-3087-2" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2017:2699", - "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.html" - }, - { - "refsource": "SUSE", - "name": "openSUSE-SU-2016:2407", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.html" - }, - { - "refsource": "FULLDISC", - "name": "20170717 Orion Elite Hidden IP Browser Pro - All Versions - Multiple Known Vulnerabilities", - "url": "http://seclists.org/fulldisclosure/2017/Jul/31" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2458", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.html" - }, - { - "refsource": "CONFIRM", - "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en&docId=emr_na-hpesbhf03856en_us", - "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en&docId=emr_na-hpesbhf03856en_us" - }, - { - "refsource": "MLIST", - "name": "[oss-security] 20160608 Re: CVE-2016-2178: OpenSSL DSA follows a non-constant time codepath for certain operations", - "url": "http://www.openwall.com/lists/oss-security/2016/06/08/10" - }, - { - "refsource": "MLIST", - "name": "[oss-security] 20160608 Re: CVE-2016-2178: OpenSSL DSA follows a non-constant time codepath for certain operations", - "url": "http://www.openwall.com/lists/oss-security/2016/06/08/11" - }, - { - "refsource": "MLIST", - "name": "[oss-security] 20160608 Re: CVE-2016-2178: OpenSSL DSA follows a non-constant time codepath for certain operations", - "url": "http://www.openwall.com/lists/oss-security/2016/06/08/5" - }, - { - "refsource": "DEBIAN", - "name": "DSA-3673", - "url": "http://www.debian.org/security/2016/dsa-3673" - }, - { - "refsource": "SUSE", - "name": "openSUSE-SU-2016:2391", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.html" - }, - { - "refsource": "SUSE", - "name": "openSUSE-SU-2018:0458", - "url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00032.html" - }, - { - "refsource": "MLIST", - "name": "[oss-security] 20160608 Re: CVE-2016-2178: OpenSSL DSA follows a non-constant time codepath for certain operations", - "url": "http://www.openwall.com/lists/oss-security/2016/06/08/12" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2387", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.html" - }, - { - "refsource": "CONFIRM", - "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05302448", - "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05302448" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2468", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.html" - }, - { - "refsource": "SUSE", - "name": "openSUSE-SU-2016:2496", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00021.html" - }, - { - "refsource": "MLIST", - "name": "[oss-security] 20160608 Re: CVE-2016-2178: OpenSSL DSA follows a non-constant time codepath for certain operations", - "url": "http://www.openwall.com/lists/oss-security/2016/06/08/7" - }, - { - "refsource": "MLIST", - "name": "[oss-security] 20160609 Re: CVE-2016-2178: OpenSSL DSA follows a non-constant time codepath for certain operations", - "url": "http://www.openwall.com/lists/oss-security/2016/06/09/2" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2394", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.html" - }, - { - "refsource": "CONFIRM", - "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en", - "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en" - }, - { - "refsource": "MISC", - "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24", - "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24" } ] } diff --git a/2016/2xxx/CVE-2016-2181.json b/2016/2xxx/CVE-2016-2181.json index 559a07af6cf..f5880b5887a 100644 --- a/2016/2xxx/CVE-2016-2181.json +++ b/2016/2xxx/CVE-2016-2181.json @@ -156,101 +156,6 @@ "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", "refsource": "CONFIRM", "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759" - }, - { - "refsource": "CONFIRM", - "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10215", - "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10215" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2017:2700", - "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.html" - }, - { - "refsource": "UBUNTU", - "name": "USN-3087-1", - "url": "http://www.ubuntu.com/usn/USN-3087-1" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2469", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.html" - }, - { - "refsource": "SUSE", - "name": "openSUSE-SU-2016:2537", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00029.html" - }, - { - "refsource": "UBUNTU", - "name": "USN-3087-2", - "url": "http://www.ubuntu.com/usn/USN-3087-2" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2017:2699", - "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.html" - }, - { - "refsource": "SUSE", - "name": "openSUSE-SU-2016:2407", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.html" - }, - { - "refsource": "FULLDISC", - "name": "20170717 Orion Elite Hidden IP Browser Pro - All Versions - Multiple Known Vulnerabilities", - "url": "http://seclists.org/fulldisclosure/2017/Jul/31" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2458", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.html" - }, - { - "refsource": "CONFIRM", - "name": "https://support.f5.com/csp/article/K59298921", - "url": "https://support.f5.com/csp/article/K59298921" - }, - { - "refsource": "DEBIAN", - "name": "DSA-3673", - "url": "http://www.debian.org/security/2016/dsa-3673" - }, - { - "refsource": "SUSE", - "name": "openSUSE-SU-2016:2391", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.html" - }, - { - "refsource": "SUSE", - "name": "openSUSE-SU-2018:0458", - "url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00032.html" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2387", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.html" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2468", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.html" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2394", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.html" - }, - { - "refsource": "CONFIRM", - "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en", - "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en" - }, - { - "refsource": "MISC", - "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24", - "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24" } ] } diff --git a/2016/2xxx/CVE-2016-2182.json b/2016/2xxx/CVE-2016-2182.json index b052bfdc3fc..e27a47ca516 100644 --- a/2016/2xxx/CVE-2016-2182.json +++ b/2016/2xxx/CVE-2016-2182.json @@ -87,11 +87,6 @@ "refsource": "BID", "url": "http://www.securityfocus.com/bid/92557" }, - { - "refsource": "CONFIRM", - "name": "https://source.android.com/security/bulletin/2017-03-01", - "url": "https://source.android.com/security/bulletin/2017-03-01" - }, { "name": "1037968", "refsource": "SECTRACK", @@ -201,111 +196,6 @@ "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", "refsource": "CONFIRM", "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759" - }, - { - "refsource": "CONFIRM", - "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10215", - "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10215" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2017:2700", - "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.html" - }, - { - "refsource": "UBUNTU", - "name": "USN-3087-1", - "url": "http://www.ubuntu.com/usn/USN-3087-1" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2469", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.html" - }, - { - "refsource": "SUSE", - "name": "openSUSE-SU-2016:2537", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00029.html" - }, - { - "refsource": "UBUNTU", - "name": "USN-3087-2", - "url": "http://www.ubuntu.com/usn/USN-3087-2" - }, - { - "refsource": "CONFIRM", - "name": "https://support.f5.com/csp/article/K01276005", - "url": "https://support.f5.com/csp/article/K01276005" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2017:2699", - "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.html" - }, - { - "refsource": "SUSE", - "name": "openSUSE-SU-2016:2407", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.html" - }, - { - "refsource": "FULLDISC", - "name": "20170717 Orion Elite Hidden IP Browser Pro - All Versions - Multiple Known Vulnerabilities", - "url": "http://seclists.org/fulldisclosure/2017/Jul/31" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2458", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.html" - }, - { - "refsource": "CONFIRM", - "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en&docId=emr_na-hpesbhf03856en_us", - "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en&docId=emr_na-hpesbhf03856en_us" - }, - { - "refsource": "DEBIAN", - "name": "DSA-3673", - "url": "http://www.debian.org/security/2016/dsa-3673" - }, - { - "refsource": "SUSE", - "name": "openSUSE-SU-2016:2391", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.html" - }, - { - "refsource": "SUSE", - "name": "openSUSE-SU-2018:0458", - "url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00032.html" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2387", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.html" - }, - { - "refsource": "CONFIRM", - "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05302448", - "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05302448" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2468", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.html" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2394", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.html" - }, - { - "refsource": "CONFIRM", - "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en", - "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en" - }, - { - "refsource": "MISC", - "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24", - "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24" } ] } diff --git a/2016/2xxx/CVE-2016-2183.json b/2016/2xxx/CVE-2016-2183.json index b3184691553..8069b6317b1 100644 --- a/2016/2xxx/CVE-2016-2183.json +++ b/2016/2xxx/CVE-2016-2183.json @@ -62,51 +62,16 @@ "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2017-0338.html" }, - { - "name": "https://www.tenable.com/security/tns-2016-20", - "refsource": "CONFIRM", - "url": "https://www.tenable.com/security/tns-2016-20" - }, - { - "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03765en_us", - "refsource": "CONFIRM", - "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03765en_us" - }, { "name": "GLSA-201612-16", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201612-16" }, - { - "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05369403", - "refsource": "CONFIRM", - "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05369403" - }, - { - "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680", - "refsource": "CONFIRM", - "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680" - }, - { - "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312", - "refsource": "CONFIRM", - "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312" - }, - { - "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05369415", - "refsource": "CONFIRM", - "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05369415" - }, { "name": "RHSA-2017:3240", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:3240" }, - { - "name": "https://www.tenable.com/security/tns-2016-16", - "refsource": "CONFIRM", - "url": "https://www.tenable.com/security/tns-2016-16" - }, { "name": "RHSA-2017:2709", "refsource": "REDHAT", @@ -117,56 +82,21 @@ "refsource": "BID", "url": "http://www.securityfocus.com/bid/92630" }, - { - "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05349499", - "refsource": "CONFIRM", - "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05349499" - }, - { - "name": "https://www.tenable.com/security/tns-2016-21", - "refsource": "CONFIRM", - "url": "https://www.tenable.com/security/tns-2016-21" - }, - { - "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10171", - "refsource": "CONFIRM", - "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10171" - }, { "name": "RHSA-2017:3239", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:3239" }, - { - "refsource": "EXPLOIT-DB", - "name": "42091", - "url": "https://www.exploit-db.com/exploits/42091/" - }, { "name": "GLSA-201701-65", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201701-65" }, - { - "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", - "refsource": "CONFIRM", - "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" - }, { "name": "1036696", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036696" }, - { - "name": "https://security.netapp.com/advisory/ntap-20160915-0001/", - "refsource": "CONFIRM", - "url": "https://security.netapp.com/advisory/ntap-20160915-0001/" - }, - { - "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03725en_us", - "refsource": "CONFIRM", - "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03725en_us" - }, { "name": "GLSA-201707-01", "refsource": "GENTOO", @@ -182,51 +112,16 @@ "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:3114" }, - { - "name": "https://bto.bluecoat.com/security-advisory/sa133", - "refsource": "CONFIRM", - "url": "https://bto.bluecoat.com/security-advisory/sa133" - }, - { - "name": "https://www.tenable.com/security/tns-2017-09", - "refsource": "CONFIRM", - "url": "https://www.tenable.com/security/tns-2017-09" - }, - { - "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390849", - "refsource": "CONFIRM", - "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390849" - }, - { - "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05323116", - "refsource": "CONFIRM", - "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05323116" - }, { "name": "RHSA-2017:1216", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:1216" }, - { - "refsource": "CONFIRM", - "name": "https://wiki.opendaylight.org/view/Security_Advisories", - "url": "https://wiki.opendaylight.org/view/Security_Advisories" - }, { "name": "RHSA-2017:2710", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2710" }, - { - "name": "https://security.netapp.com/advisory/ntap-20170119-0001/", - "refsource": "CONFIRM", - "url": "https://security.netapp.com/advisory/ntap-20170119-0001/" - }, - { - "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05309984", - "refsource": "CONFIRM", - "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05309984" - }, { "name": "[tls] 20091120 RC4+3DES rekeying - long-lived TLS connections", "refsource": "MLIST", @@ -257,291 +152,11 @@ "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html" }, - { - "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388", - "refsource": "CONFIRM", - "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388" - }, { "name": "RHSA-2017:0462", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2017-0462.html" }, - { - "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05302448", - "refsource": "CONFIRM", - "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05302448" - }, - { - "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", - "refsource": "CONFIRM", - "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759" - }, - { - "refsource": "CONFIRM", - "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10215", - "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10215" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2017:2700", - "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.html" - }, - { - "refsource": "BUGTRAQ", - "name": "20170329 [security bulletin] HPESBUX03725 rev.1 - HPE HP-UX Web Server Suite running Apache, Multiple Vulnerabilities", - "url": "http://www.securityfocus.com/archive/1/540341/100/0/threaded" - }, - { - "refsource": "UBUNTU", - "name": "USN-3087-1", - "url": "http://www.ubuntu.com/usn/USN-3087-1" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2469", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.html" - }, - { - "refsource": "CONFIRM", - "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05385680", - "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05385680" - }, - { - "refsource": "SUSE", - "name": "openSUSE-SU-2016:2537", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00029.html" - }, - { - "refsource": "BUGTRAQ", - "name": "20161207 [security bulletin] HPSBHF03674 rev.1 HPE Comware 5 and Comware 7 Network Products using SSL/TLS, Remote Disclosure of Information", - "url": "http://www.securityfocus.com/archive/1/archive/1/539885/100/0/threaded" - }, - { - "refsource": "UBUNTU", - "name": "USN-3087-2", - "url": "http://www.ubuntu.com/usn/USN-3087-2" - }, - { - "refsource": "BUGTRAQ", - "name": "20180510 [security bulletin] MFSBGN03805 - HP Service Manager, Remote Disclosure of Information", - "url": "http://www.securityfocus.com/archive/1/archive/1/542005/100/0/threaded" - }, - { - "refsource": "CONFIRM", - "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10197", - "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10197" - }, - { - "refsource": "CONFIRM", - "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10186", - "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10186" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2017:2699", - "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.html" - }, - { - "refsource": "BUGTRAQ", - "name": "20170831 [security bulletin] HPESBGN03765 rev.2 - HPE LoadRunner and HPE Performance Center, Remote Disclosure of Information", - "url": "http://www.securityfocus.com/archive/1/archive/1/541104/100/0/threaded" - }, - { - "refsource": "CONFIRM", - "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05390849", - "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05390849" - }, - { - "refsource": "SUSE", - "name": "openSUSE-SU-2016:2407", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.html" - }, - { - "refsource": "CONFIRM", - "name": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03158613", - "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03158613" - }, - { - "refsource": "FULLDISC", - "name": "20170717 Orion Elite Hidden IP Browser Pro - All Versions - Multiple Known Vulnerabilities", - "url": "http://seclists.org/fulldisclosure/2017/Jul/31" - }, - { - "refsource": "UBUNTU", - "name": "USN-3194-1", - "url": "http://www.ubuntu.com/usn/USN-3194-1" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2458", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.html" - }, - { - "refsource": "BUGTRAQ", - "name": "20181113 [security bulletin] MFSBGN03831 rev. - Service Management Automation, remote disclosure of information", - "url": "https://seclists.org/bugtraq/2018/Nov/21" - }, - { - "refsource": "CONFIRM", - "name": "https://support.f5.com/csp/article/K13167034", - "url": "https://support.f5.com/csp/article/K13167034" - }, - { - "refsource": "CONFIRM", - "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05390722", - "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05390722" - }, - { - "refsource": "BUGTRAQ", - "name": "20180510 [security bulletin] MFSBGN03805 - HP Service Manager, Remote Disclosure of Information", - "url": "http://www.securityfocus.com/archive/1/542005/100/0/threaded" - }, - { - "refsource": "DEBIAN", - "name": "DSA-3673", - "url": "http://www.debian.org/security/2016/dsa-3673" - }, - { - "refsource": "SUSE", - "name": "openSUSE-SU-2016:2391", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.html" - }, - { - "refsource": "UBUNTU", - "name": "USN-3372-1", - "url": "http://www.ubuntu.com/usn/USN-3372-1" - }, - { - "refsource": "SUSE", - "name": "openSUSE-SU-2018:0458", - "url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00032.html" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2017:0460", - "url": "http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00023.html" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2017:0490", - "url": "http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00028.html" - }, - { - "refsource": "UBUNTU", - "name": "USN-3270-1", - "url": "http://www.ubuntu.com/usn/USN-3270-1" - }, - { - "refsource": "BUGTRAQ", - "name": "20170214 [security bulletin] HPESBGN03697 rev.1 - HPE Business Service Management (BSM), Remote Disclosure of Information", - "url": "http://www.securityfocus.com/archive/1/archive/1/540129/100/0/threaded" - }, - { - "refsource": "CONFIRM", - "name": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03286178", - "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03286178" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2387", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.html" - }, - { - "refsource": "FULLDISC", - "name": "20170529 SSD Advisory - IBM Informix Dynamic Server and Informix Open Admin Tool Multiple Vulnerabilities", - "url": "http://seclists.org/fulldisclosure/2017/May/105" - }, - { - "refsource": "SUSE", - "name": "openSUSE-SU-2017:0513", - "url": "http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00032.html" - }, - { - "refsource": "CONFIRM", - "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05302448", - "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05302448" - }, - { - "refsource": "BUGTRAQ", - "name": "20161207 [security bulletin] HPSBHF03674 rev.1 HPE Comware 5 and Comware 7 Network Products using SSL/TLS, Remote Disclosure of Information", - "url": "http://www.securityfocus.com/archive/1/539885/100/0/threaded" - }, - { - "refsource": "SUSE", - "name": "openSUSE-SU-2017:0374", - "url": "http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00003.html" - }, - { - "refsource": "CONFIRM", - "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05369415", - "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05369415" - }, - { - "refsource": "MISC", - "name": "http://packetstormsecurity.com/files/142756/IBM-Informix-Dynamic-Server-DLL-Injection-Code-Execution.html", - "url": "http://packetstormsecurity.com/files/142756/IBM-Informix-Dynamic-Server-DLL-Injection-Code-Execution.html" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2468", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.html" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2017:0346", - "url": "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00068.html" - }, - { - "refsource": "SUSE", - "name": "openSUSE-SU-2016:2496", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00021.html" - }, - { - "refsource": "UBUNTU", - "name": "USN-3198-1", - "url": "http://www.ubuntu.com/usn/USN-3198-1" - }, - { - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2017/May/105", - "url": "http://seclists.org/fulldisclosure/2017/May/105" - }, - { - "refsource": "CONFIRM", - "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05369403", - "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05369403" - }, - { - "refsource": "BUGTRAQ", - "name": "20170831 [security bulletin] HPESBGN03765 rev.2 - HPE LoadRunner and HPE Performance Center, Remote Disclosure of Information", - "url": "http://www.securityfocus.com/archive/1/541104/100/0/threaded" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2017:1444", - "url": "http://lists.opensuse.org/opensuse-security-announce/2017-05/msg00076.html" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2394", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.html" - }, - { - "refsource": "BUGTRAQ", - "name": "20170329 [security bulletin] HPESBUX03725 rev.1 - HPE HP-UX Web Server Suite running Apache, Multiple Vulnerabilities", - "url": "http://www.securityfocus.com/archive/1/archive/1/540341/100/0/threaded" - }, - { - "refsource": "UBUNTU", - "name": "USN-3179-1", - "url": "http://www.ubuntu.com/usn/USN-3179-1" - }, - { - "refsource": "CONFIRM", - "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en", - "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en" - }, { "refsource": "REDHAT", "name": "RHSA-2019:1245", @@ -557,11 +172,6 @@ "name": "RHSA-2020:0451", "url": "https://access.redhat.com/errata/RHSA-2020:0451" }, - { - "refsource": "CONFIRM", - "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10310", - "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10310" - }, { "url": "https://www.oracle.com/security-alerts/cpuapr2020.html", "refsource": "MISC", @@ -836,11 +446,6 @@ "url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpuoct2021.html" - }, - { - "refsource": "MISC", - "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24", - "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24" } ] } diff --git a/2016/5xxx/CVE-2016-5017.json b/2016/5xxx/CVE-2016-5017.json index ce10e01eec9..77b8f2e80b9 100644 --- a/2016/5xxx/CVE-2016-5017.json +++ b/2016/5xxx/CVE-2016-5017.json @@ -106,11 +106,6 @@ "name": "https://git-wip-us.apache.org/repos/asf?p=zookeeper.git;a=commitdiff;h=f09154d6648eeb4ec5e1ac8a2bacbd2f8c87c14a", "refsource": "CONFIRM", "url": "https://git-wip-us.apache.org/repos/asf?p=zookeeper.git;a=commitdiff;h=f09154d6648eeb4ec5e1ac8a2bacbd2f8c87c14a" - }, - { - "refsource": "MLIST", - "name": "[dubbo-notifications] 20211101 [GitHub] [dubbo] AlbumenJ opened a new issue #9177: Upgrade Zookeeper dependency", - "url": "https://lists.apache.org/thread.html/r4b743f407244294f316325458ccaabfce9cd70ca3a6423dbe574035c@%3Cnotifications.dubbo.apache.org%3E" } ] } diff --git a/2016/5xxx/CVE-2016-5195.json b/2016/5xxx/CVE-2016-5195.json index 24f23b4fbef..b38bc7a9265 100644 --- a/2016/5xxx/CVE-2016-5195.json +++ b/2016/5xxx/CVE-2016-5195.json @@ -292,346 +292,6 @@ "refsource": "CONFIRM", "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10176" }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2635", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00055.html" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2659", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00067.html" - }, - { - "refsource": "MLIST", - "name": "[oss-security] 20161027 CVE-2016-5195 test case", - "url": "http://www.openwall.com/lists/oss-security/2016/10/27/13" - }, - { - "refsource": "UBUNTU", - "name": "USN-3106-2", - "url": "http://www.ubuntu.com/usn/USN-3106-2" - }, - { - "refsource": "SUSE", - "name": "openSUSE-SU-2016:2583", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00034.html" - }, - { - "refsource": "MISC", - "name": "http://packetstormsecurity.com/files/139277/Kernel-Live-Patch-Security-Notice-LSN-0012-1.html", - "url": "http://packetstormsecurity.com/files/139277/Kernel-Live-Patch-Security-Notice-LSN-0012-1.html" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2633", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00053.html" - }, - { - "refsource": "CONFIRM", - "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161207-01-dirtycow-en", - "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161207-01-dirtycow-en" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2638", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00058.html" - }, - { - "refsource": "SUSE", - "name": "openSUSE-SU-2016:2584", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00035.html" - }, - { - "refsource": "MISC", - "name": "http://packetstormsecurity.com/files/142151/Kernel-Live-Patch-Security-Notice-LSN-0021-1.html", - "url": "http://packetstormsecurity.com/files/142151/Kernel-Live-Patch-Security-Notice-LSN-0021-1.html" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2658", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00066.html" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2631", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00051.html" - }, - { - "refsource": "UBUNTU", - "name": "USN-3106-3", - "url": "http://www.ubuntu.com/usn/USN-3106-3" - }, - { - "refsource": "CONFIRM", - "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05352241", - "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05352241" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2655", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00064.html" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2016-c3558808cd", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W3APRVDVPDBXLH4DC5UKZVCR742MJIM3/" - }, - { - "refsource": "BUGTRAQ", - "name": "20170615 [security bulletin] HPESBGN03761 rev.1 - HPE Virtualization Performance Viewer (VPV)/ Cloud Optimizer using Linux, Remote Escalation of Privilege", - "url": "http://www.securityfocus.com/archive/1/archive/1/540736/100/0/threaded" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2637", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00057.html" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2596", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00040.html" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2634", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00054.html" - }, - { - "refsource": "CISCO", - "name": "20181107 Cisco TelePresence Video Communication Server Test Validation Script Issue", - "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-vcsd" - }, - { - "refsource": "CISCO", - "name": "20161026 Vulnerability in Linux Kernel Affecting Cisco Products: October 2016", - "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-linux" - }, - { - "refsource": "CONFIRM", - "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10770", - "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10770" - }, - { - "refsource": "CONFIRM", - "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10177", - "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10177" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2657", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00065.html" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2614", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00045.html" - }, - { - "refsource": "UBUNTU", - "name": "USN-3105-2", - "url": "http://www.ubuntu.com/usn/USN-3105-2" - }, - { - "refsource": "UBUNTU", - "name": "USN-3107-1", - "url": "http://www.ubuntu.com/usn/USN-3107-1" - }, - { - "refsource": "CONFIRM", - "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10774", - "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10774" - }, - { - "refsource": "UBUNTU", - "name": "USN-3107-2", - "url": "http://www.ubuntu.com/usn/USN-3107-2" - }, - { - "refsource": "BUGTRAQ", - "name": "20170331 [security bulletin] HPESBGN03722 rev.1 - HPE Operations Agent, Local Escalation of Privilege", - "url": "http://www.securityfocus.com/archive/1/540344/100/0/threaded" - }, - { - "refsource": "SUSE", - "name": "openSUSE-SU-2016:2625", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00048.html" - }, - { - "refsource": "UBUNTU", - "name": "USN-3106-1", - "url": "http://www.ubuntu.com/usn/USN-3106-1" - }, - { - "refsource": "UBUNTU", - "name": "USN-3106-4", - "url": "http://www.ubuntu.com/usn/USN-3106-4" - }, - { - "refsource": "MLIST", - "name": "[oss-security] 20161030 Re: CVE-2016-5195 test case", - "url": "http://www.openwall.com/lists/oss-security/2016/10/30/1" - }, - { - "refsource": "MISC", - "name": "http://packetstormsecurity.com/files/139923/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html", - "url": "http://packetstormsecurity.com/files/139923/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2673", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00072.html" - }, - { - "refsource": "UBUNTU", - "name": "USN-3104-2", - "url": "http://www.ubuntu.com/usn/USN-3104-2" - }, - { - "refsource": "CONFIRM", - "name": "http://fortiguard.com/advisory/FG-IR-16-063", - "url": "http://fortiguard.com/advisory/FG-IR-16-063" - }, - { - "refsource": "CONFIRM", - "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10807", - "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10807" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2629", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00049.html" - }, - { - "refsource": "BUGTRAQ", - "name": "20161020 [CVE-2016-5195] \"Dirty COW\" Linux privilege escalation vulnerability", - "url": "http://www.securityfocus.com/archive/1/539611/100/0/threaded" - }, - { - "refsource": "MISC", - "name": "http://packetstormsecurity.com/files/139922/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html", - "url": "http://packetstormsecurity.com/files/139922/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2632", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00052.html" - }, - { - "refsource": "BUGTRAQ", - "name": "20170310 [security bulletin] HPESBGN03707 rev.1 - HPE ConvergedSystem 700 2.0 VMware Kit, Remote Increase of Privilege", - "url": "http://www.securityfocus.com/archive/1/archive/1/540252/100/0/threaded" - }, - { - "refsource": "UBUNTU", - "name": "USN-3105-1", - "url": "http://www.ubuntu.com/usn/USN-3105-1" - }, - { - "refsource": "MISC", - "name": "http://packetstormsecurity.com/files/139286/DirtyCow-Linux-Kernel-Race-Condition.html", - "url": "http://packetstormsecurity.com/files/139286/DirtyCow-Linux-Kernel-Race-Condition.html" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2630", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00050.html" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2016-db4b75b352", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E7M62SRP6CZLJ4ZXCRZKV4WPLQBSR7DT/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2016-c8a0c7eece", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NWMDLBWMGZKFHMRJ7QUQVCERP5QHDB6W/" - }, - { - "refsource": "MLIST", - "name": "[oss-security] 20161103 Re: CVE-2016-5195 \"Dirty COW\" Linux kernel privilege escalation vulnerability", - "url": "http://www.openwall.com/lists/oss-security/2016/11/03/7" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2636", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00056.html" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:3069", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00033.html" - }, - { - "refsource": "CONFIRM", - "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10222", - "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10222" - }, - { - "refsource": "DEBIAN", - "name": "DSA-3696", - "url": "http://www.debian.org/security/2016/dsa-3696" - }, - { - "refsource": "MISC", - "name": "http://packetstormsecurity.com/files/139287/DirtyCow-Local-Root-Proof-Of-Concept.html", - "url": "http://packetstormsecurity.com/files/139287/DirtyCow-Local-Root-Proof-Of-Concept.html" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2592", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00038.html" - }, - { - "refsource": "BUGTRAQ", - "name": "20170331 [security bulletin] HPESBGN03722 rev.1 - HPE Operations Agent, Local Escalation of Privilege", - "url": "http://www.securityfocus.com/archive/1/archive/1/540344/100/0/threaded" - }, - { - "refsource": "BUGTRAQ", - "name": "20161020 [CVE-2016-5195] \"Dirty COW\" Linux privilege escalation vulnerability", - "url": "http://www.securityfocus.com/archive/1/archive/1/539611/100/0/threaded" - }, - { - "refsource": "UBUNTU", - "name": "USN-3104-1", - "url": "http://www.ubuntu.com/usn/USN-3104-1" - }, - { - "refsource": "BUGTRAQ", - "name": "20170615 [security bulletin] HPESBGN03761 rev.1 - HPE Virtualization Performance Viewer (VPV)/ Cloud Optimizer using Linux, Remote Escalation of Privilege", - "url": "http://www.securityfocus.com/archive/1/540736/100/0/threaded" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2593", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00039.html" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:3304", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00100.html" - }, - { - "refsource": "MLIST", - "name": "[oss-security] 20161021 CVE-2016-5195 \"Dirty COW\" Linux kernel privilege escalation vulnerability", - "url": "http://www.openwall.com/lists/oss-security/2016/10/21/1" - }, - { - "refsource": "BUGTRAQ", - "name": "20170310 [security bulletin] HPESBGN03707 rev.1 - HPE ConvergedSystem 700 2.0 VMware Kit, Remote Increase of Privilege", - "url": "http://www.securityfocus.com/archive/1/540252/100/0/threaded" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2585", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00036.html" - }, - { - "refsource": "SUSE", - "name": "openSUSE-SU-2016:2649", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00063.html" - }, { "name": "https://security.paloaltonetworks.com/CVE-2016-5195", "refsource": "CONFIRM", @@ -641,11 +301,6 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:0554", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00041.html" - }, - { - "refsource": "MISC", - "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1753-security-advisory-0026", - "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1753-security-advisory-0026" } ] } diff --git a/2016/5xxx/CVE-2016-5696.json b/2016/5xxx/CVE-2016-5696.json index e88f96b2f46..b4a30f03b9b 100644 --- a/2016/5xxx/CVE-2016-5696.json +++ b/2016/5xxx/CVE-2016-5696.json @@ -206,11 +206,6 @@ "name": "https://security.paloaltonetworks.com/CVE-2016-5696", "refsource": "CONFIRM", "url": "https://security.paloaltonetworks.com/CVE-2016-5696" - }, - { - "refsource": "MISC", - "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1461-security-advisory-23", - "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1461-security-advisory-23" } ] } diff --git a/2016/6xxx/CVE-2016-6304.json b/2016/6xxx/CVE-2016-6304.json index dc493907809..86341848a0d 100644 --- a/2016/6xxx/CVE-2016-6304.json +++ b/2016/6xxx/CVE-2016-6304.json @@ -112,11 +112,6 @@ "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:1801" }, - { - "refsource": "CONFIRM", - "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312", - "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312" - }, { "name": "1036878", "refsource": "SECTRACK", @@ -236,126 +231,6 @@ "name": "RHSA-2017:2493", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2493" - }, - { - "refsource": "CONFIRM", - "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10215", - "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10215" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2017:2700", - "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.html" - }, - { - "refsource": "UBUNTU", - "name": "USN-3087-1", - "url": "http://www.ubuntu.com/usn/USN-3087-1" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2469", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.html" - }, - { - "refsource": "SUSE", - "name": "openSUSE-SU-2016:2537", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00029.html" - }, - { - "refsource": "FULLDISC", - "name": "20161012 New OpenSSL double-free and invalid free vulnerabilities in X509 parsing", - "url": "http://seclists.org/fulldisclosure/2016/Oct/62" - }, - { - "refsource": "UBUNTU", - "name": "USN-3087-2", - "url": "http://www.ubuntu.com/usn/USN-3087-2" - }, - { - "refsource": "FULLDISC", - "name": "20161214 APPLE-SA-2016-12-13-1 macOS 10.12.2", - "url": "http://seclists.org/fulldisclosure/2016/Dec/47" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2017:2699", - "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.html" - }, - { - "refsource": "SUSE", - "name": "openSUSE-SU-2016:2407", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.html" - }, - { - "refsource": "FULLDISC", - "name": "20170717 Orion Elite Hidden IP Browser Pro - All Versions - Multiple Known Vulnerabilities", - "url": "http://seclists.org/fulldisclosure/2017/Jul/31" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2458", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.html" - }, - { - "refsource": "DEBIAN", - "name": "DSA-3673", - "url": "http://www.debian.org/security/2016/dsa-3673" - }, - { - "refsource": "SUSE", - "name": "openSUSE-SU-2016:2391", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.html" - }, - { - "refsource": "SUSE", - "name": "openSUSE-SU-2018:0458", - "url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00032.html" - }, - { - "refsource": "MISC", - "name": "http://packetstormsecurity.com/files/139091/OpenSSL-x509-Parsing-Double-Free-Invalid-Free.html", - "url": "http://packetstormsecurity.com/files/139091/OpenSSL-x509-Parsing-Double-Free-Invalid-Free.html" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2387", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.html" - }, - { - "refsource": "SUSE", - "name": "openSUSE-SU-2016:2788", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-11/msg00027.html" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2468", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.html" - }, - { - "refsource": "SUSE", - "name": "openSUSE-SU-2016:2769", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-11/msg00021.html" - }, - { - "refsource": "SUSE", - "name": "openSUSE-SU-2016:2496", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00021.html" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2394", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.html" - }, - { - "refsource": "CONFIRM", - "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en", - "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en" - }, - { - "refsource": "MISC", - "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24", - "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24" } ] } diff --git a/2016/6xxx/CVE-2016-6306.json b/2016/6xxx/CVE-2016-6306.json index b26ced0cbca..596c9726cb9 100644 --- a/2016/6xxx/CVE-2016-6306.json +++ b/2016/6xxx/CVE-2016-6306.json @@ -52,11 +52,6 @@ }, "references": { "reference_data": [ - { - "name": "https://www.tenable.com/security/tns-2016-20", - "refsource": "CONFIRM", - "url": "https://www.tenable.com/security/tns-2016-20" - }, { "name": "RHSA-2018:2185", "refsource": "REDHAT", @@ -82,36 +77,11 @@ "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201612-16" }, - { - "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312", - "refsource": "CONFIRM", - "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312" - }, - { - "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03856en_us", - "refsource": "CONFIRM", - "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03856en_us" - }, { "name": "1036885", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036885" }, - { - "name": "https://www.tenable.com/security/tns-2016-16", - "refsource": "CONFIRM", - "url": "https://www.tenable.com/security/tns-2016-16" - }, - { - "name": "https://www.tenable.com/security/tns-2016-21", - "refsource": "CONFIRM", - "url": "https://www.tenable.com/security/tns-2016-21" - }, - { - "name": "https://bto.bluecoat.com/security-advisory/sa132", - "refsource": "CONFIRM", - "url": "https://bto.bluecoat.com/security-advisory/sa132" - }, { "name": "FreeBSD-SA-16:26", "refsource": "FREEBSD", @@ -127,121 +97,6 @@ "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2187" }, - { - "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05302448", - "refsource": "CONFIRM", - "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05302448" - }, - { - "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", - "refsource": "CONFIRM", - "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759" - }, - { - "refsource": "CONFIRM", - "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10215", - "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10215" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2017:2700", - "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.html" - }, - { - "refsource": "UBUNTU", - "name": "USN-3087-1", - "url": "http://www.ubuntu.com/usn/USN-3087-1" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2469", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.html" - }, - { - "refsource": "SUSE", - "name": "openSUSE-SU-2016:2537", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00029.html" - }, - { - "refsource": "UBUNTU", - "name": "USN-3087-2", - "url": "http://www.ubuntu.com/usn/USN-3087-2" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2017:2699", - "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.html" - }, - { - "refsource": "SUSE", - "name": "openSUSE-SU-2016:2407", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.html" - }, - { - "refsource": "FULLDISC", - "name": "20170717 Orion Elite Hidden IP Browser Pro - All Versions - Multiple Known Vulnerabilities", - "url": "http://seclists.org/fulldisclosure/2017/Jul/31" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2458", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.html" - }, - { - "refsource": "CONFIRM", - "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en&docId=emr_na-hpesbhf03856en_us", - "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en&docId=emr_na-hpesbhf03856en_us" - }, - { - "refsource": "DEBIAN", - "name": "DSA-3673", - "url": "http://www.debian.org/security/2016/dsa-3673" - }, - { - "refsource": "SUSE", - "name": "openSUSE-SU-2016:2391", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.html" - }, - { - "refsource": "SUSE", - "name": "openSUSE-SU-2018:0458", - "url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00032.html" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2387", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.html" - }, - { - "refsource": "CONFIRM", - "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05302448", - "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05302448" - }, - { - "refsource": "CONFIRM", - "name": "https://support.f5.com/csp/article/K90492697", - "url": "https://support.f5.com/csp/article/K90492697" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2468", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.html" - }, - { - "refsource": "SUSE", - "name": "openSUSE-SU-2016:2496", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00021.html" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2016:2394", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.html" - }, - { - "refsource": "CONFIRM", - "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en", - "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en" - }, { "url": "https://www.oracle.com/security-alerts/cpuapr2020.html", "refsource": "MISC", @@ -361,11 +216,6 @@ "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" - }, - { - "refsource": "MISC", - "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24", - "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24" } ] } diff --git a/2017/1000xxx/CVE-2017-1000450.json b/2017/1000xxx/CVE-2017-1000450.json index a02c348136b..dcec7747ad9 100644 --- a/2017/1000xxx/CVE-2017-1000450.json +++ b/2017/1000xxx/CVE-2017-1000450.json @@ -73,11 +73,6 @@ "name": "https://github.com/opencv/opencv/issues/9723", "refsource": "MISC", "url": "https://github.com/opencv/opencv/issues/9723" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211030 [SECURITY] [DLA 2799-1] opencv security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html" } ] } diff --git a/2017/12xxx/CVE-2017-12597.json b/2017/12xxx/CVE-2017-12597.json index 9ffc41010f1..3d152e111b9 100644 --- a/2017/12xxx/CVE-2017-12597.json +++ b/2017/12xxx/CVE-2017-12597.json @@ -71,11 +71,6 @@ "name": "https://github.com/opencv/opencv/issues/9309", "refsource": "MISC", "url": "https://github.com/opencv/opencv/issues/9309" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211030 [SECURITY] [DLA 2799-1] opencv security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html" } ] } diff --git a/2017/12xxx/CVE-2017-12598.json b/2017/12xxx/CVE-2017-12598.json index 75d0a0e9340..bfc2c4252ae 100644 --- a/2017/12xxx/CVE-2017-12598.json +++ b/2017/12xxx/CVE-2017-12598.json @@ -71,11 +71,6 @@ "name": "https://github.com/opencv/opencv/issues/9309", "refsource": "MISC", "url": "https://github.com/opencv/opencv/issues/9309" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211030 [SECURITY] [DLA 2799-1] opencv security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html" } ] } diff --git a/2017/12xxx/CVE-2017-12599.json b/2017/12xxx/CVE-2017-12599.json index 434db821d95..dc9249d5da3 100644 --- a/2017/12xxx/CVE-2017-12599.json +++ b/2017/12xxx/CVE-2017-12599.json @@ -71,11 +71,6 @@ "name": "https://github.com/opencv/opencv/issues/9309", "refsource": "MISC", "url": "https://github.com/opencv/opencv/issues/9309" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211030 [SECURITY] [DLA 2799-1] opencv security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html" } ] } diff --git a/2017/12xxx/CVE-2017-12601.json b/2017/12xxx/CVE-2017-12601.json index 0de54c29a74..362cd3881cd 100644 --- a/2017/12xxx/CVE-2017-12601.json +++ b/2017/12xxx/CVE-2017-12601.json @@ -71,11 +71,6 @@ "name": "https://github.com/opencv/opencv/issues/9309", "refsource": "MISC", "url": "https://github.com/opencv/opencv/issues/9309" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211030 [SECURITY] [DLA 2799-1] opencv security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html" } ] } diff --git a/2017/12xxx/CVE-2017-12603.json b/2017/12xxx/CVE-2017-12603.json index 99fec118224..b7821e1a3e2 100644 --- a/2017/12xxx/CVE-2017-12603.json +++ b/2017/12xxx/CVE-2017-12603.json @@ -71,11 +71,6 @@ "name": "https://github.com/opencv/opencv/issues/9309", "refsource": "MISC", "url": "https://github.com/opencv/opencv/issues/9309" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211030 [SECURITY] [DLA 2799-1] opencv security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html" } ] } diff --git a/2017/12xxx/CVE-2017-12604.json b/2017/12xxx/CVE-2017-12604.json index f6c89c62090..6d111216ad9 100644 --- a/2017/12xxx/CVE-2017-12604.json +++ b/2017/12xxx/CVE-2017-12604.json @@ -71,11 +71,6 @@ "name": "https://github.com/opencv/opencv/issues/9309", "refsource": "MISC", "url": "https://github.com/opencv/opencv/issues/9309" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211030 [SECURITY] [DLA 2799-1] opencv security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html" } ] } diff --git a/2017/12xxx/CVE-2017-12605.json b/2017/12xxx/CVE-2017-12605.json index b7bbd4463d6..62eb1dbbbc5 100644 --- a/2017/12xxx/CVE-2017-12605.json +++ b/2017/12xxx/CVE-2017-12605.json @@ -71,11 +71,6 @@ "name": "https://github.com/opencv/opencv/issues/9309", "refsource": "MISC", "url": "https://github.com/opencv/opencv/issues/9309" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211030 [SECURITY] [DLA 2799-1] opencv security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html" } ] } diff --git a/2017/12xxx/CVE-2017-12606.json b/2017/12xxx/CVE-2017-12606.json index 0ce77c3ff08..726a1e5b6ad 100644 --- a/2017/12xxx/CVE-2017-12606.json +++ b/2017/12xxx/CVE-2017-12606.json @@ -71,11 +71,6 @@ "name": "https://github.com/opencv/opencv/issues/9309", "refsource": "MISC", "url": "https://github.com/opencv/opencv/issues/9309" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211030 [SECURITY] [DLA 2799-1] opencv security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html" } ] } diff --git a/2017/12xxx/CVE-2017-12862.json b/2017/12xxx/CVE-2017-12862.json index 2a24768164f..a62e9273399 100644 --- a/2017/12xxx/CVE-2017-12862.json +++ b/2017/12xxx/CVE-2017-12862.json @@ -66,11 +66,6 @@ "name": "https://github.com/opencv/opencv/issues/9370", "refsource": "MISC", "url": "https://github.com/opencv/opencv/issues/9370" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211030 [SECURITY] [DLA 2799-1] opencv security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html" } ] } diff --git a/2017/12xxx/CVE-2017-12863.json b/2017/12xxx/CVE-2017-12863.json index a77089fdf99..3f86db84f17 100644 --- a/2017/12xxx/CVE-2017-12863.json +++ b/2017/12xxx/CVE-2017-12863.json @@ -66,11 +66,6 @@ "name": "https://github.com/opencv/opencv/issues/9371", "refsource": "MISC", "url": "https://github.com/opencv/opencv/issues/9371" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211030 [SECURITY] [DLA 2799-1] opencv security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html" } ] } diff --git a/2017/12xxx/CVE-2017-12864.json b/2017/12xxx/CVE-2017-12864.json index d7a5d20aaa7..43560aaa667 100644 --- a/2017/12xxx/CVE-2017-12864.json +++ b/2017/12xxx/CVE-2017-12864.json @@ -66,11 +66,6 @@ "name": "https://github.com/opencv/opencv/issues/9372", "refsource": "MISC", "url": "https://github.com/opencv/opencv/issues/9372" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211030 [SECURITY] [DLA 2799-1] opencv security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html" } ] } diff --git a/2017/14xxx/CVE-2017-14491.json b/2017/14xxx/CVE-2017-14491.json index 89bf6e8e120..154ef7dc8b0 100644 --- a/2017/14xxx/CVE-2017-14491.json +++ b/2017/14xxx/CVE-2017-14491.json @@ -162,11 +162,6 @@ "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2841" }, - { - "refsource": "CONFIRM", - "name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4560", - "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4560" - }, { "name": "openSUSE-SU-2017:2633", "refsource": "SUSE", @@ -186,71 +181,6 @@ "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2017-515264ae24", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5MMPCJOYPPL4B5RBY4U425PWG7EETDTD/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2017-24f067299e", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YXRZ2W6TV6NLUJC5NOFBSG6PZSMDTYPV/" - }, - { - "refsource": "UBUNTU", - "name": "USN-3430-3", - "url": "http://www.ubuntu.com/usn/USN-3430-3" - }, - { - "refsource": "MISC", - "name": "http://packetstormsecurity.com/files/144480/Dnsmasq-2-Byte-Heap-Based-Overflow.html", - "url": "http://packetstormsecurity.com/files/144480/Dnsmasq-2-Byte-Heap-Based-Overflow.html" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2017:2619", - "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00005.html" - }, - { - "refsource": "CONFIRM", - "name": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449/", - "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449/" - }, - { - "refsource": "CONFIRM", - "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171103-01-dnsmasq-en", - "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171103-01-dnsmasq-en" - }, - { - "refsource": "CONFIRM", - "name": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449", - "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2017-7106a157f5", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/527KNN34RN2SB6MBJG7CKSEBWYE3TJEB/" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2017:2616", - "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00003.html" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2017:2617", - "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00004.html" - }, - { - "refsource": "DEBIAN", - "name": "DSA-3989", - "url": "https://www.debian.org/security/2017/dsa-3989" - }, - { - "refsource": "MISC", - "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/3577-security-advisory-30", - "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/3577-security-advisory-30" } ] } diff --git a/2017/14xxx/CVE-2017-14737.json b/2017/14xxx/CVE-2017-14737.json index 19a40ed580c..92064c81c45 100644 --- a/2017/14xxx/CVE-2017-14737.json +++ b/2017/14xxx/CVE-2017-14737.json @@ -61,11 +61,6 @@ "name": "https://github.com/randombit/botan/issues/1222", "refsource": "MISC", "url": "https://github.com/randombit/botan/issues/1222" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211108 [SECURITY] [DLA 2812-1] botan1.10 security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00006.html" } ] } diff --git a/2017/17xxx/CVE-2017-17760.json b/2017/17xxx/CVE-2017-17760.json index b0eba7e1859..4a9a1a83d69 100644 --- a/2017/17xxx/CVE-2017-17760.json +++ b/2017/17xxx/CVE-2017-17760.json @@ -76,11 +76,6 @@ "name": "102974", "refsource": "BID", "url": "http://www.securityfocus.com/bid/102974" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211030 [SECURITY] [DLA 2799-1] opencv security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html" } ] } diff --git a/2017/18xxx/CVE-2017-18017.json b/2017/18xxx/CVE-2017-18017.json index 693552db0be..2e2801aac1b 100644 --- a/2017/18xxx/CVE-2017-18017.json +++ b/2017/18xxx/CVE-2017-18017.json @@ -141,76 +141,6 @@ "name": "102367", "refsource": "BID", "url": "http://www.securityfocus.com/bid/102367" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2018:0834", - "url": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00067.html" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2018:0848", - "url": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00072.html" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2018:0383", - "url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00008.html" - }, - { - "refsource": "UBUNTU", - "name": "USN-3583-1", - "url": "http://www.ubuntu.com/usn/USN-3583-1" - }, - { - "refsource": "CONFIRM", - "name": "https://support.f5.com/csp/article/K18352029", - "url": "https://support.f5.com/csp/article/K18352029" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2018:0555", - "url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00047.html" - }, - { - "refsource": "SUSE", - "name": "openSUSE-SU-2018:0408", - "url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00013.html" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2018:0986", - "url": "http://lists.opensuse.org/opensuse-security-announce/2018-04/msg00014.html" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2018:0416", - "url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00015.html" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2018:0482", - "url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00038.html" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2018:0841", - "url": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00070.html" - }, - { - "refsource": "UBUNTU", - "name": "USN-3583-2", - "url": "http://www.ubuntu.com/usn/USN-3583-2" - }, - { - "refsource": "SUSE", - "name": "SUSE-SU-2018:0660", - "url": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00030.html" - }, - { - "refsource": "MISC", - "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/4577-security-advisory-34", - "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/4577-security-advisory-34" } ] } diff --git a/2017/2xxx/CVE-2017-2888.json b/2017/2xxx/CVE-2017-2888.json index cdf168b81ce..ae5e4fc1b06 100644 --- a/2017/2xxx/CVE-2017-2888.json +++ b/2017/2xxx/CVE-2017-2888.json @@ -67,11 +67,6 @@ "refsource": "UBUNTU", "name": "USN-4143-1", "url": "https://usn.ubuntu.com/4143-1/" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211031 [SECURITY] [DLA 2803-1] libsdl2 security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00031.html" } ] } diff --git a/2017/5xxx/CVE-2017-5123.json b/2017/5xxx/CVE-2017-5123.json index 984b53d9f1c..60699e41c02 100644 --- a/2017/5xxx/CVE-2017-5123.json +++ b/2017/5xxx/CVE-2017-5123.json @@ -1,67 +1,18 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-5123", - "ASSIGNER": "chrome-cve-admin@google.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Insufficient data validation" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://crbug.com/772848", - "refsource": "MISC", - "name": "https://crbug.com/772848" - }, - { - "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=96ca579a1ecc943b75beba58bebb0356f6cc4b51", - "refsource": "MISC", - "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=96ca579a1ecc943b75beba58bebb0356f6cc4b51" - } - ] + "STATE": "RESERVED" }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "Insufficient data validation in waitid allowed an user to escape sandboxes on Linux." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } -} +} \ No newline at end of file diff --git a/2017/9xxx/CVE-2017-9525.json b/2017/9xxx/CVE-2017-9525.json index 3cb33d9ed7d..c22c5887f4c 100644 --- a/2017/9xxx/CVE-2017-9525.json +++ b/2017/9xxx/CVE-2017-9525.json @@ -71,11 +71,6 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20190321 [SECURITY] [DLA 1723-1] cron security update", "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00025.html" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211030 [SECURITY] [DLA 2801-1] cron security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00029.html" } ] } diff --git a/2018/10xxx/CVE-2018-10841.json b/2018/10xxx/CVE-2018-10841.json index e6e3027d11f..aa824e74d93 100644 --- a/2018/10xxx/CVE-2018-10841.json +++ b/2018/10xxx/CVE-2018-10841.json @@ -86,11 +86,6 @@ "refsource": "GENTOO", "name": "GLSA-201904-06", "url": "https://security.gentoo.org/glsa/201904-06" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211101 [SECURITY] [DLA 2806-1] glusterfs security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00000.html" } ] } diff --git a/2018/10xxx/CVE-2018-10904.json b/2018/10xxx/CVE-2018-10904.json index acd56acc655..fc733df07a0 100644 --- a/2018/10xxx/CVE-2018-10904.json +++ b/2018/10xxx/CVE-2018-10904.json @@ -101,11 +101,6 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:0079", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211101 [SECURITY] [DLA 2806-1] glusterfs security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00000.html" } ] } diff --git a/2018/10xxx/CVE-2018-10907.json b/2018/10xxx/CVE-2018-10907.json index fb1fb1c50b2..11d42733591 100644 --- a/2018/10xxx/CVE-2018-10907.json +++ b/2018/10xxx/CVE-2018-10907.json @@ -101,11 +101,6 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:0079", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211101 [SECURITY] [DLA 2806-1] glusterfs security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00000.html" } ] } diff --git a/2018/10xxx/CVE-2018-10909.json b/2018/10xxx/CVE-2018-10909.json index 32035ecf352..290563a0e42 100644 --- a/2018/10xxx/CVE-2018-10909.json +++ b/2018/10xxx/CVE-2018-10909.json @@ -1,17 +1,17 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2018-10909", "ASSIGNER": "cve@mitre.org", - "STATE": "REJECT" + "ID": "CVE-2018-10909", + "STATE": "RESERVED" }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2018/10xxx/CVE-2018-10911.json b/2018/10xxx/CVE-2018-10911.json index 6fe08c751e7..0851fde7ddd 100644 --- a/2018/10xxx/CVE-2018-10911.json +++ b/2018/10xxx/CVE-2018-10911.json @@ -127,11 +127,6 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:0079", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211101 [SECURITY] [DLA 2806-1] glusterfs security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00000.html" } ] } diff --git a/2018/10xxx/CVE-2018-10913.json b/2018/10xxx/CVE-2018-10913.json index 3ac5c0e97b9..e9cdd357896 100644 --- a/2018/10xxx/CVE-2018-10913.json +++ b/2018/10xxx/CVE-2018-10913.json @@ -101,11 +101,6 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:0079", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211101 [SECURITY] [DLA 2806-1] glusterfs security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00000.html" } ] } diff --git a/2018/10xxx/CVE-2018-10914.json b/2018/10xxx/CVE-2018-10914.json index 5d1d03549f5..09130e6e3e1 100644 --- a/2018/10xxx/CVE-2018-10914.json +++ b/2018/10xxx/CVE-2018-10914.json @@ -96,11 +96,6 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:0079", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211101 [SECURITY] [DLA 2806-1] glusterfs security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00000.html" } ] } diff --git a/2018/10xxx/CVE-2018-10923.json b/2018/10xxx/CVE-2018-10923.json index e0fcbc61d54..77b322e8b11 100644 --- a/2018/10xxx/CVE-2018-10923.json +++ b/2018/10xxx/CVE-2018-10923.json @@ -96,11 +96,6 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:0079", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211101 [SECURITY] [DLA 2806-1] glusterfs security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00000.html" } ] } diff --git a/2018/10xxx/CVE-2018-10926.json b/2018/10xxx/CVE-2018-10926.json index 8a8f517d6fc..d26681170e5 100644 --- a/2018/10xxx/CVE-2018-10926.json +++ b/2018/10xxx/CVE-2018-10926.json @@ -96,11 +96,6 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:0079", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211101 [SECURITY] [DLA 2806-1] glusterfs security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00000.html" } ] } diff --git a/2018/10xxx/CVE-2018-10927.json b/2018/10xxx/CVE-2018-10927.json index 5b678cada70..faaf6c410eb 100644 --- a/2018/10xxx/CVE-2018-10927.json +++ b/2018/10xxx/CVE-2018-10927.json @@ -96,11 +96,6 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:0079", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211101 [SECURITY] [DLA 2806-1] glusterfs security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00000.html" } ] } diff --git a/2018/10xxx/CVE-2018-10928.json b/2018/10xxx/CVE-2018-10928.json index 102a3356a18..3d5090a49ee 100644 --- a/2018/10xxx/CVE-2018-10928.json +++ b/2018/10xxx/CVE-2018-10928.json @@ -96,11 +96,6 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:0079", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211101 [SECURITY] [DLA 2806-1] glusterfs security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00000.html" } ] } diff --git a/2018/10xxx/CVE-2018-10929.json b/2018/10xxx/CVE-2018-10929.json index f5e571fa183..9dcf0e5c9f9 100644 --- a/2018/10xxx/CVE-2018-10929.json +++ b/2018/10xxx/CVE-2018-10929.json @@ -101,11 +101,6 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:0079", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211101 [SECURITY] [DLA 2806-1] glusterfs security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00000.html" } ] } diff --git a/2018/10xxx/CVE-2018-10930.json b/2018/10xxx/CVE-2018-10930.json index 474e97e4513..cbf8b8b5484 100644 --- a/2018/10xxx/CVE-2018-10930.json +++ b/2018/10xxx/CVE-2018-10930.json @@ -101,11 +101,6 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:0079", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211101 [SECURITY] [DLA 2806-1] glusterfs security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00000.html" } ] } diff --git a/2018/14xxx/CVE-2018-14652.json b/2018/14xxx/CVE-2018-14652.json index 476cde0ec4b..bc6476688c4 100644 --- a/2018/14xxx/CVE-2018-14652.json +++ b/2018/14xxx/CVE-2018-14652.json @@ -91,11 +91,6 @@ "refsource": "GENTOO", "name": "GLSA-201904-06", "url": "https://security.gentoo.org/glsa/201904-06" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211101 [SECURITY] [DLA 2806-1] glusterfs security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00000.html" } ] } diff --git a/2018/14xxx/CVE-2018-14653.json b/2018/14xxx/CVE-2018-14653.json index 6939f530c2a..728e89d5aa0 100644 --- a/2018/14xxx/CVE-2018-14653.json +++ b/2018/14xxx/CVE-2018-14653.json @@ -91,11 +91,6 @@ "refsource": "GENTOO", "name": "GLSA-201904-06", "url": "https://security.gentoo.org/glsa/201904-06" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211101 [SECURITY] [DLA 2806-1] glusterfs security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00000.html" } ] } diff --git a/2018/14xxx/CVE-2018-14654.json b/2018/14xxx/CVE-2018-14654.json index 0a7aafaa9bf..ddf3c959327 100644 --- a/2018/14xxx/CVE-2018-14654.json +++ b/2018/14xxx/CVE-2018-14654.json @@ -86,11 +86,6 @@ "refsource": "GENTOO", "name": "GLSA-201904-06", "url": "https://security.gentoo.org/glsa/201904-06" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211101 [SECURITY] [DLA 2806-1] glusterfs security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00000.html" } ] } diff --git a/2018/14xxx/CVE-2018-14659.json b/2018/14xxx/CVE-2018-14659.json index d53118ca0ed..fd546d11727 100644 --- a/2018/14xxx/CVE-2018-14659.json +++ b/2018/14xxx/CVE-2018-14659.json @@ -91,11 +91,6 @@ "refsource": "GENTOO", "name": "GLSA-201904-06", "url": "https://security.gentoo.org/glsa/201904-06" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211101 [SECURITY] [DLA 2806-1] glusterfs security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00000.html" } ] } diff --git a/2018/14xxx/CVE-2018-14660.json b/2018/14xxx/CVE-2018-14660.json index fe63b3959da..dcab3f0f1a1 100644 --- a/2018/14xxx/CVE-2018-14660.json +++ b/2018/14xxx/CVE-2018-14660.json @@ -89,11 +89,6 @@ "refsource": "GENTOO", "name": "GLSA-201904-06", "url": "https://security.gentoo.org/glsa/201904-06" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211101 [SECURITY] [DLA 2806-1] glusterfs security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00000.html" } ] } diff --git a/2018/14xxx/CVE-2018-14661.json b/2018/14xxx/CVE-2018-14661.json index 07591b99194..8bccb5b0517 100644 --- a/2018/14xxx/CVE-2018-14661.json +++ b/2018/14xxx/CVE-2018-14661.json @@ -91,11 +91,6 @@ "refsource": "GENTOO", "name": "GLSA-201904-06", "url": "https://security.gentoo.org/glsa/201904-06" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211101 [SECURITY] [DLA 2806-1] glusterfs security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00000.html" } ] } diff --git a/2018/16xxx/CVE-2018-16062.json b/2018/16xxx/CVE-2018-16062.json index 4dcc262ec2f..75c3c791b24 100644 --- a/2018/16xxx/CVE-2018-16062.json +++ b/2018/16xxx/CVE-2018-16062.json @@ -81,11 +81,6 @@ "refsource": "REDHAT", "name": "RHSA-2019:2197", "url": "https://access.redhat.com/errata/RHSA-2019:2197" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211030 [SECURITY] [DLA 2802-1] elfutils security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00030.html" } ] } diff --git a/2018/16xxx/CVE-2018-16402.json b/2018/16xxx/CVE-2018-16402.json index 4f6253632a5..4e16ddbadf5 100644 --- a/2018/16xxx/CVE-2018-16402.json +++ b/2018/16xxx/CVE-2018-16402.json @@ -76,11 +76,6 @@ "refsource": "MLIST", "name": "[bookkeeper-issues] 20200729 [GitHub] [bookkeeper] padma81 opened a new issue #2387: Security vulnerabilities in the apache/bookkeeper-4.9.2 image", "url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211030 [SECURITY] [DLA 2802-1] elfutils security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00030.html" } ] } diff --git a/2018/16xxx/CVE-2018-16763.json b/2018/16xxx/CVE-2018-16763.json index d634a7fba40..2ce1e7af72d 100644 --- a/2018/16xxx/CVE-2018-16763.json +++ b/2018/16xxx/CVE-2018-16763.json @@ -76,11 +76,6 @@ "refsource": "MISC", "name": "http://packetstormsecurity.com/files/160080/Fuel-CMS-1.4-Remote-Code-Execution.html", "url": "http://packetstormsecurity.com/files/160080/Fuel-CMS-1.4-Remote-Code-Execution.html" - }, - { - "refsource": "MISC", - "name": "http://packetstormsecurity.com/files/164756/Fuel-CMS-1.4.1-Remote-Code-Execution.html", - "url": "http://packetstormsecurity.com/files/164756/Fuel-CMS-1.4.1-Remote-Code-Execution.html" } ] } diff --git a/2018/18xxx/CVE-2018-18310.json b/2018/18xxx/CVE-2018-18310.json index d6d8f926f9d..4ae08ab0642 100644 --- a/2018/18xxx/CVE-2018-18310.json +++ b/2018/18xxx/CVE-2018-18310.json @@ -81,11 +81,6 @@ "refsource": "REDHAT", "name": "RHSA-2019:2197", "url": "https://access.redhat.com/errata/RHSA-2019:2197" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211030 [SECURITY] [DLA 2802-1] elfutils security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00030.html" } ] } diff --git a/2018/18xxx/CVE-2018-18520.json b/2018/18xxx/CVE-2018-18520.json index aaa0dea3949..1f0efd40a96 100644 --- a/2018/18xxx/CVE-2018-18520.json +++ b/2018/18xxx/CVE-2018-18520.json @@ -81,11 +81,6 @@ "refsource": "REDHAT", "name": "RHSA-2019:2197", "url": "https://access.redhat.com/errata/RHSA-2019:2197" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211030 [SECURITY] [DLA 2802-1] elfutils security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00030.html" } ] } diff --git a/2018/18xxx/CVE-2018-18521.json b/2018/18xxx/CVE-2018-18521.json index 8117c9d865b..d662999d1ce 100644 --- a/2018/18xxx/CVE-2018-18521.json +++ b/2018/18xxx/CVE-2018-18521.json @@ -81,11 +81,6 @@ "refsource": "REDHAT", "name": "RHSA-2019:2197", "url": "https://access.redhat.com/errata/RHSA-2019:2197" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211030 [SECURITY] [DLA 2802-1] elfutils security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00030.html" } ] } diff --git a/2018/1xxx/CVE-2018-1088.json b/2018/1xxx/CVE-2018-1088.json index d2760e633fa..be487188fcd 100644 --- a/2018/1xxx/CVE-2018-1088.json +++ b/2018/1xxx/CVE-2018-1088.json @@ -87,11 +87,6 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:0079", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211101 [SECURITY] [DLA 2806-1] glusterfs security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00000.html" } ] } diff --git a/2018/25xxx/CVE-2018-25009.json b/2018/25xxx/CVE-2018-25009.json index e2c6fd7f659..7fe55d93db8 100644 --- a/2018/25xxx/CVE-2018-25009.json +++ b/2018/25xxx/CVE-2018-25009.json @@ -63,11 +63,6 @@ "refsource": "DEBIAN", "name": "DSA-4930", "url": "https://www.debian.org/security/2021/dsa-4930" - }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20211104-0004/", - "url": "https://security.netapp.com/advisory/ntap-20211104-0004/" } ] }, diff --git a/2018/25xxx/CVE-2018-25011.json b/2018/25xxx/CVE-2018-25011.json index 1a46389cf7d..dfdf09d73a6 100644 --- a/2018/25xxx/CVE-2018-25011.json +++ b/2018/25xxx/CVE-2018-25011.json @@ -73,11 +73,6 @@ "refsource": "FULLDISC", "name": "20210723 APPLE-SA-2021-07-21-1 iOS 14.7 and iPadOS 14.7", "url": "http://seclists.org/fulldisclosure/2021/Jul/54" - }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20211104-0004/", - "url": "https://security.netapp.com/advisory/ntap-20211104-0004/" } ] }, diff --git a/2018/25xxx/CVE-2018-25014.json b/2018/25xxx/CVE-2018-25014.json index 7f68631019c..2f02ddbb21b 100644 --- a/2018/25xxx/CVE-2018-25014.json +++ b/2018/25xxx/CVE-2018-25014.json @@ -73,11 +73,6 @@ "refsource": "FULLDISC", "name": "20210723 APPLE-SA-2021-07-21-1 iOS 14.7 and iPadOS 14.7", "url": "http://seclists.org/fulldisclosure/2021/Jul/54" - }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20211104-0004/", - "url": "https://security.netapp.com/advisory/ntap-20211104-0004/" } ] }, diff --git a/2018/25xxx/CVE-2018-25019.json b/2018/25xxx/CVE-2018-25019.json index ab8ed92baf3..f41ce712854 100644 --- a/2018/25xxx/CVE-2018-25019.json +++ b/2018/25xxx/CVE-2018-25019.json @@ -1,88 +1,18 @@ { + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2018-25019", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "LearnDash < 2.5.4 - Unauthenticated Arbitrary File Upload" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "LearnDash LMS", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "2.5.4", - "version_value": "2.5.4" - } - ] - } - } - ] - } - } - ] - } + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "The LearnDash LMS WordPress plugin before 2.5.4 does not have any authorisation and validation of the file to be uploaded in the learndash_assignment_process_init() function, which could allow unauthenticated users to upload arbitrary files to the web server" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://lists.openwall.net/full-disclosure/2018/01/10/17", - "name": "https://lists.openwall.net/full-disclosure/2018/01/10/17" - }, - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/9444f67b-8e3d-4cf0-b319-ed25e7db383a", - "name": "https://wpscan.com/vulnerability/9444f67b-8e3d-4cf0-b319-ed25e7db383a" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-434 Unrestricted Upload of File with Dangerous Type", - "lang": "eng" - } - ] - }, - { - "description": [ - { - "value": "CWE-862 Missing Authorization", - "lang": "eng" - } - ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "Jerome Bruandet (NinTechNet)" - } - ], - "source": { - "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2018/5xxx/CVE-2018-5268.json b/2018/5xxx/CVE-2018-5268.json index f2d27d3f14b..df1237f85ca 100644 --- a/2018/5xxx/CVE-2018-5268.json +++ b/2018/5xxx/CVE-2018-5268.json @@ -71,11 +71,6 @@ "name": "[debian-lts-announce] 20180418 [SECURITY] [DLA 1354-1] opencv security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00019.html" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211030 [SECURITY] [DLA 2799-1] opencv security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html" } ] } diff --git a/2018/5xxx/CVE-2018-5269.json b/2018/5xxx/CVE-2018-5269.json index 42d864b835b..3b39aefd8bf 100644 --- a/2018/5xxx/CVE-2018-5269.json +++ b/2018/5xxx/CVE-2018-5269.json @@ -71,11 +71,6 @@ "name": "https://github.com/opencv/opencv/issues/10540", "refsource": "MISC", "url": "https://github.com/opencv/opencv/issues/10540" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211030 [SECURITY] [DLA 2799-1] opencv security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html" } ] } diff --git a/2018/5xxx/CVE-2018-5740.json b/2018/5xxx/CVE-2018-5740.json index a909cbffda0..43719c8513d 100644 --- a/2018/5xxx/CVE-2018-5740.json +++ b/2018/5xxx/CVE-2018-5740.json @@ -151,11 +151,6 @@ "refsource": "CONFIRM", "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03927en_us", "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03927en_us" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211102 [SECURITY] [DLA 2807-1] bind9 security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00001.html" } ] }, diff --git a/2018/6xxx/CVE-2018-6044.json b/2018/6xxx/CVE-2018-6044.json index 5a8b8ecb451..f3b3f8dfae5 100644 --- a/2018/6xxx/CVE-2018-6044.json +++ b/2018/6xxx/CVE-2018-6044.json @@ -1,18 +1,18 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2018-6044", "ASSIGNER": "cve@mitre.org", - "STATE": "REJECT" + "ID": "CVE-2018-6044", + "STATE": "RESERVED" }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-16064. Reason: This candidate is a reservation duplicate of CVE-2018-16064. Notes: All CVE users should reference CVE-2018-16064 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } -} +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6058.json b/2018/6xxx/CVE-2018-6058.json index c243ccea67f..0ee7582a097 100644 --- a/2018/6xxx/CVE-2018-6058.json +++ b/2018/6xxx/CVE-2018-6058.json @@ -1,18 +1,18 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2018-6058", "ASSIGNER": "cve@mitre.org", - "STATE": "REJECT" + "ID": "CVE-2018-6058", + "STATE": "RESERVED" }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-11215. Reason: This candidate is a reservation duplicate of CVE-2017-11215. Notes: All CVE users should reference CVE-2017-11215 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } -} +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6059.json b/2018/6xxx/CVE-2018-6059.json index 25b6e606677..29bb11d789e 100644 --- a/2018/6xxx/CVE-2018-6059.json +++ b/2018/6xxx/CVE-2018-6059.json @@ -1,18 +1,18 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2018-6059", "ASSIGNER": "cve@mitre.org", - "STATE": "REJECT" + "ID": "CVE-2018-6059", + "STATE": "RESERVED" }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-11225. Reason: This candidate is a reservation duplicate of CVE-2017-11225. Notes: All CVE users should reference CVE-2017-11225 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } -} +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6122.json b/2018/6xxx/CVE-2018-6122.json index fd350f08b19..b78be64e8be 100644 --- a/2018/6xxx/CVE-2018-6122.json +++ b/2018/6xxx/CVE-2018-6122.json @@ -1,62 +1,17 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-6122", - "ASSIGNER": "chrome-cve-admin@google.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Google", - "product": { - "product_data": [ - { - "product_name": "Chrome", - "version": { - "version_data": [ - { - "version_value": "66.0.3359.139", - "version_affected": "<" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Type Confusion" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://crbug.com/836141", - "refsource": "MISC", - "name": "https://crbug.com/836141" - } - ] + "STATE": "RESERVED" }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "Type confusion in WebAssembly in Google Chrome prior to 66.0.3359.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2018/6xxx/CVE-2018-6125.json b/2018/6xxx/CVE-2018-6125.json index abc877d9bde..027bef810a2 100644 --- a/2018/6xxx/CVE-2018-6125.json +++ b/2018/6xxx/CVE-2018-6125.json @@ -1,62 +1,17 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-6125", - "ASSIGNER": "chrome-cve-admin@google.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Google", - "product": { - "product_data": [ - { - "product_name": "Chrome", - "version": { - "version_data": [ - { - "version_value": "67.0.3396.62", - "version_affected": "<" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Insufficient policy enforcement" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://crbug.com/818592", - "refsource": "MISC", - "name": "https://crbug.com/818592" - } - ] + "STATE": "RESERVED" }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "Insufficient policy enforcement in USB in Google Chrome on Windows prior to 67.0.3396.62 allowed a remote attacker to obtain potentially sensitive information via a crafted HTML page." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2019/1010xxx/CVE-2019-1010305.json b/2019/1010xxx/CVE-2019-1010305.json index d5860ae4ef7..ee53e1e43ca 100644 --- a/2019/1010xxx/CVE-2019-1010305.json +++ b/2019/1010xxx/CVE-2019-1010305.json @@ -86,11 +86,6 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20190823 [SECURITY] [DLA 1895-1] libmspack security update", "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00028.html" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211031 [SECURITY] [DLA 2805-1] libmspack security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00033.html" } ] } diff --git a/2019/13xxx/CVE-2019-13616.json b/2019/13xxx/CVE-2019-13616.json index 29770cfd8d0..7275c67542b 100644 --- a/2019/13xxx/CVE-2019-13616.json +++ b/2019/13xxx/CVE-2019-13616.json @@ -146,11 +146,6 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20210130 [SECURITY] [DLA 2536-1] libsdl2 security update", "url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00024.html" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211031 [SECURITY] [DLA 2804-1] libsdl1.2 security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00032.html" } ] } diff --git a/2019/13xxx/CVE-2019-13776.json b/2019/13xxx/CVE-2019-13776.json deleted file mode 100644 index 213526b2297..00000000000 --- a/2019/13xxx/CVE-2019-13776.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2019-13776", - "ASSIGNER": "cve@mitre.org", - "STATE": "REJECT" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: some publications have used this number when they meant to use CVE-2019-13376." - } - ] - } -} diff --git a/2019/14xxx/CVE-2019-14493.json b/2019/14xxx/CVE-2019-14493.json index 238d03fea47..0a85f89b3a2 100644 --- a/2019/14xxx/CVE-2019-14493.json +++ b/2019/14xxx/CVE-2019-14493.json @@ -61,11 +61,6 @@ "url": "https://github.com/opencv/opencv/issues/15127", "refsource": "MISC", "name": "https://github.com/opencv/opencv/issues/15127" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211030 [SECURITY] [DLA 2799-1] opencv security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html" } ] } diff --git a/2019/15xxx/CVE-2019-15939.json b/2019/15xxx/CVE-2019-15939.json index d08da703fdd..14caf427a94 100644 --- a/2019/15xxx/CVE-2019-15939.json +++ b/2019/15xxx/CVE-2019-15939.json @@ -66,11 +66,6 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2671", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00025.html" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211030 [SECURITY] [DLA 2799-1] opencv security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html" } ] } diff --git a/2019/16xxx/CVE-2019-16240.json b/2019/16xxx/CVE-2019-16240.json deleted file mode 100644 index 0644e26201a..00000000000 --- a/2019/16xxx/CVE-2019-16240.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2019-16240", - "ASSIGNER": "cve@mitre.org", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://support.hp.com/us-en/document/c06458150", - "url": "https://support.hp.com/us-en/document/c06458150" - } - ] - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A Buffer Overflow and Information Disclosure issue exists in HP OfficeJet Pro Printers before 001.1937C, and HP PageWide Managed Printers and HP PageWide Pro Printers before 001.1937D exists; A maliciously crafted print file might cause certain HP Inkjet printers to assert. Under certain circumstances, the printer produces a core dump to a local device." - } - ] - } -} \ No newline at end of file diff --git a/2019/17xxx/CVE-2019-17596.json b/2019/17xxx/CVE-2019-17596.json index 819c9465abf..3a8938ed677 100644 --- a/2019/17xxx/CVE-2019-17596.json +++ b/2019/17xxx/CVE-2019-17596.json @@ -111,11 +111,6 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20210313 [SECURITY] [DLA 2592-1] golang-1.8 security update", "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00015.html" - }, - { - "refsource": "MISC", - "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/10134-security-advisory-46", - "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/10134-security-advisory-46" } ] } diff --git a/2019/18xxx/CVE-2019-18912.json b/2019/18xxx/CVE-2019-18912.json deleted file mode 100644 index 6c47b79614f..00000000000 --- a/2019/18xxx/CVE-2019-18912.json +++ /dev/null @@ -1,74 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2019-18912", - "ASSIGNER": "hp-security-alert@hp.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "HP LaserJet Enterprise Printers", - "version": { - "version_data": [ - { - "version_value": "before FS4: 2409065_000054" - }, - { - "version_value": "before FS4: 2409065_000073" - }, - { - "version_value": "before FS4: 2409065_000082" - }, - { - "version_value": "before FS4: 2409065_000063" - }, - { - "version_value": "before FS4: 2409065_000092" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Potential instability of solution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://support.hp.com/us-en/document/c06513924", - "url": "https://support.hp.com/us-en/document/c06513924" - } - ] - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A potential security vulnerability has been identified for certain HP printers and MFPs with Troy solutions. For affected printers with FutureSmart Firmware bundle version 4.9 or 4.9.0.1 the potential vulnerability may cause instability in the solution." - } - ] - } -} \ No newline at end of file diff --git a/2019/18xxx/CVE-2019-18914.json b/2019/18xxx/CVE-2019-18914.json deleted file mode 100644 index 30a97de46c0..00000000000 --- a/2019/18xxx/CVE-2019-18914.json +++ /dev/null @@ -1,164 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2019-18914", - "ASSIGNER": "hp-security-alert@hp.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "HP Color LaserJet Managed Printers, HP Color LaserJet Enterprise Printers", - "version": { - "version_data": [ - { - "version_value": "before FS3: 2309025_582081" - }, - { - "version_value": "before FS3: 2309025_582082" - }, - { - "version_value": "before FS3: 2309025_582083" - }, - { - "version_value": "before FS3: 2309025_582084" - }, - { - "version_value": "before FS3: 2309025_582085" - }, - { - "version_value": "before FS3: 2309025_582086" - }, - { - "version_value": "before FS3: 2309025_582087" - }, - { - "version_value": "before FS3: 2309025_582088" - }, - { - "version_value": "before FS3: 2309025_582089" - }, - { - "version_value": "before FS3: 2309025_582091" - }, - { - "version_value": "before FS3: 2309025_582092" - }, - { - "version_value": "before FS3: 2309025_582093" - }, - { - "version_value": "before FS3: 2309025_582096" - }, - { - "version_value": "before FS3: 2309025_582097" - }, - { - "version_value": "before FS3: 2309025_582098" - }, - { - "version_value": "before FS3: 2309025_582099" - }, - { - "version_value": "before FS3: 2309025_582101" - }, - { - "version_value": "before FS3: 2309025_582102" - }, - { - "version_value": "before FS3: 2309025_582103" - }, - { - "version_value": "before FS3: 2309025_582104" - }, - { - "version_value": "before FS3: 2309025_582105" - }, - { - "version_value": "before FS3: 2309025_582106" - }, - { - "version_value": "before FS3: 2309025_582108" - }, - { - "version_value": "before FS3: 2309025_582110" - }, - { - "version_value": "before FS3: 2309025_582112" - }, - { - "version_value": "before FS3: 2309025_582113" - }, - { - "version_value": "before FS3: 2309025_582114" - }, - { - "version_value": "before FS4: 2410028_055002" - }, - { - "version_value": "before FS4: 2410028_055003" - }, - { - "version_value": "before FS4: 2410028_055004" - }, - { - "version_value": "before FS4: 2410028_055005" - }, - { - "version_value": "before FS4: 2410028_055006" - }, - { - "version_value": "before FS4: 2410028_055007" - }, - { - "version_value": "before FS4: 2410028_055008" - }, - { - "version_value": "..." - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Cross-Site Scripting" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://support.hp.com/us-en/document/c06546034", - "url": "https://support.hp.com/us-en/document/c06546034" - } - ] - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A potential security vulnerability has been identified for certain HP printers and MFPs that would allow redirection page Cross-Site Scripting in a client\u2019s browser by clicking on a third-party malicious link." - } - ] - } -} \ No newline at end of file diff --git a/2019/18xxx/CVE-2019-18916.json b/2019/18xxx/CVE-2019-18916.json deleted file mode 100644 index 0d78d2bee60..00000000000 --- a/2019/18xxx/CVE-2019-18916.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2019-18916", - "ASSIGNER": "hp-security-alert@hp.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "HP Color LaserJet Pro MFP M277 printers", - "version": { - "version_data": [ - { - "version_value": "before 14.0.15344.534" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "elevation of privilege" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://support.hp.com/us-en/document/c06586963", - "url": "https://support.hp.com/us-en/document/c06586963" - } - ] - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A potential security vulnerability has been identified for HP LaserJet Solution Software (for certain HP LaserJet Printers) which may lead to unauthorized elevation of privilege on the client." - } - ] - } -} \ No newline at end of file diff --git a/2019/19xxx/CVE-2019-19810.json b/2019/19xxx/CVE-2019-19810.json index 34dd8ba5d6c..f3af6baa66e 100644 --- a/2019/19xxx/CVE-2019-19810.json +++ b/2019/19xxx/CVE-2019-19810.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "Zoom Call Recording 6.3.1 from Eleveo is vulnerable to Java Deserialization attacks targeting the inbuilt RMI service. A remote unauthenticated attacker can exploit this vulnerability by sending crafted RMI requests to execute arbitrary code on the target host." + "value": "Zoom Call Recording 6.3.1 from ZOOM International is vulnerable to Java Deserialization attacks targeting the inbuilt RMI service. A remote unauthenticated attacker can exploit this vulnerability by sending crafted RMI requests to execute arbitrary code on the target host." } ] }, @@ -52,6 +52,11 @@ }, "references": { "reference_data": [ + { + "url": "https://support.zoom.us/hc/en-us/articles/201362473-Local-Recording", + "refsource": "MISC", + "name": "https://support.zoom.us/hc/en-us/articles/201362473-Local-Recording" + }, { "refsource": "MISC", "name": "https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-19810-Java%20RMI%20Deserialization-ZoomCallRecording", diff --git a/2019/20xxx/CVE-2019-20455.json b/2019/20xxx/CVE-2019-20455.json index 696374aceda..0b581ed8654 100644 --- a/2019/20xxx/CVE-2019-20455.json +++ b/2019/20xxx/CVE-2019-20455.json @@ -66,11 +66,6 @@ "refsource": "MISC", "name": "https://winterdragon.ca/global-payments-vulnerability/", "url": "https://winterdragon.ca/global-payments-vulnerability/" - }, - { - "refsource": "MISC", - "name": "https://github.com/globalpayments/php-sdk/pull/8", - "url": "https://github.com/globalpayments/php-sdk/pull/8" } ] } diff --git a/2019/5xxx/CVE-2019-5863.json b/2019/5xxx/CVE-2019-5863.json index a3cd7795ddb..846ab49c196 100644 --- a/2019/5xxx/CVE-2019-5863.json +++ b/2019/5xxx/CVE-2019-5863.json @@ -1,18 +1,18 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-5863", "ASSIGNER": "cve@mitre.org", - "STATE": "REJECT" + "ID": "CVE-2019-5863", + "STATE": "RESERVED" }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } -} +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7150.json b/2019/7xxx/CVE-2019-7150.json index d7c56e65186..064d797e0dd 100644 --- a/2019/7xxx/CVE-2019-7150.json +++ b/2019/7xxx/CVE-2019-7150.json @@ -86,11 +86,6 @@ "refsource": "REDHAT", "name": "RHSA-2019:3575", "url": "https://access.redhat.com/errata/RHSA-2019:3575" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211030 [SECURITY] [DLA 2802-1] elfutils security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00030.html" } ] } diff --git a/2019/7xxx/CVE-2019-7164.json b/2019/7xxx/CVE-2019-7164.json index ffab7f55e7f..24c9d27c258 100644 --- a/2019/7xxx/CVE-2019-7164.json +++ b/2019/7xxx/CVE-2019-7164.json @@ -91,11 +91,6 @@ "name": "https://github.com/sqlalchemy/sqlalchemy/issues/4481", "refsource": "MISC", "url": "https://github.com/sqlalchemy/sqlalchemy/issues/4481" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211106 [SECURITY] [DLA 2811-1] sqlalchemy security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00005.html" } ] } diff --git a/2019/7xxx/CVE-2019-7548.json b/2019/7xxx/CVE-2019-7548.json index 4e1fa5f8ea4..3329897ad81 100644 --- a/2019/7xxx/CVE-2019-7548.json +++ b/2019/7xxx/CVE-2019-7548.json @@ -96,11 +96,6 @@ "name": "https://github.com/no-security/sqlalchemy_test", "refsource": "MISC", "url": "https://github.com/no-security/sqlalchemy_test" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211106 [SECURITY] [DLA 2811-1] sqlalchemy security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00005.html" } ] } diff --git a/2019/7xxx/CVE-2019-7572.json b/2019/7xxx/CVE-2019-7572.json index 82ef74128f7..7c59fe93d64 100644 --- a/2019/7xxx/CVE-2019-7572.json +++ b/2019/7xxx/CVE-2019-7572.json @@ -116,11 +116,6 @@ "refsource": "FEDORA", "name": "FEDORA-2020-24652fe41c", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZO47LLKKRXKMUGSRCFNHSTHG5OEBYCG/" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211031 [SECURITY] [DLA 2804-1] libsdl1.2 security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00032.html" } ] } diff --git a/2019/7xxx/CVE-2019-7573.json b/2019/7xxx/CVE-2019-7573.json index d45bdb93ef5..ef8c508a4ab 100644 --- a/2019/7xxx/CVE-2019-7573.json +++ b/2019/7xxx/CVE-2019-7573.json @@ -116,11 +116,6 @@ "refsource": "FEDORA", "name": "FEDORA-2020-24652fe41c", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZO47LLKKRXKMUGSRCFNHSTHG5OEBYCG/" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211031 [SECURITY] [DLA 2804-1] libsdl1.2 security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00032.html" } ] } diff --git a/2019/7xxx/CVE-2019-7574.json b/2019/7xxx/CVE-2019-7574.json index bf8488ad79f..2947b73e53f 100644 --- a/2019/7xxx/CVE-2019-7574.json +++ b/2019/7xxx/CVE-2019-7574.json @@ -116,11 +116,6 @@ "refsource": "FEDORA", "name": "FEDORA-2020-24652fe41c", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZO47LLKKRXKMUGSRCFNHSTHG5OEBYCG/" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211031 [SECURITY] [DLA 2804-1] libsdl1.2 security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00032.html" } ] } diff --git a/2019/7xxx/CVE-2019-7575.json b/2019/7xxx/CVE-2019-7575.json index 1dd8e7076fb..f14d04bd6e5 100644 --- a/2019/7xxx/CVE-2019-7575.json +++ b/2019/7xxx/CVE-2019-7575.json @@ -121,11 +121,6 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20210130 [SECURITY] [DLA 2536-1] libsdl2 security update", "url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00024.html" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211031 [SECURITY] [DLA 2804-1] libsdl1.2 security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00032.html" } ] } diff --git a/2019/7xxx/CVE-2019-7576.json b/2019/7xxx/CVE-2019-7576.json index e25c48ea6b0..c05567da588 100644 --- a/2019/7xxx/CVE-2019-7576.json +++ b/2019/7xxx/CVE-2019-7576.json @@ -116,11 +116,6 @@ "refsource": "FEDORA", "name": "FEDORA-2020-24652fe41c", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZO47LLKKRXKMUGSRCFNHSTHG5OEBYCG/" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211031 [SECURITY] [DLA 2804-1] libsdl1.2 security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00032.html" } ] } diff --git a/2019/7xxx/CVE-2019-7577.json b/2019/7xxx/CVE-2019-7577.json index 24e0941e723..79b84a17a81 100644 --- a/2019/7xxx/CVE-2019-7577.json +++ b/2019/7xxx/CVE-2019-7577.json @@ -131,11 +131,6 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20210130 [SECURITY] [DLA 2536-1] libsdl2 security update", "url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00024.html" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211031 [SECURITY] [DLA 2804-1] libsdl1.2 security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00032.html" } ] } diff --git a/2019/7xxx/CVE-2019-7578.json b/2019/7xxx/CVE-2019-7578.json index 1ed59579cc3..99955986c46 100644 --- a/2019/7xxx/CVE-2019-7578.json +++ b/2019/7xxx/CVE-2019-7578.json @@ -121,11 +121,6 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20210130 [SECURITY] [DLA 2536-1] libsdl2 security update", "url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00024.html" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211031 [SECURITY] [DLA 2804-1] libsdl1.2 security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00032.html" } ] } diff --git a/2019/7xxx/CVE-2019-7635.json b/2019/7xxx/CVE-2019-7635.json index acff68f106c..d5e89abfc3b 100644 --- a/2019/7xxx/CVE-2019-7635.json +++ b/2019/7xxx/CVE-2019-7635.json @@ -151,11 +151,6 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20210130 [SECURITY] [DLA 2536-1] libsdl2 security update", "url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00024.html" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211031 [SECURITY] [DLA 2804-1] libsdl1.2 security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00032.html" } ] } diff --git a/2019/7xxx/CVE-2019-7636.json b/2019/7xxx/CVE-2019-7636.json index 89d71b811be..9272a14ba31 100644 --- a/2019/7xxx/CVE-2019-7636.json +++ b/2019/7xxx/CVE-2019-7636.json @@ -126,11 +126,6 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20210130 [SECURITY] [DLA 2536-1] libsdl2 security update", "url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00024.html" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211031 [SECURITY] [DLA 2804-1] libsdl1.2 security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00032.html" } ] } diff --git a/2019/7xxx/CVE-2019-7637.json b/2019/7xxx/CVE-2019-7637.json index 78064957143..48062a765f9 100644 --- a/2019/7xxx/CVE-2019-7637.json +++ b/2019/7xxx/CVE-2019-7637.json @@ -126,16 +126,6 @@ "refsource": "FEDORA", "name": "FEDORA-2020-24652fe41c", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZO47LLKKRXKMUGSRCFNHSTHG5OEBYCG/" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211031 [SECURITY] [DLA 2803-1] libsdl2 security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00031.html" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211031 [SECURITY] [DLA 2804-1] libsdl1.2 security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00032.html" } ] } diff --git a/2019/7xxx/CVE-2019-7638.json b/2019/7xxx/CVE-2019-7638.json index 77bce3b7023..c308106cb32 100644 --- a/2019/7xxx/CVE-2019-7638.json +++ b/2019/7xxx/CVE-2019-7638.json @@ -121,11 +121,6 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20210130 [SECURITY] [DLA 2536-1] libsdl2 security update", "url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00024.html" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211031 [SECURITY] [DLA 2804-1] libsdl1.2 security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00032.html" } ] } diff --git a/2019/7xxx/CVE-2019-7665.json b/2019/7xxx/CVE-2019-7665.json index 46a3c602d41..9236c7fdb09 100644 --- a/2019/7xxx/CVE-2019-7665.json +++ b/2019/7xxx/CVE-2019-7665.json @@ -86,11 +86,6 @@ "refsource": "REDHAT", "name": "RHSA-2019:3575", "url": "https://access.redhat.com/errata/RHSA-2019:3575" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211030 [SECURITY] [DLA 2802-1] elfutils security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00030.html" } ] } diff --git a/2019/9xxx/CVE-2019-9704.json b/2019/9xxx/CVE-2019-9704.json index a00d260df03..9014f64252e 100644 --- a/2019/9xxx/CVE-2019-9704.json +++ b/2019/9xxx/CVE-2019-9704.json @@ -71,11 +71,6 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20190321 [SECURITY] [DLA 1723-1] cron security update", "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00025.html" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211030 [SECURITY] [DLA 2801-1] cron security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00029.html" } ] } diff --git a/2019/9xxx/CVE-2019-9705.json b/2019/9xxx/CVE-2019-9705.json index 1e4be3b9455..9d980a89628 100644 --- a/2019/9xxx/CVE-2019-9705.json +++ b/2019/9xxx/CVE-2019-9705.json @@ -71,11 +71,6 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20190321 [SECURITY] [DLA 1723-1] cron security update", "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00025.html" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211030 [SECURITY] [DLA 2801-1] cron security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00029.html" } ] } diff --git a/2019/9xxx/CVE-2019-9706.json b/2019/9xxx/CVE-2019-9706.json index 5605db20517..4f890cdc1d3 100644 --- a/2019/9xxx/CVE-2019-9706.json +++ b/2019/9xxx/CVE-2019-9706.json @@ -71,11 +71,6 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20190321 [SECURITY] [DLA 1723-1] cron security update", "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00025.html" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211030 [SECURITY] [DLA 2801-1] cron security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00029.html" } ] } diff --git a/2020/0xxx/CVE-2020-0110.json b/2020/0xxx/CVE-2020-0110.json index d98e53d1502..7b291f8d28b 100644 --- a/2020/0xxx/CVE-2020-0110.json +++ b/2020/0xxx/CVE-2020-0110.json @@ -48,11 +48,6 @@ "refsource": "MISC", "name": "https://source.android.com/security/bulletin/2020-05-01", "url": "https://source.android.com/security/bulletin/2020-05-01" - }, - { - "refsource": "CONFIRM", - "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00533.html", - "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00533.html" } ] }, diff --git a/2020/0xxx/CVE-2020-0822.json b/2020/0xxx/CVE-2020-0822.json index 3de861266df..22580884a24 100644 --- a/2020/0xxx/CVE-2020-0822.json +++ b/2020/0xxx/CVE-2020-0822.json @@ -245,7 +245,52 @@ "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0822", "refsource": "MISC", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0822" + }, + { + "refsource": "MLIST", + "name": "[axis-java-dev] 20210228 axis2 1.7.9 is exposed to CVE-2020-8022 via tomcat dependency", + "url": "https://lists.apache.org/thread.html/r5be80ba868a11a1f64e4922399f171b8619bca4bc2039f79cf913928@%3Cjava-dev.axis.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[axis-java-dev] 20210307 Re: axis2 1.7.9 is exposed to CVE-2020-8022 via tomcat dependency", + "url": "https://lists.apache.org/thread.html/r393d4f431683e99c839b4aed68f720b8583bca6c35cd84adccaa02be@%3Cjava-dev.axis.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[axis-java-user] 20210419 Re: Axis2 1.8.0 Release timelines", + "url": "https://lists.apache.org/thread.html/r492afeeeb1bfe484f2f4a1f5d296eee49b13eb0c579ac460e3d7d957@%3Cjava-user.axis.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[axis-java-user] 20210419 RE: Axis2 1.8.0 Release timelines", + "url": "https://lists.apache.org/thread.html/r31d9c450e6d84e82e85c2dd1a7586f56ae4ed6776e5b8765c30fe2ac@%3Cjava-user.axis.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[axis-java-dev] 20210525 [jira] [Created] (AXIS2-6002) AXIS 2 1.7.9 jars with vulnerability CVE-2020-0822", + "url": "https://lists.apache.org/thread.html/r02687681920bb91816b735cc48847eef77c473a749678d855fbb565d@%3Cjava-dev.axis.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[axis-java-dev] 20210525 [jira] [Closed] (AXIS2-6002) AXIS 2 1.7.9 jars with vulnerability CVE-2020-0822", + "url": "https://lists.apache.org/thread.html/r258f18d563859c0ef9584fd7341426bd14f5042bdf7e7bc396d91272@%3Cjava-dev.axis.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[tomcat-dev] 20210823 [Bug 65517] New: upgrade to axis2-adb 1.8.0 to address CVE-2020-0822", + "url": "https://lists.apache.org/thread.html/rf3058e80123e804b74face024752c1ded5213e63011de139f25977bc@%3Cdev.tomcat.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[tomcat-dev] 20210823 [Bug 65517] upgrade to axis2-adb 1.8.0 to address CVE-2020-0822", + "url": "https://lists.apache.org/thread.html/r6dbbfd80c4b335685e2a561f85013593e7b99934d4cdfc5fc129f4ce@%3Cdev.tomcat.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[tomcat-dev] 20210915 [Bug 65517] upgrade to axis2-adb 1.8.0 to address CVE-2020-0822", + "url": "https://lists.apache.org/thread.html/reddd31784f5cf8dfb80e473ae1d4f0f28a8367362bd7edaeb2988f86@%3Cdev.tomcat.apache.org%3E" } ] } -} +} \ No newline at end of file diff --git a/2020/10xxx/CVE-2020-10001.json b/2020/10xxx/CVE-2020-10001.json index 2f83146a8c4..f99a402a1e8 100644 --- a/2020/10xxx/CVE-2020-10001.json +++ b/2020/10xxx/CVE-2020-10001.json @@ -49,11 +49,6 @@ "refsource": "MISC", "url": "https://support.apple.com/en-us/HT212011", "name": "https://support.apple.com/en-us/HT212011" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211030 [SECURITY] [DLA 2800-1] cups security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00027.html" } ] }, diff --git a/2020/10xxx/CVE-2020-10052.json b/2020/10xxx/CVE-2020-10052.json index d85f4c66168..1b3cc2133f5 100644 --- a/2020/10xxx/CVE-2020-10052.json +++ b/2020/10xxx/CVE-2020-10052.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "productcert@siemens.com", - "ID": "CVE-2020-10052", - "STATE": "PUBLIC" - }, + "data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", - "data_type": "CVE", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Siemens", - "product": { - "product_data": [ - { - "product_name": "SIMATIC RTLS Locating Manager", - "version": { - "version_data": [ - { - "version_value": "All versions < V2.12" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-532: Insertion of Sensitive Information into Log File" - } - ] - } - ] + "CVE_data_meta": { + "ID": "CVE-2020-10052", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.12). The affected application writes sensitive data, such as usernames and passwords in log files. A local attacker with access to the log files could use this information to launch further attacks." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-145157.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-145157.pdf" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/10xxx/CVE-2020-10053.json b/2020/10xxx/CVE-2020-10053.json index 614b919a6c6..138d9147af1 100644 --- a/2020/10xxx/CVE-2020-10053.json +++ b/2020/10xxx/CVE-2020-10053.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "productcert@siemens.com", - "ID": "CVE-2020-10053", - "STATE": "PUBLIC" - }, + "data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", - "data_type": "CVE", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Siemens", - "product": { - "product_data": [ - { - "product_name": "SIMATIC RTLS Locating Manager", - "version": { - "version_data": [ - { - "version_value": "All versions < V2.12" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-312: Cleartext Storage of Sensitive Information" - } - ] - } - ] + "CVE_data_meta": { + "ID": "CVE-2020-10053", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.12). The affected application writes sensitive data, such as database credentials in configuration files. A local attacker with access to the configuration files could use this information to launch further attacks." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-145157.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-145157.pdf" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/10xxx/CVE-2020-10054.json b/2020/10xxx/CVE-2020-10054.json index dacc3c07b7a..f7a4849b748 100644 --- a/2020/10xxx/CVE-2020-10054.json +++ b/2020/10xxx/CVE-2020-10054.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "productcert@siemens.com", - "ID": "CVE-2020-10054", - "STATE": "PUBLIC" - }, + "data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", - "data_type": "CVE", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Siemens", - "product": { - "product_data": [ - { - "product_name": "SIMATIC RTLS Locating Manager", - "version": { - "version_data": [ - { - "version_value": "All versions < V2.12" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-20: Improper Input Validation" - } - ] - } - ] + "CVE_data_meta": { + "ID": "CVE-2020-10054", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.12). The affected application does not properly handle the import of large configuration files. A local attacker could import a specially crafted file which could lead to a denial-of-service condition of the application service." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-145157.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-145157.pdf" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/10xxx/CVE-2020-10188.json b/2020/10xxx/CVE-2020-10188.json index e1193c52979..443d560ff33 100644 --- a/2020/10xxx/CVE-2020-10188.json +++ b/2020/10xxx/CVE-2020-10188.json @@ -96,11 +96,6 @@ "url": "https://github.com/krb5/krb5-appl/blob/d00cd671dfe945791b33d4f1f6a5c57ae1667ef8/telnet/telnetd/utility.c#L205-L216", "refsource": "MISC", "name": "https://github.com/krb5/krb5-appl/blob/d00cd671dfe945791b33d4f1f6a5c57ae1667ef8/telnet/telnetd/utility.c#L205-L216" - }, - { - "refsource": "MISC", - "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/10702-security-advisory-48", - "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/10702-security-advisory-48" } ] } diff --git a/2020/11xxx/CVE-2020-11022.json b/2020/11xxx/CVE-2020-11022.json index 4b3ffcf9cb3..2a8e0631a35 100644 --- a/2020/11xxx/CVE-2020-11022.json +++ b/2020/11xxx/CVE-2020-11022.json @@ -258,11 +258,6 @@ "url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpuoct2021.html" - }, - { - "refsource": "MLIST", - "name": "[flink-issues] 20211031 [jira] [Updated] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", - "url": "https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E" } ] }, diff --git a/2020/11xxx/CVE-2020-11023.json b/2020/11xxx/CVE-2020-11023.json index d379dadf7f1..bfb320c4295 100644 --- a/2020/11xxx/CVE-2020-11023.json +++ b/2020/11xxx/CVE-2020-11023.json @@ -368,11 +368,6 @@ "url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpuoct2021.html" - }, - { - "refsource": "MLIST", - "name": "[flink-issues] 20211031 [jira] [Updated] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", - "url": "https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E" } ] }, diff --git a/2020/12xxx/CVE-2020-12814.json b/2020/12xxx/CVE-2020-12814.json index 8477f35dc0b..3622039f62f 100644 --- a/2020/12xxx/CVE-2020-12814.json +++ b/2020/12xxx/CVE-2020-12814.json @@ -4,74 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-12814", - "ASSIGNER": "psirt@fortinet.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Fortinet", - "product": { - "product_data": [ - { - "product_name": "Fortinet FortiAnalyzer", - "version": { - "version_data": [ - { - "version_value": "FortiAnalyzer 6.4.4, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0" - } - ] - } - } - ] - } - } - ] - } - }, - "impact": { - "cvss": { - "attackComplexity": "Low", - "attackVector": "Network", - "availabilityImpact": "None", - "baseScore": 4.1, - "baseSeverity": "Medium", - "confidentialityImpact": "None", - "integrityImpact": "Low", - "privilegesRequired": "Low", - "scope": "Changed", - "userInteraction": "Required", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N/E:X/RL:X/RC:X", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Execute unauthorized code or commands" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "CONFIRM", - "name": "https://fortiguard.com/advisory/FG-IR-20-092", - "url": "https://fortiguard.com/advisory/FG-IR-20-092" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiAnalyzer version 6.0.6 and below, version 6.4.4 allows attacker to execute unauthorized code or commands via specifically crafted requests to the web GUI." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/14xxx/CVE-2020-14144.json b/2020/14xxx/CVE-2020-14144.json index 60975779c0f..fbe3576a7dc 100644 --- a/2020/14xxx/CVE-2020-14144.json +++ b/2020/14xxx/CVE-2020-14144.json @@ -86,11 +86,6 @@ "refsource": "MISC", "name": "https://github.com/PandatiX/CVE-2021-28378", "url": "https://github.com/PandatiX/CVE-2021-28378" - }, - { - "refsource": "MISC", - "name": "https://github.com/PandatiX/CVE-2021-28378#notes", - "url": "https://github.com/PandatiX/CVE-2021-28378#notes" } ] } diff --git a/2020/14xxx/CVE-2020-14933.json b/2020/14xxx/CVE-2020-14933.json index ead3226f5de..604300ce675 100644 --- a/2020/14xxx/CVE-2020-14933.json +++ b/2020/14xxx/CVE-2020-14933.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "** DISPUTED ** compose.php in SquirrelMail 1.4.22 calls unserialize for the $attachments value, which originates from an HTTP POST request. NOTE: the vendor disputes this because these two conditions for PHP object injection are not satisfied: existence of a PHP magic method (such as __wakeup or __destruct), and any attack-relevant classes must be declared before unserialize is called (or must be autoloaded). ." + "value": "compose.php in SquirrelMail 1.4.22 calls unserialize for the $attachments value, which originates from an HTTP POST request." } ] }, diff --git a/2020/15xxx/CVE-2020-15225.json b/2020/15xxx/CVE-2020-15225.json index 5c8e1cca8a3..e6cb64cd8ce 100644 --- a/2020/15xxx/CVE-2020-15225.json +++ b/2020/15xxx/CVE-2020-15225.json @@ -98,11 +98,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-f213fea441", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DPHENTRHRAYFXYPPBT7JRHZRWILRY44S/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-1acbee2459", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FAT2ZAEF6DM3VFSOHKB7X3ASSHGQHJAK/" } ] }, diff --git a/2020/15xxx/CVE-2020-15795.json b/2020/15xxx/CVE-2020-15795.json index ac9ac00cd33..da36b26f4a2 100644 --- a/2020/15xxx/CVE-2020-15795.json +++ b/2020/15xxx/CVE-2020-15795.json @@ -14,16 +14,6 @@ "vendor_name": "Siemens", "product": { "product_data": [ - { - "product_name": "Capital VSTAR", - "version": { - "version_data": [ - { - "version_value": "Versions including affected DNS modules" - } - ] - } - }, { "product_name": "Nucleus NET", "version": { @@ -34,12 +24,32 @@ ] } }, + { + "product_name": "Nucleus RTOS", + "version": { + "version_data": [ + { + "version_value": "versions including affected DNS modules" + } + ] + } + }, { "product_name": "Nucleus Source Code", "version": { "version_data": [ { - "version_value": "Versions including affected DNS modules" + "version_value": "versions including affected DNS modules" + } + ] + } + }, + { + "product_name": "VSTAR", + "version": { + "version_data": [ + { + "version_value": "versions including affected DNS modules" } ] } @@ -66,7 +76,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in Capital VSTAR (Versions including affected DNS modules), Nucleus NET (All versions < V5.2), Nucleus Source Code (Versions including affected DNS modules). The DNS domain name label parsing functionality does not properly validate the names in DNS-responses. The parsing of malformed responses could result in a write past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to execute code in the context of the current process or cause a denial-of-service condition." + "value": "A vulnerability has been identified in Nucleus NET (All versions < V5.2), Nucleus RTOS (versions including affected DNS modules), Nucleus Source Code (versions including affected DNS modules), VSTAR (versions including affected DNS modules). The DNS domain name label parsing functionality does not properly validate the names in DNS-responses. The parsing of malformed responses could result in a write past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to execute code in the context of the current process or cause a denial-of-service condition." } ] }, diff --git a/2020/15xxx/CVE-2020-15935.json b/2020/15xxx/CVE-2020-15935.json index a0f83946c97..af0d9a38e4f 100644 --- a/2020/15xxx/CVE-2020-15935.json +++ b/2020/15xxx/CVE-2020-15935.json @@ -4,74 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-15935", - "ASSIGNER": "psirt@fortinet.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Fortinet", - "product": { - "product_data": [ - { - "product_name": "Fortinet FortiADC", - "version": { - "version_data": [ - { - "version_value": "FortiADC 5.4.3 6.0.0" - } - ] - } - } - ] - } - } - ] - } - }, - "impact": { - "cvss": { - "attackComplexity": "Low", - "attackVector": "Network", - "availabilityImpact": "None", - "baseScore": 4.2, - "baseSeverity": "Medium", - "confidentialityImpact": "Low", - "integrityImpact": "None", - "privilegesRequired": "Low", - "scope": "Unchanged", - "userInteraction": "None", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:F/RL:X/RC:X", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Information disclosure" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "CONFIRM", - "name": "https://fortiguard.com/advisory/FG-IR-20-044", - "url": "https://fortiguard.com/advisory/FG-IR-20-044" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A cleartext storage of sensitive information in GUI in FortiADC versions 5.4.3 and below, 6.0.0 and below may allow a remote authenticated attacker to retrieve some sensitive information such as users LDAP passwords and RADIUS shared secret by deobfuscating the passwords entry fields." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/15xxx/CVE-2020-15940.json b/2020/15xxx/CVE-2020-15940.json index 2e80c41cf18..d9faa8b5189 100644 --- a/2020/15xxx/CVE-2020-15940.json +++ b/2020/15xxx/CVE-2020-15940.json @@ -4,74 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-15940", - "ASSIGNER": "psirt@fortinet.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Fortinet", - "product": { - "product_data": [ - { - "product_name": "Fortinet FortiClientEMS", - "version": { - "version_data": [ - { - "version_value": "FortiClientEMS 6.4.1, 6.4.0, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.8, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0" - } - ] - } - } - ] - } - } - ] - } - }, - "impact": { - "cvss": { - "attackComplexity": "Low", - "attackVector": "Network", - "availabilityImpact": "None", - "baseScore": 4.0, - "baseSeverity": "Medium", - "confidentialityImpact": "None", - "integrityImpact": "Low", - "privilegesRequired": "Low", - "scope": "Changed", - "userInteraction": "Required", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N/E:F/RL:X/RC:X", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Execute unauthorized code or commands" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "CONFIRM", - "name": "https://fortiguard.com/advisory/FG-IR-20-067", - "url": "https://fortiguard.com/advisory/FG-IR-20-067" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "An improper neutralization of input vulnerability [CWE-79] in FortiClientEMS versions 6.4.1 and below and 6.2.9 and below may allow a remote authenticated attacker to inject malicious script/tags via the name parameter of various sections of the server." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/16xxx/CVE-2020-16048.json b/2020/16xxx/CVE-2020-16048.json index 1a44677a23a..d40ebfe1a14 100644 --- a/2020/16xxx/CVE-2020-16048.json +++ b/2020/16xxx/CVE-2020-16048.json @@ -4,58 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-16048", - "ASSIGNER": "chrome-cve-admin@google.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Out of bounds read" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://crbug.com/1174641", - "refsource": "MISC", - "name": "https://crbug.com/1174641" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Out of bounds read in ANGLE allowed a remote attacker to obtain sensitive data via a crafted HTML page." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/18xxx/CVE-2020-18259.json b/2020/18xxx/CVE-2020-18259.json index 615c07c8b3a..122577085f6 100644 --- a/2020/18xxx/CVE-2020-18259.json +++ b/2020/18xxx/CVE-2020-18259.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-18259", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-18259", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "ED01-CMS v1.0 was discovered to contain a reflective cross-site scripting (XSS) vulnerability in the component sposts.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the Post title or Post content fields." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/chilin89117/ED01-CMS/issues/1", - "refsource": "MISC", - "name": "https://github.com/chilin89117/ED01-CMS/issues/1" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/18xxx/CVE-2020-18261.json b/2020/18xxx/CVE-2020-18261.json index de0284ceb22..15995beaf46 100644 --- a/2020/18xxx/CVE-2020-18261.json +++ b/2020/18xxx/CVE-2020-18261.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-18261", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-18261", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "An arbitrary file upload vulnerability in the image upload function of ED01-CMS v1.0 allows attackers to execute arbitrary commands." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/chilin89117/ED01-CMS/issues/2", - "refsource": "MISC", - "name": "https://github.com/chilin89117/ED01-CMS/issues/2" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/18xxx/CVE-2020-18262.json b/2020/18xxx/CVE-2020-18262.json index 1835f0d31fd..fcedacaebfd 100644 --- a/2020/18xxx/CVE-2020-18262.json +++ b/2020/18xxx/CVE-2020-18262.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-18262", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-18262", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "ED01-CMS v1.0 was discovered to contain a SQL injection in the component cposts.php via the cid parameter." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/chilin89117/ED01-CMS/issues/3", - "refsource": "MISC", - "name": "https://github.com/chilin89117/ED01-CMS/issues/3" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/18xxx/CVE-2020-18263.json b/2020/18xxx/CVE-2020-18263.json index ffbb9a891ff..987b5e1b02d 100644 --- a/2020/18xxx/CVE-2020-18263.json +++ b/2020/18xxx/CVE-2020-18263.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-18263", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-18263", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "PHP-CMS v1.0 was discovered to contain a SQL injection vulnerability in the component search.php via the search parameter. This vulnerability allows attackers to access sensitive database information." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/harshitbansal373/PHP-CMS/issues/1", - "refsource": "MISC", - "name": "https://github.com/harshitbansal373/PHP-CMS/issues/1" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/18xxx/CVE-2020-18438.json b/2020/18xxx/CVE-2020-18438.json index 8be8efc3ffe..5735252f156 100644 --- a/2020/18xxx/CVE-2020-18438.json +++ b/2020/18xxx/CVE-2020-18438.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-18438", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-18438", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Directory traversal vulnerability in qinggan phpok 5.1, allows attackers to disclose sensitive information, via the title parameter to admin.php." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/qinggan/phpok/issues/4", - "refsource": "MISC", - "name": "https://github.com/qinggan/phpok/issues/4" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/18xxx/CVE-2020-18439.json b/2020/18xxx/CVE-2020-18439.json index 0cab82cfb51..70c45683111 100644 --- a/2020/18xxx/CVE-2020-18439.json +++ b/2020/18xxx/CVE-2020-18439.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-18439", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-18439", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "An issue was discoverered in in function edit_save_f in framework/admin/tpl_control.php in qinggan phpok 5.1, allows attackers to write arbitrary files or get a shell." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/qinggan/phpok/issues/4", - "refsource": "MISC", - "name": "https://github.com/qinggan/phpok/issues/4" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/18xxx/CVE-2020-18440.json b/2020/18xxx/CVE-2020-18440.json index b437ae4f951..6cbc0e4119f 100644 --- a/2020/18xxx/CVE-2020-18440.json +++ b/2020/18xxx/CVE-2020-18440.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-18440", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-18440", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Buffer overflow vulnerability in framework/init.php in qinggan phpok 5.1, allows attackers to execute arbitrary code." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/qinggan/phpok/issues/4", - "refsource": "MISC", - "name": "https://github.com/qinggan/phpok/issues/4" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/19xxx/CVE-2020-19143.json b/2020/19xxx/CVE-2020-19143.json index 069b9636bda..47ac4e068e5 100644 --- a/2020/19xxx/CVE-2020-19143.json +++ b/2020/19xxx/CVE-2020-19143.json @@ -71,11 +71,6 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20211004-0005/", "url": "https://security.netapp.com/advisory/ntap-20211004-0005/" - }, - { - "refsource": "DEBIAN", - "name": "DSA-4997", - "url": "https://www.debian.org/security/2021/dsa-4997" } ] } diff --git a/2020/20xxx/CVE-2020-20445.json b/2020/20xxx/CVE-2020-20445.json index dd111f8a273..89c25ea5d63 100644 --- a/2020/20xxx/CVE-2020-20445.json +++ b/2020/20xxx/CVE-2020-20445.json @@ -61,11 +61,6 @@ "refsource": "DEBIAN", "name": "DSA-4990", "url": "https://www.debian.org/security/2021/dsa-4990" - }, - { - "refsource": "DEBIAN", - "name": "DSA-4998", - "url": "https://www.debian.org/security/2021/dsa-4998" } ] } diff --git a/2020/20xxx/CVE-2020-20446.json b/2020/20xxx/CVE-2020-20446.json index 55722cf3784..9b8586de5a4 100644 --- a/2020/20xxx/CVE-2020-20446.json +++ b/2020/20xxx/CVE-2020-20446.json @@ -61,11 +61,6 @@ "refsource": "DEBIAN", "name": "DSA-4990", "url": "https://www.debian.org/security/2021/dsa-4990" - }, - { - "refsource": "DEBIAN", - "name": "DSA-4998", - "url": "https://www.debian.org/security/2021/dsa-4998" } ] } diff --git a/2020/20xxx/CVE-2020-20450.json b/2020/20xxx/CVE-2020-20450.json index ace2667e5cc..d40bcc8abb3 100644 --- a/2020/20xxx/CVE-2020-20450.json +++ b/2020/20xxx/CVE-2020-20450.json @@ -56,11 +56,6 @@ "url": "https://trac.ffmpeg.org/ticket/7993", "refsource": "MISC", "name": "https://trac.ffmpeg.org/ticket/7993" - }, - { - "refsource": "DEBIAN", - "name": "DSA-4998", - "url": "https://www.debian.org/security/2021/dsa-4998" } ] } diff --git a/2020/20xxx/CVE-2020-20453.json b/2020/20xxx/CVE-2020-20453.json index 9f1e70cbd4e..c8b31691136 100644 --- a/2020/20xxx/CVE-2020-20453.json +++ b/2020/20xxx/CVE-2020-20453.json @@ -61,11 +61,6 @@ "refsource": "DEBIAN", "name": "DSA-4990", "url": "https://www.debian.org/security/2021/dsa-4990" - }, - { - "refsource": "DEBIAN", - "name": "DSA-4998", - "url": "https://www.debian.org/security/2021/dsa-4998" } ] } diff --git a/2020/20xxx/CVE-2020-20657.json b/2020/20xxx/CVE-2020-20657.json index 61d696954ea..afe0b5b4213 100644 --- a/2020/20xxx/CVE-2020-20657.json +++ b/2020/20xxx/CVE-2020-20657.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-20657", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-20657", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Buffer overflow vulnerability in fcovatti libiec_iccp_mod v1.5, allows attackers to cause a denial of service via an unexpected packet while trying to connect." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/fcovatti/libiec_iccp_mod/issues/1", - "refsource": "MISC", - "name": "https://github.com/fcovatti/libiec_iccp_mod/issues/1" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/20xxx/CVE-2020-20658.json b/2020/20xxx/CVE-2020-20658.json index a056f132956..f44169a99ff 100644 --- a/2020/20xxx/CVE-2020-20658.json +++ b/2020/20xxx/CVE-2020-20658.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-20658", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-20658", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Buffer overflow vulnerability in fcovatti libiec_iccp_mod v1.5, allows attackers to cause a denail of service when trying to calloc an unexpectiedly large space." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/fcovatti/libiec_iccp_mod/issues/2", - "refsource": "MISC", - "name": "https://github.com/fcovatti/libiec_iccp_mod/issues/2" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/20xxx/CVE-2020-20982.json b/2020/20xxx/CVE-2020-20982.json index fea0971aa51..994eab69ba5 100644 --- a/2020/20xxx/CVE-2020-20982.json +++ b/2020/20xxx/CVE-2020-20982.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-20982", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-20982", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Cross Site Scripting (XSS) vulnerability in shadoweb wdja v1.5.1, allows attackers to execute arbitrary code and gain escalated privileges, via the backurl parameter to /php/passport/index.php." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/shadoweb/wdja/issues/1", - "refsource": "MISC", - "name": "https://github.com/shadoweb/wdja/issues/1" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/21xxx/CVE-2020-21139.json b/2020/21xxx/CVE-2020-21139.json index 0bb91ee3c71..9dbd115198c 100644 --- a/2020/21xxx/CVE-2020-21139.json +++ b/2020/21xxx/CVE-2020-21139.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-21139", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-21139", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "EC Cloud E-Commerce System v1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily add admin accounts via /admin.html?do=user&act=add." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/Ryan0lb/EC-cloud-e-commerce-system-CVE-application/blob/master/README.md", - "refsource": "MISC", - "name": "https://github.com/Ryan0lb/EC-cloud-e-commerce-system-CVE-application/blob/master/README.md" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/21xxx/CVE-2020-21572.json b/2020/21xxx/CVE-2020-21572.json index cbc53041711..dec2bdc0625 100644 --- a/2020/21xxx/CVE-2020-21572.json +++ b/2020/21xxx/CVE-2020-21572.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-21572", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-21572", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Buffer overflow vulnerability in function src_parser_trans_stage_1_2_3 trgil gilcc before commit 803969389ca9c06237075a7f8eeb1a19e6651759, allows attackers to cause a denial of service." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/trgil/gilcc/issues/1", - "refsource": "MISC", - "name": "https://github.com/trgil/gilcc/issues/1" - }, - { - "refsource": "MISC", - "name": "https://github.com/trgil/gilcc/commit/803969389ca9c06237075a7f8eeb1a19e6651759", - "url": "https://github.com/trgil/gilcc/commit/803969389ca9c06237075a7f8eeb1a19e6651759" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/21xxx/CVE-2020-21573.json b/2020/21xxx/CVE-2020-21573.json index 2b7bb91d094..3d9047ad13e 100644 --- a/2020/21xxx/CVE-2020-21573.json +++ b/2020/21xxx/CVE-2020-21573.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-21573", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-21573", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "An issue was discoverered in in abhijitnathwani image-processing v0.1.0, allows local attackers to cause a denial of service via a crafted image file." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/abhijitnathwani/image-processing/issues/3", - "refsource": "MISC", - "name": "https://github.com/abhijitnathwani/image-processing/issues/3" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/21xxx/CVE-2020-21574.json b/2020/21xxx/CVE-2020-21574.json index 73b834692a2..161055b5454 100644 --- a/2020/21xxx/CVE-2020-21574.json +++ b/2020/21xxx/CVE-2020-21574.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-21574", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-21574", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Buffer overflow vulnerability in YotsuyaNight c-http v0.1.0, allows attackers to cause a denial of service via a long url request which is passed to the delimitedread function." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/YotsuyaNight/c-http/issues/1", - "refsource": "MISC", - "name": "https://github.com/YotsuyaNight/c-http/issues/1" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/21xxx/CVE-2020-21688.json b/2020/21xxx/CVE-2020-21688.json index 0e42c9b57df..72fc4504093 100644 --- a/2020/21xxx/CVE-2020-21688.json +++ b/2020/21xxx/CVE-2020-21688.json @@ -56,11 +56,6 @@ "url": "https://trac.ffmpeg.org/ticket/8186", "refsource": "MISC", "name": "https://trac.ffmpeg.org/ticket/8186" - }, - { - "refsource": "DEBIAN", - "name": "DSA-4998", - "url": "https://www.debian.org/security/2021/dsa-4998" } ] } diff --git a/2020/21xxx/CVE-2020-21697.json b/2020/21xxx/CVE-2020-21697.json index 7fea35caf6e..e9e8fe0d680 100644 --- a/2020/21xxx/CVE-2020-21697.json +++ b/2020/21xxx/CVE-2020-21697.json @@ -56,11 +56,6 @@ "url": "https://trac.ffmpeg.org/ticket/8188", "refsource": "MISC", "name": "https://trac.ffmpeg.org/ticket/8188" - }, - { - "refsource": "DEBIAN", - "name": "DSA-4998", - "url": "https://www.debian.org/security/2021/dsa-4998" } ] } diff --git a/2020/22xxx/CVE-2020-22037.json b/2020/22xxx/CVE-2020-22037.json index 11673799047..57d82d0f4c4 100644 --- a/2020/22xxx/CVE-2020-22037.json +++ b/2020/22xxx/CVE-2020-22037.json @@ -61,11 +61,6 @@ "refsource": "DEBIAN", "name": "DSA-4990", "url": "https://www.debian.org/security/2021/dsa-4990" - }, - { - "refsource": "DEBIAN", - "name": "DSA-4998", - "url": "https://www.debian.org/security/2021/dsa-4998" } ] } diff --git a/2020/22xxx/CVE-2020-22042.json b/2020/22xxx/CVE-2020-22042.json index dcd0be8aa0d..a6b57986593 100644 --- a/2020/22xxx/CVE-2020-22042.json +++ b/2020/22xxx/CVE-2020-22042.json @@ -56,11 +56,6 @@ "url": "https://trac.ffmpeg.org/ticket/8267", "refsource": "MISC", "name": "https://trac.ffmpeg.org/ticket/8267" - }, - { - "refsource": "DEBIAN", - "name": "DSA-4998", - "url": "https://www.debian.org/security/2021/dsa-4998" } ] } diff --git a/2020/22xxx/CVE-2020-22222.json b/2020/22xxx/CVE-2020-22222.json index 8bad3708836..d154052f0e0 100644 --- a/2020/22xxx/CVE-2020-22222.json +++ b/2020/22xxx/CVE-2020-22222.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-22222", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-22222", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the pjActionLoadCss function." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://pastebin.com/cZFwMb5F", - "refsource": "MISC", - "name": "https://pastebin.com/cZFwMb5F" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/22xxx/CVE-2020-22223.json b/2020/22xxx/CVE-2020-22223.json index 6f7a7b4b62f..cd043520d71 100644 --- a/2020/22xxx/CVE-2020-22223.json +++ b/2020/22xxx/CVE-2020-22223.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-22223", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-22223", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerability via the pjActionLoad function." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://pastebin.com/cZFwMb5F", - "refsource": "MISC", - "name": "https://pastebin.com/cZFwMb5F" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/22xxx/CVE-2020-22224.json b/2020/22xxx/CVE-2020-22224.json index ea80e9ca068..0beb2981885 100644 --- a/2020/22xxx/CVE-2020-22224.json +++ b/2020/22xxx/CVE-2020-22224.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-22224", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-22224", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the pjActionPreview function." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://pastebin.com/cZFwMb5F", - "refsource": "MISC", - "name": "https://pastebin.com/cZFwMb5F" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/22xxx/CVE-2020-22225.json b/2020/22xxx/CVE-2020-22225.json index 0e4a1dfde64..0d8f6444d10 100644 --- a/2020/22xxx/CVE-2020-22225.json +++ b/2020/22xxx/CVE-2020-22225.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-22225", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-22225", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerability via the pjActionLoadForm function." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://pastebin.com/cZFwMb5F", - "refsource": "MISC", - "name": "https://pastebin.com/cZFwMb5F" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/22xxx/CVE-2020-22226.json b/2020/22xxx/CVE-2020-22226.json index 7d95c9262b1..344ac50d808 100644 --- a/2020/22xxx/CVE-2020-22226.json +++ b/2020/22xxx/CVE-2020-22226.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-22226", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-22226", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerability via the pjActionSetAmount function." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://pastebin.com/cZFwMb5F", - "refsource": "MISC", - "name": "https://pastebin.com/cZFwMb5F" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/23xxx/CVE-2020-23109.json b/2020/23xxx/CVE-2020-23109.json index 16426b7912a..732ad3a34fc 100644 --- a/2020/23xxx/CVE-2020-23109.json +++ b/2020/23xxx/CVE-2020-23109.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-23109", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-23109", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Buffer overflow vulnerability in function convert_colorspace in heif_colorconversion.cc in libheif v1.6.2, allows attackers to cause a denial of service and disclose sensitive information, via a crafted HEIF file." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/strukturag/libheif/issues/207", - "refsource": "MISC", - "name": "https://github.com/strukturag/libheif/issues/207" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/23xxx/CVE-2020-23126.json b/2020/23xxx/CVE-2020-23126.json index 80f7f4b64e6..cf1ec253836 100644 --- a/2020/23xxx/CVE-2020-23126.json +++ b/2020/23xxx/CVE-2020-23126.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-23126", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-23126", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Chamilo LMS version 1.11.10 contains an XSS vulnerability in the personal profile edition form, affecting the user him/herself and social network friends." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-42-2020-04-23-High-risk-low-impact-XSS-in-extended-users-profile-fields", - "refsource": "MISC", - "name": "https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-42-2020-04-23-High-risk-low-impact-XSS-in-extended-users-profile-fields" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/23xxx/CVE-2020-23129.json b/2020/23xxx/CVE-2020-23129.json index b905b9b594b..ad917e4cac7 100644 --- a/2020/23xxx/CVE-2020-23129.json +++ b/2020/23xxx/CVE-2020-23129.json @@ -5,13 +5,13 @@ "CVE_data_meta": { "ID": "CVE-2020-23129", "ASSIGNER": "cve@mitre.org", - "STATE": "REJECT" + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/23xxx/CVE-2020-23130.json b/2020/23xxx/CVE-2020-23130.json index 2fb6d61d556..3d96bae5d6d 100644 --- a/2020/23xxx/CVE-2020-23130.json +++ b/2020/23xxx/CVE-2020-23130.json @@ -5,13 +5,13 @@ "CVE_data_meta": { "ID": "CVE-2020-23130", "ASSIGNER": "cve@mitre.org", - "STATE": "REJECT" + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/23xxx/CVE-2020-23565.json b/2020/23xxx/CVE-2020-23565.json index f26ffcfba64..2d8609e269c 100644 --- a/2020/23xxx/CVE-2020-23565.json +++ b/2020/23xxx/CVE-2020-23565.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-23565", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-23565", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Irfanview v4.53 allows attackers to execute arbitrary code via a crafted JPEG 2000 file. Related to a \"Data from Faulting Address controls Branch Selection starting at JPEG2000!ShowPlugInSaveOptions_W+0x0000000000032850\"." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/KamasuOri/publicResearch/tree/master/poc/irfanview/3", - "refsource": "MISC", - "name": "https://github.com/KamasuOri/publicResearch/tree/master/poc/irfanview/3" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/23xxx/CVE-2020-23566.json b/2020/23xxx/CVE-2020-23566.json index 854fc6d88ad..411593b704b 100644 --- a/2020/23xxx/CVE-2020-23566.json +++ b/2020/23xxx/CVE-2020-23566.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-23566", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-23566", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Irfanview v4.53 was discovered to contain an infinity loop via JPEG2000!ShowPlugInSaveOptions_W+0x1ecd8." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/KamasuOri/publicResearch/tree/master/poc/irfanview/1", - "refsource": "MISC", - "name": "https://github.com/KamasuOri/publicResearch/tree/master/poc/irfanview/1" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/23xxx/CVE-2020-23567.json b/2020/23xxx/CVE-2020-23567.json index 6e121d17288..9c5e7f44f93 100644 --- a/2020/23xxx/CVE-2020-23567.json +++ b/2020/23xxx/CVE-2020-23567.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-23567", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-23567", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Irfanview v4.53 allows attackers to to cause a denial of service (DoS) via a crafted JPEG 2000 file. Related to \"Integer Divide By Zero starting at JPEG2000!ShowPlugInSaveOptions_W+0x00000000000082ea\"" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/KamasuOri/publicResearch/tree/master/poc/irfanview/2", - "refsource": "MISC", - "name": "https://github.com/KamasuOri/publicResearch/tree/master/poc/irfanview/2" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/23xxx/CVE-2020-23572.json b/2020/23xxx/CVE-2020-23572.json index c4a908d0b15..f0a865c444d 100644 --- a/2020/23xxx/CVE-2020-23572.json +++ b/2020/23xxx/CVE-2020-23572.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-23572", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-23572", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "BEESCMS v4.0 was discovered to contain an arbitrary file upload vulnerability via the component /admin/upload.php. This vulnerability allows attackers to execute arbitrary code via a crafted image file." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/source-trace/beescms/issues/6", - "refsource": "MISC", - "name": "https://github.com/source-trace/beescms/issues/6" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/23xxx/CVE-2020-23679.json b/2020/23xxx/CVE-2020-23679.json index 415d7a5ca36..19b1c095cab 100644 --- a/2020/23xxx/CVE-2020-23679.json +++ b/2020/23xxx/CVE-2020-23679.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-23679", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-23679", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Buffer overflow vulnerability in Renleilei1992 Linux_Network_Project 1.0, allows attackers to execute arbitrary code, via the password field." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/Renleilei1992/Linux_Network_Project/issues/1", - "refsource": "MISC", - "name": "https://github.com/Renleilei1992/Linux_Network_Project/issues/1" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/23xxx/CVE-2020-23680.json b/2020/23xxx/CVE-2020-23680.json index 464cdd25fe1..268888e3bb4 100644 --- a/2020/23xxx/CVE-2020-23680.json +++ b/2020/23xxx/CVE-2020-23680.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-23680", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-23680", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "An issue was discovered in function StartPage in text2pdf.c in pdfcorner text2pdf 1.1, allows attackers to cause denial of service or possibly other undisclosed impacts." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/philips/text2pdf/issues/1", - "refsource": "MISC", - "name": "https://github.com/philips/text2pdf/issues/1" - }, - { - "refsource": "MISC", - "name": "http://www.eprg.org/pdfcorner/text2pdf/", - "url": "http://www.eprg.org/pdfcorner/text2pdf/" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/23xxx/CVE-2020-23685.json b/2020/23xxx/CVE-2020-23685.json index 24db6cf2e48..264a7a9ec19 100644 --- a/2020/23xxx/CVE-2020-23685.json +++ b/2020/23xxx/CVE-2020-23685.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-23685", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-23685", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "SQL Injection vulnerability in 188Jianzhan v2.1.0, allows attackers to execute arbitrary code and gain escalated privileges, via the username parameter to login.php." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/vtime-tech/188Jianzhan/issues/2", - "refsource": "MISC", - "name": "https://github.com/vtime-tech/188Jianzhan/issues/2" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/23xxx/CVE-2020-23686.json b/2020/23xxx/CVE-2020-23686.json index b0ae5b3cc34..6206007889f 100644 --- a/2020/23xxx/CVE-2020-23686.json +++ b/2020/23xxx/CVE-2020-23686.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-23686", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-23686", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Cross site request forgery (CSRF) vulnerability in AyaCMS 3.1.2 allows attackers to change an administrators password or other unspecified impacts." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/loadream/AyaCMS/issues/1", - "refsource": "MISC", - "name": "https://github.com/loadream/AyaCMS/issues/1" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/23xxx/CVE-2020-23718.json b/2020/23xxx/CVE-2020-23718.json index 9b890f0222e..edaafd216e7 100644 --- a/2020/23xxx/CVE-2020-23718.json +++ b/2020/23xxx/CVE-2020-23718.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-23718", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-23718", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Cross site scripting (XSS) vulnerability in xujinliang zibbs 1.0, allows attackers to execute arbitrary code via the route parameter to index.php." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/xujinliang/zibbs/issues/4", - "refsource": "MISC", - "name": "https://github.com/xujinliang/zibbs/issues/4" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/23xxx/CVE-2020-23719.json b/2020/23xxx/CVE-2020-23719.json index fa62444b04e..10e13ea90f3 100644 --- a/2020/23xxx/CVE-2020-23719.json +++ b/2020/23xxx/CVE-2020-23719.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-23719", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-23719", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Cross site scripting (XSS) vulnerability in application/controllers/AdminController.php in xujinliang zibbs 1.0, allows attackers to execute arbitrary code via the bbsmeta parameter." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/xujinliang/zibbs/issues/5", - "refsource": "MISC", - "name": "https://github.com/xujinliang/zibbs/issues/5" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/23xxx/CVE-2020-23754.json b/2020/23xxx/CVE-2020-23754.json index 63dc313f27a..c658c26ee7b 100644 --- a/2020/23xxx/CVE-2020-23754.json +++ b/2020/23xxx/CVE-2020-23754.json @@ -1,71 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-23754", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-23754", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Cross Site Scripting (XSS) vulnerability in infusions/member_poll_panel/poll_admin.php in PHP-Fusion 9.03.50, allows attackers to execute arbitrary code, via the polls feature." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/php-fusion/PHP-Fusion/issues/2315", - "refsource": "MISC", - "name": "https://github.com/php-fusion/PHP-Fusion/issues/2315" - }, - { - "url": "https://user-images.githubusercontent.com/62001260/81574112-9412e100-93cf-11ea-9493-615a70162034.PNG", - "refsource": "MISC", - "name": "https://user-images.githubusercontent.com/62001260/81574112-9412e100-93cf-11ea-9493-615a70162034.PNG" - }, - { - "url": "https://user-images.githubusercontent.com/62001260/81574006-6fb70480-93cf-11ea-814c-55a96d2fe95e.PNG", - "refsource": "MISC", - "name": "https://user-images.githubusercontent.com/62001260/81574006-6fb70480-93cf-11ea-814c-55a96d2fe95e.PNG" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/24xxx/CVE-2020-24000.json b/2020/24xxx/CVE-2020-24000.json index 28688c1b613..c229688fe6f 100644 --- a/2020/24xxx/CVE-2020-24000.json +++ b/2020/24xxx/CVE-2020-24000.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-24000", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-24000", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "SQL Injection vulnerability in eyoucms cms v1.4.7, allows attackers to execute arbitrary code and disclose sensitive information, via the tid parameter to index.php." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/eyoucms/eyoucms/issues/13", - "refsource": "MISC", - "name": "https://github.com/eyoucms/eyoucms/issues/13" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/24xxx/CVE-2020-24743.json b/2020/24xxx/CVE-2020-24743.json index 330ac47629e..34d33e7a540 100644 --- a/2020/24xxx/CVE-2020-24743.json +++ b/2020/24xxx/CVE-2020-24743.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-24743", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-24743", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "An issue was found in /showReports.do Zoho ManageEngine Applications Manager up to 14550, allows attackers to gain escalated privileges via the resourceid parameter." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.manageengine.com/products/applications_manager/issues.html#v14550", - "refsource": "MISC", - "name": "https://www.manageengine.com/products/applications_manager/issues.html#v14550" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/25xxx/CVE-2020-25366.json b/2020/25xxx/CVE-2020-25366.json index fda3b8c120f..131e6dca8eb 100644 --- a/2020/25xxx/CVE-2020-25366.json +++ b/2020/25xxx/CVE-2020-25366.json @@ -1,71 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-25366", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-25366", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "An issue in the component /cgi-bin/upload_firmware.cgi of D-Link DIR-823G REVA1 1.02B05 allows attackers to cause a denial of service (DoS) via unspecified vectors." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "http://d-link.com", - "refsource": "MISC", - "name": "http://d-link.com" - }, - { - "url": "https://www.dlink.com/en/security-bulletin/", - "refsource": "MISC", - "name": "https://www.dlink.com/en/security-bulletin/" - }, - { - "refsource": "MISC", - "name": "https://github.com/sek1th/iot/blob/master/dir823g_upfw_dos.md", - "url": "https://github.com/sek1th/iot/blob/master/dir823g_upfw_dos.md" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/25xxx/CVE-2020-25367.json b/2020/25xxx/CVE-2020-25367.json index 880774209bc..58ce6d995df 100644 --- a/2020/25xxx/CVE-2020-25367.json +++ b/2020/25xxx/CVE-2020-25367.json @@ -1,71 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-25367", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-25367", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A command injection vulnerability was discovered in the HNAP1 protocol in D-Link DIR-823G devices with firmware V1.0.2B05. An attacker is able to execute arbitrary web scripts via shell metacharacters in the Captcha field to Login." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "http://d-link.com", - "refsource": "MISC", - "name": "http://d-link.com" - }, - { - "url": "https://www.dlink.com/en/security-bulletin/", - "refsource": "MISC", - "name": "https://www.dlink.com/en/security-bulletin/" - }, - { - "refsource": "MISC", - "name": "https://github.com/sek1th/iot/blob/master/dir823g_3.md", - "url": "https://github.com/sek1th/iot/blob/master/dir823g_3.md" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/25xxx/CVE-2020-25368.json b/2020/25xxx/CVE-2020-25368.json index 1b9ef098d9c..f80837a6c68 100644 --- a/2020/25xxx/CVE-2020-25368.json +++ b/2020/25xxx/CVE-2020-25368.json @@ -1,71 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-25368", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-25368", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A command injection vulnerability was discovered in the HNAP1 protocol in D-Link DIR-823G devices with firmware V1.0.2B05. An attacker is able to execute arbitrary web scripts via shell metacharacters in the PrivateLogin field to Login." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "http://d-link.com", - "refsource": "MISC", - "name": "http://d-link.com" - }, - { - "url": "https://www.dlink.com/en/security-bulletin/", - "refsource": "MISC", - "name": "https://www.dlink.com/en/security-bulletin/" - }, - { - "refsource": "MISC", - "name": "https://github.com/sek1th/iot/blob/master/dir-823g_2.md", - "url": "https://github.com/sek1th/iot/blob/master/dir-823g_2.md" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/25xxx/CVE-2020-25872.json b/2020/25xxx/CVE-2020-25872.json index eaea82fae1f..b4c75e7d969 100644 --- a/2020/25xxx/CVE-2020-25872.json +++ b/2020/25xxx/CVE-2020-25872.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-25872", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-25872", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability exists within the FileManagerController.php function in FrogCMS 0.9.5 which allows an attacker to perform a directory traversal attack via a GET request urlencode parameter." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/philippe/FrogCMS/issues/34", - "refsource": "MISC", - "name": "https://github.com/philippe/FrogCMS/issues/34" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/25xxx/CVE-2020-25873.json b/2020/25xxx/CVE-2020-25873.json index 18b620fc667..064802d5451 100644 --- a/2020/25xxx/CVE-2020-25873.json +++ b/2020/25xxx/CVE-2020-25873.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-25873", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-25873", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A directory traversal vulnerability in the component system/manager/class/web/database.php was discovered in Baijiacms V4 which allows attackers to arbitrarily delete folders on the server via the \"id\" parameter." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/baijiacms/baijiacmsV4/issues/6", - "refsource": "MISC", - "name": "https://github.com/baijiacms/baijiacmsV4/issues/6" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/25xxx/CVE-2020-25881.json b/2020/25xxx/CVE-2020-25881.json index 1a6fe178db1..ddc03697e12 100644 --- a/2020/25xxx/CVE-2020-25881.json +++ b/2020/25xxx/CVE-2020-25881.json @@ -1,71 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-25881", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-25881", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability was discovered in the filename parameter in pathindex.php?r=cms-backend/attachment/delete&sub=&filename=../../../../111.txt&filetype=image/jpeg of the master version of RKCMS. This vulnerability allows for an attacker to perform a directory traversal via a crafted .txt file." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/AubreyJun/cms/issues/2", - "refsource": "MISC", - "name": "https://github.com/AubreyJun/cms/issues/2" - }, - { - "url": "http://www.ranko.cn/index.html", - "refsource": "MISC", - "name": "http://www.ranko.cn/index.html" - }, - { - "url": "https://gitee.com/wuxi_ranko/cms", - "refsource": "MISC", - "name": "https://gitee.com/wuxi_ranko/cms" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/25xxx/CVE-2020-25911.json b/2020/25xxx/CVE-2020-25911.json index bff409d11dd..1a5cbce2b69 100644 --- a/2020/25xxx/CVE-2020-25911.json +++ b/2020/25xxx/CVE-2020-25911.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-25911", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-25911", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A XML External Entity (XXE) vulnerability was discovered in the modRestServiceRequest component in MODX CMS 2.7.3 which can lead to an information disclosure or denial of service (DOS)." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/modxcms/revolution/issues/15237", - "refsource": "MISC", - "name": "https://github.com/modxcms/revolution/issues/15237" - }, - { - "refsource": "MISC", - "name": "https://github.com/dahua966/Vul_disclose/blob/main/XXE_modxcms.md", - "url": "https://github.com/dahua966/Vul_disclose/blob/main/XXE_modxcms.md" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/25xxx/CVE-2020-25912.json b/2020/25xxx/CVE-2020-25912.json index 0713bcd758d..b1640ffbc3d 100644 --- a/2020/25xxx/CVE-2020-25912.json +++ b/2020/25xxx/CVE-2020-25912.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-25912", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-25912", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A XML External Entity (XXE) vulnerability was discovered in symphony\\lib\\toolkit\\class.xmlelement.php in Symphony 2.7.10 which can lead to an information disclosure or denial of service (DOS)." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "http://symphony.com", - "refsource": "MISC", - "name": "http://symphony.com" - }, - { - "url": "https://github.com/symphonycms/symphonycms/issues/2924", - "refsource": "MISC", - "name": "https://github.com/symphonycms/symphonycms/issues/2924" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/26xxx/CVE-2020-26258.json b/2020/26xxx/CVE-2020-26258.json index 2e471439bcb..f1f698259f6 100644 --- a/2020/26xxx/CVE-2020-26258.json +++ b/2020/26xxx/CVE-2020-26258.json @@ -108,11 +108,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-d894ca87dc", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QGXIU3YDPG6OGTDHMBLAFN7BPBERXREB/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-5e376c0ed9", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PVPHZA7VW2RRSDCOIPP2W6O5ND254TU7/" } ] }, diff --git a/2020/26xxx/CVE-2020-26259.json b/2020/26xxx/CVE-2020-26259.json index 78f13615cf8..da7f8a36c79 100644 --- a/2020/26xxx/CVE-2020-26259.json +++ b/2020/26xxx/CVE-2020-26259.json @@ -108,11 +108,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-d894ca87dc", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QGXIU3YDPG6OGTDHMBLAFN7BPBERXREB/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-5e376c0ed9", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PVPHZA7VW2RRSDCOIPP2W6O5ND254TU7/" } ] }, diff --git a/2020/26xxx/CVE-2020-26705.json b/2020/26xxx/CVE-2020-26705.json index c7cb675f84a..9f3a1844ae4 100644 --- a/2020/26xxx/CVE-2020-26705.json +++ b/2020/26xxx/CVE-2020-26705.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-26705", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-26705", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "The parseXML function in Easy-XML 0.5.0 was discovered to have a XML External Entity (XXE) vulnerability which allows for an attacker to expose sensitive data or perform a denial of service (DOS) via a crafted external entity entered into the XML content as input." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/darkfoxprime/python-easy_xml/issues/1", - "refsource": "MISC", - "name": "https://github.com/darkfoxprime/python-easy_xml/issues/1" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/26xxx/CVE-2020-26707.json b/2020/26xxx/CVE-2020-26707.json index 59a2a2b0935..be59142a7c4 100644 --- a/2020/26xxx/CVE-2020-26707.json +++ b/2020/26xxx/CVE-2020-26707.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-26707", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-26707", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "An issue was discovered in the add function in Shenzhim AAPTJS 1.3.1 which allows attackers to execute arbitrary code via the filePath parameter." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://github.com/shenzhim/aaptjs/issues/2", - "url": "https://github.com/shenzhim/aaptjs/issues/2" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/27xxx/CVE-2020-27009.json b/2020/27xxx/CVE-2020-27009.json index 7956cad0275..80c4094ffb7 100644 --- a/2020/27xxx/CVE-2020-27009.json +++ b/2020/27xxx/CVE-2020-27009.json @@ -14,16 +14,6 @@ "vendor_name": "Siemens", "product": { "product_data": [ - { - "product_name": "Capital VSTAR", - "version": { - "version_data": [ - { - "version_value": "Versions including affected DNS modules" - } - ] - } - }, { "product_name": "Nucleus NET", "version": { @@ -34,12 +24,32 @@ ] } }, + { + "product_name": "Nucleus RTOS", + "version": { + "version_data": [ + { + "version_value": "versions including affected DNS modules" + } + ] + } + }, { "product_name": "Nucleus Source Code", "version": { "version_data": [ { - "version_value": "Versions including affected DNS modules" + "version_value": "versions including affected DNS modules" + } + ] + } + }, + { + "product_name": "VSTAR", + "version": { + "version_data": [ + { + "version_value": "versions including affected DNS modules" } ] } @@ -66,7 +76,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in Capital VSTAR (Versions including affected DNS modules), Nucleus NET (All versions < V5.2), Nucleus Source Code (Versions including affected DNS modules). The DNS domain name record decompression functionality does not properly validate the pointer offset values. The parsing of malformed responses could result in a write past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to execute code in the context of the current process or cause a denial-of-service condition." + "value": "A vulnerability has been identified in Nucleus NET (All versions < V5.2), Nucleus RTOS (versions including affected DNS modules), Nucleus Source Code (versions including affected DNS modules), VSTAR (versions including affected DNS modules). The DNS domain name record decompression functionality does not properly validate the pointer offset values. The parsing of malformed responses could result in a write past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to execute code in the context of the current process or cause a denial-of-service condition." } ] }, diff --git a/2020/27xxx/CVE-2020-27406.json b/2020/27xxx/CVE-2020-27406.json index f5678202ced..9593123136e 100644 --- a/2020/27xxx/CVE-2020-27406.json +++ b/2020/27xxx/CVE-2020-27406.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-27406", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-27406", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Cross Site Scripting (XSS) vulnerability in DynPG 4.9.1, allows authenticated attackers to execute arbitrary code via the groupname." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "http://dynpg.com", - "refsource": "MISC", - "name": "http://dynpg.com" - }, - { - "refsource": "MISC", - "name": "https://www.exploit-db.com/exploits/48865", - "url": "https://www.exploit-db.com/exploits/48865" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/27xxx/CVE-2020-27736.json b/2020/27xxx/CVE-2020-27736.json index 8094a356586..9de10afb148 100644 --- a/2020/27xxx/CVE-2020-27736.json +++ b/2020/27xxx/CVE-2020-27736.json @@ -15,11 +15,11 @@ "product": { "product_data": [ { - "product_name": "Capital VSTAR", + "product_name": "Nucleus 4", "version": { "version_data": [ { - "version_value": "Versions including affected DNS modules" + "version_value": "All versions < V4.1.0" } ] } @@ -35,7 +35,17 @@ } }, { - "product_name": "Nucleus ReadyStart V3", + "product_name": "Nucleus RTOS", + "version": { + "version_data": [ + { + "version_value": "versions including affected DNS modules" + } + ] + } + }, + { + "product_name": "Nucleus ReadyStart", "version": { "version_data": [ { @@ -44,22 +54,12 @@ ] } }, - { - "product_name": "Nucleus ReadyStart V4", - "version": { - "version_data": [ - { - "version_value": "All versions < V4.1.0" - } - ] - } - }, { "product_name": "Nucleus Source Code", "version": { "version_data": [ { - "version_value": "Versions including affected DNS modules" + "version_value": "versions including affected DNS modules" } ] } @@ -73,6 +73,16 @@ } ] } + }, + { + "product_name": "VSTAR", + "version": { + "version_data": [ + { + "version_value": "versions including affected DNS modules" + } + ] + } } ] } @@ -96,7 +106,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in Capital VSTAR (Versions including affected DNS modules), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0). The DNS domain name label parsing functionality does not properly validate the null-terminated name in DNS-responses. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the read memory." + "value": "A vulnerability has been identified in Nucleus 4 (All versions < V4.1.0), Nucleus NET (All versions), Nucleus RTOS (versions including affected DNS modules), Nucleus ReadyStart (All versions < V2017.02.3), Nucleus Source Code (versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), VSTAR (versions including affected DNS modules). The DNS domain name label parsing functionality does not properly validate the null-terminated name in DNS-responses. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the read memory." } ] }, diff --git a/2020/27xxx/CVE-2020-27737.json b/2020/27xxx/CVE-2020-27737.json index 8b163a3ba35..efff3583b8d 100644 --- a/2020/27xxx/CVE-2020-27737.json +++ b/2020/27xxx/CVE-2020-27737.json @@ -15,11 +15,11 @@ "product": { "product_data": [ { - "product_name": "Capital VSTAR", + "product_name": "Nucleus 4", "version": { "version_data": [ { - "version_value": "Versions including affected DNS modules" + "version_value": "All versions < V4.1.0" } ] } @@ -35,7 +35,17 @@ } }, { - "product_name": "Nucleus ReadyStart V3", + "product_name": "Nucleus RTOS", + "version": { + "version_data": [ + { + "version_value": "versions including affected DNS modules" + } + ] + } + }, + { + "product_name": "Nucleus ReadyStart", "version": { "version_data": [ { @@ -44,22 +54,12 @@ ] } }, - { - "product_name": "Nucleus ReadyStart V4", - "version": { - "version_data": [ - { - "version_value": "All versions < V4.1.0" - } - ] - } - }, { "product_name": "Nucleus Source Code", "version": { "version_data": [ { - "version_value": "Versions including affected DNS modules" + "version_value": "versions including affected DNS modules" } ] } @@ -73,6 +73,16 @@ } ] } + }, + { + "product_name": "VSTAR", + "version": { + "version_data": [ + { + "version_value": "versions including affected DNS modules" + } + ] + } } ] } @@ -96,7 +106,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in Capital VSTAR (Versions including affected DNS modules), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0). The DNS response parsing functionality does not properly validate various length and counts of the records. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the memory past the allocated structure." + "value": "A vulnerability has been identified in Nucleus 4 (All versions < V4.1.0), Nucleus NET (All versions), Nucleus RTOS (versions including affected DNS modules), Nucleus ReadyStart (All versions < V2017.02.3), Nucleus Source Code (versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), VSTAR (versions including affected DNS modules). The DNS response parsing functionality does not properly validate various length and counts of the records. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the memory past the allocated structure." } ] }, diff --git a/2020/27xxx/CVE-2020-27738.json b/2020/27xxx/CVE-2020-27738.json index b2ee567f5ac..4e94608f354 100644 --- a/2020/27xxx/CVE-2020-27738.json +++ b/2020/27xxx/CVE-2020-27738.json @@ -15,11 +15,11 @@ "product": { "product_data": [ { - "product_name": "Capital VSTAR", + "product_name": "Nucleus 4", "version": { "version_data": [ { - "version_value": "Versions including affected DNS modules" + "version_value": "All versions < V4.1.0" } ] } @@ -35,7 +35,17 @@ } }, { - "product_name": "Nucleus ReadyStart V3", + "product_name": "Nucleus RTOS", + "version": { + "version_data": [ + { + "version_value": "versions including affected DNS modules" + } + ] + } + }, + { + "product_name": "Nucleus ReadyStart", "version": { "version_data": [ { @@ -44,22 +54,12 @@ ] } }, - { - "product_name": "Nucleus ReadyStart V4", - "version": { - "version_data": [ - { - "version_value": "All versions < V4.1.0" - } - ] - } - }, { "product_name": "Nucleus Source Code", "version": { "version_data": [ { - "version_value": "Versions including affected DNS modules" + "version_value": "versions including affected DNS modules" } ] } @@ -73,6 +73,16 @@ } ] } + }, + { + "product_name": "VSTAR", + "version": { + "version_data": [ + { + "version_value": "versions including affected DNS modules" + } + ] + } } ] } @@ -96,7 +106,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in Capital VSTAR (Versions including affected DNS modules), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0). The DNS domain name record decompression functionality does not properly validate the pointer offset values. The parsing of malformed responses could result in a read access past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition." + "value": "A vulnerability has been identified in Nucleus 4 (All versions < V4.1.0), Nucleus NET (All versions), Nucleus RTOS (versions including affected DNS modules), Nucleus ReadyStart (All versions < V2017.02.3), Nucleus Source Code (versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), VSTAR (versions including affected DNS modules). The DNS domain name record decompression functionality does not properly validate the pointer offset values. The parsing of malformed responses could result in a read access past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition." } ] }, diff --git a/2020/27xxx/CVE-2020-27820.json b/2020/27xxx/CVE-2020-27820.json index c1620909d50..b6fbe676c92 100644 --- a/2020/27xxx/CVE-2020-27820.json +++ b/2020/27xxx/CVE-2020-27820.json @@ -4,73 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-27820", - "ASSIGNER": "secalert@redhat.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "kernel", - "version": { - "version_data": [ - { - "version_value": "to be fixed in RHEL-9 release" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-416" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1901726", - "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1901726" - }, - { - "refsource": "MISC", - "name": "https://lore.kernel.org/dri-devel/20201103194912.184413-2-jcline@redhat.com/", - "url": "https://lore.kernel.org/dri-devel/20201103194912.184413-2-jcline@redhat.com/" - }, - { - "refsource": "MISC", - "name": "https://lore.kernel.org/dri-devel/20201103194912.184413-3-jcline@redhat.com/", - "url": "https://lore.kernel.org/dri-devel/20201103194912.184413-3-jcline@redhat.com/" - }, - { - "refsource": "MISC", - "name": "https://lore.kernel.org/dri-devel/20201103194912.184413-4-jcline@redhat.com/", - "url": "https://lore.kernel.org/dri-devel/20201103194912.184413-4-jcline@redhat.com/" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if \"unbind\" the driver)." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/28xxx/CVE-2020-28362.json b/2020/28xxx/CVE-2020-28362.json index 8774ca0afe7..0dc9139dad9 100644 --- a/2020/28xxx/CVE-2020-28362.json +++ b/2020/28xxx/CVE-2020-28362.json @@ -76,11 +76,6 @@ "refsource": "FEDORA", "name": "FEDORA-2020-e971480183", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2W4COUPL3YVTZ6RTEIT6LPBDJUFF3VSP/" - }, - { - "refsource": "MISC", - "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/12166-security-advisory-62", - "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12166-security-advisory-62" } ] } diff --git a/2020/28xxx/CVE-2020-28388.json b/2020/28xxx/CVE-2020-28388.json index 844b6c93155..e4e3ddf2b5d 100644 --- a/2020/28xxx/CVE-2020-28388.json +++ b/2020/28xxx/CVE-2020-28388.json @@ -14,16 +14,6 @@ "vendor_name": "Siemens", "product": { "product_data": [ - { - "product_name": "Capital VSTAR", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, { "product_name": "Nucleus NET", "version": { @@ -35,7 +25,7 @@ } }, { - "product_name": "Nucleus ReadyStart V3", + "product_name": "Nucleus ReadyStart for ARM, MIPS, and PPC", "version": { "version_data": [ { @@ -44,16 +34,6 @@ ] } }, - { - "product_name": "Nucleus Source Code", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, { "product_name": "PLUSCONTROL 1st Gen", "version": { @@ -86,7 +66,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in Capital VSTAR (All versions), Nucleus NET (All versions < V5.2), Nucleus ReadyStart V3 (All versions < V2012.12), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions). Initial Sequence Numbers (ISNs) for TCP connections are derived from an insufficiently random source. As a result, the ISN of current and future TCP connections could be predictable. An attacker could hijack existing sessions or spoof future ones." + "value": "A vulnerability has been identified in Nucleus NET (All versions < V5.2), Nucleus ReadyStart for ARM, MIPS, and PPC (All versions < V2012.12), PLUSCONTROL 1st Gen (All versions). Initial Sequence Numbers (ISNs) for TCP connections are derived from an insufficiently random source. As a result, the ISN of current and future TCP connections could be predictable. An attacker could hijack existing sessions or spoof future ones." } ] }, diff --git a/2020/28xxx/CVE-2020-28416.json b/2020/28xxx/CVE-2020-28416.json index 33bac3f05a6..35ac6a65fd5 100644 --- a/2020/28xxx/CVE-2020-28416.json +++ b/2020/28xxx/CVE-2020-28416.json @@ -4,91 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-28416", - "ASSIGNER": "hp-security-alert@hp.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "HP OfficeJet Printer; HP PageWide Printer", - "version": { - "version_data": [ - { - "version_value": "before 33.1.74" - }, - { - "version_value": "before 35.0.72" - }, - { - "version_value": "before 38.8.1942" - }, - { - "version_value": "before 38.9.1948" - }, - { - "version_value": "before 39.6.1999" - }, - { - "version_value": "before 39.6.2002" - }, - { - "version_value": "before 40.11.1122" - }, - { - "version_value": "before 40.11.1148" - }, - { - "version_value": "before 40.11.1150" - }, - { - "version_value": "before 40.12.1161" - }, - { - "version_value": "before 40.13.1176" - }, - { - "version_value": "before 40.7.1094" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "unauthorized local code execution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://support.hp.com/us-en/document/c07051163", - "url": "https://support.hp.com/us-en/document/c07051163" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "HP has identified a security vulnerability with the I.R.I.S. OCR (Optical Character Recognition) software available with HP PageWide and OfficeJet printer software installations that could potentially allow unauthorized local code execution." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/28xxx/CVE-2020-28419.json b/2020/28xxx/CVE-2020-28419.json index 3c7cc3e614b..fa0455b540d 100644 --- a/2020/28xxx/CVE-2020-28419.json +++ b/2020/28xxx/CVE-2020-28419.json @@ -4,127 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-28419", - "ASSIGNER": "hp-security-alert@hp.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "HP LaserJet Printer; HP LaserJet Pro Printer; HP PageWide Printer; HP PageWide Pro Printer; HP inkjet Printer; HP OfficeJet Printer", - "version": { - "version_data": [ - { - "version_value": "before 61.111.01.9108" - }, - { - "version_value": "before 8.0.13284.929" - }, - { - "version_value": "before 11.0.19232.882" - }, - { - "version_value": "before 52.1.4899" - }, - { - "version_value": "before 14.0.19241.351" - }, - { - "version_value": "before 14.0.19232.485" - }, - { - "version_value": "before 10.0.16007.5" - }, - { - "version_value": "before 9.0.15316.203" - }, - { - "version_value": "before 11.0.16058.821" - }, - { - "version_value": "before 50.1.4584" - }, - { - "version_value": "before 16.0.19235.653" - }, - { - "version_value": "before 16.0.19233.658" - }, - { - "version_value": "before 10.0.15324.194" - }, - { - "version_value": "before 10.0.15324.199" - }, - { - "version_value": "before 49.1.4431" - }, - { - "version_value": "before 43.2.2509" - }, - { - "version_value": "before 49.1.4424" - }, - { - "version_value": "before 50.1.4533" - }, - { - "version_value": "before 44.7.2713" - }, - { - "version_value": "before 44.6.2710" - }, - { - "version_value": "before 14.0.15311.432" - }, - { - "version_value": "before 16.0.19117.636" - }, - { - "version_value": "before 15.0.15322.1207" - }, - { - "version_value": "..." - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Arbitrary code execution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://support.hp.com/us-en/document/c07058567", - "url": "https://support.hp.com/us-en/document/c07058567" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "During installation with certain driver software or application packages an arbitrary code execution could occur." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/28xxx/CVE-2020-28463.json b/2020/28xxx/CVE-2020-28463.json index 58d08a8e6b8..9c793375769 100644 --- a/2020/28xxx/CVE-2020-28463.json +++ b/2020/28xxx/CVE-2020-28463.json @@ -61,11 +61,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-13cdc0ab0e", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HMUJA5GZTPQ5WRYUCCK2GEZM4W43N7HH/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-04bfae8300", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YZQSFCID67K6BTC655EQY6MNOF35QI44/" } ] }, diff --git a/2020/28xxx/CVE-2020-28702.json b/2020/28xxx/CVE-2020-28702.json index 29bbb3d4cf6..f55f04a2e95 100644 --- a/2020/28xxx/CVE-2020-28702.json +++ b/2020/28xxx/CVE-2020-28702.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-28702", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-28702", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A SQL injection vulnerability in TopicMapper.xml of PybbsCMS v5.2.1 allows attackers to access sensitive database information." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/tomoya92/pybbs/issues/137", - "refsource": "MISC", - "name": "https://github.com/tomoya92/pybbs/issues/137" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/35xxx/CVE-2020-35249.json b/2020/35xxx/CVE-2020-35249.json index 6638984ce38..3e60c31a022 100644 --- a/2020/35xxx/CVE-2020-35249.json +++ b/2020/35xxx/CVE-2020-35249.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-35249", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-35249", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Cross Site Scripting (XSS) vulnerability in ElkarBackup 1.3.3, allows attackers to execute arbitrary code via the name parameter to the add client feature." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.exploit-db.com/exploits/48756", - "refsource": "MISC", - "name": "https://www.exploit-db.com/exploits/48756" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/36xxx/CVE-2020-36330.json b/2020/36xxx/CVE-2020-36330.json index 3e2bafe1b68..2c36e7c29a7 100644 --- a/2020/36xxx/CVE-2020-36330.json +++ b/2020/36xxx/CVE-2020-36330.json @@ -73,11 +73,6 @@ "refsource": "FULLDISC", "name": "20210723 APPLE-SA-2021-07-21-1 iOS 14.7 and iPadOS 14.7", "url": "http://seclists.org/fulldisclosure/2021/Jul/54" - }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20211104-0004/", - "url": "https://security.netapp.com/advisory/ntap-20211104-0004/" } ] }, diff --git a/2020/36xxx/CVE-2020-36332.json b/2020/36xxx/CVE-2020-36332.json index 6d84e1e38b2..25e3450afd5 100644 --- a/2020/36xxx/CVE-2020-36332.json +++ b/2020/36xxx/CVE-2020-36332.json @@ -53,11 +53,6 @@ "refsource": "DEBIAN", "name": "DSA-4930", "url": "https://www.debian.org/security/2021/dsa-4930" - }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20211104-0004/", - "url": "https://security.netapp.com/advisory/ntap-20211104-0004/" } ] }, diff --git a/2020/36xxx/CVE-2020-36376.json b/2020/36xxx/CVE-2020-36376.json index 12b0d1ea7c0..7dbf3b11dae 100644 --- a/2020/36xxx/CVE-2020-36376.json +++ b/2020/36xxx/CVE-2020-36376.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-36376", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-36376", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "An issue was discovered in the list function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://github.com/shenzhim/aaptjs/issues/2", - "url": "https://github.com/shenzhim/aaptjs/issues/2" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/36xxx/CVE-2020-36377.json b/2020/36xxx/CVE-2020-36377.json index 9a304327201..ea041aa14f1 100644 --- a/2020/36xxx/CVE-2020-36377.json +++ b/2020/36xxx/CVE-2020-36377.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-36377", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-36377", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "An issue was discovered in the dump function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://github.com/shenzhim/aaptjs/issues/2", - "url": "https://github.com/shenzhim/aaptjs/issues/2" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/36xxx/CVE-2020-36378.json b/2020/36xxx/CVE-2020-36378.json index 73340742c1b..b45842c7343 100644 --- a/2020/36xxx/CVE-2020-36378.json +++ b/2020/36xxx/CVE-2020-36378.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-36378", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-36378", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "An issue was discovered in the packageCmd function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://github.com/shenzhim/aaptjs/issues/2", - "url": "https://github.com/shenzhim/aaptjs/issues/2" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/36xxx/CVE-2020-36379.json b/2020/36xxx/CVE-2020-36379.json index 93cbfa91300..eb01cdb31a6 100644 --- a/2020/36xxx/CVE-2020-36379.json +++ b/2020/36xxx/CVE-2020-36379.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-36379", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-36379", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "An issue was discovered in the remove function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://github.com/shenzhim/aaptjs/issues/2", - "url": "https://github.com/shenzhim/aaptjs/issues/2" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/36xxx/CVE-2020-36380.json b/2020/36xxx/CVE-2020-36380.json index f99bb53d874..2235f35fef7 100644 --- a/2020/36xxx/CVE-2020-36380.json +++ b/2020/36xxx/CVE-2020-36380.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-36380", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-36380", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "An issue was discovered in the crunch function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://github.com/shenzhim/aaptjs/issues/2", - "url": "https://github.com/shenzhim/aaptjs/issues/2" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/36xxx/CVE-2020-36381.json b/2020/36xxx/CVE-2020-36381.json index 661676a20cc..a3943803a9c 100644 --- a/2020/36xxx/CVE-2020-36381.json +++ b/2020/36xxx/CVE-2020-36381.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-36381", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-36381", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "An issue was discovered in the singleCrunch function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://github.com/shenzhim/aaptjs/issues/2", - "url": "https://github.com/shenzhim/aaptjs/issues/2" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/36xxx/CVE-2020-36503.json b/2020/36xxx/CVE-2020-36503.json index 08aec2b7365..2aef0794262 100644 --- a/2020/36xxx/CVE-2020-36503.json +++ b/2020/36xxx/CVE-2020-36503.json @@ -1,80 +1,18 @@ { + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-36503", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Connections Business Directory < 9.7 - Admin+ CSV Injection" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Connections Business Directory", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "9.7", - "version_value": "9.7" - } - ] - } - } - ] - } - } - ] - } + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "The Connections Business Directory WordPress plugin before 9.7 does not validate or sanitise some connections' fields, which could lead to a CSV injection issue" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://github.com/Connections-Business-Directory/Connections/issues/474", - "name": "https://github.com/Connections-Business-Directory/Connections/issues/474" - }, - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/dd394b55-c86f-4fa2-aae8-5903ca0b95ec", - "name": "https://wpscan.com/vulnerability/dd394b55-c86f-4fa2-aae8-5903ca0b95ec" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-1236 Improper Neutralization of Formula Elements in a CSV File", - "lang": "eng" - } - ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "Rudra Sarkar" - } - ], - "source": { - "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2020/36xxx/CVE-2020-36504.json b/2020/36xxx/CVE-2020-36504.json deleted file mode 100644 index cc63b2dcef0..00000000000 --- a/2020/36xxx/CVE-2020-36504.json +++ /dev/null @@ -1,80 +0,0 @@ -{ - "CVE_data_meta": { - "ID": "CVE-2020-36504", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "WP-Pro-Quiz <= 0.37 - Arbitrary Quiz Deletion via CSRF" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Wp-Pro-Quiz", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "0.37", - "version_value": "0.37" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The WP-Pro-Quiz WordPress plugin through 0.37 does not have CSRF check in place when deleting a quiz, which could allow an attacker to make a logged in admin delete arbitrary quiz on the blog" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://medium.com/@hoanhp/0-days-story-1-wp-pro-quiz-2115dd77a6d4", - "name": "https://medium.com/@hoanhp/0-days-story-1-wp-pro-quiz-2115dd77a6d4" - }, - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/83679b90-faa5-454e-924c-89f388eccbd1", - "name": "https://wpscan.com/vulnerability/83679b90-faa5-454e-924c-89f388eccbd1" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-352 Cross-Site Request Forgery (CSRF)", - "lang": "eng" - } - ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "HoanHP" - } - ], - "source": { - "discovery": "EXTERNAL" - } -} \ No newline at end of file diff --git a/2020/36xxx/CVE-2020-36505.json b/2020/36xxx/CVE-2020-36505.json deleted file mode 100644 index c89c8a43809..00000000000 --- a/2020/36xxx/CVE-2020-36505.json +++ /dev/null @@ -1,80 +0,0 @@ -{ - "CVE_data_meta": { - "ID": "CVE-2020-36505", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Delete All Comments Easily <= 1.3 - All Comments Deletion via CSRF" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Delete All Comments Easily", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "1.3", - "version_value": "1.3" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Delete All Comments Easily WordPress plugin through 1.3 is lacking Cross-Site Request Forgery (CSRF) checks, which could result in an unauthenticated attacker making a logged in admin delete all comments from the blog." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/239f8efa-8fa4-4274-904f-708e65083821", - "name": "https://wpscan.com/vulnerability/239f8efa-8fa4-4274-904f-708e65083821" - }, - { - "refsource": "MISC", - "url": "https://medium.com/@hoanhp/0-day-story-2-delete-all-comments-easily-a854e52a7d50", - "name": "https://medium.com/@hoanhp/0-day-story-2-delete-all-comments-easily-a854e52a7d50" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-352 Cross-Site Request Forgery (CSRF)", - "lang": "eng" - } - ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "Hoan Hp" - } - ], - "source": { - "discovery": "EXTERNAL" - } -} diff --git a/2020/4xxx/CVE-2020-4152.json b/2020/4xxx/CVE-2020-4152.json index 5566c8ffb2b..239e3876074 100644 --- a/2020/4xxx/CVE-2020-4152.json +++ b/2020/4xxx/CVE-2020-4152.json @@ -1,93 +1,18 @@ { - "data_format": "MITRE", - "CVE_data_meta": { - "DATE_PUBLIC": "2021-11-07T00:00:00", - "ID": "CVE-2020-4152", - "ASSIGNER": "psirt@us.ibm.com", - "STATE": "PUBLIC" - }, "data_type": "CVE", - "impact": { - "cvssv3": { - "TM": { - "RC": "C", - "RL": "O", - "E": "U" - }, - "BM": { - "UI": "N", - "PR": "N", - "AV": "N", - "I": "N", - "C": "H", - "A": "N", - "AC": "H", - "S": "C", - "SCORE": "6.800" - } - } - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "version": { - "version_data": [ - { - "version_value": "5.4.0" - }, - { - "version_value": "5.5.0" - } - ] - }, - "product_name": "QRadar Network Security" - } - ] - }, - "vendor_name": "IBM" - } - ] - } + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-4152", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "IBM QRadar Network Security 5.4.0 and 5.5.0 transmits sensitive or security-critical data in cleartext in a communication channel that can be obtained using man in the middle techniques. IBM X-Force ID: 17467." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "references": { - "reference_data": [ - { - "refsource": "CONFIRM", - "url": "https://www.ibm.com/support/pages/node/6514403", - "name": "https://www.ibm.com/support/pages/node/6514403", - "title": "IBM Security Bulletin 6514403 (QRadar Network Security)" - }, - { - "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/174267", - "refsource": "XF", - "name": "ibm-qradar-cve20204152-info-disc (174267)", - "title": "X-Force Vulnerability Report" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Obtain Information" - } - ] - } - ] - }, - "data_version": "4.0" + } } \ No newline at end of file diff --git a/2020/4xxx/CVE-2020-4153.json b/2020/4xxx/CVE-2020-4153.json index b5026bffa8a..db5d7978278 100644 --- a/2020/4xxx/CVE-2020-4153.json +++ b/2020/4xxx/CVE-2020-4153.json @@ -1,93 +1,18 @@ { "data_type": "CVE", - "CVE_data_meta": { - "STATE": "PUBLIC", - "ASSIGNER": "psirt@us.ibm.com", - "ID": "CVE-2020-4153", - "DATE_PUBLIC": "2021-11-07T00:00:00" - }, "data_format": "MITRE", "data_version": "4.0", - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "Cross-Site Scripting", - "lang": "eng" - } - ] - } - ] - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "IBM", - "product": { - "product_data": [ - { - "product_name": "QRadar Network Security", - "version": { - "version_data": [ - { - "version_value": "5.4.0" - }, - { - "version_value": "5.5.0" - } - ] - } - } - ] - } - } - ] - } + "CVE_data_meta": { + "ID": "CVE-2020-4153", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { - "value": "IBM QRadar Network Security 5.4.0 and 5.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 174269.", - "lang": "eng" + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "references": { - "reference_data": [ - { - "title": "IBM Security Bulletin 6514403 (QRadar Network Security)", - "name": "https://www.ibm.com/support/pages/node/6514403", - "refsource": "CONFIRM", - "url": "https://www.ibm.com/support/pages/node/6514403" - }, - { - "name": "ibm-qradar-cve20204153-xss (174269)", - "title": "X-Force Vulnerability Report", - "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/174269", - "refsource": "XF" - } - ] - }, - "impact": { - "cvssv3": { - "BM": { - "A": "N", - "SCORE": "5.400", - "S": "C", - "AC": "L", - "C": "L", - "I": "L", - "AV": "N", - "PR": "L", - "UI": "R" - }, - "TM": { - "RL": "O", - "E": "H", - "RC": "C" - } - } } } \ No newline at end of file diff --git a/2020/4xxx/CVE-2020-4160.json b/2020/4xxx/CVE-2020-4160.json index 17f931e2948..c59eb56c276 100644 --- a/2020/4xxx/CVE-2020-4160.json +++ b/2020/4xxx/CVE-2020-4160.json @@ -1,93 +1,18 @@ { - "impact": { - "cvssv3": { - "BM": { - "C": "H", - "I": "N", - "A": "N", - "SCORE": "5.900", - "AC": "H", - "S": "U", - "PR": "N", - "UI": "N", - "AV": "N" - }, - "TM": { - "RC": "C", - "E": "U", - "RL": "O" - } - } - }, - "references": { - "reference_data": [ - { - "name": "https://www.ibm.com/support/pages/node/6514403", - "title": "IBM Security Bulletin 6514403 (QRadar Network Security)", - "url": "https://www.ibm.com/support/pages/node/6514403", - "refsource": "CONFIRM" - }, - { - "title": "X-Force Vulnerability Report", - "name": "ibm-qradar-cve20204160-info-disc (174340)", - "refsource": "XF", - "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/174340" - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-4160", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { - "value": "IBM QRadar Network Security 5.4.0 and 5.5.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 174340.", - "lang": "eng" + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "version": { - "version_data": [ - { - "version_value": "5.4.0" - }, - { - "version_value": "5.5.0" - } - ] - }, - "product_name": "QRadar Network Security" - } - ] - }, - "vendor_name": "IBM" - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Obtain Information" - } - ] - } - ] - }, - "data_version": "4.0", - "data_format": "MITRE", - "CVE_data_meta": { - "ASSIGNER": "psirt@us.ibm.com", - "STATE": "PUBLIC", - "DATE_PUBLIC": "2021-11-07T00:00:00", - "ID": "CVE-2020-4160" - }, - "data_type": "CVE" + } } \ No newline at end of file diff --git a/2020/5xxx/CVE-2020-5955.json b/2020/5xxx/CVE-2020-5955.json index b378357b7d7..ae8cb14fe4d 100644 --- a/2020/5xxx/CVE-2020-5955.json +++ b/2020/5xxx/CVE-2020-5955.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-5955", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-5955", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "An issue was discovered in Int15MicrocodeSmm in Insyde InsydeH2O before 2021-10-14 on Intel client chipsets. A caller may be able to escalate privileges." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.insyde.com/products", - "refsource": "MISC", - "name": "https://www.insyde.com/products" - }, - { - "refsource": "CONFIRM", - "name": "https://www.insyde.com/security-pledge/SA-2021002", - "url": "https://www.insyde.com/security-pledge/SA-2021002" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/6xxx/CVE-2020-6492.json b/2020/6xxx/CVE-2020-6492.json index 10c82bedc51..1a818e20065 100644 --- a/2020/6xxx/CVE-2020-6492.json +++ b/2020/6xxx/CVE-2020-6492.json @@ -4,64 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6492", - "ASSIGNER": "chrome-cve-admin@google.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Google", - "product": { - "product_data": [ - { - "product_name": "Chrome", - "version": { - "version_data": [ - { - "version_value": "83.0.4103.97", - "version_affected": "<" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Use after free" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://crbug.com/1078375", - "refsource": "MISC", - "name": "https://crbug.com/1078375" - }, - { - "url": "https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html", - "refsource": "MISC", - "name": "https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Use after free in ANGLE in Google Chrome prior to 83.0.4103.97 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/6xxx/CVE-2020-6931.json b/2020/6xxx/CVE-2020-6931.json index 4040f3c761c..902558bf276 100644 --- a/2020/6xxx/CVE-2020-6931.json +++ b/2020/6xxx/CVE-2020-6931.json @@ -4,58 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6931", - "ASSIGNER": "hp-security-alert@hp.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "HP Print and Scan Doctor", - "version": { - "version_data": [ - { - "version_value": "before 5.51" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Local Elevation of Privilege" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://support.hp.com/us-en/document/c06982375", - "url": "https://support.hp.com/us-en/document/c06982375" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "HP Print and Scan Doctor may potentially be vulnerable to local elevation of privilege." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/7xxx/CVE-2020-7580.json b/2020/7xxx/CVE-2020-7580.json index 11ac72f3b3a..48d08578eaf 100644 --- a/2020/7xxx/CVE-2020-7580.json +++ b/2020/7xxx/CVE-2020-7580.json @@ -49,7 +49,7 @@ "version": { "version_data": [ { - "version_value": "All versions < V17" + "version_value": "All versions" } ] } @@ -119,7 +119,7 @@ "version": { "version_data": [ { - "version_value": "All versions < V3.16 P018" + "version_value": "All versions < P018" } ] } @@ -129,7 +129,7 @@ "version": { "version_data": [ { - "version_value": "All versions < V3.17 P003" + "version_value": "All versions < P003" } ] } @@ -286,7 +286,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V16 (All versions < V16 Upd3), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC ProSave (All versions < V17), SIMATIC S7-1500 Software Controller (All versions < V21.8), SIMATIC STEP 7 (All versions < V5.6 SP2 HF3), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMATIC WinCC OA V3.16 (All versions < V3.16 P018), SIMATIC WinCC OA V3.17 (All versions < V3.17 P003), SIMATIC WinCC Runtime Advanced (All versions < V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 3), SINAMICS STARTER (All Versions < V5.4 HF2), SINAMICS Startdrive (All Versions < V16 Update 3), SINEC NMS (All versions < V1.0 SP2), SINEMA Server (All versions < V14 SP3), SINUMERIK ONE virtual (All Versions < V6.14), SINUMERIK Operate (All Versions < V6.14). A component within the affected application regularly calls a helper binary with SYSTEM privileges while the call path is not quoted." + "value": "A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V16 (All versions < V16 Upd3), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC ProSave (All versions), SIMATIC S7-1500 Software Controller (All versions < V21.8), SIMATIC STEP 7 (All versions < V5.6 SP2 HF3), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMATIC WinCC OA V3.16 (All versions < P018), SIMATIC WinCC OA V3.17 (All versions < P003), SIMATIC WinCC Runtime Advanced (All versions < V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 3), SINAMICS STARTER (All Versions < V5.4 HF2), SINAMICS Startdrive (All Versions < V16 Update 3), SINEC NMS (All versions < V1.0 SP2), SINEMA Server (All versions < V14 SP3), SINUMERIK ONE virtual (All Versions < V6.14), SINUMERIK Operate (All Versions < V6.14). A component within the affected application regularly calls a helper binary with SYSTEM privileges while the call path is not quoted." } ] }, diff --git a/2021/0xxx/CVE-2021-0002.json b/2021/0xxx/CVE-2021-0002.json index a01cffb9cdd..4fbd0295a0f 100644 --- a/2021/0xxx/CVE-2021-0002.json +++ b/2021/0xxx/CVE-2021-0002.json @@ -63,11 +63,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-cbad295a90", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKMUMLUH6ENNMLGTJ5AFRF6764ILEMYJ/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-9818cabe0d", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MFLYHRQPDF6ZMESCI3HRNOP6D6GELPFR/" } ] }, diff --git a/2021/0xxx/CVE-2021-0012.json b/2021/0xxx/CVE-2021-0012.json index 39c60d62996..2d1e20a9cc4 100644 --- a/2021/0xxx/CVE-2021-0012.json +++ b/2021/0xxx/CVE-2021-0012.json @@ -48,11 +48,6 @@ "refsource": "MISC", "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00508.html", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00508.html" - }, - { - "refsource": "CONFIRM", - "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00566.html", - "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00566.html" } ] }, diff --git a/2021/0xxx/CVE-2021-0283.json b/2021/0xxx/CVE-2021-0283.json index ccbf6d5dd82..7f538da41eb 100644 --- a/2021/0xxx/CVE-2021-0283.json +++ b/2021/0xxx/CVE-2021-0283.json @@ -74,7 +74,7 @@ { "version_affected": "<", "version_name": "18.4", - "version_value": "18.4R2-S9, 18.4R3-S9" + "version_value": "18.4R3-S9" }, { "version_affected": "<", @@ -84,17 +84,17 @@ { "version_affected": "<", "version_name": "19.2", - "version_value": "19.2R1-S7, 19.2R3-S3" + "version_value": "19.2R3-S3" }, { "version_affected": "<", "version_name": "19.3", - "version_value": "19.3R2-S7, 19.3R3-S3" + "version_value": "19.3R3-S3" }, { "version_affected": "<", "version_name": "19.4", - "version_value": "19.4R3-S5" + "version_value": "19.4R1-S4, 19.4R3-S5" }, { "version_affected": "<", @@ -124,7 +124,7 @@ { "version_affected": "<", "version_name": "21.2", - "version_value": "21.2R1-S1, 21.2R2" + "version_value": "21.2R2" } ] } @@ -143,7 +143,7 @@ "description_data": [ { "lang": "eng", - "value": "A buffer overflow vulnerability in the TCP/IP stack of Juniper Networks Junos OS allows an attacker to send specific sequences of packets to the device thereby causing a Denial of Service (DoS). By repeatedly sending these sequences of packets to the device, an attacker can sustain the Denial of Service (DoS) condition. The device will abnormally shut down as a result of these sent packets. A potential indicator of compromise will be the following message in the log files: \"eventd[13955]: SYSTEM_ABNORMAL_SHUTDOWN: System abnormally shut down\" These issue are only triggered by traffic destined to the device. Transit traffic will not trigger these issues. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S19; 15.1 versions prior to 15.1R7-S10; 16.1 version 16.1R1 and later versions; 16.2 version 16.2R1 and later versions; 17.1 version 17.1R1 and later versions; 17.2 version 17.2R1 and later versions; 17.3 versions prior to 17.3R3-S12; 17.4 version 17.4R1 and later versions; 18.1 versions prior to 18.1R3-S13; 18.2 version 18.2R1 and later versions; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R2-S9, 18.4R3-S9; 19.1 versions prior to 19.1R3-S6; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 19.3R2-S7, 19.3R3-S3; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R2-S2, 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R2-S1, 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2; 21.2 versions prior to 21.2R1-S1, 21.2R2." + "value": "A buffer overflow vulnerability in the TCP/IP stack of Juniper Networks Junos OS allows an attacker to send specific sequences of packets to the device thereby causing a Denial of Service (DoS). By repeatedly sending these sequences of packets to the device, an attacker can sustain the Denial of Service (DoS) condition. The device will abnormally shut down as a result of these sent packets. A potential indicator of compromise will be the following message in the log files: \"eventd[13955]: SYSTEM_ABNORMAL_SHUTDOWN: System abnormally shut down\" These issue are only triggered by traffic destined to the device. Transit traffic will not trigger these issues. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S19; 15.1 versions prior to 15.1R7-S10; 16.1 version 16.1R1 and later versions; 16.2 version 16.2R1 and later versions; 17.1 version 17.1R1 and later versions; 17.2 version 17.2R1 and later versions; 17.3 versions prior to 17.3R3-S12; 17.4 version 17.4R1 and later versions; 18.1 versions prior to 18.1R3-S13; 18.2 version 18.2R1 and later versions; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R3-S9; 19.1 versions prior to 19.1R3-S6; 19.2 versions prior to 19.2R3-S3; 19.3 versions prior to 19.3R3-S3; 19.4 versions prior to 19.4R1-S4, 19.4R3-S5; 20.1 versions prior to 20.1R2-S2, 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R2-S1, 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2; 21.2 versions prior to 21.2R2." } ] }, @@ -196,7 +196,7 @@ "solution": [ { "lang": "eng", - "value": "The following software releases have been updated to resolve this specific issue: 12.3R12-S19, 15.1R7-S10, 17.3R3-S12, 18.1R3-S13, 18.3R3-S5, 18.4R2-S9, 18.4R3-S9, 19.1R3-S6, 19.2R1-S7, 19.2R3-S3, 19.3R2-S7, 19.3R3-S3, 19.4R3-S5, 20.1R2-S2, 20.1R3-S1, 20.2R3-S2, 20.3R3, 20.4R2-S1, 20.4R3, 21.1R1-S1, 21.1R2, 21.2R1-S1, 21.2R2, 21.3R1, and all subsequent releases." + "value": "The following software releases have been updated to resolve this specific issue: 12.3R12-S19, 15.1R7-S10, 17.3R3-S12, 18.1R3-S13, 18.3R3-S5, 18.4R3-S9, 19.1R3-S6, 19.2R3-S3, 19.3R3-S3, 19.4R1-S4, 19.4R3-S5, 20.1R2-S2, 20.1R3-S1, 20.2R3-S2, 20.3R3, 20.4R2-S1, 20.4R3, 21.1R1-S1, 21.1R2, 21.2R2, 21.3R1, and all subsequent releases." } ], "source": { diff --git a/2021/0xxx/CVE-2021-0284.json b/2021/0xxx/CVE-2021-0284.json index b45b6888570..dde876dcc7d 100644 --- a/2021/0xxx/CVE-2021-0284.json +++ b/2021/0xxx/CVE-2021-0284.json @@ -34,7 +34,7 @@ { "version_affected": "<", "version_name": "18.4", - "version_value": "18.4R2-S9, 18.4R3-S9" + "version_value": "18.4R3-S9" }, { "version_affected": "<", @@ -49,7 +49,7 @@ { "version_affected": "<", "version_name": "19.3", - "version_value": "19.3R2-S7, 19.3R3-S3" + "version_value": "19.3R3-S3" }, { "version_affected": "<", @@ -84,7 +84,7 @@ { "version_affected": "<", "version_name": "21.2", - "version_value": "21.2R1-S1, 21.2R2" + "version_value": "21.2R2" } ] } @@ -103,7 +103,7 @@ "description_data": [ { "lang": "eng", - "value": "A buffer overflow vulnerability in the TCP/IP stack of Juniper Networks Junos OS allows an attacker to send specific sequences of packets to the device thereby causing a Denial of Service (DoS). By repeatedly sending these sequences of packets to the device, an attacker can sustain the Denial of Service (DoS) condition. The device will abnormally shut down as a result of these sent packets. A potential indicator of compromise will be the following message in the log files: \"eventd[13955]: SYSTEM_ABNORMAL_SHUTDOWN: System abnormally shut down\" This issue is only triggered by traffic destined to the device. Transit traffic will not trigger this issue. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S19; 15.1 versions prior to 15.1R7-S10; 17.3 versions prior to 17.3R3-S12; 18.4 versions prior to 18.4R2-S9, 18.4R3-S9; 19.1 versions prior to 19.1R3-S7; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 19.3R2-S7, 19.3R3-S3; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R2-S2, 20.4R3; 21.1 versions prior to 21.1R2; 21.2 versions prior to 21.2R1-S1, 21.2R2." + "value": "A buffer overflow vulnerability in the TCP/IP stack of Juniper Networks Junos OS allows an attacker to send specific sequences of packets to the device thereby causing a Denial of Service (DoS). By repeatedly sending these sequences of packets to the device, an attacker can sustain the Denial of Service (DoS) condition. The device will abnormally shut down as a result of these sent packets. A potential indicator of compromise will be the following message in the log files: \"eventd[13955]: SYSTEM_ABNORMAL_SHUTDOWN: System abnormally shut down\" This issue is only triggered by traffic destined to the device. Transit traffic will not trigger this issue. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S19; 15.1 versions prior to 15.1R7-S10; 17.3 versions prior to 17.3R3-S12; 18.4 versions prior to 18.4R3-S9; 19.1 versions prior to 19.1R3-S7; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 19.3R3-S3; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R2-S2, 20.4R3; 21.1 versions prior to 21.1R2; 21.2 versions prior to 21.2R2." } ] }, @@ -156,7 +156,7 @@ "solution": [ { "lang": "eng", - "value": "The following software releases have been updated to resolve this specific issue: \n\n12.3R12-S19, 15.1R7-S10, 17.3R3-S12, 18.4R2-S9, 18.4R3-S9, 19.1R3-S7, 19.2R1-S7, 19.2R3-S3, 19.3R2-S7, 19.3R3-S3, 19.4R3-S5, 20.1R3-S1, 20.2R3-S2, 20.3R3-S1, 20.4R2-S2, 20.4R3, 21.1R2, 21.2R1-S1, 21.2R2, 21.3R1, and all subsequent releases.\n\n" + "value": "The following software releases have been updated to resolve this specific issue: 12.3R12-S19, 15.1R7-S10, 17.3R3-S12, 18.4R3-S9, 19.1R3-S7, 19.2R1-S7, 19.2R3-S3, 19.3R3-S3, 19.4R3-S5, 20.1R3-S1, 20.2R3-S2, 20.4R2-S2, 20.4R3, 21.1R2, 21.2R2, 21.3R1, and all subsequent releases.\n" } ], "source": { diff --git a/2021/0xxx/CVE-2021-0870.json b/2021/0xxx/CVE-2021-0870.json index 6129c24a9ab..5035164cf64 100644 --- a/2021/0xxx/CVE-2021-0870.json +++ b/2021/0xxx/CVE-2021-0870.json @@ -48,11 +48,6 @@ "refsource": "MISC", "name": "https://source.android.com/security/bulletin/2021-10-01", "url": "https://source.android.com/security/bulletin/2021-10-01" - }, - { - "refsource": "MISC", - "name": "http://packetstormsecurity.com/files/164704/Android-NFC-Type-Confusion.html", - "url": "http://packetstormsecurity.com/files/164704/Android-NFC-Type-Confusion.html" } ] }, diff --git a/2021/1xxx/CVE-2021-1118.json b/2021/1xxx/CVE-2021-1118.json index 9b78bff8d52..eabe962cdab 100644 --- a/2021/1xxx/CVE-2021-1118.json +++ b/2021/1xxx/CVE-2021-1118.json @@ -1,70 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "psirt@nvidia.com", - "ID": "CVE-2021-1118", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "NVIDIA Virtual GPU Software", - "version": { - "version_data": [ - { - "version_value": "vGPU version 13.x (prior to 13.1), 12.x (prior to 12.4), version 11.x (prior to 11.6) and version 8.x (prior 8.9)." - } - ] - } - } - ] - }, - "vendor_name": "NVIDIA" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-1118", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where there is the potential to execute privileged operations by the guest OS, which may lead to information disclosure, data tampering, escalation of privileges, and denial of service" - } - ] - }, - "impact": { - "cvss": { - "baseScore" : 7.8, - "baseSeverity" : "High", - "vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", - "version" : "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-250: Execution with Unnecessary Privileges" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5230", - "refsource": "CONFIRM", - "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5230" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } -} +} \ No newline at end of file diff --git a/2021/1xxx/CVE-2021-1119.json b/2021/1xxx/CVE-2021-1119.json index 909bd8c9676..4b1aa422d75 100644 --- a/2021/1xxx/CVE-2021-1119.json +++ b/2021/1xxx/CVE-2021-1119.json @@ -1,70 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "psirt@nvidia.com", - "ID": "CVE-2021-1119", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "NVIDIA Virtual GPU Software", - "version": { - "version_data": [ - { - "version_value": "vGPU version 13.x (prior to 13.1), 12.x (prior to 12.4), version 11.x (prior to 11.6) and version 8.x (prior 8.9)." - } - ] - } - } - ] - }, - "vendor_name": "NVIDIA" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-1119", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can double-free a pointer, which may lead to denial of service. This flaw may result in a write-what-where condition, allowing an attacker to execute arbitrary code impacting integrity and availability." - } - ] - }, - "impact": { - "cvss": { - "baseScore" : 7.1, - "baseSeverity" : "High", - "vectorString" : "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", - "version" : "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-415: Double Free" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5230", - "refsource": "CONFIRM", - "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5230" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } -} +} \ No newline at end of file diff --git a/2021/1xxx/CVE-2021-1120.json b/2021/1xxx/CVE-2021-1120.json index f00d05c792e..c81b6b35922 100644 --- a/2021/1xxx/CVE-2021-1120.json +++ b/2021/1xxx/CVE-2021-1120.json @@ -1,70 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "psirt@nvidia.com", - "ID": "CVE-2021-1120", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "NVIDIA Virtual GPU Software", - "version": { - "version_data": [ - { - "version_value": "vGPU version 13.x (prior to 13.1), 12.x (prior to 12.4), version 11.x (prior to 11.6) and version 8.x (prior 8.9)." - } - ] - } - } - ] - }, - "vendor_name": "NVIDIA" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-1120", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a string provided by the guest OS may not be properly null terminated. The guest OS or attacker has no ability to push content to the plugin through this vulnerability, which may lead to information disclosure, data tampering, unauthorized code execution, and denial of service." - } - ] - }, - "impact": { - "cvss": { - "baseScore" : 7.0, - "baseSeverity" : "High", - "vectorString" : "AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", - "version" : "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-170: Improper Null Termination" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5230", - "refsource": "CONFIRM", - "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5230" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } -} +} \ No newline at end of file diff --git a/2021/1xxx/CVE-2021-1121.json b/2021/1xxx/CVE-2021-1121.json index e9724dfbaf5..85ec7c8f379 100644 --- a/2021/1xxx/CVE-2021-1121.json +++ b/2021/1xxx/CVE-2021-1121.json @@ -1,70 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "psirt@nvidia.com", - "ID": "CVE-2021-1121", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "NVIDIA Virtual GPU Software", - "version": { - "version_data": [ - { - "version_value": "vGPU version 13.x (prior to 13.1), 12.x (prior to 12.4), version 11.x (prior to 11.6) and version 8.x (prior 8.9)." - } - ] - } - } - ] - }, - "vendor_name": "NVIDIA" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-1121", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager kernel driver, where a vGPU can cause resource starvation among other vGPUs hosted on the same GPU, which may lead to denial of service." - } - ] - }, - "impact": { - "cvss": { - "baseScore" : 5.5, - "baseSeverity" : "Medium", - "vectorString" : "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", - "version" : "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-770: Allocation of Resources Without Limits or Throttling" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5230", - "refsource": "CONFIRM", - "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5230" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } -} +} \ No newline at end of file diff --git a/2021/1xxx/CVE-2021-1122.json b/2021/1xxx/CVE-2021-1122.json index a79c7185283..8009554108f 100644 --- a/2021/1xxx/CVE-2021-1122.json +++ b/2021/1xxx/CVE-2021-1122.json @@ -1,70 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "psirt@nvidia.com", - "ID": "CVE-2021-1122", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "NVIDIA Virtual GPU Software", - "version": { - "version_data": [ - { - "version_value": "vGPU version 13.x (prior to 13.1), 12.x (prior to 12.4), version 11.x (prior to 11.6) and version 8.x (prior 8.9)." - } - ] - } - } - ] - }, - "vendor_name": "NVIDIA" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-1122", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can dereference a NULL pointer, which may lead to denial of service." - } - ] - }, - "impact": { - "cvss": { - "baseScore" : 5.5, - "baseSeverity" : "Medium", - "vectorString" : "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", - "version" : "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-476: NULL Pointer Dereference" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5230", - "refsource": "CONFIRM", - "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5230" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } -} +} \ No newline at end of file diff --git a/2021/1xxx/CVE-2021-1123.json b/2021/1xxx/CVE-2021-1123.json index 1ad70bf3681..cd386d61bd8 100644 --- a/2021/1xxx/CVE-2021-1123.json +++ b/2021/1xxx/CVE-2021-1123.json @@ -1,70 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "psirt@nvidia.com", - "ID": "CVE-2021-1123", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "NVIDIA Virtual GPU Software", - "version": { - "version_data": [ - { - "version_value": "vGPU version 13.x (prior to 13.1), 12.x (prior to 12.4), version 11.x (prior to 11.6) and version 8.x (prior 8.9)." - } - ] - } - } - ] - }, - "vendor_name": "NVIDIA" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-1123", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can deadlock, which may lead to denial of service." - } - ] - }, - "impact": { - "cvss": { - "baseScore" : 5.5, - "baseSeverity" : "High", - "vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", - "version" : "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "denial of service" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5230", - "refsource": "CONFIRM", - "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5230" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } -} +} \ No newline at end of file diff --git a/2021/1xxx/CVE-2021-1500.json b/2021/1xxx/CVE-2021-1500.json index 9a0daeefece..7c45db66085 100644 --- a/2021/1xxx/CVE-2021-1500.json +++ b/2021/1xxx/CVE-2021-1500.json @@ -1,86 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "psirt@cisco.com", - "DATE_PUBLIC": "2021-11-03T16:00:00", - "ID": "CVE-2021-1500", - "STATE": "PUBLIC", - "TITLE": "Cisco Webex Video Mesh Arbitrary Site Redirection Vulnerability" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Cisco Webex Video Mesh ", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "Cisco" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-1500", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability in the web-based management interface of Cisco Webex Video Mesh could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the URL parameters in an HTTP request. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to redirect a user to a malicious website. Attackers may use this type of vulnerability, known as an open redirect attack, as part of a phishing attack to persuade users to unknowingly visit malicious sites." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "exploit": [ - { - "lang": "eng", - "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. " - } - ], - "impact": { - "cvss": { - "baseScore": "5.4", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N ", - "version": "3.0" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-601" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "20211103 Cisco Webex Video Mesh Arbitrary Site Redirection Vulnerability", - "refsource": "CISCO", - "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmesh-openred-AGNRmf5" - } - ] - }, - "source": { - "advisory": "cisco-sa-vmesh-openred-AGNRmf5", - "defect": [ - [ - "CSCvz59109" - ] - ], - "discovery": "INTERNAL" } } \ No newline at end of file diff --git a/2021/20xxx/CVE-2021-20119.json b/2021/20xxx/CVE-2021-20119.json index 9fbe76421c9..c4d3a34441c 100644 --- a/2021/20xxx/CVE-2021-20119.json +++ b/2021/20xxx/CVE-2021-20119.json @@ -4,58 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-20119", - "ASSIGNER": "vulnreport@tenable.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "Arris SurfBoard SB8200", - "version": { - "version_data": [ - { - "version_value": "Arris SurfBoard SB8200 AB01.02.053.01_112320_193.0A.NSH" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Insecure Password Change Utility" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://www.tenable.com/security/research/tra-2021-49", - "url": "https://www.tenable.com/security/research/tra-2021-49" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "The password change utility for the Arris SurfBoard SB8200 can have safety measures bypassed that allow any logged-in user to change the administrator password." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/20xxx/CVE-2021-20135.json b/2021/20xxx/CVE-2021-20135.json index 01e52fa60b7..a4331331614 100644 --- a/2021/20xxx/CVE-2021-20135.json +++ b/2021/20xxx/CVE-2021-20135.json @@ -4,58 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-20135", - "ASSIGNER": "vulnreport@tenable.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "Nessus", - "version": { - "version_data": [ - { - "version_value": "Nessus 8.15.2 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "local privilege escalation" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://www.tenable.com/security/tns-2021-18", - "url": "https://www.tenable.com/security/tns-2021-18" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Nessus versions 8.15.2 and earlier were found to contain a local privilege escalation vulnerability which could allow an authenticated, local administrator to run specific executables on the Nessus Agent host. Tenable has included a fix for this issue in Nessus 10.0.0. The installation files can be obtained from the Tenable Downloads Portal (https://www.tenable.com/downloads/nessus)." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/20xxx/CVE-2021-20136.json b/2021/20xxx/CVE-2021-20136.json index 24e10e51ddc..33c19754ef5 100644 --- a/2021/20xxx/CVE-2021-20136.json +++ b/2021/20xxx/CVE-2021-20136.json @@ -4,58 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-20136", - "ASSIGNER": "vulnreport@tenable.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "ManageEngine Log360", - "version": { - "version_data": [ - { - "version_value": "< 5235" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Improper Access Control" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://www.tenable.com/security/research/tra-2021-48", - "url": "https://www.tenable.com/security/research/tra-2021-48" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "ManageEngine Log360 Builds < 5235 are affected by an improper access control vulnerability allowing database configuration overwrite. An unauthenticated remote attacker can send a specially crafted message to Log360 to change its backend database to an attacker-controlled database and to force Log360 to restart. An attacker can leverage this vulnerability to achieve remote code execution by replacing files executed by Log360 on startup." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/20xxx/CVE-2021-20280.json b/2021/20xxx/CVE-2021-20280.json index 2cd015f5c74..ea9479d4224 100644 --- a/2021/20xxx/CVE-2021-20280.json +++ b/2021/20xxx/CVE-2021-20280.json @@ -63,16 +63,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-50f63a0161", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFH5DDMU5TZ3JT4Q52WMRAHACA5MHIMT/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-431b232659", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGOMHMYM3WICJ6D6U22Z6LPJGT5A6MZM/" - }, - { - "refsource": "MISC", - "name": "http://packetstormsecurity.com/files/164817/Moodle-Cross-Site-Scripting-Server-Side-Request-Forgery.html", - "url": "http://packetstormsecurity.com/files/164817/Moodle-Cross-Site-Scripting-Server-Side-Request-Forgery.html" } ] }, diff --git a/2021/20xxx/CVE-2021-20562.json b/2021/20xxx/CVE-2021-20562.json index a0e2c37c873..1e075c965f1 100644 --- a/2021/20xxx/CVE-2021-20562.json +++ b/2021/20xxx/CVE-2021-20562.json @@ -20,16 +20,6 @@ "name": "ibm-sterling-cve202120562-xss (199232)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/199232" - }, - { - "refsource": "FULLDISC", - "name": "20211104 SEC Consult SA-20211104-0 :: Reflected cross-site scripting vulnerability in IBM Sterling B2B Integrator", - "url": "http://seclists.org/fulldisclosure/2021/Nov/16" - }, - { - "refsource": "MISC", - "name": "http://packetstormsecurity.com/files/164782/IBM-Sterling-B2B-Integrator-Cross-Site-Scripting.html", - "url": "http://packetstormsecurity.com/files/164782/IBM-Sterling-B2B-Integrator-Cross-Site-Scripting.html" } ] }, diff --git a/2021/20xxx/CVE-2021-20600.json b/2021/20xxx/CVE-2021-20600.json index 94c9e3826be..c79d083ffef 100644 --- a/2021/20xxx/CVE-2021-20600.json +++ b/2021/20xxx/CVE-2021-20600.json @@ -65,7 +65,7 @@ "description_data": [ { "lang": "eng", - "value": "Uncontrolled resource consumption in MELSEC iQ-R series C Controller Module R12CCPU-V all versions allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition by sending a large number of packets in a short time while the module starting up. System reset is required for recovery." + "value": "Uncontrolled resource consumption in MELSEC iQ-R series C Controller Module R12CCPU-V all versions allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition by sending a large number of packets in a short time while the module starting up." } ] } diff --git a/2021/20xxx/CVE-2021-20700.json b/2021/20xxx/CVE-2021-20700.json index 9376cd7589b..cde91a9ecfc 100644 --- a/2021/20xxx/CVE-2021-20700.json +++ b/2021/20xxx/CVE-2021-20700.json @@ -4,58 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-20700", - "ASSIGNER": "vultures@jpcert.or.jp", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "NEC Corporation", - "product": { - "product_data": [ - { - "product_name": "CLUSTERPRO X", - "version": { - "version_data": [ - { - "version_value": "CLUSTERPRO X 1.0 for Windows and later, EXPRESSCLUSTER X 1.0 for Windows and later" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Buffer overflow" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://jpn.nec.com/security-info/secinfo/nv21-015_en.html", - "refsource": "MISC", - "name": "https://jpn.nec.com/security-info/secinfo/nv21-015_en.html" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Buffer overflow vulnerability in the Disk Agent CLUSTERPRO X 1.0 for Windows and later, EXPRESSCLUSTER X 1.0 for Windows and later allows attacker to remote code execution via a network." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/20xxx/CVE-2021-20701.json b/2021/20xxx/CVE-2021-20701.json index 8ff93796b30..04098f64e09 100644 --- a/2021/20xxx/CVE-2021-20701.json +++ b/2021/20xxx/CVE-2021-20701.json @@ -4,58 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-20701", - "ASSIGNER": "vultures@jpcert.or.jp", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "NEC Corporation", - "product": { - "product_data": [ - { - "product_name": "CLUSTERPRO X", - "version": { - "version_data": [ - { - "version_value": "CLUSTERPRO X 1.0 for Windows and later, EXPRESSCLUSTER X 1.0 for Windows and later" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Buffer overflow" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://jpn.nec.com/security-info/secinfo/nv21-015_en.html", - "refsource": "MISC", - "name": "https://jpn.nec.com/security-info/secinfo/nv21-015_en.html" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Buffer overflow vulnerability in the Disk Agent CLUSTERPRO X 1.0 for Windows and later, EXPRESSCLUSTER X 1.0 for Windows and later allows attacker to remote code execution via a network." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/20xxx/CVE-2021-20702.json b/2021/20xxx/CVE-2021-20702.json index 32a4bc92cf7..15eb2f6582a 100644 --- a/2021/20xxx/CVE-2021-20702.json +++ b/2021/20xxx/CVE-2021-20702.json @@ -4,58 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-20702", - "ASSIGNER": "vultures@jpcert.or.jp", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "NEC Corporation", - "product": { - "product_data": [ - { - "product_name": "CLUSTERPRO X", - "version": { - "version_data": [ - { - "version_value": "CLUSTERPRO X 1.0 for Windows and later, EXPRESSCLUSTER X 1.0 for Windows and later" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Buffer overflow" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://jpn.nec.com/security-info/secinfo/nv21-015_en.html", - "refsource": "MISC", - "name": "https://jpn.nec.com/security-info/secinfo/nv21-015_en.html" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Buffer overflow vulnerability in the Transaction Server CLUSTERPRO X 1.0 for Windows and later, EXPRESSCLUSTER X 1.0 for Windows and later allows attacker to remote code execution via a network." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/20xxx/CVE-2021-20703.json b/2021/20xxx/CVE-2021-20703.json index 47cc0dab70d..ccbb7af6680 100644 --- a/2021/20xxx/CVE-2021-20703.json +++ b/2021/20xxx/CVE-2021-20703.json @@ -4,58 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-20703", - "ASSIGNER": "vultures@jpcert.or.jp", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "NEC Corporation", - "product": { - "product_data": [ - { - "product_name": "CLUSTERPRO X", - "version": { - "version_data": [ - { - "version_value": "CLUSTERPRO X 1.0 for Windows and later, EXPRESSCLUSTER X 1.0 for Windows and later" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Buffer overflow" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://jpn.nec.com/security-info/secinfo/nv21-015_en.html", - "refsource": "MISC", - "name": "https://jpn.nec.com/security-info/secinfo/nv21-015_en.html" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Buffer overflow vulnerability in the Transaction Server CLUSTERPRO X 1.0 for Windows and later, EXPRESSCLUSTER X 1.0 for Windows and later allows attacker to remote code execution via a network." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/20xxx/CVE-2021-20704.json b/2021/20xxx/CVE-2021-20704.json index 4efc6579b56..96e67193e3c 100644 --- a/2021/20xxx/CVE-2021-20704.json +++ b/2021/20xxx/CVE-2021-20704.json @@ -4,58 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-20704", - "ASSIGNER": "vultures@jpcert.or.jp", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "NEC Corporation", - "product": { - "product_data": [ - { - "product_name": "CLUSTERPRO X", - "version": { - "version_data": [ - { - "version_value": "CLUSTERPRO X 1.0 for Windows and later, EXPRESSCLUSTER X 1.0 for Windows and later" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Buffer overflow" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://jpn.nec.com/security-info/secinfo/nv21-015_en.html", - "refsource": "MISC", - "name": "https://jpn.nec.com/security-info/secinfo/nv21-015_en.html" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Buffer overflow vulnerability in the compatible API with previous versions CLUSTERPRO X 1.0 for Windows and later, EXPRESSCLUSTER X 1.0 for Windows and later allows attacker to remote code execution via a network." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/20xxx/CVE-2021-20705.json b/2021/20xxx/CVE-2021-20705.json index 30457082f11..5cc3f310f74 100644 --- a/2021/20xxx/CVE-2021-20705.json +++ b/2021/20xxx/CVE-2021-20705.json @@ -4,58 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-20705", - "ASSIGNER": "vultures@jpcert.or.jp", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "NEC Corporation", - "product": { - "product_data": [ - { - "product_name": "CLUSTERPRO X", - "version": { - "version_data": [ - { - "version_value": "CLUSTERPRO X 1.0 for Windows and later, EXPRESSCLUSTER X 1.0 for Windows and later" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Improper input Validation" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://jpn.nec.com/security-info/secinfo/nv21-015_en.html", - "refsource": "MISC", - "name": "https://jpn.nec.com/security-info/secinfo/nv21-015_en.html" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Improper input validation vulnerability in the WebManager CLUSTERPRO X 1.0 for Windows and later, EXPRESSCLUSTER X 1.0 for Windows and later allows attacker to remote file upload via network." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/20xxx/CVE-2021-20706.json b/2021/20xxx/CVE-2021-20706.json index 210cada0f2e..ad136cda95d 100644 --- a/2021/20xxx/CVE-2021-20706.json +++ b/2021/20xxx/CVE-2021-20706.json @@ -4,58 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-20706", - "ASSIGNER": "vultures@jpcert.or.jp", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "NEC Corporation", - "product": { - "product_data": [ - { - "product_name": "CLUSTERPRO X", - "version": { - "version_data": [ - { - "version_value": "CLUSTERPRO X 1.0 for Windows and later, EXPRESSCLUSTER X 1.0 for Windows and later" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Improper input Validation" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://jpn.nec.com/security-info/secinfo/nv21-015_en.html", - "refsource": "MISC", - "name": "https://jpn.nec.com/security-info/secinfo/nv21-015_en.html" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Improper input validation vulnerability in the WebManager CLUSTERPRO X 1.0 for Windows and later, EXPRESSCLUSTER X 1.0 for Windows and later allows attacker to remote file upload via network." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/20xxx/CVE-2021-20707.json b/2021/20xxx/CVE-2021-20707.json index e3903d0f00c..02ba45b8854 100644 --- a/2021/20xxx/CVE-2021-20707.json +++ b/2021/20xxx/CVE-2021-20707.json @@ -4,58 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-20707", - "ASSIGNER": "vultures@jpcert.or.jp", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "NEC Corporation", - "product": { - "product_data": [ - { - "product_name": "CLUSTERPRO X", - "version": { - "version_data": [ - { - "version_value": "CLUSTERPRO X 1.0 for Windows and later, EXPRESSCLUSTER X 1.0 for Windows and later" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Improper input Validation" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://jpn.nec.com/security-info/secinfo/nv21-015_en.html", - "refsource": "MISC", - "name": "https://jpn.nec.com/security-info/secinfo/nv21-015_en.html" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Improper input validation vulnerability in the Transaction Server CLUSTERPRO X 1.0 for Windows and later, EXPRESSCLUSTER X 1.0 for Windows and later allows attacker to read files upload via network.." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/20xxx/CVE-2021-20837.json b/2021/20xxx/CVE-2021-20837.json index 95d56c2965f..2ea1e67020a 100644 --- a/2021/20xxx/CVE-2021-20837.json +++ b/2021/20xxx/CVE-2021-20837.json @@ -53,16 +53,6 @@ "url": "https://jvn.jp/en/jp/JVN41119755/index.html", "refsource": "MISC", "name": "https://jvn.jp/en/jp/JVN41119755/index.html" - }, - { - "refsource": "MISC", - "name": "http://packetstormsecurity.com/files/164705/Movable-Type-7-r.5002-XMLRPC-API-Remote-Command-Injection.html", - "url": "http://packetstormsecurity.com/files/164705/Movable-Type-7-r.5002-XMLRPC-API-Remote-Command-Injection.html" - }, - { - "refsource": "MISC", - "name": "http://packetstormsecurity.com/files/164818/Movable-Type-7-r.5002-XMLRPC-API-Remote-Command-Injection.html", - "url": "http://packetstormsecurity.com/files/164818/Movable-Type-7-r.5002-XMLRPC-API-Remote-Command-Injection.html" } ] }, diff --git a/2021/20xxx/CVE-2021-20838.json b/2021/20xxx/CVE-2021-20838.json index 7fe8342c1f9..2cdf554a93c 100644 --- a/2021/20xxx/CVE-2021-20838.json +++ b/2021/20xxx/CVE-2021-20838.json @@ -4,63 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-20838", - "ASSIGNER": "vultures@jpcert.or.jp", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Antenna House, Inc.", - "product": { - "product_data": [ - { - "product_name": "Office Server Document Converter", - "version": { - "version_data": [ - { - "version_value": "V7.2MR4 and earlier and V7.1MR7 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "XML external entities (XXE)" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.antenna.co.jp/news/2021/osdc72-20211027.html", - "refsource": "MISC", - "name": "https://www.antenna.co.jp/news/2021/osdc72-20211027.html" - }, - { - "url": "https://jvn.jp/en/jp/JVN33453839/index.html", - "refsource": "MISC", - "name": "https://jvn.jp/en/jp/JVN33453839/index.html" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Office Server Document Converter V7.2MR4 and earlier and V7.1MR7 and earlier allows a remote unauthenticated attacker to conduct an XML External Entity (XXE) attack to cause a denial of service (DoS) condition by processing a specially crafted XML document." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/20xxx/CVE-2021-20839.json b/2021/20xxx/CVE-2021-20839.json index b03e41f1e56..437a90d23af 100644 --- a/2021/20xxx/CVE-2021-20839.json +++ b/2021/20xxx/CVE-2021-20839.json @@ -4,63 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-20839", - "ASSIGNER": "vultures@jpcert.or.jp", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Antenna House, Inc.", - "product": { - "product_data": [ - { - "product_name": "Office Server Document Converter", - "version": { - "version_data": [ - { - "version_value": "V7.2MR4 and earlier and V7.1MR7 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "XML external entities (XXE)" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.antenna.co.jp/news/2021/osdc72-20211027.html", - "refsource": "MISC", - "name": "https://www.antenna.co.jp/news/2021/osdc72-20211027.html" - }, - { - "url": "https://jvn.jp/en/jp/JVN33453839/index.html", - "refsource": "MISC", - "name": "https://jvn.jp/en/jp/JVN33453839/index.html" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Office Server Document Converter V7.2MR4 and earlier and V7.1MR7 and earlier allows a remote unauthenticated attacker to conduct an XML External Entity (XXE) attack to cause a denial of service (DoS) condition to the other servers by processing a specially crafted XML document." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/21xxx/CVE-2021-21341.json b/2021/21xxx/CVE-2021-21341.json index cdc1a1f9948..9935a9c4368 100644 --- a/2021/21xxx/CVE-2021-21341.json +++ b/2021/21xxx/CVE-2021-21341.json @@ -136,11 +136,6 @@ "url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpuoct2021.html" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-5e376c0ed9", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PVPHZA7VW2RRSDCOIPP2W6O5ND254TU7/" } ] }, diff --git a/2021/21xxx/CVE-2021-21342.json b/2021/21xxx/CVE-2021-21342.json index d06e353bd35..a645111ceb5 100644 --- a/2021/21xxx/CVE-2021-21342.json +++ b/2021/21xxx/CVE-2021-21342.json @@ -136,11 +136,6 @@ "url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpuoct2021.html" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-5e376c0ed9", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PVPHZA7VW2RRSDCOIPP2W6O5ND254TU7/" } ] }, diff --git a/2021/21xxx/CVE-2021-21343.json b/2021/21xxx/CVE-2021-21343.json index 858b108bcec..a7245603c28 100644 --- a/2021/21xxx/CVE-2021-21343.json +++ b/2021/21xxx/CVE-2021-21343.json @@ -136,11 +136,6 @@ "url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpuoct2021.html" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-5e376c0ed9", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PVPHZA7VW2RRSDCOIPP2W6O5ND254TU7/" } ] }, diff --git a/2021/21xxx/CVE-2021-21344.json b/2021/21xxx/CVE-2021-21344.json index 79fbf457a24..447f8af7da8 100644 --- a/2021/21xxx/CVE-2021-21344.json +++ b/2021/21xxx/CVE-2021-21344.json @@ -136,11 +136,6 @@ "url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpuoct2021.html" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-5e376c0ed9", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PVPHZA7VW2RRSDCOIPP2W6O5ND254TU7/" } ] }, diff --git a/2021/21xxx/CVE-2021-21345.json b/2021/21xxx/CVE-2021-21345.json index 0eb61a7d17e..8d496aee5f6 100644 --- a/2021/21xxx/CVE-2021-21345.json +++ b/2021/21xxx/CVE-2021-21345.json @@ -141,11 +141,6 @@ "url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpuoct2021.html" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-5e376c0ed9", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PVPHZA7VW2RRSDCOIPP2W6O5ND254TU7/" } ] }, diff --git a/2021/21xxx/CVE-2021-21346.json b/2021/21xxx/CVE-2021-21346.json index 1af4d4e0298..802ec4e0aab 100644 --- a/2021/21xxx/CVE-2021-21346.json +++ b/2021/21xxx/CVE-2021-21346.json @@ -136,11 +136,6 @@ "url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpuoct2021.html" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-5e376c0ed9", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PVPHZA7VW2RRSDCOIPP2W6O5ND254TU7/" } ] }, diff --git a/2021/21xxx/CVE-2021-21347.json b/2021/21xxx/CVE-2021-21347.json index eac7e3c1eed..03476a484a1 100644 --- a/2021/21xxx/CVE-2021-21347.json +++ b/2021/21xxx/CVE-2021-21347.json @@ -136,11 +136,6 @@ "url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpuoct2021.html" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-5e376c0ed9", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PVPHZA7VW2RRSDCOIPP2W6O5ND254TU7/" } ] }, diff --git a/2021/21xxx/CVE-2021-21348.json b/2021/21xxx/CVE-2021-21348.json index 4ce04c7266c..60b6c5366a8 100644 --- a/2021/21xxx/CVE-2021-21348.json +++ b/2021/21xxx/CVE-2021-21348.json @@ -136,11 +136,6 @@ "url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpuoct2021.html" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-5e376c0ed9", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PVPHZA7VW2RRSDCOIPP2W6O5ND254TU7/" } ] }, diff --git a/2021/21xxx/CVE-2021-21349.json b/2021/21xxx/CVE-2021-21349.json index 43eb2aaf562..9dffc8ff455 100644 --- a/2021/21xxx/CVE-2021-21349.json +++ b/2021/21xxx/CVE-2021-21349.json @@ -136,11 +136,6 @@ "url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpuoct2021.html" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-5e376c0ed9", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PVPHZA7VW2RRSDCOIPP2W6O5ND254TU7/" } ] }, diff --git a/2021/21xxx/CVE-2021-21350.json b/2021/21xxx/CVE-2021-21350.json index 2c14724d89f..64a583528cf 100644 --- a/2021/21xxx/CVE-2021-21350.json +++ b/2021/21xxx/CVE-2021-21350.json @@ -136,11 +136,6 @@ "url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpuoct2021.html" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-5e376c0ed9", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PVPHZA7VW2RRSDCOIPP2W6O5ND254TU7/" } ] }, diff --git a/2021/21xxx/CVE-2021-21351.json b/2021/21xxx/CVE-2021-21351.json index e8bb217be8d..2ec86a05c29 100644 --- a/2021/21xxx/CVE-2021-21351.json +++ b/2021/21xxx/CVE-2021-21351.json @@ -136,11 +136,6 @@ "url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpuoct2021.html" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-5e376c0ed9", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PVPHZA7VW2RRSDCOIPP2W6O5ND254TU7/" } ] }, diff --git a/2021/21xxx/CVE-2021-21685.json b/2021/21xxx/CVE-2021-21685.json index 22d46b4dd91..0a32f90a068 100644 --- a/2021/21xxx/CVE-2021-21685.json +++ b/2021/21xxx/CVE-2021-21685.json @@ -1,71 +1,17 @@ { + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-21685", - "ASSIGNER": "jenkinsci-cert@googlegroups.com", - "STATE": "PUBLIC" + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins", - "version": { - "version_data": [ - { - "version_value": "2.318", - "version_affected": "<=" - }, - { - "version_value": "LTS 2.303.2", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "Jenkins 2.318 and earlier, LTS 2.303.2 and earlier does not check agent-to-controller access to create parent directories in FilePath#mkdirs." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-862: Missing Authorization" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455", - "url": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455", - "refsource": "CONFIRM" - }, - { - "refsource": "MLIST", - "name": "[oss-security] 20211104 Multiple vulnerabilities in Jenkins and Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2021/11/04/3" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/21xxx/CVE-2021-21686.json b/2021/21xxx/CVE-2021-21686.json index df666486d4d..8699fb828fb 100644 --- a/2021/21xxx/CVE-2021-21686.json +++ b/2021/21xxx/CVE-2021-21686.json @@ -1,66 +1,17 @@ { + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-21686", - "ASSIGNER": "jenkinsci-cert@googlegroups.com", - "STATE": "PUBLIC" + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins", - "version": { - "version_data": [ - { - "version_value": "2.318", - "version_affected": "<=" - }, - { - "version_value": "LTS 2.303.2", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "File path filters in the agent-to-controller security subsystem of Jenkins 2.318 and earlier, LTS 2.303.2 and earlier do not canonicalize paths, allowing operations to follow symbolic links to outside allowed directories." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455", - "url": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455", - "refsource": "CONFIRM" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/21xxx/CVE-2021-21687.json b/2021/21xxx/CVE-2021-21687.json index 60d5bc765e8..579f346d003 100644 --- a/2021/21xxx/CVE-2021-21687.json +++ b/2021/21xxx/CVE-2021-21687.json @@ -1,66 +1,17 @@ { + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-21687", - "ASSIGNER": "jenkinsci-cert@googlegroups.com", - "STATE": "PUBLIC" + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins", - "version": { - "version_data": [ - { - "version_value": "2.318", - "version_affected": "<=" - }, - { - "version_value": "LTS 2.303.2", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "Jenkins 2.318 and earlier, LTS 2.303.2 and earlier does not check agent-to-controller access to create symbolic links when unarchiving a symbolic link in FilePath#untar." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-862: Missing Authorization" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455", - "url": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455", - "refsource": "CONFIRM" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/21xxx/CVE-2021-21688.json b/2021/21xxx/CVE-2021-21688.json index f1170d81afa..ccbf2b25e48 100644 --- a/2021/21xxx/CVE-2021-21688.json +++ b/2021/21xxx/CVE-2021-21688.json @@ -1,66 +1,17 @@ { + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-21688", - "ASSIGNER": "jenkinsci-cert@googlegroups.com", - "STATE": "PUBLIC" + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins", - "version": { - "version_data": [ - { - "version_value": "2.318", - "version_affected": "<=" - }, - { - "version_value": "LTS 2.303.2", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "The agent-to-controller security check FilePath#reading(FileVisitor) in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier does not reject any operations, allowing users to have unrestricted read access using certain operations (creating archives, FilePath#copyRecursiveTo)." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-862: Missing Authorization" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455", - "url": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455", - "refsource": "CONFIRM" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/21xxx/CVE-2021-21689.json b/2021/21xxx/CVE-2021-21689.json index a48b715a194..ae0dfd9aa25 100644 --- a/2021/21xxx/CVE-2021-21689.json +++ b/2021/21xxx/CVE-2021-21689.json @@ -1,66 +1,17 @@ { + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-21689", - "ASSIGNER": "jenkinsci-cert@googlegroups.com", - "STATE": "PUBLIC" + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins", - "version": { - "version_data": [ - { - "version_value": "2.318", - "version_affected": "<=" - }, - { - "version_value": "LTS 2.303.2", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "FilePath#unzip and FilePath#untar were not subject to any agent-to-controller access control in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-862: Missing Authorization" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455", - "url": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455", - "refsource": "CONFIRM" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/21xxx/CVE-2021-21690.json b/2021/21xxx/CVE-2021-21690.json index 2c96c10cce9..6e2e2df96f3 100644 --- a/2021/21xxx/CVE-2021-21690.json +++ b/2021/21xxx/CVE-2021-21690.json @@ -1,66 +1,17 @@ { + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-21690", - "ASSIGNER": "jenkinsci-cert@googlegroups.com", - "STATE": "PUBLIC" + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins", - "version": { - "version_data": [ - { - "version_value": "2.318", - "version_affected": "<=" - }, - { - "version_value": "LTS 2.303.2", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "Agent processes are able to completely bypass file path filtering by wrapping the file operation in an agent file path in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-693: Protection Mechanism Failure" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455", - "url": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455", - "refsource": "CONFIRM" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/21xxx/CVE-2021-21691.json b/2021/21xxx/CVE-2021-21691.json index 2bbcf6edfc3..06243ec32ab 100644 --- a/2021/21xxx/CVE-2021-21691.json +++ b/2021/21xxx/CVE-2021-21691.json @@ -1,66 +1,17 @@ { + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-21691", - "ASSIGNER": "jenkinsci-cert@googlegroups.com", - "STATE": "PUBLIC" + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins", - "version": { - "version_data": [ - { - "version_value": "2.318", - "version_affected": "<=" - }, - { - "version_value": "LTS 2.303.2", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "Creating symbolic links is possible without the 'symlink' agent-to-controller access control permission in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-863: Incorrect Authorization" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455", - "url": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455", - "refsource": "CONFIRM" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/21xxx/CVE-2021-21692.json b/2021/21xxx/CVE-2021-21692.json index f2dd34c3193..d867a949cf6 100644 --- a/2021/21xxx/CVE-2021-21692.json +++ b/2021/21xxx/CVE-2021-21692.json @@ -1,66 +1,17 @@ { + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-21692", - "ASSIGNER": "jenkinsci-cert@googlegroups.com", - "STATE": "PUBLIC" + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins", - "version": { - "version_data": [ - { - "version_value": "2.318", - "version_affected": "<=" - }, - { - "version_value": "LTS 2.303.2", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "FilePath#renameTo and FilePath#moveAllChildrenTo in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier only check 'read' agent-to-controller access permission on the source path, instead of 'delete'." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-863: Incorrect Authorization" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455", - "url": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455", - "refsource": "CONFIRM" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/21xxx/CVE-2021-21693.json b/2021/21xxx/CVE-2021-21693.json index 6f45b0cad26..ab1802b4fc1 100644 --- a/2021/21xxx/CVE-2021-21693.json +++ b/2021/21xxx/CVE-2021-21693.json @@ -1,66 +1,17 @@ { + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-21693", - "ASSIGNER": "jenkinsci-cert@googlegroups.com", - "STATE": "PUBLIC" + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins", - "version": { - "version_data": [ - { - "version_value": "2.318", - "version_affected": "<=" - }, - { - "version_value": "LTS 2.303.2", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "When creating temporary files, agent-to-controller access to create those files is only checked after they've been created in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-285: Improper Authorization" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455", - "url": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455", - "refsource": "CONFIRM" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/21xxx/CVE-2021-21694.json b/2021/21xxx/CVE-2021-21694.json index 04f151cbcc0..98c0fcbe8c4 100644 --- a/2021/21xxx/CVE-2021-21694.json +++ b/2021/21xxx/CVE-2021-21694.json @@ -1,66 +1,17 @@ { + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-21694", - "ASSIGNER": "jenkinsci-cert@googlegroups.com", - "STATE": "PUBLIC" + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins", - "version": { - "version_data": [ - { - "version_value": "2.318", - "version_affected": "<=" - }, - { - "version_value": "LTS 2.303.2", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "FilePath#toURI, FilePath#hasSymlink, FilePath#absolutize, FilePath#isDescendant, and FilePath#get*DiskSpace do not check any permissions in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-862: Missing Authorization" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455", - "url": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455", - "refsource": "CONFIRM" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/21xxx/CVE-2021-21695.json b/2021/21xxx/CVE-2021-21695.json index bf11486176f..fbd59e18273 100644 --- a/2021/21xxx/CVE-2021-21695.json +++ b/2021/21xxx/CVE-2021-21695.json @@ -1,71 +1,17 @@ { + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-21695", - "ASSIGNER": "jenkinsci-cert@googlegroups.com", - "STATE": "PUBLIC" + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins", - "version": { - "version_data": [ - { - "version_value": "2.318", - "version_affected": "<=" - }, - { - "version_value": "LTS 2.303.2", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "FilePath#listFiles lists files outside directories that agents are allowed to access when following symbolic links in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-862: Missing Authorization" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455", - "url": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455", - "refsource": "CONFIRM" - }, - { - "refsource": "MLIST", - "name": "[oss-security] 20211104 Multiple vulnerabilities in Jenkins and Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2021/11/04/3" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/21xxx/CVE-2021-21696.json b/2021/21xxx/CVE-2021-21696.json index dc5c679bac0..01ff2d61c8c 100644 --- a/2021/21xxx/CVE-2021-21696.json +++ b/2021/21xxx/CVE-2021-21696.json @@ -1,71 +1,17 @@ { + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-21696", - "ASSIGNER": "jenkinsci-cert@googlegroups.com", - "STATE": "PUBLIC" + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins", - "version": { - "version_data": [ - { - "version_value": "2.318", - "version_affected": "<=" - }, - { - "version_value": "LTS 2.303.2", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "Jenkins 2.318 and earlier, LTS 2.303.2 and earlier does not limit agent read/write access to the libs/ directory inside build directories when using the FilePath APIs, allowing attackers in control of agent processes to replace the code of a trusted library with a modified variant. This results in unsandboxed code execution in the Jenkins controller process." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-693: Protection Mechanism Failure" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2423", - "url": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2423", - "refsource": "CONFIRM" - }, - { - "refsource": "MLIST", - "name": "[oss-security] 20211104 Multiple vulnerabilities in Jenkins and Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2021/11/04/3" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/21xxx/CVE-2021-21697.json b/2021/21xxx/CVE-2021-21697.json index 9837d60fa87..9ff28457a3b 100644 --- a/2021/21xxx/CVE-2021-21697.json +++ b/2021/21xxx/CVE-2021-21697.json @@ -1,71 +1,17 @@ { + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-21697", - "ASSIGNER": "jenkinsci-cert@googlegroups.com", - "STATE": "PUBLIC" + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins", - "version": { - "version_data": [ - { - "version_value": "2.318", - "version_affected": "<=" - }, - { - "version_value": "LTS 2.303.2", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "Jenkins 2.318 and earlier, LTS 2.303.2 and earlier allows any agent to read and write the contents of any build directory stored in Jenkins with very few restrictions." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-184: Incomplete List of Disallowed Inputs" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2428", - "url": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2428", - "refsource": "CONFIRM" - }, - { - "refsource": "MLIST", - "name": "[oss-security] 20211104 Multiple vulnerabilities in Jenkins and Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2021/11/04/3" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/21xxx/CVE-2021-21698.json b/2021/21xxx/CVE-2021-21698.json index 7afb4f513a2..aaf6689fae2 100644 --- a/2021/21xxx/CVE-2021-21698.json +++ b/2021/21xxx/CVE-2021-21698.json @@ -1,67 +1,17 @@ { + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-21698", - "ASSIGNER": "jenkinsci-cert@googlegroups.com", - "STATE": "PUBLIC" + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Subversion Plugin", - "version": { - "version_data": [ - { - "version_value": "2.15.0", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "Jenkins Subversion Plugin 2.15.0 and earlier does not restrict the name of a file when looking up a subversion key file on the controller from an agent." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2506", - "url": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2506", - "refsource": "CONFIRM" - }, - { - "refsource": "MLIST", - "name": "[oss-security] 20211104 Multiple vulnerabilities in Jenkins and Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2021/11/04/3" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/21xxx/CVE-2021-21703.json b/2021/21xxx/CVE-2021-21703.json index 8e258fa79f6..e778e81d339 100644 --- a/2021/21xxx/CVE-2021-21703.json +++ b/2021/21xxx/CVE-2021-21703.json @@ -139,11 +139,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-4140b54de2", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBM3KKB3RY2YPOKNMC4HIH7IH3T3WC74/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-02d218c3be", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PZVLICZUJMXOGWOUWSBAEGIVTF6Y6V3/" } ] }, diff --git a/2021/22xxx/CVE-2021-22051.json b/2021/22xxx/CVE-2021-22051.json index 7fd02a2adcc..df68594c572 100644 --- a/2021/22xxx/CVE-2021-22051.json +++ b/2021/22xxx/CVE-2021-22051.json @@ -4,58 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-22051", - "ASSIGNER": "security@vmware.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "Spring Cloud Gateway", - "version": { - "version_data": [ - { - "version_value": "3.0.0 to 3.0.4, 2.2.0.RELEASE to 2.2.9.RELEASE, and older versions" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Specifically crafted requests could make an extra request on downstream services." - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://tanzu.vmware.com/security/cve-2021-22051", - "url": "https://tanzu.vmware.com/security/cve-2021-22051" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Applications using Spring Cloud Gateway are vulnerable to specifically crafted requests that could make an extra request on downstream services. Users of affected versions should apply the following mitigation: 3.0.x users should upgrade to 3.0.5+, 2.2.x users should upgrade to 2.2.10.RELEASE or newer." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/22xxx/CVE-2021-22204.json b/2021/22xxx/CVE-2021-22204.json index 4b3c65594a1..3306efaa256 100644 --- a/2021/22xxx/CVE-2021-22204.json +++ b/2021/22xxx/CVE-2021-22204.json @@ -98,11 +98,6 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20210516 [SECURITY] [DLA 2663-1] libimage-exiftool-perl security update", "url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00018.html" - }, - { - "refsource": "MISC", - "name": "http://packetstormsecurity.com/files/164768/GitLab-Unauthenticated-Remote-ExifTool-Command-Injection.html", - "url": "http://packetstormsecurity.com/files/164768/GitLab-Unauthenticated-Remote-ExifTool-Command-Injection.html" } ] }, diff --git a/2021/22xxx/CVE-2021-22205.json b/2021/22xxx/CVE-2021-22205.json index abeb3e771e4..d48969c18ad 100644 --- a/2021/22xxx/CVE-2021-22205.json +++ b/2021/22xxx/CVE-2021-22205.json @@ -64,11 +64,6 @@ "name": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22205.json", "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22205.json", "refsource": "CONFIRM" - }, - { - "refsource": "MISC", - "name": "http://packetstormsecurity.com/files/164768/GitLab-Unauthenticated-Remote-ExifTool-Command-Injection.html", - "url": "http://packetstormsecurity.com/files/164768/GitLab-Unauthenticated-Remote-ExifTool-Command-Injection.html" } ] }, diff --git a/2021/22xxx/CVE-2021-22260.json b/2021/22xxx/CVE-2021-22260.json index 6131fdd47d5..5f03d93baa5 100644 --- a/2021/22xxx/CVE-2021-22260.json +++ b/2021/22xxx/CVE-2021-22260.json @@ -4,97 +4,15 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-22260", - "ASSIGNER": "cve@gitlab.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "GitLab", - "product": { - "product_data": [ - { - "product_name": "GitLab", - "version": { - "version_data": [ - { - "version_value": ">=13.7, <14.2.2" - }, - { - "version_value": ">=13.6, <14.1.4" - }, - { - "version_value": ">=13.5, <14.0.9" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Improper neutralization of input during web page generation ('cross-site scripting') in GitLab" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://gitlab.com/gitlab-org/gitlab/-/issues/336614", - "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/336614", - "refsource": "MISC" - }, - { - "name": "https://hackerone.com/reports/1257383", - "url": "https://hackerone.com/reports/1257383", - "refsource": "MISC" - }, - { - "name": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22260.json", - "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22260.json", - "refsource": "CONFIRM" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A stored Cross-Site Scripting vulnerability in the DataDog integration in GitLab CE/EE version 13.7 and above allows an attacker to execute arbitrary JavaScript code on the victim's behalf" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "vectorString": "AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N", - "attackComplexity": "HIGH", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "LOW", - "scope": "CHANGED", - "userInteraction": "REQUIRED", - "version": "3.1", - "baseScore": 7.6, - "baseSeverity": "HIGH" - } - }, - "credit": [ - { - "lang": "eng", - "value": "Thanks shells3c for reporting this vulnerability through our HackerOne bug bounty program" - } - ] + } } \ No newline at end of file diff --git a/2021/22xxx/CVE-2021-22563.json b/2021/22xxx/CVE-2021-22563.json index 24e2a1e8ad2..00cb59b6fa8 100644 --- a/2021/22xxx/CVE-2021-22563.json +++ b/2021/22xxx/CVE-2021-22563.json @@ -1,92 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security@google.com", - "DATE_PUBLIC": "2021-10-14T20:00:00.000Z", - "ID": "CVE-2021-22563", - "STATE": "PUBLIC", - "TITLE": "Memory Overread in libjxl" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "libjxl", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_value": "0.6.0" - } - ] - } - } - ] - }, - "vendor_name": "Google LLC" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-22563", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Invalid JPEG XL images using libjxl can cause an out of bounds access on a std::vector> when rendering splines. The OOB read access can either lead to a segfault, or rendering splines based on other process memory. It is recommended to upgrade past 0.6.0 or patch with https://github.com/libjxl/libjxl/pull/757" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "HIGH", - "attackVector": "LOCAL", - "availabilityImpact": "LOW", - "baseScore": 4.5, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-126 Buffer Over-read" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://github.com/libjxl/libjxl/issues/735", - "name": "https://github.com/libjxl/libjxl/issues/735" - }, - { - "refsource": "MISC", - "url": "https://github.com/libjxl/libjxl/pull/757", - "name": "https://github.com/libjxl/libjxl/pull/757" - } - ] - }, - "source": { - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/22xxx/CVE-2021-22564.json b/2021/22xxx/CVE-2021-22564.json index 1f090285726..4c1f57a98eb 100644 --- a/2021/22xxx/CVE-2021-22564.json +++ b/2021/22xxx/CVE-2021-22564.json @@ -1,92 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security@google.com", - "DATE_PUBLIC": "2021-10-14T20:00:00.000Z", - "ID": "CVE-2021-22564", - "STATE": "PUBLIC", - "TITLE": "Out of bounds Copy in Libjxl in large image groups" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "libjxl", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_value": "0.6.0" - } - ] - } - } - ] - }, - "vendor_name": "Google LLC" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-22564", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "For certain valid JPEG XL images with a size slightly larger than an integer number of groups (256x256 pixels) when processing the groups out of order the decoder can perform an out of bounds copy of image pixels from an image buffer in the heap to another. This copy can occur when processing the right or bottom edges of the image, but only when groups are processed in certain order. Groups can be processed out of order in multi-threaded decoding environments with heavy thread load but also with images that contain the groups in an arbitrary order in the file. It is recommended to upgrade past 0.6.0 or patch with https://github.com/libjxl/libjxl/pull/775" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "HIGH", - "attackVector": "LOCAL", - "availabilityImpact": "LOW", - "baseScore": 4.5, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-122 Heap-based Buffer Overflow" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://github.com/libjxl/libjxl/pull/775", - "name": "https://github.com/libjxl/libjxl/pull/775" - }, - { - "refsource": "MISC", - "url": "https://github.com/libjxl/libjxl/issues/708", - "name": "https://github.com/libjxl/libjxl/issues/708" - } - ] - }, - "source": { - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/22xxx/CVE-2021-22945.json b/2021/22xxx/CVE-2021-22945.json index 5d6848bff19..8e42e22ce7e 100644 --- a/2021/22xxx/CVE-2021-22945.json +++ b/2021/22xxx/CVE-2021-22945.json @@ -63,11 +63,6 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20211029-0003/", "url": "https://security.netapp.com/advisory/ntap-20211029-0003/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-1d24845e93", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/" } ] }, diff --git a/2021/22xxx/CVE-2021-22946.json b/2021/22xxx/CVE-2021-22946.json index e0361121183..dd0e6cbe18f 100644 --- a/2021/22xxx/CVE-2021-22946.json +++ b/2021/22xxx/CVE-2021-22946.json @@ -68,11 +68,6 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20211029-0003/", "url": "https://security.netapp.com/advisory/ntap-20211029-0003/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-1d24845e93", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/" } ] }, diff --git a/2021/22xxx/CVE-2021-22947.json b/2021/22xxx/CVE-2021-22947.json index 074af814c7c..1d67a4746cc 100644 --- a/2021/22xxx/CVE-2021-22947.json +++ b/2021/22xxx/CVE-2021-22947.json @@ -68,11 +68,6 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20211029-0003/", "url": "https://security.netapp.com/advisory/ntap-20211029-0003/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-1d24845e93", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/" } ] }, diff --git a/2021/22xxx/CVE-2021-22960.json b/2021/22xxx/CVE-2021-22960.json index b45c5fc2b26..c440c34b0ae 100644 --- a/2021/22xxx/CVE-2021-22960.json +++ b/2021/22xxx/CVE-2021-22960.json @@ -4,58 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-22960", - "ASSIGNER": "support@hackerone.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "https://github.com/nodejs/llhttp", - "version": { - "version_data": [ - { - "version_value": "Fixed in v2.1.4 and v6.0.6" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "HTTP Request Smuggling (CWE-444)" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://hackerone.com/reports/1238099", - "url": "https://hackerone.com/reports/1238099" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "The parse function in llhttp < 2.1.4 and < 6.0.6. ignores chunk extensions when parsing the body of chunked requests. This leads to HTTP Request Smuggling (HRS) under certain conditions." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/23xxx/CVE-2021-23214.json b/2021/23xxx/CVE-2021-23214.json deleted file mode 100644 index f1859609baa..00000000000 --- a/2021/23xxx/CVE-2021-23214.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-23214", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23222.json b/2021/23xxx/CVE-2021-23222.json deleted file mode 100644 index 2177d1432cd..00000000000 --- a/2021/23xxx/CVE-2021-23222.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-23222", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23472.json b/2021/23xxx/CVE-2021-23472.json index aa59d934e90..91a5f618d24 100644 --- a/2021/23xxx/CVE-2021-23472.json +++ b/2021/23xxx/CVE-2021-23472.json @@ -3,110 +3,16 @@ "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": { - "ASSIGNER": "report@snyk.io", - "DATE_PUBLIC": "2021-11-03T17:21:09.920923Z", "ID": "CVE-2021-23472", - "STATE": "PUBLIC", - "TITLE": "Cross-site Scripting (XSS)" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "bootstrap-table", - "version": { - "version_data": [ - { - "version_affected": ">=", - "version_value": "0" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Cross-site Scripting (XSS)" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://snyk.io/vuln/SNYK-JS-BOOTSTRAPTABLE-1657597", - "name": "https://snyk.io/vuln/SNYK-JS-BOOTSTRAPTABLE-1657597" - }, - { - "refsource": "MISC", - "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBWENZHIXIN-1910687", - "name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBWENZHIXIN-1910687" - }, - { - "refsource": "MISC", - "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1910688", - "name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1910688" - }, - { - "refsource": "MISC", - "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1910689", - "name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1910689" - }, - { - "refsource": "MISC", - "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1910690", - "name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1910690" - }, - { - "refsource": "MISC", - "url": "https://github.com/wenzhixin/bootstrap-table/blob/develop/src/utils/index.js%23L218", - "name": "https://github.com/wenzhixin/bootstrap-table/blob/develop/src/utils/index.js%23L218" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "This affects all versions of package bootstrap-table. A type confusion vulnerability can lead to a bypass of input sanitization when the input provided to the escapeHTML function is an array (instead of a string) even if the escape attribute is set." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N", - "baseScore": 3.1, - "baseSeverity": "LOW", - "attackVector": "NETWORK", - "attackComplexity": "HIGH", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE" - } - }, - "credit": [ - { - "lang": "eng", - "value": "Alessio Della Libera of Snyk Research Team" - } - ] + } } \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23509.json b/2021/23xxx/CVE-2021-23509.json index 982550cd005..f9d1e32e363 100644 --- a/2021/23xxx/CVE-2021-23509.json +++ b/2021/23xxx/CVE-2021-23509.json @@ -3,105 +3,16 @@ "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": { - "ASSIGNER": "report@snyk.io", - "DATE_PUBLIC": "2021-11-03T17:17:33.864061Z", "ID": "CVE-2021-23509", - "STATE": "PUBLIC", - "TITLE": "Prototype Pollution" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "json-ptr", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_value": "3.0.0" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Prototype Pollution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://snyk.io/vuln/SNYK-JS-JSONPTR-1577291", - "name": "https://snyk.io/vuln/SNYK-JS-JSONPTR-1577291" - }, - { - "refsource": "MISC", - "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1767165", - "name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1767165" - }, - { - "refsource": "MISC", - "url": "https://github.com/flitbit/json-ptr/pull/42", - "name": "https://github.com/flitbit/json-ptr/pull/42" - }, - { - "refsource": "MISC", - "url": "https://github.com/flitbit/json-ptr/commit/5dc458fbad1c382a2e3ca6d62e66ede3d92849ca", - "name": "https://github.com/flitbit/json-ptr/commit/5dc458fbad1c382a2e3ca6d62e66ede3d92849ca" - }, - { - "refsource": "MISC", - "url": "https://github.com/flitbit/json-ptr%23security-vulnerabilities-resolved", - "name": "https://github.com/flitbit/json-ptr%23security-vulnerabilities-resolved" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "This affects the package json-ptr before 3.0.0. A type confusion vulnerability can lead to a bypass of CVE-2020-7766 when the user-provided keys used in the pointer parameter are arrays." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C", - "baseScore": 5.6, - "baseSeverity": "MEDIUM", - "attackVector": "NETWORK", - "attackComplexity": "HIGH", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW" - } - }, - "credit": [ - { - "lang": "eng", - "value": "Alessio Della Libera of Snyk Research Team" - } - ] + } } \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23624.json b/2021/23xxx/CVE-2021-23624.json index 6418937ba1d..78f8bf68088 100644 --- a/2021/23xxx/CVE-2021-23624.json +++ b/2021/23xxx/CVE-2021-23624.json @@ -3,90 +3,16 @@ "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": { - "ASSIGNER": "report@snyk.io", - "DATE_PUBLIC": "2021-11-03T17:19:10.748895Z", "ID": "CVE-2021-23624", - "STATE": "PUBLIC", - "TITLE": "Prototype Pollution" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "dotty", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_value": "0.1.2" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Prototype Pollution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://snyk.io/vuln/SNYK-JS-DOTTY-1577292", - "name": "https://snyk.io/vuln/SNYK-JS-DOTTY-1577292" - }, - { - "refsource": "MISC", - "url": "https://github.com/deoxxa/dotty/commit/88f61860dcc274a07a263c32cbe9d44c24ef02d7", - "name": "https://github.com/deoxxa/dotty/commit/88f61860dcc274a07a263c32cbe9d44c24ef02d7" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "This affects the package dotty before 0.1.2. A type confusion vulnerability can lead to a bypass of CVE-2021-25912 when the user-provided keys used in the path parameter are arrays." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RC:C", - "baseScore": 5.6, - "baseSeverity": "MEDIUM", - "attackVector": "NETWORK", - "attackComplexity": "HIGH", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW" - } - }, - "credit": [ - { - "lang": "eng", - "value": "Alessio Della Libera of Snyk Research Team" - } - ] + } } \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23784.json b/2021/23xxx/CVE-2021-23784.json index 43e0094d08c..6baaca12ff8 100644 --- a/2021/23xxx/CVE-2021-23784.json +++ b/2021/23xxx/CVE-2021-23784.json @@ -3,95 +3,16 @@ "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": { - "ASSIGNER": "report@snyk.io", - "DATE_PUBLIC": "2021-11-03T17:16:43.033351Z", "ID": "CVE-2021-23784", - "STATE": "PUBLIC", - "TITLE": "Cross-site Scripting (XSS)" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "tempura", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_value": "0.4.0" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Cross-site Scripting (XSS)" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://snyk.io/vuln/SNYK-JS-TEMPURA-1569633", - "name": "https://snyk.io/vuln/SNYK-JS-TEMPURA-1569633" - }, - { - "refsource": "MISC", - "url": "https://github.com/lukeed/tempura/commit/58a5c3671e2f36b26810e77ead9e0dd471902f9b", - "name": "https://github.com/lukeed/tempura/commit/58a5c3671e2f36b26810e77ead9e0dd471902f9b" - }, - { - "refsource": "MISC", - "url": "https://github.com/lukeed/tempura/releases/tag/v0.4.0", - "name": "https://github.com/lukeed/tempura/releases/tag/v0.4.0" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "This affects the package tempura before 0.4.0. If the input to the esc function is of type object (i.e an array) it is returned without being escaped/sanitized, leading to a potential Cross-Site Scripting vulnerability." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P", - "baseScore": 5.4, - "baseSeverity": "MEDIUM", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE" - } - }, - "credit": [ - { - "lang": "eng", - "value": "Alessio Della Libera of Snyk Research Team" - } - ] + } } \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23807.json b/2021/23xxx/CVE-2021-23807.json index 3bc1c99fb1a..0f2cf804fb8 100644 --- a/2021/23xxx/CVE-2021-23807.json +++ b/2021/23xxx/CVE-2021-23807.json @@ -3,100 +3,16 @@ "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": { - "ASSIGNER": "report@snyk.io", - "DATE_PUBLIC": "2021-11-03T17:18:18.732977Z", "ID": "CVE-2021-23807", - "STATE": "PUBLIC", - "TITLE": "Prototype Pollution" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "jsonpointer", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_value": "5.0.0" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Prototype Pollution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://snyk.io/vuln/SNYK-JS-JSONPOINTER-1577288", - "name": "https://snyk.io/vuln/SNYK-JS-JSONPOINTER-1577288" - }, - { - "refsource": "MISC", - "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1910273", - "name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1910273" - }, - { - "refsource": "MISC", - "url": "https://github.com/janl/node-jsonpointer/pull/51", - "name": "https://github.com/janl/node-jsonpointer/pull/51" - }, - { - "refsource": "MISC", - "url": "https://github.com/janl/node-jsonpointer/commit/a0345f3550cd9c4d89f33b126390202b89510ad4", - "name": "https://github.com/janl/node-jsonpointer/commit/a0345f3550cd9c4d89f33b126390202b89510ad4" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "This affects the package jsonpointer before 5.0.0. A type confusion vulnerability can lead to a bypass of a previous Prototype Pollution fix when the pointer components are arrays." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C", - "baseScore": 5.6, - "baseSeverity": "MEDIUM", - "attackVector": "NETWORK", - "attackComplexity": "HIGH", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW" - } - }, - "credit": [ - { - "lang": "eng", - "value": "Alessio Della Libera of Snyk Research Team" - } - ] + } } \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23820.json b/2021/23xxx/CVE-2021-23820.json index 2e66d23ff41..5e6326ce2f6 100644 --- a/2021/23xxx/CVE-2021-23820.json +++ b/2021/23xxx/CVE-2021-23820.json @@ -3,95 +3,16 @@ "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": { - "ASSIGNER": "report@snyk.io", - "DATE_PUBLIC": "2021-11-03T17:19:55.269449Z", "ID": "CVE-2021-23820", - "STATE": "PUBLIC", - "TITLE": "Prototype Pollution" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "json-pointer", - "version": { - "version_data": [ - { - "version_affected": ">=", - "version_value": "0" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Prototype Pollution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://snyk.io/vuln/SNYK-JS-JSONPOINTER-1577287", - "name": "https://snyk.io/vuln/SNYK-JS-JSONPOINTER-1577287" - }, - { - "refsource": "MISC", - "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1910686", - "name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1910686" - }, - { - "refsource": "MISC", - "url": "https://github.com/manuelstofer/json-pointer/blob/master/index.js%23L78", - "name": "https://github.com/manuelstofer/json-pointer/blob/master/index.js%23L78" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "This affects all versions of package json-pointer. A type confusion vulnerability can lead to a bypass of CVE-2020-7709 when the pointer components are arrays." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", - "baseScore": 5.6, - "baseSeverity": "MEDIUM", - "attackVector": "NETWORK", - "attackComplexity": "HIGH", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW" - } - }, - "credit": [ - { - "lang": "eng", - "value": "Alessio Della Libera of Snyk Research Team" - } - ] + } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24537.json b/2021/24xxx/CVE-2021-24537.json index 4a2d5516f5e..cb1d70e90bd 100644 --- a/2021/24xxx/CVE-2021-24537.json +++ b/2021/24xxx/CVE-2021-24537.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24537", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Similar Posts <= 3.1.5 - Admin+ Arbitrary PHP Code Execution" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Similar Posts – Best Related Posts Plugin for WordPress", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "3.1.5", - "version_value": "3.1.5" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Similar Posts WordPress plugin through 3.1.5 allow high privilege users to execute arbitrary PHP code in an hardened environment (ie with DISALLOW_FILE_EDIT, DISALLOW_FILE_MODS and DISALLOW_UNFILTERED_HTML set to true) via the 'widget_rrm_similar_posts_condition' widget setting of the plugin." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/0d6b46cb-5244-486f-ad70-4023907ac9eb", - "name": "https://wpscan.com/vulnerability/0d6b46cb-5244-486f-ad70-4023907ac9eb" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-94 Improper Control of Generation of Code ('Code Injection')", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24537", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "bl4derunner" } - ], - "source": { - "discovery": "EXTERNAL" - } -} +} \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24539.json b/2021/24xxx/CVE-2021-24539.json index bd8fa11130a..c50daa96ea6 100644 --- a/2021/24xxx/CVE-2021-24539.json +++ b/2021/24xxx/CVE-2021-24539.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24539", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Coming Soon, Under Construction & Maintenance Mode By Dazzler < 1.6.7 - Admin+ Stored Cross-Site Scripting" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Coming Soon, Under Construction & Maintenance Mode By Dazzler", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "1.6.7", - "version_value": "1.6.7" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Coming Soon, Under Construction & Maintenance Mode By Dazzler WordPress plugin before 1.6.7 does not sanitise or escape its description setting when outputting it in the frontend when the Coming Soon mode is enabled, even when the unfiltered_html capability is disallowed, leading to an authenticated Stored Cross-Site Scripting issue" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/4bda5dff-f577-4cd8-a225-c6b4c32f22b4", - "name": "https://wpscan.com/vulnerability/4bda5dff-f577-4cd8-a225-c6b4c32f22b4" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-79 Cross-site Scripting (XSS)", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24539", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "Asif Nawaz Minhas" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24570.json b/2021/24xxx/CVE-2021-24570.json index 4fe578ac991..ef6dc069eae 100644 --- a/2021/24xxx/CVE-2021-24570.json +++ b/2021/24xxx/CVE-2021-24570.json @@ -1,80 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24570", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Paypal Donation < 1.3.1 - CSRF to Stored Cross-Site Scripting" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Accept Donations with PayPal", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "1.3.1", - "version_value": "1.3.1" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Accept Donations with PayPal WordPress plugin before 1.3.1 offers a function to create donation buttons, which internally are posts. The process to create a new button is lacking a CSRF check. An attacker could use this to make an authenticated admin create a new button. Furthermore, one of the Button field is not escaped before being output in an attribute when editing a Button, leading to a Stored Cross-Site Scripting issue as well." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/5c73754c-eebe-424a-9d3b-ca83eb53bf87", - "name": "https://wpscan.com/vulnerability/5c73754c-eebe-424a-9d3b-ca83eb53bf87" - }, - { - "refsource": "CONFIRM", - "url": "https://plugins.trac.wordpress.org/changeset/2608073/", - "name": "https://plugins.trac.wordpress.org/changeset/2608073/" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-352 Cross-Site Request Forgery (CSRF)", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24570", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "dc11" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24572.json b/2021/24xxx/CVE-2021-24572.json index 321baf9b432..45a4c3d03fa 100644 --- a/2021/24xxx/CVE-2021-24572.json +++ b/2021/24xxx/CVE-2021-24572.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24572", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Paypal Donation < 1.3.1 - CSRF to Arbitrary Post Deletion" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Accept Donations with PayPal", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "1.3.1", - "version_value": "1.3.1" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Accept Donations with PayPal WordPress plugin before 1.3.1 provides a function to create donation buttons which are internally stored as posts. The deletion of a button is not CSRF protected and there is no control to check if the deleted post was a button post. As a result, an attacker could make logged in admins delete arbitrary posts" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/7b1ebd26-ea8b-448c-a775-66a04102e44f", - "name": "https://wpscan.com/vulnerability/7b1ebd26-ea8b-448c-a775-66a04102e44f" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-352 Cross-Site Request Forgery (CSRF)", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24572", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "dc11" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24575.json b/2021/24xxx/CVE-2021-24575.json index bf8a13fcbb8..d9c511154a2 100644 --- a/2021/24xxx/CVE-2021-24575.json +++ b/2021/24xxx/CVE-2021-24575.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24575", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "WPSchoolPress < 2.1.10 - Multiple Authenticated SQL Injections" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "School Management System – WPSchoolPress", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "2.1.10", - "version_value": "2.1.10" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The School Management System – WPSchoolPress WordPress plugin before 2.1.10 does not properly sanitize or use prepared statements before using POST variable in SQL queries, leading to SQL injection in multiple actions available to various authenticated users, from simple subscribers/students to teachers and above." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/83c9c3af-9eca-45e0-90d7-edc69e616e6a", - "name": "https://wpscan.com/vulnerability/83c9c3af-9eca-45e0-90d7-edc69e616e6a" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-89 SQL Injection", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24575", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "JrXnm" } - ], - "source": { - "discovery": "EXTERNAL" - } -} +} \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24594.json b/2021/24xxx/CVE-2021-24594.json index c071b1fa808..305f32b10a7 100644 --- a/2021/24xxx/CVE-2021-24594.json +++ b/2021/24xxx/CVE-2021-24594.json @@ -1,80 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24594", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Translate WordPress - Google Language Translator < 6.0.12 - Admin+ Stored Cross-Site Scripting" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Translate WordPress – Google Language Translator", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "6.0.12", - "version_value": "6.0.12" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Translate WordPress – Google Language Translator WordPress plugin before 6.0.12 does not sanitise and escape some of its settings before outputting it in various pages, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/cf7b0f07-8b9b-40a1-ba7b-e8d34f515a6b", - "name": "https://wpscan.com/vulnerability/cf7b0f07-8b9b-40a1-ba7b-e8d34f515a6b" - }, - { - "refsource": "CONFIRM", - "url": "https://plugins.trac.wordpress.org/changeset/2607480/", - "name": "https://plugins.trac.wordpress.org/changeset/2607480/" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-79 Cross-site Scripting (XSS)", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24594", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "Asif Nawaz Minhas" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24607.json b/2021/24xxx/CVE-2021-24607.json index c1b6c3a7be5..bc607551618 100644 --- a/2021/24xxx/CVE-2021-24607.json +++ b/2021/24xxx/CVE-2021-24607.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24607", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Storefront Footer Text <= 1.0.1 - Admin+ Stored Cross-Site Scripting" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Storefront Footer Text", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "1.0.1", - "version_value": "1.0.1" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Storefront Footer Text WordPress plugin through 1.0.1 does not sanitize and escape the \"Footer Credit Text\" added to pages, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered-html capability is disallowed." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/efa7d91a-447b-4fd8-aa21-5364b177fee9", - "name": "https://wpscan.com/vulnerability/efa7d91a-447b-4fd8-aa21-5364b177fee9" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-79 Cross-site Scripting (XSS)", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24607", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "Asif Nawaz Minhas" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24616.json b/2021/24xxx/CVE-2021-24616.json index c7a1718ea02..57182075cb8 100644 --- a/2021/24xxx/CVE-2021-24616.json +++ b/2021/24xxx/CVE-2021-24616.json @@ -1,80 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24616", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "AddToAny Share Buttons < 1.7.48 - Admin+ Stored Cross-Site Scripting" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "AddToAny Share Buttons", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "1.7.48", - "version_value": "1.7.48" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The AddToAny Share Buttons WordPress plugin before 1.7.48 does not escape its Image URL button setting, which could lead allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/04eaf380-c345-425f-8800-142e3f4745a9", - "name": "https://wpscan.com/vulnerability/04eaf380-c345-425f-8800-142e3f4745a9" - }, - { - "refsource": "CONFIRM", - "url": "https://plugins.trac.wordpress.org/changeset/2609928/", - "name": "https://plugins.trac.wordpress.org/changeset/2609928/" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-79 Cross-site Scripting (XSS)", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24616", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "TYM" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24624.json b/2021/24xxx/CVE-2021-24624.json index b739de27781..e50539d0b30 100644 --- a/2021/24xxx/CVE-2021-24624.json +++ b/2021/24xxx/CVE-2021-24624.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24624", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "MP3 Audio Player for Music, Radio & Podcast by Sonaar < 2.4.2 - Multiple Admin+ Cross Site Scripting" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "MP3 Audio Player for Music, Radio & Podcast by Sonaar", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "2.4.2", - "version_value": "2.4.2" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The MP3 Audio Player for Music, Radio & Podcast by Sonaar WordPress plugin before 2.4.2 does not properly sanitize or escape data in some of its Playlist settings, allowing high privilege users to perform Cross-Site Scripting attacks" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/d79d2f6a-257a-4c9e-b971-9837abd4211c", - "name": "https://wpscan.com/vulnerability/d79d2f6a-257a-4c9e-b971-9837abd4211c" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-79 Cross-site Scripting (XSS)", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24624", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "apple502j" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24625.json b/2021/24xxx/CVE-2021-24625.json index a29e51404ab..91b4e6b4869 100644 --- a/2021/24xxx/CVE-2021-24625.json +++ b/2021/24xxx/CVE-2021-24625.json @@ -1,80 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24625", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "SpiderCatalog <= 1.7.3 - Admin+ SQL Injection" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "SpiderCatalog", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "1.7.3", - "version_value": "1.7.3" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The SpiderCatalog WordPress plugin through 1.7.3 does not sanitise or escape the 'parent' and 'ordering' parameters from the admin dashboard before using them in a SQL statement, leading to a SQL injection when adding a category" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/33e4d7c6-fa6f-459f-84b9-732ec40088b8", - "name": "https://wpscan.com/vulnerability/33e4d7c6-fa6f-459f-84b9-732ec40088b8" - }, - { - "refsource": "MISC", - "url": "https://codevigilant.com/disclosure/2021/wp-plugin-catalog/", - "name": "https://codevigilant.com/disclosure/2021/wp-plugin-catalog/" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-89 SQL Injection", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24625", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "Shreya Pohekar of Codevigilant Project" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24626.json b/2021/24xxx/CVE-2021-24626.json index c9cdc1b1fb8..b1fbcf532d7 100644 --- a/2021/24xxx/CVE-2021-24626.json +++ b/2021/24xxx/CVE-2021-24626.json @@ -1,80 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24626", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Chameleon CSS <= 1.2 - Subscriber+ SQL Injection" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Chameleon CSS", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "1.2", - "version_value": "1.2" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Chameleon CSS WordPress plugin through 1.2 does not have any CSRF and capability checks in all its AJAX calls, allowing any authenticated user, such as subscriber to call them and perform unauthorised actions. One of AJAX call, remove_css, also does not sanitise or escape the css_id POST parameter before using it in a SQL statement, leading to a SQL Injection" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/06cb6c14-99b8-45b6-be2e-f4dcca8a4165", - "name": "https://wpscan.com/vulnerability/06cb6c14-99b8-45b6-be2e-f4dcca8a4165" - }, - { - "refsource": "MISC", - "url": "https://codevigilant.com/disclosure/2021/wp-plugin-chameleon-css/", - "name": "https://codevigilant.com/disclosure/2021/wp-plugin-chameleon-css/" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-89 SQL Injection", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24626", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "Shreya Pohekar of Codevigilant Project" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24627.json b/2021/24xxx/CVE-2021-24627.json index 881fe2beeed..562f49715ce 100644 --- a/2021/24xxx/CVE-2021-24627.json +++ b/2021/24xxx/CVE-2021-24627.json @@ -1,80 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24627", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "G Auto-Hyperlink <= 1.0.1 - Admin+ SQL Injection" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "G Auto-Hyperlink", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "1.0.1", - "version_value": "1.0.1" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The G Auto-Hyperlink WordPress plugin through 1.0.1 does not sanitise or escape an 'id' GET parameter before using it in a SQL statement, to select data to be displayed in the admin dashboard, leading to an authenticated SQL injection" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/c04ea768-150f-41b8-b08c-78d1ae006bbb", - "name": "https://wpscan.com/vulnerability/c04ea768-150f-41b8-b08c-78d1ae006bbb" - }, - { - "refsource": "MISC", - "url": "https://codevigilant.com/disclosure/2021/wp-plugin-g-auto-hyperlink/", - "name": "https://codevigilant.com/disclosure/2021/wp-plugin-g-auto-hyperlink/" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-89 SQL Injection", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24627", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "Shreya Pohekar of Codevigilant Project" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24628.json b/2021/24xxx/CVE-2021-24628.json index 40865975d2c..e18ace8f7e8 100644 --- a/2021/24xxx/CVE-2021-24628.json +++ b/2021/24xxx/CVE-2021-24628.json @@ -1,80 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24628", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Wow Forms <= 3.1.3 - Admin+ SQL Injection" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Wow Forms – create any form with custom style", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "3.1.3", - "version_value": "3.1.3" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Wow Forms WordPress plugin through 3.1.3 does not sanitise or escape a 'did' GET parameter before using it in a SQL statement, when deleting a form in the admin dashboard, leading to an authenticated SQL injection" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/d742ab35-4e2d-42a8-bebc-b953b2e10e3c", - "name": "https://wpscan.com/vulnerability/d742ab35-4e2d-42a8-bebc-b953b2e10e3c" - }, - { - "refsource": "MISC", - "url": "https://codevigilant.com/disclosure/2021/wp-plugin-mwp-forms/", - "name": "https://codevigilant.com/disclosure/2021/wp-plugin-mwp-forms/" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-89 SQL Injection", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24628", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "Shreya Pohekar of Codevigilant Project" } - ], - "source": { - "discovery": "EXTERNAL" - } -} +} \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24629.json b/2021/24xxx/CVE-2021-24629.json index dd649b0da0a..39294e04010 100644 --- a/2021/24xxx/CVE-2021-24629.json +++ b/2021/24xxx/CVE-2021-24629.json @@ -1,80 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24629", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Post Content XMLRPC <= 1.0 - Admin+ SQL Injections" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Post Content XMLRPC", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "1.0", - "version_value": "1.0" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Post Content XMLRPC WordPress plugin through 1.0 does not sanitise or escape multiple GET/POST parameters before using them in SQL statements in the admin dashboard, leading to an authenticated SQL Injections" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/fb42980c-93e5-42d5-a478-c2b348eaea67", - "name": "https://wpscan.com/vulnerability/fb42980c-93e5-42d5-a478-c2b348eaea67" - }, - { - "refsource": "MISC", - "url": "https://codevigilant.com/disclosure/2021/wp-plugin-post-content-xmlrpc/", - "name": "https://codevigilant.com/disclosure/2021/wp-plugin-post-content-xmlrpc/" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-89 SQL Injection", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24629", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "Shreya Pohekar of Codevigilant Project" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24630.json b/2021/24xxx/CVE-2021-24630.json index 865d105bdaf..86e7c109d13 100644 --- a/2021/24xxx/CVE-2021-24630.json +++ b/2021/24xxx/CVE-2021-24630.json @@ -1,80 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24630", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Schreikasten <= 0.14.18 - Author+ SQL Injections" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Schreikasten", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "0.14.18", - "version_value": "0.14.18" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Schreikasten WordPress plugin through 0.14.18 does not sanitise or escape the id GET parameter before using it in SQL statements in the comments dashboard from various actions, leading to authenticated SQL Injections which can be exploited by users as low as author" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/a0787dae-a4b7-4248-9960-aaffabfaeb9f", - "name": "https://wpscan.com/vulnerability/a0787dae-a4b7-4248-9960-aaffabfaeb9f" - }, - { - "refsource": "MISC", - "url": "https://codevigilant.com/disclosure/2021/wp-plugin-schreikasten/", - "name": "https://codevigilant.com/disclosure/2021/wp-plugin-schreikasten/" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-89 SQL Injection", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24630", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "Shreya Pohekar of Codevigilant Project" } - ], - "source": { - "discovery": "EXTERNAL" - } -} +} \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24631.json b/2021/24xxx/CVE-2021-24631.json index c6219c0da01..2bef69c1d6a 100644 --- a/2021/24xxx/CVE-2021-24631.json +++ b/2021/24xxx/CVE-2021-24631.json @@ -1,80 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24631", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Unlimited PopUps <= 4.5.3 - Author+ SQL Injection" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Unlimited PopUps", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "4.5.3", - "version_value": "4.5.3" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Unlimited PopUps WordPress plugin through 4.5.3 does not sanitise or escape the did GET parameter before using it in a SQL statement, available to users as low as editor, leading to an authenticated SQL Injection" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/9841176d-1d37-4636-9144-0ca42b6f3605", - "name": "https://wpscan.com/vulnerability/9841176d-1d37-4636-9144-0ca42b6f3605" - }, - { - "refsource": "MISC", - "url": "https://codevigilant.com/disclosure/2021/wp-plugin-unlimited-popups/", - "name": "https://codevigilant.com/disclosure/2021/wp-plugin-unlimited-popups/" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-89 SQL Injection", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24631", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "Shreya Pohekar of Codevigilant Project" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24645.json b/2021/24xxx/CVE-2021-24645.json index 7bfae346ed9..43e9fde0362 100644 --- a/2021/24xxx/CVE-2021-24645.json +++ b/2021/24xxx/CVE-2021-24645.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24645", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Booking.com Product Helper <= 1.0.1 - Admin+ Stored Cross-Site Scripting" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Booking.com Product Helper", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "1.0.1", - "version_value": "1.0.1" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Booking.com Product Helper WordPress plugin through 1.0.1 does not sanitize and escape Product Code when creating Product Shortcode, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/b15744de-bf56-4e84-9427-b5652d123c15", - "name": "https://wpscan.com/vulnerability/b15744de-bf56-4e84-9427-b5652d123c15" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-79 Cross-site Scripting (XSS)", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24645", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "Asif Nawaz Minhas" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24646.json b/2021/24xxx/CVE-2021-24646.json index dda88eae8a5..c593127bcd3 100644 --- a/2021/24xxx/CVE-2021-24646.json +++ b/2021/24xxx/CVE-2021-24646.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24646", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Booking.com Banner Creator <= 1.4.2 - Admin+ Stored Cross-Site Scripting" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Booking.com Banner Creator", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "1.4.2", - "version_value": "1.4.2" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Booking.com Banner Creator WordPress plugin through 1.4.2 does not properly sanitize inputs when creating banners, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/36aae14e-4bdf-4da6-a0f9-d71935105d45", - "name": "https://wpscan.com/vulnerability/36aae14e-4bdf-4da6-a0f9-d71935105d45" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-79 Cross-site Scripting (XSS)", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24646", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "Asif Nawaz Minhas" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24647.json b/2021/24xxx/CVE-2021-24647.json index 6c52da278d0..a053360c7e1 100644 --- a/2021/24xxx/CVE-2021-24647.json +++ b/2021/24xxx/CVE-2021-24647.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24647", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Pie Register < 3.7.1.6 - Unauthenticated Arbitrary Login" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Registration Forms – User profile, Content Restriction, Spam Protection, Payment Gateways, Invitation Codes", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "3.1.7.6", - "version_value": "3.1.7.6" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Registration Forms – User profile, Content Restriction, Spam Protection, Payment Gateways, Invitation Codes WordPress plugin before 3.1.7.6 has a flaw in the social login implementation, allowing unauthenticated attacker to login as any user on the site by only knowing their user ID or username" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/40d347b1-b86e-477d-b4c6-da105935ce37", - "name": "https://wpscan.com/vulnerability/40d347b1-b86e-477d-b4c6-da105935ce37" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-287 Improper Authentication", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24647", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "AyeCode Ltd" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24664.json b/2021/24xxx/CVE-2021-24664.json index 20745a37e7d..bbc7b2442b3 100644 --- a/2021/24xxx/CVE-2021-24664.json +++ b/2021/24xxx/CVE-2021-24664.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24664", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "WPSchoolPress < 2.1.17 - Multiple Admin+ Stored Cross-Site Scripting" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "School Management System – WPSchoolPress", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "2.1.17", - "version_value": "2.1.17" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The School Management System – WPSchoolPress WordPress plugin before 2.1.17 sanitise some fields using sanitize_text_field() but does not escape them before outputting in attributes, resulting in Stored Cross-Site Scripting issues." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/3f8e170c-6579-4b1a-a1ac-7d93da17b669", - "name": "https://wpscan.com/vulnerability/3f8e170c-6579-4b1a-a1ac-7d93da17b669" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-79 Cross-site Scripting (XSS)", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24664", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "Davide Taraschi" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24669.json b/2021/24xxx/CVE-2021-24669.json index 860b1f85589..c93e9adf04f 100644 --- a/2021/24xxx/CVE-2021-24669.json +++ b/2021/24xxx/CVE-2021-24669.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24669", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "MAZ Loader < 1.3.3 - Contributor+ SQL Injection" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "MAZ Loader – Preloader Builder for WordPress", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "1.3.3", - "version_value": "1.3.3" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The MAZ Loader – Preloader Builder for WordPress plugin before 1.3.3 does not validate or escape the loader_id parameter of the mzldr shortcode, which allows users with a role as low as Contributor to perform SQL injection." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/b97afbe8-c9ae-40a2-81e5-b1d7a6b31831", - "name": "https://wpscan.com/vulnerability/b97afbe8-c9ae-40a2-81e5-b1d7a6b31831" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-89 SQL Injection", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24669", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "apple502j" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24674.json b/2021/24xxx/CVE-2021-24674.json index 93fd0495532..487d40b7a91 100644 --- a/2021/24xxx/CVE-2021-24674.json +++ b/2021/24xxx/CVE-2021-24674.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24674", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Genie WP Favicon <= 0.5.2 - Arbitrary Favicon Change via CSRF" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Genie WP Favicon", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "0.5.2", - "version_value": "0.5.2" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Genie WP Favicon WordPress plugin through 0.5.2 does not have CSRF in place when updating the favicon, which could allow attackers to make a logged in admin change it via a CSRF attack" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/26965878-c4c9-4f43-9e9a-6e58d6b46ef2", - "name": "https://wpscan.com/vulnerability/26965878-c4c9-4f43-9e9a-6e58d6b46ef2" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-352 Cross-Site Request Forgery (CSRF)", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24674", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "apple502j" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24682.json b/2021/24xxx/CVE-2021-24682.json index 9aab998b73d..fb30e275663 100644 --- a/2021/24xxx/CVE-2021-24682.json +++ b/2021/24xxx/CVE-2021-24682.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24682", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Cool Tag Cloud < 2.26 - Contributor+ Stored Cross-Site Scripting" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Cool Tag Cloud", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "2.26", - "version_value": "2.26" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Cool Tag Cloud WordPress plugin before 2.26 does not escape the style attribute of the cool_tag_cloud shortcode, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/7dfdd50d-77f9-4f0a-8673-8f033c0b0e05", - "name": "https://wpscan.com/vulnerability/7dfdd50d-77f9-4f0a-8673-8f033c0b0e05" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-79 Cross-site Scripting (XSS)", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24682", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "apple502j" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24685.json b/2021/24xxx/CVE-2021-24685.json index 4c3b057eb58..fac53d3d69d 100644 --- a/2021/24xxx/CVE-2021-24685.json +++ b/2021/24xxx/CVE-2021-24685.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24685", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Flat Preloader < 1.5.4 - CSRF to Stored Cross-Site Scripting" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Flat Preloader", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "1.5.4", - "version_value": "1.5.4" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Flat Preloader WordPress plugin before 1.5.4 does not enforce nonce checks when saving its settings, as well as does not sanitise and escape them, which could allow attackers to a make logged in admin change them with a Cross-Site Scripting payload (triggered either in the frontend or backend depending on the payload)" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/972ecde8-3d44-4dd9-81e3-643d8737434f", - "name": "https://wpscan.com/vulnerability/972ecde8-3d44-4dd9-81e3-643d8737434f" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-352 Cross-Site Request Forgery (CSRF)", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24685", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "apple502j" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24693.json b/2021/24xxx/CVE-2021-24693.json index 4725e16f736..4075e8a0bbd 100644 --- a/2021/24xxx/CVE-2021-24693.json +++ b/2021/24xxx/CVE-2021-24693.json @@ -1,75 +1,18 @@ { + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-24693", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Simple Download Monitor < 3.9.5 - Contributor+ Stored Cross-Site Scripting via File Thumbnail" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Simple Download Monitor", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "3.9.5", - "version_value": "3.9.5" - } - ] - } - } - ] - } - } - ] - } + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "The Simple Download Monitor WordPress plugin before 3.9.5 does not escape the \"File Thumbnail\" post meta before outputting it in some pages, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks. Given the that XSS is triggered even when the Download is in a review state, contributor could make JavaScript code execute in a context of a reviewer such as admin and make them create a rogue admin account, or install a malicious plugin" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/4bb559b7-8dde-4c90-a9a6-d8dcfbea53a7", - "name": "https://wpscan.com/vulnerability/4bb559b7-8dde-4c90-a9a6-d8dcfbea53a7" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-79 Cross-site Scripting (XSS)", - "lang": "eng" - } - ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "apple502j" - } - ], - "source": { - "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24695.json b/2021/24xxx/CVE-2021-24695.json index b21814ba1aa..ba04719fd76 100644 --- a/2021/24xxx/CVE-2021-24695.json +++ b/2021/24xxx/CVE-2021-24695.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24695", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Simple Download Monitor < 3.9.6 - Unauthenticated Log Access" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Simple Download Monitor", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "3.9.6", - "version_value": "3.9.6" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Simple Download Monitor WordPress plugin before 3.9.6 saves logs in a predictable location, and does not have any authentication or authorisation in place to prevent unauthenticated users to download and read the logs containing Sensitive Information such as IP Addresses and Usernames" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/d7bdaf2b-cdd9-4aee-b1bb-01728160ff25", - "name": "https://wpscan.com/vulnerability/d7bdaf2b-cdd9-4aee-b1bb-01728160ff25" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-200 Information Exposure", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24695", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "apple502j" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24697.json b/2021/24xxx/CVE-2021-24697.json index ede5ddf0069..0c7caa193b7 100644 --- a/2021/24xxx/CVE-2021-24697.json +++ b/2021/24xxx/CVE-2021-24697.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24697", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Simple Download Monitor < 3.9.5 - Reflected Cross-Site Scripting" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Simple Download Monitor", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "3.9.5", - "version_value": "3.9.5" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Simple Download Monitor WordPress plugin before 3.9.5 does not escape the 1) sdm_active_tab GET parameter and 2) sdm_stats_start_date/sdm_stats_end_date POST parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/ef9ae513-6c29-45c2-b5ae-4a06a217c499", - "name": "https://wpscan.com/vulnerability/ef9ae513-6c29-45c2-b5ae-4a06a217c499" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-79 Cross-site Scripting (XSS)", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24697", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "apple502j" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24698.json b/2021/24xxx/CVE-2021-24698.json index 7e5e6521c15..277135d7a2f 100644 --- a/2021/24xxx/CVE-2021-24698.json +++ b/2021/24xxx/CVE-2021-24698.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24698", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Simple Download Monitor < 3.9.6 - Arbitrary Thumbnails Removal" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Simple Download Monitor", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "3.9.6", - "version_value": "3.9.6" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Simple Download Monitor WordPress plugin before 3.9.6 allows users with a role as low as Contributor to remove thumbnails from downloads they do not own, even if they cannot normally edit the download." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/1fda1356-77d8-4e77-9ee6-8f9ceeb3d380", - "name": "https://wpscan.com/vulnerability/1fda1356-77d8-4e77-9ee6-8f9ceeb3d380" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-284 Improper Access Control", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24698", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "apple502j" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24701.json b/2021/24xxx/CVE-2021-24701.json index 233304b2094..59da82ddf98 100644 --- a/2021/24xxx/CVE-2021-24701.json +++ b/2021/24xxx/CVE-2021-24701.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24701", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Quiz Tool Lite <= 2.3.15 - Multiple Admin+ Stored Cross-Site Scripting" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Quiz Tool Lite", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "2.3.15", - "version_value": "2.3.15" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Quiz Tool Lite WordPress plugin through 2.3.15 does not sanitize multiple input fields used when creating or managing quizzes and in other setting options, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/f7b95789-43f2-42a5-95e6-eb7accbd5ed3", - "name": "https://wpscan.com/vulnerability/f7b95789-43f2-42a5-95e6-eb7accbd5ed3" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-79 Cross-site Scripting (XSS)", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24701", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "Shivam Rai" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24706.json b/2021/24xxx/CVE-2021-24706.json index 9a04ff320c4..c0acc1e1492 100644 --- a/2021/24xxx/CVE-2021-24706.json +++ b/2021/24xxx/CVE-2021-24706.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24706", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Qwizcards < 3.62 - Admin+ Stored Cross Site Scripting" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Qwizcards – online quizzes and flashcards", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "3.62", - "version_value": "3.62" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Qwizcards – online quizzes and flashcards WordPress plugin before 3.62 does not properly sanitize and escape some of its settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/ecddb611-de75-41d5-a470-8fc2cf0780a4", - "name": "https://wpscan.com/vulnerability/ecddb611-de75-41d5-a470-8fc2cf0780a4" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-79 Cross-site Scripting (XSS)", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24706", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "Shivam Rai" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24708.json b/2021/24xxx/CVE-2021-24708.json index eeb60db71ea..7e899cb8aaa 100644 --- a/2021/24xxx/CVE-2021-24708.json +++ b/2021/24xxx/CVE-2021-24708.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24708", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "WP All Export < 1.3.1 - Admin+ Stored Cross-Site Scripting" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Export any WordPress data to XML/CSV", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "1.3.1", - "version_value": "1.3.1" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Export any WordPress data to XML/CSV WordPress plugin before 1.3.1 does not escape its Export's Name before outputting it in Manage Exports settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/4560eef4-253b-49a4-8e20-9520c45c6f7f", - "name": "https://wpscan.com/vulnerability/4560eef4-253b-49a4-8e20-9520c45c6f7f" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-79 Cross-site Scripting (XSS)", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24708", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "Huy Nguyen" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24710.json b/2021/24xxx/CVE-2021-24710.json index 79b5ffe759f..99ce3a3bce4 100644 --- a/2021/24xxx/CVE-2021-24710.json +++ b/2021/24xxx/CVE-2021-24710.json @@ -1,80 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24710", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Print-O-Matic < 2.0.3 - Admin+ Stored Cross-Site Scripting" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Print-O-Matic", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "2.0.3", - "version_value": "2.0.3" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Print-O-Matic WordPress plugin before 2.0.3 does not escape some of its settings before outputting them in attribute, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/84e83d52-f69a-4de2-80c8-7c1996b30a04", - "name": "https://wpscan.com/vulnerability/84e83d52-f69a-4de2-80c8-7c1996b30a04" - }, - { - "refsource": "CONFIRM", - "url": "https://plugins.trac.wordpress.org/changeset/2610060/", - "name": "https://plugins.trac.wordpress.org/changeset/2610060/" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-79 Cross-site Scripting (XSS)", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24710", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "Zain Ahmed" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24715.json b/2021/24xxx/CVE-2021-24715.json index 0921f2febd9..e878b5ecd90 100644 --- a/2021/24xxx/CVE-2021-24715.json +++ b/2021/24xxx/CVE-2021-24715.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24715", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "WP Sitemap Page < 1.7.0 - Admin+ Stored Cross Site Scripting" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "WP Sitemap Page", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "1.7.0", - "version_value": "1.7.0" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The WP Sitemap Page WordPress plugin before 1.7.0 does not properly sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/da66d54e-dda8-4aa8-8d27-b8b87100bb21", - "name": "https://wpscan.com/vulnerability/da66d54e-dda8-4aa8-8d27-b8b87100bb21" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-79 Cross-site Scripting (XSS)", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24715", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "Nikhil Kapoor From Esecforte" } - ], - "source": { - "discovery": "EXTERNAL" - } -} +} \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24716.json b/2021/24xxx/CVE-2021-24716.json index 506055572d2..77ec5bc35ab 100644 --- a/2021/24xxx/CVE-2021-24716.json +++ b/2021/24xxx/CVE-2021-24716.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24716", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Modern Events Calendar Lite < 5.22.3 - Authenticated Stored Cross Site Scripting" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Modern Events Calendar Lite", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "5.22.3", - "version_value": "5.22.3" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Modern Events Calendar Lite WordPress plugin before 5.22.3 does not properly sanitize or escape values set by users with access to adjust settings withing wp-admin." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/576cc93d-1499-452b-97dd-80f69002e2a0", - "name": "https://wpscan.com/vulnerability/576cc93d-1499-452b-97dd-80f69002e2a0" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-79 Cross-site Scripting (XSS)", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24716", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "Shivam Rai" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24717.json b/2021/24xxx/CVE-2021-24717.json index a4968e3f7a2..49ce8d572f1 100644 --- a/2021/24xxx/CVE-2021-24717.json +++ b/2021/24xxx/CVE-2021-24717.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24717", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "AutomatorWP < 1.7.6 - Missing Authorization and Privilege Escalation" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "AutomatorWP", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "1.7.6", - "version_value": "1.7.6" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The AutomatorWP WordPress plugin before 1.7.6 does not perform capability checks which allows users with Subscriber roles to enumerate automations, disclose title of private posts or user emails, call functions, or perform privilege escalation via Ajax actions." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/5916ea42-eb33-463d-8528-2a142805c91f", - "name": "https://wpscan.com/vulnerability/5916ea42-eb33-463d-8528-2a142805c91f" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-863 Incorrect Authorization", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24717", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "apple502j" } - ], - "source": { - "discovery": "EXTERNAL" - } -} +} \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24721.json b/2021/24xxx/CVE-2021-24721.json index ad7a8d3d559..a1e833bac4f 100644 --- a/2021/24xxx/CVE-2021-24721.json +++ b/2021/24xxx/CVE-2021-24721.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24721", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Loco Translate < 2.5.4 - Authenticated PHP Code Injection" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Loco Translate", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "2.5.4", - "version_value": "2.5.4" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Loco Translate WordPress plugin before 2.5.4 mishandles data inputs which get saved to a file, which can be renamed to an extension ending in .php, resulting in authenticated \"translator\" users being able to inject PHP code into files ending with .php in web accessible locations." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/bc7d4774-fce8-4b0b-8015-8ef4c5b02d38", - "name": "https://wpscan.com/vulnerability/bc7d4774-fce8-4b0b-8015-8ef4c5b02d38" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-94 Improper Control of Generation of Code ('Code Injection')", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24721", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "Tomi Ashari" } - ], - "source": { - "discovery": "EXTERNAL" - } -} +} \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24722.json b/2021/24xxx/CVE-2021-24722.json index 973ce41a3b6..23fb3477b2d 100644 --- a/2021/24xxx/CVE-2021-24722.json +++ b/2021/24xxx/CVE-2021-24722.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24722", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Restaurant Menu by MotoPress < 2.4.2 - Admin+ Stored Cross Site Scripting" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Restaurant Menu by MotoPress", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "2.4.2", - "version_value": "2.4.2" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Restaurant Menu by MotoPress WordPress plugin before 2.4.2 does not properly sanitize or escape inputs when creating new menu items, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/14b29450-2450-4b5f-8630-bb2cbfbd0a83", - "name": "https://wpscan.com/vulnerability/14b29450-2450-4b5f-8630-bb2cbfbd0a83" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-79 Cross-site Scripting (XSS)", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24722", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "Shivam Rai" } - ], - "source": { - "discovery": "EXTERNAL" - } -} +} \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24723.json b/2021/24xxx/CVE-2021-24723.json index 356f575e54c..3e37fdd2953 100644 --- a/2021/24xxx/CVE-2021-24723.json +++ b/2021/24xxx/CVE-2021-24723.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24723", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "WP Reactions Lite < 1.3.6 - Authenticated Stored Cross Site Scripting" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "WP Reactions Lite", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "1.3.6", - "version_value": "1.3.6" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The WP Reactions Lite WordPress plugin before 1.3.6 does not properly sanitize inputs within wp-admin pages, allowing users with sufficient access to inject XSS payloads within /wp-admin/ pages." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/0a46ae96-41e5-4b52-91c3-409f7387aecc", - "name": "https://wpscan.com/vulnerability/0a46ae96-41e5-4b52-91c3-409f7387aecc" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-79 Cross-site Scripting (XSS)", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24723", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "Shivam Rai" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24731.json b/2021/24xxx/CVE-2021-24731.json index a260b451dcc..d7b8c63bc28 100644 --- a/2021/24xxx/CVE-2021-24731.json +++ b/2021/24xxx/CVE-2021-24731.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24731", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Pie Register < 3.7.1.6 - Unauthenticated SQL Injection" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Registration Forms – User profile, Content Restriction, Spam Protection, Payment Gateways, Invitation Codes", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "3.7.1.6", - "version_value": "3.7.1.6" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Registration Forms – User profile, Content Restriction, Spam Protection, Payment Gateways, Invitation Codes WordPress plugin before 3.7.1.6 does not properly escape user data before using it in a SQL statement in the wp-json/pie/v1/login REST API endpoint, leading to an SQL injection." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/6bed00e4-b363-43b8-a392-d068d342151a", - "name": "https://wpscan.com/vulnerability/6bed00e4-b363-43b8-a392-d068d342151a" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-89 SQL Injection", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24731", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "AyeCode Ltd" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24742.json b/2021/24xxx/CVE-2021-24742.json index 715b346050f..f23552e1204 100644 --- a/2021/24xxx/CVE-2021-24742.json +++ b/2021/24xxx/CVE-2021-24742.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24742", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Logo Slider and Showcase < 1.3.37 - Editor Plugin's Settings Update" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Logo Slider and Showcase", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "1.3.37", - "version_value": "1.3.37" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Logo Slider and Showcase WordPress plugin before 1.3.37 allows Editor users to update the plugin's settings via the rtWLSSettings AJAX action because it uses a nonce for authorisation instead of a capability check." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/8dfc86e4-56a0-4e30-9050-cf3f328ff993", - "name": "https://wpscan.com/vulnerability/8dfc86e4-56a0-4e30-9050-cf3f328ff993" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-863 Incorrect Authorization", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24742", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "apple502j" } - ], - "source": { - "discovery": "EXTERNAL" - } -} +} \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24757.json b/2021/24xxx/CVE-2021-24757.json index a441a101a0c..7cdb9d07950 100644 --- a/2021/24xxx/CVE-2021-24757.json +++ b/2021/24xxx/CVE-2021-24757.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24757", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Stylish Price List < 6.9.0 - Unauthenticated Arbitrary Image Upload" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Stylish Price List", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "6.9.0", - "version_value": "6.9.0" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Stylish Price List WordPress plugin before 6.9.0 does not perform capability checks in its spl_upload_ser_img AJAX action (available to both unauthenticated and authenticated users), which could allow unauthenticated users to upload images." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/352a9e05-2d5f-4bf7-8da9-85621fb15d91", - "name": "https://wpscan.com/vulnerability/352a9e05-2d5f-4bf7-8da9-85621fb15d91" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-863 Incorrect Authorization", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24757", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "apple502j" } - ], - "source": { - "discovery": "EXTERNAL" - } -} +} \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24766.json b/2021/24xxx/CVE-2021-24766.json index 53757bc82ab..ec21f5bfe90 100644 --- a/2021/24xxx/CVE-2021-24766.json +++ b/2021/24xxx/CVE-2021-24766.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24766", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "404 to 301 < 3.0.9 - Logs Deletion via CSRF" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "404 to 301 – Redirect, Log and Notify 404 Errors", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "3.0.9", - "version_value": "3.0.9" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The 404 to 301 – Redirect, Log and Notify 404 Errors WordPress plugin before 3.0.9 does not have CSRF check in place when cleaning the logs, which could allow attacker to make a logged in admin delete all of them via a CSRF attack" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/cc13db1e-5f7f-49b2-81da-f913cfe70543", - "name": "https://wpscan.com/vulnerability/cc13db1e-5f7f-49b2-81da-f913cfe70543" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-352 Cross-Site Request Forgery (CSRF)", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24766", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "apple502j" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24767.json b/2021/24xxx/CVE-2021-24767.json index 1d5cba2b38b..20373eae90f 100644 --- a/2021/24xxx/CVE-2021-24767.json +++ b/2021/24xxx/CVE-2021-24767.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24767", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Redirect 404 Error Page to Homepage or Custom Page with Logs < 1.7.9 - Log Deletion via CSRF" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Redirect 404 Error Page to Homepage or Custom Page with Logs", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "1.7.9", - "version_value": "1.7.9" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Redirect 404 Error Page to Homepage or Custom Page with Logs WordPress plugin before 1.7.9 does not check for CSRF when deleting logs, which could allow attacker to make a logged in admin delete them via a CSRF attack" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/0b35ad4a-3d94-49b1-a98d-07acf8dd4962", - "name": "https://wpscan.com/vulnerability/0b35ad4a-3d94-49b1-a98d-07acf8dd4962" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-352 Cross-Site Request Forgery (CSRF)", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24767", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "apple502j" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24770.json b/2021/24xxx/CVE-2021-24770.json index 12c0d5c6b88..de3385d6a7e 100644 --- a/2021/24xxx/CVE-2021-24770.json +++ b/2021/24xxx/CVE-2021-24770.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24770", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Stylish Price List < 6.9.1 - Subscriber+ Arbitrary Image Upload" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Stylish Price List", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "6.9.1", - "version_value": "6.9.1" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Stylish Price List WordPress plugin before 6.9.1 does not perform capability checks in its spl_upload_ser_img AJAX action (available to authenticated users), which could allow any authenticated users, such as subscriber, to upload arbitrary images." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/4365c813-4bd7-4c7c-a15b-ef9a42d32b26", - "name": "https://wpscan.com/vulnerability/4365c813-4bd7-4c7c-a15b-ef9a42d32b26" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-863 Incorrect Authorization", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24770", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "apple502j" } - ], - "source": { - "discovery": "EXTERNAL" - } -} +} \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24773.json b/2021/24xxx/CVE-2021-24773.json index 863247fae2b..dff7e93c9fb 100644 --- a/2021/24xxx/CVE-2021-24773.json +++ b/2021/24xxx/CVE-2021-24773.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24773", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "WordPress Download Manager < 3.2.16 - Admin+ Stored Cross-Site Scripting" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "WordPress Download Manager", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "3.2.16", - "version_value": "3.2.16" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The WordPress Download Manager WordPress plugin before 3.2.16 does not escape some of the Download settings when outputting them, allowing high privilege users to perform XSS attacks even when the unfiltered_html capability is disallowed" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/aab2ddbb-7675-40fc-90ee-f5bfa8a5b995", - "name": "https://wpscan.com/vulnerability/aab2ddbb-7675-40fc-90ee-f5bfa8a5b995" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-79 Cross-site Scripting (XSS)", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24773", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "Huy Nguyen (Inval1d Team)" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24779.json b/2021/24xxx/CVE-2021-24779.json index eca4ddcec1d..6f81354df01 100644 --- a/2021/24xxx/CVE-2021-24779.json +++ b/2021/24xxx/CVE-2021-24779.json @@ -38,7 +38,7 @@ "description_data": [ { "lang": "eng", - "value": "The WP Debugging WordPress plugin before 2.11.0 has its update_settings() function hooked to admin_init and is missing any authorisation and CSRF checks, as a result, the settings can be updated by unauthenticated users." + "value": "The WP Debugging WordPress plugin before 2.11.0 has its update_settings() function hooked to admin_init and is missing any capability and CSRF checks, as a result, the settings can be updated by unauthenticated users." } ] }, @@ -56,7 +56,7 @@ { "description": [ { - "value": "CWE-862 Missing Authorization", + "value": "CWE-284 Improper Access Control", "lang": "eng" } ] @@ -72,4 +72,4 @@ "source": { "discovery": "EXTERNAL" } -} +} \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24781.json b/2021/24xxx/CVE-2021-24781.json index e19a3996c43..694d9d86cd7 100644 --- a/2021/24xxx/CVE-2021-24781.json +++ b/2021/24xxx/CVE-2021-24781.json @@ -1,80 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24781", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Image Source Control < 2.3.1 - Contributor+ Arbitrary Post Meta Value Change" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Image Source Control", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "2.3.1", - "version_value": "2.3.1" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Image Source Control WordPress plugin before 2.3.1 allows users with a role as low as Contributor to change arbitrary post meta fields of arbitrary posts (even those they should not be able to edit)" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/3550ba54-7786-4ad9-aeb1-1c0750f189d0", - "name": "https://wpscan.com/vulnerability/3550ba54-7786-4ad9-aeb1-1c0750f189d0" - }, - { - "refsource": "CONFIRM", - "url": "https://plugins.trac.wordpress.org/changeset/2606615/", - "name": "https://plugins.trac.wordpress.org/changeset/2606615/" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-284 Improper Access Control", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24781", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "apple502j" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24783.json b/2021/24xxx/CVE-2021-24783.json index cbc784d13c4..7695bc5ef2f 100644 --- a/2021/24xxx/CVE-2021-24783.json +++ b/2021/24xxx/CVE-2021-24783.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24783", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Post Expirator < 2.6.0 - Contributor+ Arbitrary Post Schedule Deletion" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Post Expirator: Automatically Unpublish WordPress Posts", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "2.6.0", - "version_value": "2.6.0" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Post Expirator WordPress plugin before 2.6.0 does not have proper capability checks in place, which could allow users with a role as low as Contributor to schedule deletion of arbitrary posts." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/de51b970-ab13-41a6-a479-a92cd0e70b71", - "name": "https://wpscan.com/vulnerability/de51b970-ab13-41a6-a479-a92cd0e70b71" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-284 Improper Access Control", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24783", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "apple502j" } - ], - "source": { - "discovery": "EXTERNAL" - } -} +} \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24788.json b/2021/24xxx/CVE-2021-24788.json index 1387a8cecb1..a55ec9fc57e 100644 --- a/2021/24xxx/CVE-2021-24788.json +++ b/2021/24xxx/CVE-2021-24788.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24788", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Batch Cat <= 0.3 - Subscriber+ Arbitrary Categories Add/Set/Delete to Posts" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Batch Cat", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "0.3", - "version_value": "0.3" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Batch Cat WordPress plugin through 0.3 defines 3 custom AJAX actions, which both require authentication but are available for all roles. As a result, any authenticated user (including simple subscribers) can add/set/delete arbitrary categories to posts." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/f8fdff8a-f158-46e8-94f1-f051a6c5608b", - "name": "https://wpscan.com/vulnerability/f8fdff8a-f158-46e8-94f1-f051a6c5608b" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-284 Improper Access Control", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24788", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "Quentin VILLAIN (3wsec)" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24789.json b/2021/24xxx/CVE-2021-24789.json index 8dbe1cb2f06..667ee61895d 100644 --- a/2021/24xxx/CVE-2021-24789.json +++ b/2021/24xxx/CVE-2021-24789.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24789", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Flat Preloader < 1.5.5 - Admin+ Stored Cross-Site Scripting" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Flat Preloader", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "1.5.5", - "version_value": "1.5.5" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Flat Preloader WordPress plugin before 1.5.5 does not escape some of its settings when outputting them in attribute in the frontend, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/e8550ccd-3898-4e27-aca9-ade89823ff4d", - "name": "https://wpscan.com/vulnerability/e8550ccd-3898-4e27-aca9-ade89823ff4d" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-79 Cross-site Scripting (XSS)", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24789", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "apple502j" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24791.json b/2021/24xxx/CVE-2021-24791.json index 5c3516c1d02..bdeaba9b33e 100644 --- a/2021/24xxx/CVE-2021-24791.json +++ b/2021/24xxx/CVE-2021-24791.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24791", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Header Footer Code Manager < 1.1.14 - Admin+ SQL Injections" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Header Footer Code Manager", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "1.1.14", - "version_value": "1.1.14" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Header Footer Code Manager WordPress plugin before 1.1.14 does not validate and escape the \"orderby\" and \"order\" request parameters before using them in a SQL statement when viewing the Snippets admin dashboard, leading to SQL injections" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/d55caa9b-d50f-4c13-bc69-dc475641735f", - "name": "https://wpscan.com/vulnerability/d55caa9b-d50f-4c13-bc69-dc475641735f" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-89 SQL Injection", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24791", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "bl4derunner" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24793.json b/2021/24xxx/CVE-2021-24793.json index 39e8772bf50..59ccaab7b1f 100644 --- a/2021/24xxx/CVE-2021-24793.json +++ b/2021/24xxx/CVE-2021-24793.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24793", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "WPeMatico RSS Feed Fetcher < 2.6.12 - Admin+ Stored Cross-Site Scripting" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "WPeMatico RSS Feed Fetcher", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "2.6.12", - "version_value": "2.6.12" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The WPeMatico RSS Feed Fetcher WordPress plugin before 2.6.12 does not escape the Feed URL added to a campaign before outputting it in an attribute, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/eeedbb3b-ae10-4472-a1d3-f196f95b9d96", - "name": "https://wpscan.com/vulnerability/eeedbb3b-ae10-4472-a1d3-f196f95b9d96" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-79 Cross-site Scripting (XSS)", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24793", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "Huy Nguyen" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24794.json b/2021/24xxx/CVE-2021-24794.json index 228dfd8fd17..361a17dcc6b 100644 --- a/2021/24xxx/CVE-2021-24794.json +++ b/2021/24xxx/CVE-2021-24794.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24794", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Connections Business Directory < 10.4.3 - Admin+ Stored Cross-Site Scripting" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Connections Business Directory", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "10.4.3", - "version_value": "10.4.3" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Connections Business Directory WordPress plugin before 10.4.3 does not escape the Address settings when creating an Entry, which could allow high privilege users to perform Cross-Site Scripting when the unfiltered_html capability is disallowed." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/651dc567-943e-4f57-8ec4-6eee466785f5", - "name": "https://wpscan.com/vulnerability/651dc567-943e-4f57-8ec4-6eee466785f5" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-79 Cross-site Scripting (XSS)", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24794", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "Huy Nguyen" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24798.json b/2021/24xxx/CVE-2021-24798.json index 4ba07277017..389632b72fb 100644 --- a/2021/24xxx/CVE-2021-24798.json +++ b/2021/24xxx/CVE-2021-24798.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24798", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "WP Header Images < 2.0.1 - Reflected Cross-Site Scripting" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "WP Header Images", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "2.0.1", - "version_value": "2.0.1" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The WP Header Images WordPress plugin before 2.0.1 does not sanitise and escape the t parameter before outputting it back in the plugin's settings page, leading to a Reflected Cross-Site Scripting issue" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/58c9a007-42db-4142-b096-0b9ba8850f87", - "name": "https://wpscan.com/vulnerability/58c9a007-42db-4142-b096-0b9ba8850f87" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-79 Cross-site Scripting (XSS)", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24798", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "apple502j" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24799.json b/2021/24xxx/CVE-2021-24799.json index 10820fa50c1..70db8ac9cae 100644 --- a/2021/24xxx/CVE-2021-24799.json +++ b/2021/24xxx/CVE-2021-24799.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24799", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Far Future Expiry Header < 1.5 - Plugin's Settings Update via CSRF" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Far Future Expiry Header", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "1.5", - "version_value": "1.5" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Far Future Expiry Header WordPress plugin before 1.5 does not have CSRF check when saving its settings, which could allow attackers to make a logged in admin change them via a CSRF attack." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/6010ce4e-3e46-4cc1-96d8-560b30b605ed", - "name": "https://wpscan.com/vulnerability/6010ce4e-3e46-4cc1-96d8-560b30b605ed" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-352 Cross-Site Request Forgery (CSRF)", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24799", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "apple502j" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24801.json b/2021/24xxx/CVE-2021-24801.json index 0a9780cda5f..de27ba1a4fb 100644 --- a/2021/24xxx/CVE-2021-24801.json +++ b/2021/24xxx/CVE-2021-24801.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24801", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "WP Survey Plus <= 1.0 - Subscriber+ AJAX Calls" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "WP Survey Plus", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "1.0", - "version_value": "1.0" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The WP Survey Plus WordPress plugin through 1.0 does not have any authorisation and CSRF checks in place in its AJAX actions, allowing any user to call them and add/edit/delete Surveys. Furthermore, due to the lack of sanitization in the Surveys' Title, this could also lead to Stored Cross-Site Scripting issues" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/78405609-2105-4011-b18e-1ba5f438972d", - "name": "https://wpscan.com/vulnerability/78405609-2105-4011-b18e-1ba5f438972d" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-284 Improper Access Control", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24801", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "Vishal Mohan" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24806.json b/2021/24xxx/CVE-2021-24806.json index 09040027231..a9c5b1a9890 100644 --- a/2021/24xxx/CVE-2021-24806.json +++ b/2021/24xxx/CVE-2021-24806.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24806", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "wpDiscuz < 7.3.4 - Arbitrary Comment Addition/Edition/Deletion via CSRF" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Comments – wpDiscuz", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "7.3.4", - "version_value": "7.3.4" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The wpDiscuz WordPress plugin before 7.3.4 does check for CSRF when adding, editing and deleting comments, which could allow attacker to make logged in users such as admin edit and delete arbitrary comment, or the user who made the comment to edit it via a CSRF attack. Attackers could also make logged in users post arbitrary comment." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/2746101e-e993-42b9-bd6f-dfd5544fa3fe", - "name": "https://wpscan.com/vulnerability/2746101e-e993-42b9-bd6f-dfd5544fa3fe" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-352 Cross-Site Request Forgery (CSRF)", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24806", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "Brandon Roldan" } - ], - "source": { - "discovery": "EXTERNAL" - } -} +} \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24807.json b/2021/24xxx/CVE-2021-24807.json index 049a29075ba..b33a91302d8 100644 --- a/2021/24xxx/CVE-2021-24807.json +++ b/2021/24xxx/CVE-2021-24807.json @@ -1,85 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24807", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Support Board < 3.3.5 - Agent+ Stored Cross-Site Scripting" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Support Board", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "3.3.5", - "version_value": "3.3.5" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Support Board WordPress plugin before 3.3.5 allows Authenticated (Agent+) users to perform Cross-Site Scripting attacks by placing a payload in the notes field, when an administrator or any authenticated user go to the chat the XSS will be automatically executed." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/19d101aa-4b60-4db4-a33b-86c826b288b0", - "name": "https://wpscan.com/vulnerability/19d101aa-4b60-4db4-a33b-86c826b288b0" - }, - { - "refsource": "MISC", - "url": "https://medium.com/@lijohnjefferson/cve-2021-24807-6bc22af2a444", - "name": "https://medium.com/@lijohnjefferson/cve-2021-24807-6bc22af2a444" - }, - { - "refsource": "MISC", - "url": "https://github.com/itsjeffersonli/CVE-2021-24807", - "name": "https://github.com/itsjeffersonli/CVE-2021-24807" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-79 Cross-site Scripting (XSS)", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24807", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "John Jefferson Li" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24808.json b/2021/24xxx/CVE-2021-24808.json index 1c862486d1e..59a6a6bd3ae 100644 --- a/2021/24xxx/CVE-2021-24808.json +++ b/2021/24xxx/CVE-2021-24808.json @@ -1,80 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24808", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "BP Better Messages < 1.9.9.41 - Reflected Cross-Site Scripting" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "BP Better Messages", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "1.9.9.41", - "version_value": "1.9.9.41" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The BP Better Messages WordPress plugin before 1.9.9.41 sanitise (with sanitize_text_field) but does not escape the 'subject' parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting issue" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/53ff82ec-00ec-4b20-8f60-db9db8c025b4", - "name": "https://wpscan.com/vulnerability/53ff82ec-00ec-4b20-8f60-db9db8c025b4" - }, - { - "refsource": "CONFIRM", - "url": "https://plugins.trac.wordpress.org/changeset/2605772/bp-better-messages/trunk/views/layout-new.php", - "name": "https://plugins.trac.wordpress.org/changeset/2605772/bp-better-messages/trunk/views/layout-new.php" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-79 Cross-site Scripting (XSS)", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24808", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "Brandon Roldan" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24809.json b/2021/24xxx/CVE-2021-24809.json index 0e85e733219..7f3f35632ef 100644 --- a/2021/24xxx/CVE-2021-24809.json +++ b/2021/24xxx/CVE-2021-24809.json @@ -1,80 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24809", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "BP Better Messages < 1.9.9.41 - Multiple CSRF" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "BP Better Messages", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "1.9.9.41", - "version_value": "1.9.9.41" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The BP Better Messages WordPress plugin before 1.9.9.41 does not check for CSRF in multiple of its AJAX actions: bp_better_messages_leave_chat, bp_better_messages_join_chat, bp_messages_leave_thread, bp_messages_mute_thread, bp_messages_unmute_thread, bp_better_messages_add_user_to_thread, bp_better_messages_exclude_user_from_thread. This could allow attackers to make logged in users do unwanted actions" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/e186fef4-dca0-461f-b539-082c13a68d13", - "name": "https://wpscan.com/vulnerability/e186fef4-dca0-461f-b539-082c13a68d13" - }, - { - "refsource": "CONFIRM", - "url": "https://plugins.trac.wordpress.org/changeset/2605772/bp-better-messages/trunk/inc/ajax.php", - "name": "https://plugins.trac.wordpress.org/changeset/2605772/bp-better-messages/trunk/inc/ajax.php" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-352 Cross-Site Request Forgery (CSRF)", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24809", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "Brandon Roldan" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24813.json b/2021/24xxx/CVE-2021-24813.json index cce1195ec64..5f0720e19af 100644 --- a/2021/24xxx/CVE-2021-24813.json +++ b/2021/24xxx/CVE-2021-24813.json @@ -1,80 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24813", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Events Made Easy < 2.2.24 - Admin+ Stored Cross-Site Scripting" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Events Made Easy", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "2.2.24", - "version_value": "2.2.24" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Events Made Easy WordPress plugin before 2.2.24 does not sanitise and escape Custom Field Names, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/a1fe0783-7a88-4d75-967f-cef970b73752", - "name": "https://wpscan.com/vulnerability/a1fe0783-7a88-4d75-967f-cef970b73752" - }, - { - "refsource": "CONFIRM", - "url": "https://plugins.trac.wordpress.org/changeset/2607749/", - "name": "https://plugins.trac.wordpress.org/changeset/2607749/" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-79 Cross-site Scripting (XSS)", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24813", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "Huy Nguyen" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24816.json b/2021/24xxx/CVE-2021-24816.json index 01884844df7..88dde0f26f9 100644 --- a/2021/24xxx/CVE-2021-24816.json +++ b/2021/24xxx/CVE-2021-24816.json @@ -1,75 +1,18 @@ { + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-24816", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Phoenix Media Rename < 3.4.4 - Author Arbitrary Media File Renaming" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Phoenix Media Rename", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "3.4.4", - "version_value": "3.4.4" - } - ] - } - } - ] - } - } - ] - } + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "The Phoenix Media Rename WordPress plugin before 3.4.4 does not have capability checks in its phoenix_media_rename AJAX action, which could allow users with Author roles to rename any uploaded media files, including ones they do not own." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/5f63d677-20f3-4fe0-bb90-048b6898e6cd", - "name": "https://wpscan.com/vulnerability/5f63d677-20f3-4fe0-bb90-048b6898e6cd" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-284 Improper Access Control", - "lang": "eng" - } - ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "apple502j" - } - ], - "source": { - "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24827.json b/2021/24xxx/CVE-2021-24827.json index 09923fab4ce..fb260b2ba26 100644 --- a/2021/24xxx/CVE-2021-24827.json +++ b/2021/24xxx/CVE-2021-24827.json @@ -1,80 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24827", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Asgaros Forum < 1.15.13 - Unauthenticated SQL Injection" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Asgaros Forum", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "1.15.13", - "version_value": "1.15.13" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Asgaros Forum WordPress plugin before 1.15.13 does not validate and escape user input when subscribing to a topic before using it in a SQL statement, leading to an unauthenticated SQL injection issue" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/36cc5151-1d5e-4874-bcec-3b6326235db1", - "name": "https://wpscan.com/vulnerability/36cc5151-1d5e-4874-bcec-3b6326235db1" - }, - { - "refsource": "CONFIRM", - "url": "https://plugins.trac.wordpress.org/changeset/2611560/asgaros-forum", - "name": "https://plugins.trac.wordpress.org/changeset/2611560/asgaros-forum" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-89 SQL Injection", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24827", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "JrXnm" } - ], - "source": { - "discovery": "EXTERNAL" - } -} +} \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24829.json b/2021/24xxx/CVE-2021-24829.json index 4e5b285c223..b33d01f3e91 100644 --- a/2021/24xxx/CVE-2021-24829.json +++ b/2021/24xxx/CVE-2021-24829.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24829", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Visitor Traffic Real Time Statistics < 3.9 - Subscriber+ SQL Injection" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Visitor Traffic Real Time Statistics", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "3.9", - "version_value": "3.9" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Visitor Traffic Real Time Statistics WordPress plugin before 3.9 does not validate and escape user input passed to the today_traffic_index AJAX action (available to any authenticated users) before using it in a SQL statement, leading to an SQL injection issue" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/cc6585c8-5798-48a1-89f7-a3337f56df3f", - "name": "https://wpscan.com/vulnerability/cc6585c8-5798-48a1-89f7-a3337f56df3f" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-89 SQL Injection", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24829", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "JrXnm" } - ], - "source": { - "discovery": "EXTERNAL" - } -} +} \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24832.json b/2021/24xxx/CVE-2021-24832.json index 36817f76e17..03c0dc4dff7 100644 --- a/2021/24xxx/CVE-2021-24832.json +++ b/2021/24xxx/CVE-2021-24832.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24832", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "WP SEO Redirect 301 < 2.3.2 - Redirect Deletion via CSRF" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "WP SEO Redirect 301", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "2.3.2", - "version_value": "2.3.2" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The WP SEO Redirect 301 WordPress plugin before 2.3.2 does not have CSRF in place when deleting redirects, which could allow attackers to make a logged in admin delete them via a CSRF attack" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/cf031259-b76e-475c-8a8e-fa6a0d9e7bb4", - "name": "https://wpscan.com/vulnerability/cf031259-b76e-475c-8a8e-fa6a0d9e7bb4" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-352 Cross-Site Request Forgery (CSRF)", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24832", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "Francesco Carlucci" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24835.json b/2021/24xxx/CVE-2021-24835.json index 3556c7e2baf..ad031588948 100644 --- a/2021/24xxx/CVE-2021-24835.json +++ b/2021/24xxx/CVE-2021-24835.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24835", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "WCFM - Frontend Manager for WooCommerce < 6.5.12 - Customer/Subscriber+ SQL Injection" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "6.5.12", - "version_value": "6.5.12" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible WordPress plugin before 6.5.12, when used in combination with another WCFM - WooCommerce Multivendor plugin such as WCFM - WooCommerce Multivendor Marketplace, does not escape the withdrawal_vendor parameter before using it in a SQL statement, allowing low privilege users such as Subscribers to perform SQL injection attacks" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/c493ac9c-67d1-48a9-be21-824b1a1d56c2", - "name": "https://wpscan.com/vulnerability/c493ac9c-67d1-48a9-be21-824b1a1d56c2" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-89 SQL Injection", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24835", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "JrXnm" } - ], - "source": { - "discovery": "EXTERNAL" - } -} +} \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24840.json b/2021/24xxx/CVE-2021-24840.json index 1464c8f88d7..7f29351fa4b 100644 --- a/2021/24xxx/CVE-2021-24840.json +++ b/2021/24xxx/CVE-2021-24840.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24840", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Squaretype Modern Blog < 3.0.4 - Unauthenticated Private/Schedule Posts Disclosure" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Squaretype", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "3.0.4", - "version_value": "3.0.4" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Squaretype WordPress theme before 3.0.4 allows unauthenticated users to manipulate the query_vars used to retrieve the posts to display in one of its REST endpoint, without any validation. As a result, private and scheduled posts could be retrieved via a crafted request." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/971302fd-4e8b-4c6a-818f-3a42c7fb83ef", - "name": "https://wpscan.com/vulnerability/971302fd-4e8b-4c6a-818f-3a42c7fb83ef" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-639 Authorization Bypass Through User-Controlled Key", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24840", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "Emil Kylander Edwartz" } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file diff --git a/2021/24xxx/CVE-2021-24844.json b/2021/24xxx/CVE-2021-24844.json index 211f94b9797..78952e41113 100644 --- a/2021/24xxx/CVE-2021-24844.json +++ b/2021/24xxx/CVE-2021-24844.json @@ -1,80 +1,18 @@ { - "CVE_data_meta": { - "ID": "CVE-2021-24844", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "Affiliate Manager < 2.8.7 - Admin+ SQL injection" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "Affiliates Manager", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "2.8.7", - "version_value": "2.8.7" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Affiliates Manager WordPress plugin before 2.8.7 does not validate the orderby parameter before using it in an SQL statement in the admin dashboard, leading to an SQL Injection issue" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/ebd6d13c-572e-4861-b7d1-a7a87332ce0d", - "name": "https://wpscan.com/vulnerability/ebd6d13c-572e-4861-b7d1-a7a87332ce0d" - }, - { - "refsource": "CONFIRM", - "url": "https://plugins.trac.wordpress.org/changeset/2611862/", - "name": "https://plugins.trac.wordpress.org/changeset/2611862/" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-89 SQL Injection", - "lang": "eng" - } + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-24844", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } ] - } - ] - }, - "credit": [ - { - "lang": "eng", - "value": "JrXnm" } - ], - "source": { - "discovery": "EXTERNAL" - } -} +} \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25219.json b/2021/25xxx/CVE-2021-25219.json index 25a4b3b6999..b1dedc19ad3 100644 --- a/2021/25xxx/CVE-2021-25219.json +++ b/2021/25xxx/CVE-2021-25219.json @@ -108,16 +108,6 @@ "refsource": "DEBIAN", "name": "DSA-4994", "url": "https://www.debian.org/security/2021/dsa-4994" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211102 [SECURITY] [DLA 2807-1] bind9 security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00001.html" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-58e7b873b7", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YTKC4E3HUOLYN5IA4EBL4VAQSWG2ZVTX/" } ] }, diff --git a/2021/25xxx/CVE-2021-25500.json b/2021/25xxx/CVE-2021-25500.json index 4113ab81e3e..55e3f1696e0 100644 --- a/2021/25xxx/CVE-2021-25500.json +++ b/2021/25xxx/CVE-2021-25500.json @@ -1,83 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "mobile.security@samsung.com", - "ID": "CVE-2021-25500", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Samsung Mobile Devices", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "Select Q(10.0), R(11.0) devices with Exynos 980, 9820, 9830, 2100 chipset", - "version_value": "SMR Nov-2021 Release 1" - } - ] - } - } - ] - }, - "vendor_name": "Samsung Mobile" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25500", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A missing input validation in HDCP LDFW prior to SMR Nov-2021 Release 1 allows attackers to overwrite TZASC allowing TEE compromise." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "HIGH", - "attackVector": "LOCAL", - "availabilityImpact": "NONE", - "baseScore": 7.2, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "HIGH", - "scope": "CHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-20: Improper Input Validation" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=11", - "name": "https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=11" - } - ] - }, - "source": { - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25501.json b/2021/25xxx/CVE-2021-25501.json index 00401223d02..7e874873bd4 100644 --- a/2021/25xxx/CVE-2021-25501.json +++ b/2021/25xxx/CVE-2021-25501.json @@ -1,83 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "mobile.security@samsung.com", - "ID": "CVE-2021-25501", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Samsung Mobile Devices", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "Q(10.0), R(11.0)", - "version_value": "SMR Nov-2021 Release 1" - } - ] - } - } - ] - }, - "vendor_name": "Samsung Mobile" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25501", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "An improper access control vulnerability in SCloudBnRReceiver in SecTelephonyProvider prior to SMR Nov-2021 Release 1 allows untrusted application to call some protected providers." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "LOW", - "baseScore": 5.7, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "privilegesRequired": "NONE", - "scope": "CHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:L", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-284: Improper Access Control" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=11", - "name": "https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=11" - } - ] - }, - "source": { - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25502.json b/2021/25xxx/CVE-2021-25502.json index eeaf90049b8..6682863ec84 100644 --- a/2021/25xxx/CVE-2021-25502.json +++ b/2021/25xxx/CVE-2021-25502.json @@ -1,83 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "mobile.security@samsung.com", - "ID": "CVE-2021-25502", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Samsung Mobile Devices", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "O(8.1), P(9.0), Q(10.0), R(11.0)", - "version_value": "SMR Nov-2021 Release 1" - } - ] - } - } - ] - }, - "vendor_name": "Samsung Mobile" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25502", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability of storing sensitive information insecurely in Property Settings prior to SMR Nov-2021 Release 1 allows attackers to read ESN value without priviledge." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "LOW", - "baseScore": 7.9, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "LOW", - "privilegesRequired": "LOW", - "scope": "CHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-269: Improper Privilege Management" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=11", - "name": "https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=11" - } - ] - }, - "source": { - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25503.json b/2021/25xxx/CVE-2021-25503.json index 6808f3b7042..2c9116814ee 100644 --- a/2021/25xxx/CVE-2021-25503.json +++ b/2021/25xxx/CVE-2021-25503.json @@ -1,83 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "mobile.security@samsung.com", - "ID": "CVE-2021-25503", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Samsung Mobile Devices", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "Select O(8.1), P(9.0), Q(10.0), R(11.0) devices with Exynos chipsets", - "version_value": "SMR Nov-2021 Release 1" - } - ] - } - } - ] - }, - "vendor_name": "Samsung Mobile" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25503", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Improper input validation vulnerability in HDCP prior to SMR Nov-2021 Release 1 allows attackers to arbitrary code execution." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "HIGH", - "attackVector": "LOCAL", - "availabilityImpact": "LOW", - "baseScore": 5, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "privilegesRequired": "HIGH", - "scope": "CHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-20: Improper Input Validation" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=11", - "name": "https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=11" - } - ] - }, - "source": { - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25504.json b/2021/25xxx/CVE-2021-25504.json index a781a8a80f5..950ca87fb86 100644 --- a/2021/25xxx/CVE-2021-25504.json +++ b/2021/25xxx/CVE-2021-25504.json @@ -1,83 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "mobile.security@samsung.com", - "ID": "CVE-2021-25504", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Group Sharing", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "-", - "version_value": "10.8.03.2" - } - ] - } - } - ] - }, - "vendor_name": "Samsung Mobile" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25504", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Intent redirection vulnerability in Group Sharing prior to 10.8.03.2 allows attacker to access contact information." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "NONE", - "baseScore": 4, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-20: Improper Input Validation" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=11", - "name": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=11" - } - ] - }, - "source": { - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25505.json b/2021/25xxx/CVE-2021-25505.json index 07b2df062ee..6a11eada11d 100644 --- a/2021/25xxx/CVE-2021-25505.json +++ b/2021/25xxx/CVE-2021-25505.json @@ -1,83 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "mobile.security@samsung.com", - "ID": "CVE-2021-25505", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Samsung Pass", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "-", - "version_value": "3.0.02.4" - } - ] - } - } - ] - }, - "vendor_name": "Samsung Mobile" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25505", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Improper authentication in Samsung Pass prior to 3.0.02.4 allows to use app without authentication when lockscreen is unlocked." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "NONE", - "baseScore": 3.3, - "baseSeverity": "LOW", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-287: Improper Authentication" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=11", - "name": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=11" - } - ] - }, - "source": { - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25506.json b/2021/25xxx/CVE-2021-25506.json index 173f661bf78..61127067f3a 100644 --- a/2021/25xxx/CVE-2021-25506.json +++ b/2021/25xxx/CVE-2021-25506.json @@ -1,83 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "mobile.security@samsung.com", - "ID": "CVE-2021-25506", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Samsung Health", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "-", - "version_value": "6.19.1.0001" - } - ] - } - } - ] - }, - "vendor_name": "Samsung Mobile" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25506", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Non-existent provider in Samsung Health prior to 6.19.1.0001 allows attacker to access it via malicious content provider or lead to denial of service." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "LOW", - "baseScore": 4, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-287: IMproper Authentication" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=11", - "name": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=11" - } - ] - }, - "source": { - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25507.json b/2021/25xxx/CVE-2021-25507.json index 2eda6778f47..bd0819bda5e 100644 --- a/2021/25xxx/CVE-2021-25507.json +++ b/2021/25xxx/CVE-2021-25507.json @@ -1,83 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "mobile.security@samsung.com", - "ID": "CVE-2021-25507", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Samsung Flow", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "-", - "version_value": "4.8.03.5" - } - ] - } - } - ] - }, - "vendor_name": "Samsung Mobile" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25507", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Improper authorization vulnerability in Samsung Flow mobile application prior to 4.8.03.5 allows Samsung Flow PC application connected with user device to access part of notification data in Secure Folder without authorization." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "ADJACENT_NETWORK", - "availabilityImpact": "NONE", - "baseScore": 5.7, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-285 Improper Authorization" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=11", - "name": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=11" - } - ] - }, - "source": { - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25508.json b/2021/25xxx/CVE-2021-25508.json index f90af07f570..55383b4e048 100644 --- a/2021/25xxx/CVE-2021-25508.json +++ b/2021/25xxx/CVE-2021-25508.json @@ -1,83 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "mobile.security@samsung.com", - "ID": "CVE-2021-25508", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "SmartThings", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "-", - "version_value": "1.7.73.22" - } - ] - } - } - ] - }, - "vendor_name": "Samsung Mobile" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25508", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Improper privilege management vulnerability in API Key used in SmartThings prior to 1.7.73.22 allows an attacker to abuse the API key without limitation." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 5.3, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-269 Improper Privilege Management" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=11", - "name": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=11" - } - ] - }, - "source": { - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25509.json b/2021/25xxx/CVE-2021-25509.json index 551ccd6edb5..2e63b2161d0 100644 --- a/2021/25xxx/CVE-2021-25509.json +++ b/2021/25xxx/CVE-2021-25509.json @@ -1,83 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "mobile.security@samsung.com", - "ID": "CVE-2021-25509", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Samsung Flow", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "-", - "version_value": "4.8.5.0" - } - ] - } - } - ] - }, - "vendor_name": "Samsung Mobile" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25509", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A missing input validation in Samsung Flow Windows application prior to Version 4.8.5.0 allows attackers to overwrite abtraty file in the Windows known folders." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "LOW", - "baseScore": 5.9, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-20: Improper Input Validation" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=11", - "name": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=11" - } - ] - }, - "source": { - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25663.json b/2021/25xxx/CVE-2021-25663.json index 84c6b689d1c..a3780147488 100644 --- a/2021/25xxx/CVE-2021-25663.json +++ b/2021/25xxx/CVE-2021-25663.json @@ -15,11 +15,11 @@ "product": { "product_data": [ { - "product_name": "Capital VSTAR", + "product_name": "Nucleus 4", "version": { "version_data": [ { - "version_value": "Versions including affected IPv6 stack" + "version_value": "All versions < V4.1.0" } ] } @@ -35,21 +35,11 @@ } }, { - "product_name": "Nucleus ReadyStart V3", + "product_name": "Nucleus ReadyStart", "version": { "version_data": [ { - "version_value": "All versions < V2017.02.4" - } - ] - } - }, - { - "product_name": "Nucleus ReadyStart V4", - "version": { - "version_data": [ - { - "version_value": "All versions < V4.1.0" + "version_value": "All versions" } ] } @@ -59,7 +49,17 @@ "version": { "version_data": [ { - "version_value": "Versions including affected IPv6 stack" + "version_value": "versions including affected IPv6 stack" + } + ] + } + }, + { + "product_name": "VSTAR", + "version": { + "version_data": [ + { + "version_value": "versions including affected IPv6 stack" } ] } @@ -86,7 +86,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in Capital VSTAR (Versions including affected IPv6 stack), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected IPv6 stack). The function that processes IPv6 headers does not check the lengths of extension header options, allowing attackers to put this function into an infinite loop with crafted length values." + "value": "A vulnerability has been identified in Nucleus 4 (All versions < V4.1.0), Nucleus NET (All versions), Nucleus ReadyStart (All versions), Nucleus Source Code (versions including affected IPv6 stack), VSTAR (versions including affected IPv6 stack). The function that processes IPv6 headers does not check the lengths of extension header options, allowing attackers to put this function into an infinite loop with crafted length values." } ] }, diff --git a/2021/25xxx/CVE-2021-25664.json b/2021/25xxx/CVE-2021-25664.json index 4130957413d..41dffc61731 100644 --- a/2021/25xxx/CVE-2021-25664.json +++ b/2021/25xxx/CVE-2021-25664.json @@ -15,11 +15,11 @@ "product": { "product_data": [ { - "product_name": "Capital VSTAR", + "product_name": "Nucleus 4", "version": { "version_data": [ { - "version_value": "Versions including affected IPv6 stack" + "version_value": "All versions < V4.1.0" } ] } @@ -35,21 +35,11 @@ } }, { - "product_name": "Nucleus ReadyStart V3", + "product_name": "Nucleus ReadyStart", "version": { "version_data": [ { - "version_value": "All versions < V2017.02.4" - } - ] - } - }, - { - "product_name": "Nucleus ReadyStart V4", - "version": { - "version_data": [ - { - "version_value": "All versions < V4.1.0" + "version_value": "All versions" } ] } @@ -59,7 +49,17 @@ "version": { "version_data": [ { - "version_value": "Versions including affected IPv6 stack" + "version_value": "versions including affected IPv6 stack" + } + ] + } + }, + { + "product_name": "VSTAR", + "version": { + "version_data": [ + { + "version_value": "versions including affected IPv6 stack" } ] } @@ -86,7 +86,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in Capital VSTAR (Versions including affected IPv6 stack), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected IPv6 stack). The function that processes the Hop-by-Hop extension header in IPv6 packets and its options lacks any checks against the length field of the header, allowing attackers to put the function into an infinite loop by supplying arbitrary length values." + "value": "A vulnerability has been identified in Nucleus 4 (All versions < V4.1.0), Nucleus NET (All versions), Nucleus ReadyStart (All versions), Nucleus Source Code (versions including affected IPv6 stack), VSTAR (versions including affected IPv6 stack). The function that processes the Hop-by-Hop extension header in IPv6 packets and its options lacks any checks against the length field of the header, allowing attackers to put the function into an infinite loop by supplying arbitrary length values." } ] }, diff --git a/2021/25xxx/CVE-2021-25677.json b/2021/25xxx/CVE-2021-25677.json index eecddb6803a..2af44429c2a 100644 --- a/2021/25xxx/CVE-2021-25677.json +++ b/2021/25xxx/CVE-2021-25677.json @@ -15,11 +15,11 @@ "product": { "product_data": [ { - "product_name": "Capital VSTAR", + "product_name": "Nucleus 4", "version": { "version_data": [ { - "version_value": "Versions including affected DNS modules" + "version_value": "All versions < V4.1.0" } ] } @@ -35,7 +35,17 @@ } }, { - "product_name": "Nucleus ReadyStart V3", + "product_name": "Nucleus RTOS", + "version": { + "version_data": [ + { + "version_value": "versions including affected DNS modules" + } + ] + } + }, + { + "product_name": "Nucleus ReadyStart", "version": { "version_data": [ { @@ -44,32 +54,12 @@ ] } }, - { - "product_name": "Nucleus ReadyStart V3", - "version": { - "version_data": [ - { - "version_value": "All versions < V2017.02.4" - } - ] - } - }, - { - "product_name": "Nucleus ReadyStart V4", - "version": { - "version_data": [ - { - "version_value": "All versions < V4.1.0" - } - ] - } - }, { "product_name": "Nucleus Source Code", "version": { "version_data": [ { - "version_value": "Versions including affected DNS modules" + "version_value": "versions including affected DNS modules" } ] } @@ -83,6 +73,26 @@ } ] } + }, + { + "product_name": "SIMOTICS CONNECT 400", + "version": { + "version_data": [ + { + "version_value": "All versions >= V0.5.0.0" + } + ] + } + }, + { + "product_name": "VSTAR", + "version": { + "version_data": [ + { + "version_value": "versions including affected DNS modules" + } + ] + } } ] } @@ -106,7 +116,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in Capital VSTAR (Versions including affected DNS modules), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0). The DNS client does not properly randomize DNS transaction IDs. That could allow an attacker to poison the DNS cache or spoof DNS resolving." + "value": "A vulnerability has been identified in Nucleus 4 (All versions < V4.1.0), Nucleus NET (All versions), Nucleus RTOS (versions including affected DNS modules), Nucleus ReadyStart (All versions < V2017.02.3), Nucleus Source Code (versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), SIMOTICS CONNECT 400 (All versions >= V0.5.0.0), VSTAR (versions including affected DNS modules). The DNS client does not properly randomize DNS transaction IDs. That could allow an attacker to poison the DNS cache or spoof DNS resolving." } ] }, diff --git a/2021/25xxx/CVE-2021-25874.json b/2021/25xxx/CVE-2021-25874.json index d703d846142..cd7fdf27436 100644 --- a/2021/25xxx/CVE-2021-25874.json +++ b/2021/25xxx/CVE-2021-25874.json @@ -1,71 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-25874", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25874", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "AVideo/YouPHPTube AVideo/YouPHPTube 10.0 and prior is affected by a SQL Injection SQL injection in the catName parameter which allows a remote unauthenticated attacker to retrieve databases information such as application passwords hashes." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "http://avideoyouphptube.com", - "refsource": "MISC", - "name": "http://avideoyouphptube.com" - }, - { - "url": "https://synacktiv.com", - "refsource": "MISC", - "name": "https://synacktiv.com" - }, - { - "refsource": "MISC", - "name": "https://www.synacktiv.com/sites/default/files/2021-01/YouPHPTube_Multiple_Vulnerabilities.pdf", - "url": "https://www.synacktiv.com/sites/default/files/2021-01/YouPHPTube_Multiple_Vulnerabilities.pdf" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/25xxx/CVE-2021-25875.json b/2021/25xxx/CVE-2021-25875.json index efec936ecb4..b82758b80f6 100644 --- a/2021/25xxx/CVE-2021-25875.json +++ b/2021/25xxx/CVE-2021-25875.json @@ -1,71 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-25875", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25875", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "AVideo/YouPHPTube AVideo/YouPHPTube 10.0 and prior has multiple reflected Cross Script Scripting vulnerabilities via the searchPhrase parameter which allows a remote attacker to steal administrators' session cookies or perform actions as an administrator." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "http://avideoyouphptube.com", - "refsource": "MISC", - "name": "http://avideoyouphptube.com" - }, - { - "url": "https://synacktiv.com", - "refsource": "MISC", - "name": "https://synacktiv.com" - }, - { - "refsource": "MISC", - "name": "https://www.synacktiv.com/sites/default/files/2021-01/YouPHPTube_Multiple_Vulnerabilities.pdf", - "url": "https://www.synacktiv.com/sites/default/files/2021-01/YouPHPTube_Multiple_Vulnerabilities.pdf" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/25xxx/CVE-2021-25876.json b/2021/25xxx/CVE-2021-25876.json index 72663f8c976..bd214fe2096 100644 --- a/2021/25xxx/CVE-2021-25876.json +++ b/2021/25xxx/CVE-2021-25876.json @@ -1,71 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-25876", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25876", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "AVideo/YouPHPTube 10.0 and prior has multiple reflected Cross Script Scripting vulnerabilities via the u parameter which allows a remote attacker to steal administrators' session cookies or perform actions as an administrator." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "http://avideoyouphptube.com", - "refsource": "MISC", - "name": "http://avideoyouphptube.com" - }, - { - "url": "https://synacktiv.com", - "refsource": "MISC", - "name": "https://synacktiv.com" - }, - { - "refsource": "MISC", - "name": "https://www.synacktiv.com/sites/default/files/2021-01/YouPHPTube_Multiple_Vulnerabilities.pdf", - "url": "https://www.synacktiv.com/sites/default/files/2021-01/YouPHPTube_Multiple_Vulnerabilities.pdf" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/25xxx/CVE-2021-25877.json b/2021/25xxx/CVE-2021-25877.json index e29aab1eeed..1cdccaf80b5 100644 --- a/2021/25xxx/CVE-2021-25877.json +++ b/2021/25xxx/CVE-2021-25877.json @@ -1,71 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-25877", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25877", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "AVideo/YouPHPTube 10.0 and prior is affected by Insecure file write. An administrator privileged user is able to write files on filesystem using flag and code variables in file save.php." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "http://avideoyouphptube.com", - "refsource": "MISC", - "name": "http://avideoyouphptube.com" - }, - { - "url": "https://synacktiv.com", - "refsource": "MISC", - "name": "https://synacktiv.com" - }, - { - "refsource": "MISC", - "name": "https://www.synacktiv.com/sites/default/files/2021-01/YouPHPTube_Multiple_Vulnerabilities.pdf", - "url": "https://www.synacktiv.com/sites/default/files/2021-01/YouPHPTube_Multiple_Vulnerabilities.pdf" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/25xxx/CVE-2021-25878.json b/2021/25xxx/CVE-2021-25878.json index a71e7d99b69..decc5060245 100644 --- a/2021/25xxx/CVE-2021-25878.json +++ b/2021/25xxx/CVE-2021-25878.json @@ -1,71 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-25878", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25878", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "AVideo/YouPHPTube 10.0 and prior is affected by multiple reflected Cross Script Scripting vulnerabilities via the videoName parameter which allows a remote attacker to steal administrators' session cookies or perform actions as an administrator." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "http://avideoyouphptube.com", - "refsource": "MISC", - "name": "http://avideoyouphptube.com" - }, - { - "url": "https://synacktiv.com", - "refsource": "MISC", - "name": "https://synacktiv.com" - }, - { - "refsource": "MISC", - "name": "https://www.synacktiv.com/sites/default/files/2021-01/YouPHPTube_Multiple_Vulnerabilities.pdf", - "url": "https://www.synacktiv.com/sites/default/files/2021-01/YouPHPTube_Multiple_Vulnerabilities.pdf" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/25xxx/CVE-2021-25971.json b/2021/25xxx/CVE-2021-25971.json index 6705563baed..2b51c29cf0c 100644 --- a/2021/25xxx/CVE-2021-25971.json +++ b/2021/25xxx/CVE-2021-25971.json @@ -51,15 +51,15 @@ "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", - "availabilityImpact": "LOW", + "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", - "confidentialityImpact": "NONE", + "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" } }, @@ -69,7 +69,7 @@ "description": [ { "lang": "eng", - "value": "CWE-248 Uncaught Exception" + "value": "CWE-613 Insufficient Session Expiration" } ] } @@ -99,4 +99,4 @@ "advisory": "https://www.whitesourcesoftware.com/vulnerability-database/", "discovery": "UNKNOWN" } -} +} \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25973.json b/2021/25xxx/CVE-2021-25973.json index 1638409075c..6914bc648f8 100644 --- a/2021/25xxx/CVE-2021-25973.json +++ b/2021/25xxx/CVE-2021-25973.json @@ -1,102 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "vulnerabilitylab@whitesourcesoftware.com", - "ID": "CVE-2021-25973", - "STATE": "PUBLIC", - "TITLE": "Publify - Improper Authorization Leads to Guest Signup Restriction Bypass" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "publify_core", - "version": { - "version_data": [ - { - "version_affected": ">=", - "version_value": "9.0.0.pre1" - }, - { - "version_affected": "<=", - "version_value": "9.2.4" - } - ] - } - } - ] - }, - "vendor_name": "publify_core" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25973", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "In Publify, 9.0.0.pre1 to 9.2.4 are vulnerable to Improper Access Control. \u201cguest\u201d role users can self-register even when the admin does not allow. This happens due to front-end restriction only." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 6.5, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-285 Improper Authorization" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://github.com/publify/publify/commit/3447e0241e921b65f6eb1090453d8ea73e98387e", - "name": "https://github.com/publify/publify/commit/3447e0241e921b65f6eb1090453d8ea73e98387e" - }, - { - "refsource": "MISC", - "url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25973", - "name": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25973" - } - ] - }, - "solution": [ - { - "lang": "eng", - "value": "Update to 9.2.5" - } - ], - "source": { - "advisory": "https://www.whitesourcesoftware.com/vulnerability-database/", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25978.json b/2021/25xxx/CVE-2021-25978.json index 2a4e1c2ee8f..e9096a67caa 100644 --- a/2021/25xxx/CVE-2021-25978.json +++ b/2021/25xxx/CVE-2021-25978.json @@ -1,103 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "vulnerabilitylab@whitesourcesoftware.com", - "ID": "CVE-2021-25978", - "STATE": "PUBLIC", - "TITLE": "Apostrophe - XSS" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Apostrophe ", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_value": "3.3.1" - }, - { - "version_affected": ">=", - "version_value": "2.63.0" - } - ] - } - } - ] - }, - "vendor_name": "Apostrophe " - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "Daniel Elkabes" - } - ], - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25978", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Apostrophe CMS versions between 2.63.0 to 3.3.1 are vulnerable to Stored XSS where an editor uploads an SVG file that contains malicious JavaScript onto the Images module, which triggers XSS once viewed." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "privilegesRequired": "LOW", - "scope": "CHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-79 Cross-site Scripting (XSS)" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://github.com/apostrophecms/apostrophe/commit/c8b94ee9c79468f1ce28e31966cb0e0839165e59", - "name": "https://github.com/apostrophecms/apostrophe/commit/c8b94ee9c79468f1ce28e31966cb0e0839165e59" - } - ] - }, - "solution": [ - { - "lang": "eng", - "value": "Upgrade to version 3.4.0" - } - ], - "source": { - "advisory": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25978", - "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25979.json b/2021/25xxx/CVE-2021-25979.json index b713c60eec2..9f9f57dd027 100644 --- a/2021/25xxx/CVE-2021-25979.json +++ b/2021/25xxx/CVE-2021-25979.json @@ -1,103 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "vulnerabilitylab@whitesourcesoftware.com", - "ID": "CVE-2021-25979", - "STATE": "PUBLIC", - "TITLE": "Apostrophe - Insufficient Session Expiration" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Apostrophe ", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_value": "3.3.1" - }, - { - "version_affected": ">=", - "version_value": "2.63.0" - } - ] - } - } - ] - }, - "vendor_name": "Apostrophe " - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "Daniel Elkabes" - } - ], - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25979", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Apostrophe CMS versions between 2.63.0 to 3.3.1 affected by an insufficient session expiration vulnerability, which allows unauthenticated remote attackers to hijack recently logged-in users' sessions." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-613 Insufficient Session Expiration" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://github.com/apostrophecms/apostrophe/commit/c211b211f9f4303a77a307cf41aac9b4ef8d2c7c", - "name": "https://github.com/apostrophecms/apostrophe/commit/c211b211f9f4303a77a307cf41aac9b4ef8d2c7c" - } - ] - }, - "solution": [ - { - "lang": "eng", - "value": "Upgrade to version 3.4.0" - } - ], - "source": { - "advisory": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25979", - "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2021/26xxx/CVE-2021-26107.json b/2021/26xxx/CVE-2021-26107.json index 9c98c92e5dc..b1fcbf56a0a 100644 --- a/2021/26xxx/CVE-2021-26107.json +++ b/2021/26xxx/CVE-2021-26107.json @@ -4,74 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-26107", - "ASSIGNER": "psirt@fortinet.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Fortinet", - "product": { - "product_data": [ - { - "product_name": "Fortinet FortiManager", - "version": { - "version_data": [ - { - "version_value": "FortiManager 6.4.5, 6.4.4" - } - ] - } - } - ] - } - } - ] - } - }, - "impact": { - "cvss": { - "attackComplexity": "Low", - "attackVector": "Network", - "availabilityImpact": "Low", - "baseScore": 6.2, - "baseSeverity": "Medium", - "confidentialityImpact": "Low", - "integrityImpact": "Low", - "privilegesRequired": "Low", - "scope": "Unchanged", - "userInteraction": "None", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:H/RL:W/RC:C", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Improper access control" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "CONFIRM", - "name": "https://fortiguard.com/advisory/FG-IR-21-043", - "url": "https://fortiguard.com/advisory/FG-IR-21-043" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "An improper access control vulnerability [CWE-284] in FortiManager versions 6.4.4 and 6.4.5 may allow an authenticated attacker with a restricted user profile to modify the VPN tunnel status of other VDOMs using VPN Manager." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/26xxx/CVE-2021-26253.json b/2021/26xxx/CVE-2021-26253.json deleted file mode 100644 index cb1fe0d82cd..00000000000 --- a/2021/26xxx/CVE-2021-26253.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-26253", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/26xxx/CVE-2021-26443.json b/2021/26xxx/CVE-2021-26443.json index cefbb3f7269..10a2f5b1aa7 100644 --- a/2021/26xxx/CVE-2021-26443.json +++ b/2021/26xxx/CVE-2021-26443.json @@ -1,18 +1,163 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-26443", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-26443", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Windows", + "version": { + "version_data": [ + { + "version_value": "10 Version 1809 for x64-based Systems" + } + ] + } + }, + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "2019" + }, + { + "version_value": "2019 (Core installation)" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 2004 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 20H2 (Server Core Installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26443" + } + ] + } +} diff --git a/2021/26xxx/CVE-2021-26444.json b/2021/26xxx/CVE-2021-26444.json index 1a6d37d653b..d1f478ed9f8 100644 --- a/2021/26xxx/CVE-2021-26444.json +++ b/2021/26xxx/CVE-2021-26444.json @@ -1,18 +1,60 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-26444", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-26444", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Azure RTOS", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Azure RTOS Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-42301, CVE-2021-42323." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26444" + } + ] + } +} diff --git a/2021/26xxx/CVE-2021-26739.json b/2021/26xxx/CVE-2021-26739.json index e46296efa47..1433d32fa74 100644 --- a/2021/26xxx/CVE-2021-26739.json +++ b/2021/26xxx/CVE-2021-26739.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-26739", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-26739", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "SQL Injection vulnerability in pay.php in millken doyocms 2.3, allows attackers to execute arbitrary code, via the attribute parameter." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/millken/doyocms/issues/5", - "refsource": "MISC", - "name": "https://github.com/millken/doyocms/issues/5" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/26xxx/CVE-2021-26740.json b/2021/26xxx/CVE-2021-26740.json index 60846236bff..69094df5562 100644 --- a/2021/26xxx/CVE-2021-26740.json +++ b/2021/26xxx/CVE-2021-26740.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-26740", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-26740", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Arbitrary file upload vulnerability sysupload.php in millken doyocms 2.3 allows attackers to execute arbitrary code." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/millken/doyocms/issues/4", - "refsource": "MISC", - "name": "https://github.com/millken/doyocms/issues/4" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/26xxx/CVE-2021-26786.json b/2021/26xxx/CVE-2021-26786.json index 0b85ace3270..ef26a337a43 100644 --- a/2021/26xxx/CVE-2021-26786.json +++ b/2021/26xxx/CVE-2021-26786.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-26786", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-26786", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "An issue was discoverered in in customercentric-selling-poland PlayTube, allows authenticated attackers to execute arbitrary code via the purchace code to the config.php." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/customercentric-selling-poland/playtuber/issues/1", - "refsource": "MISC", - "name": "https://github.com/customercentric-selling-poland/playtuber/issues/1" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/26xxx/CVE-2021-26822.json b/2021/26xxx/CVE-2021-26822.json index c749052cd3f..390239b3629 100644 --- a/2021/26xxx/CVE-2021-26822.json +++ b/2021/26xxx/CVE-2021-26822.json @@ -61,11 +61,6 @@ "refsource": "MISC", "name": "https://www.exploit-db.com/exploits/49562", "url": "https://www.exploit-db.com/exploits/49562" - }, - { - "refsource": "MISC", - "name": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-26822", - "url": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-26822" } ] } diff --git a/2021/26xxx/CVE-2021-26844.json b/2021/26xxx/CVE-2021-26844.json index a12d002d92f..f57042621a1 100644 --- a/2021/26xxx/CVE-2021-26844.json +++ b/2021/26xxx/CVE-2021-26844.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-26844", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-26844", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A cross-site scripting (XSS) vulnerability in Power Admin PA Server Monitor 8.2.1.1 allows remote attackers to inject arbitrary web script or HTML via Console.exe." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://www.poweradmin.com/products/server-monitoring/support/release-notes/", - "url": "https://www.poweradmin.com/products/server-monitoring/support/release-notes/" - }, - { - "refsource": "MISC", - "name": "https://pastebin.com/mrzVTPeV", - "url": "https://pastebin.com/mrzVTPeV" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/27xxx/CVE-2021-27004.json b/2021/27xxx/CVE-2021-27004.json index 070b856cee0..4fc92038828 100644 --- a/2021/27xxx/CVE-2021-27004.json +++ b/2021/27xxx/CVE-2021-27004.json @@ -4,58 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-27004", - "ASSIGNER": "security-alert@netapp.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "System Manager 9.x", - "version": { - "version_data": [ - { - "version_value": "System Manager 9.x versions 9.7 and higher prior to 9.7P16, 9.8P7 and 9.9.1P2" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Disclosure of sensitive information" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://security.netapp.com/advisory/NTAP-20211029-0001/", - "url": "https://security.netapp.com/advisory/NTAP-20211029-0001/" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "System Manager 9.x versions 9.7 and higher prior to 9.7P16, 9.8P7 and 9.9.1P2 are susceptible to a vulnerability which could allow a local attacker to discover plaintext iSCSI CHAP credentials." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/27xxx/CVE-2021-27005.json b/2021/27xxx/CVE-2021-27005.json index a0044d008a3..03dfe29e475 100644 --- a/2021/27xxx/CVE-2021-27005.json +++ b/2021/27xxx/CVE-2021-27005.json @@ -4,58 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-27005", - "ASSIGNER": "security-alert@netapp.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "Clustered Data ONTAP", - "version": { - "version_data": [ - { - "version_value": "Clustered Data ONTAP versions 9.6 and higher prior to 9.6P16, 9.7P16, 9.8P7 and 9.9.1P3" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Denial of Service" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://security.netapp.com/advisory/NTAP-20211029-0002/", - "url": "https://security.netapp.com/advisory/NTAP-20211029-0002/" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Clustered Data ONTAP versions 9.6 and higher prior to 9.6P16, 9.7P16, 9.8P7 and 9.9.1P3 are susceptible to a vulnerability which could allow a remote attacker to cause a crash of the httpd server." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/27xxx/CVE-2021-27034.json b/2021/27xxx/CVE-2021-27034.json index 117ad7d71ed..bd2c751a0e5 100644 --- a/2021/27xxx/CVE-2021-27034.json +++ b/2021/27xxx/CVE-2021-27034.json @@ -95,7 +95,7 @@ "description_data": [ { "lang": "eng", - "value": "A heap-based buffer overflow could occur while parsing PICT, PCX, RCL or TIFF files in Autodesk Design Review 2018, 2017, 2013, 2012, 2011. This vulnerability can be exploited to execute arbitrary code." + "value": "A heap-based buffer overflow could occur while parsing PICT or TIFF files in Autodesk 2018, 2017, 2013, 2012, 2011. This vulnerability can be exploited to execute arbitrary code." } ] } diff --git a/2021/27xxx/CVE-2021-27035.json b/2021/27xxx/CVE-2021-27035.json index bdf322ef44b..72761c0df78 100644 --- a/2021/27xxx/CVE-2021-27035.json +++ b/2021/27xxx/CVE-2021-27035.json @@ -90,7 +90,7 @@ "description_data": [ { "lang": "eng", - "value": "A maliciously crafted TIFF, PICT, TGA, or DWF files in Autodesk Design Review 2018, 2017, 2013, 2012, 2011 can be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA or DWF files. This vulnerability can be exploited to execute arbitrary code." + "value": "A maliciously crafted TIFF, PDF, PICT or DWF files in Autodesk 2018, 2017, 2013, 2012, 2011 can be forced to read beyond allocated boundaries when parsing the TIFF, PDF, PICT or DWF files. This vulnerability can be exploited to execute arbitrary code." } ] } diff --git a/2021/27xxx/CVE-2021-27036.json b/2021/27xxx/CVE-2021-27036.json index 83cf4bec9ca..92cc716476c 100644 --- a/2021/27xxx/CVE-2021-27036.json +++ b/2021/27xxx/CVE-2021-27036.json @@ -75,7 +75,7 @@ "description_data": [ { "lang": "eng", - "value": "A maliciously crafted PCX, PICT, RCL or TIFF file in Autodesk Design Review 2018, 2017, 2013, 2012, 2011 can be used to write beyond the allocated buffer while parsing PCX, PDF, PICT, RCL or TIFF files. This vulnerability can be exploited to execute arbitrary code." + "value": "A maliciously crafted PDF, PICT or TIFF file can be used to write beyond the allocated buffer while parsing PDF, PICT or TIFF files in Autodesk 2018, 2017, 2013, 2012, 2011. This vulnerability can be exploited to execute arbitrary code." } ] } diff --git a/2021/27xxx/CVE-2021-27190.json b/2021/27xxx/CVE-2021-27190.json index 2146bb97540..68fb525029b 100644 --- a/2021/27xxx/CVE-2021-27190.json +++ b/2021/27xxx/CVE-2021-27190.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "A Stored Cross Site Scripting(XSS) Vulnerability was discovered in PEEL SHOPPING 9.3.0 and 9.4.0, which are publicly available. The user supplied input containing polyglot payload is echoed back in javascript code in HTML response. This allows an attacker to input malicious JavaScript which can steal cookie, redirect them to other malicious website, etc." + "value": "A Stored Cross Site Scripting(XSS) Vulnerability was discovered in PEEL SHOPPING 9.3.0 which is publicly available. The user supplied input containing polyglot payload is echoed back in javascript code in HTML response. This allows an attacker to input malicious JavaScript which can steal cookie, redirect them to other malicious website, etc." } ] }, @@ -66,16 +66,6 @@ "refsource": "MISC", "name": "https://github.com/anmolksachan/CVE-2021-27190-PEEL-Shopping-cart-9.3.0-Stored-XSS", "url": "https://github.com/anmolksachan/CVE-2021-27190-PEEL-Shopping-cart-9.3.0-Stored-XSS" - }, - { - "refsource": "MISC", - "name": "https://github.com/vulf/Peel-Shopping-cart-9.4.0-Stored-XSS", - "url": "https://github.com/vulf/Peel-Shopping-cart-9.4.0-Stored-XSS" - }, - { - "refsource": "MISC", - "name": "https://github.com/advisto/peel-shopping/issues/4#issuecomment-953461611", - "url": "https://github.com/advisto/peel-shopping/issues/4#issuecomment-953461611" } ] } diff --git a/2021/27xxx/CVE-2021-27393.json b/2021/27xxx/CVE-2021-27393.json index cd8302c725a..4913ee9d247 100644 --- a/2021/27xxx/CVE-2021-27393.json +++ b/2021/27xxx/CVE-2021-27393.json @@ -14,16 +14,6 @@ "vendor_name": "Siemens", "product": { "product_data": [ - { - "product_name": "Capital VSTAR", - "version": { - "version_data": [ - { - "version_value": "Versions including affected DNS modules" - } - ] - } - }, { "product_name": "Nucleus NET", "version": { @@ -35,7 +25,17 @@ } }, { - "product_name": "Nucleus ReadyStart V3", + "product_name": "Nucleus RTOS", + "version": { + "version_data": [ + { + "version_value": "versions including affected DNS modules" + } + ] + } + }, + { + "product_name": "Nucleus ReadyStart", "version": { "version_data": [ { @@ -49,7 +49,17 @@ "version": { "version_data": [ { - "version_value": "Versions including affected DNS modules" + "version_value": "versions including affected DNS modules" + } + ] + } + }, + { + "product_name": "VSTAR", + "version": { + "version_data": [ + { + "version_value": "versions including affected DNS modules" } ] } @@ -76,7 +86,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in Capital VSTAR (Versions including affected DNS modules), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2013.08), Nucleus Source Code (Versions including affected DNS modules). The DNS client does not properly randomize UDP port numbers of DNS requests. That could allow an attacker to poison the DNS cache or spoof DNS resolving." + "value": "A vulnerability has been identified in Nucleus NET (All versions), Nucleus RTOS (versions including affected DNS modules), Nucleus ReadyStart (All versions < V2013.08), Nucleus Source Code (versions including affected DNS modules), VSTAR (versions including affected DNS modules). The DNS client does not properly randomize UDP port numbers of DNS requests. That could allow an attacker to poison the DNS cache or spoof DNS resolving." } ] }, diff --git a/2021/27xxx/CVE-2021-27644.json b/2021/27xxx/CVE-2021-27644.json index fb7d14fef6c..c21d1841ff0 100644 --- a/2021/27xxx/CVE-2021-27644.json +++ b/2021/27xxx/CVE-2021-27644.json @@ -1,92 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security@apache.org", - "ID": "CVE-2021-27644", - "STATE": "PUBLIC", - "TITLE": "DolphinScheduler mysql jdbc connector parameters deserialize remote code execution" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Apache DolphinScheduler", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "Apache DolphinScheduler", - "version_value": "1.3.6" - } - ] - } - } - ] - }, - "vendor_name": "Apache Software Foundation" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "This issue was discovered by Jinchen Sheng of Ant FG Security Lab" - } - ], - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-27644", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "In Apache DolphinScheduler before 1.3.6 versions, authorized users can use SQL injection in the data source center. (Only applicable to MySQL data source with internal login account password)" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": [ - { - "other": "low" - } - ], - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-264 Permissions, Privileges, and Access Controls" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://lists.apache.org/thread.html/r35d6acf021486a390a7ea09e6650c2fe19e72522bd484791d606a6e6%40%3Cdev.dolphinscheduler.apache.org%3E", - "name": "https://lists.apache.org/thread.html/r35d6acf021486a390a7ea09e6650c2fe19e72522bd484791d606a6e6%40%3Cdev.dolphinscheduler.apache.org%3E" - }, - { - "refsource": "MLIST", - "name": "[dolphinscheduler-dev] 20211101 CVE-2021-27644: Apache DolphinScheduler: DolphinScheduler mysql jdbc connector parameters deserialize remote code execution", - "url": "https://lists.apache.org/thread.html/r35d6acf021486a390a7ea09e6650c2fe19e72522bd484791d606a6e6@%3Cdev.dolphinscheduler.apache.org%3E" - }, - { - "refsource": "MLIST", - "name": "[oss-security] 20211101 CVE-2021-27644: Apache DolphinScheduler: DolphinScheduler mysql jdbc connector parameters deserialize remote code execution", - "url": "http://www.openwall.com/lists/oss-security/2021/11/01/3" - } - ] - }, - "source": { - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/27xxx/CVE-2021-27722.json b/2021/27xxx/CVE-2021-27722.json index 19680707082..2b459a22c30 100644 --- a/2021/27xxx/CVE-2021-27722.json +++ b/2021/27xxx/CVE-2021-27722.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-27722", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-27722", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "An issue was discovered in Nsasoft US LLC SpotAuditor 5.3.5. The program can be crashed by entering 300 bytes char data into the \"Key\" or \"Name\" field while registering." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.exploit-db.com/exploits/49590", - "refsource": "MISC", - "name": "https://www.exploit-db.com/exploits/49590" - }, - { - "refsource": "MISC", - "name": "https://www.exploit-db.com/exploits/49638", - "url": "https://www.exploit-db.com/exploits/49638" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/27xxx/CVE-2021-27723.json b/2021/27xxx/CVE-2021-27723.json index b577621b6db..90d3474a8d3 100644 --- a/2021/27xxx/CVE-2021-27723.json +++ b/2021/27xxx/CVE-2021-27723.json @@ -5,13 +5,13 @@ "CVE_data_meta": { "ID": "CVE-2021-27723", "ASSIGNER": "cve@mitre.org", - "STATE": "REJECT" + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/27xxx/CVE-2021-27836.json b/2021/27xxx/CVE-2021-27836.json index 7debc28007f..7e5b5440885 100644 --- a/2021/27xxx/CVE-2021-27836.json +++ b/2021/27xxx/CVE-2021-27836.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-27836", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-27836", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "An issue was discoverered in in function xls_getWorkSheet in xls.c in libxls 1.6.2, allows attackers to cause a denial of service, via a crafted XLS file." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/libxls/libxls/issues/94", - "refsource": "MISC", - "name": "https://github.com/libxls/libxls/issues/94" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/28xxx/CVE-2021-28021.json b/2021/28xxx/CVE-2021-28021.json index 4ff24f57d6e..7fc8368fb2b 100644 --- a/2021/28xxx/CVE-2021-28021.json +++ b/2021/28xxx/CVE-2021-28021.json @@ -56,31 +56,6 @@ "url": "https://github.com/nothings/stb/issues/1108", "refsource": "MISC", "name": "https://github.com/nothings/stb/issues/1108" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-001f25d986", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G2M5CRSGPRF7G3YB5CLU4FXW7ANNHAYT/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-f8ba4a690e", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BEGXBDEMTFGINETMJENBZ6SCHVEJQJSY/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-3fc69d203c", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VP2YEXEAJWI76FPM7D7VXHWD3WESQEYC/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-8ea648186c", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3TDGZFLBOP27LZKLH45WQLSNPSPP7S7Z/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-16d848834d", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AF2CNP4FVC6LDKNOO4WDCGNDYIP3MPK6/" } ] } diff --git a/2021/28xxx/CVE-2021-28022.json b/2021/28xxx/CVE-2021-28022.json index 99e16e9982a..d74aacd917e 100644 --- a/2021/28xxx/CVE-2021-28022.json +++ b/2021/28xxx/CVE-2021-28022.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-28022", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-28022", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Blind SQL injection in the login form in ServiceTonic Helpdesk software < 9.0.35937 allows attacker to exfiltrate information via specially crafted HQL-compatible time-based SQL queries." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.servicetonic.com/", - "refsource": "MISC", - "name": "https://www.servicetonic.com/" - }, - { - "refsource": "MISC", - "name": "https://www.srlabs.de/bites/chaining-three-zero-day-exploits-in-itsm-software-servicetonic-for-remote-code-execution", - "url": "https://www.srlabs.de/bites/chaining-three-zero-day-exploits-in-itsm-software-servicetonic-for-remote-code-execution" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/28xxx/CVE-2021-28023.json b/2021/28xxx/CVE-2021-28023.json index abb4731778f..db8d7c844ba 100644 --- a/2021/28xxx/CVE-2021-28023.json +++ b/2021/28xxx/CVE-2021-28023.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-28023", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-28023", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Arbitrary file upload in Service import feature in ServiceTonic Helpdesk software version < 9.0.35937 allows a malicious user to execute JSP code by uploading a zip that extracts files in relative paths." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.servicetonic.com/", - "refsource": "MISC", - "name": "https://www.servicetonic.com/" - }, - { - "refsource": "MISC", - "name": "https://www.srlabs.de/bites/chaining-three-zero-day-exploits-in-itsm-software-servicetonic-for-remote-code-execution", - "url": "https://www.srlabs.de/bites/chaining-three-zero-day-exploits-in-itsm-software-servicetonic-for-remote-code-execution" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/28xxx/CVE-2021-28024.json b/2021/28xxx/CVE-2021-28024.json index 9b9b111bf5b..545601af3cb 100644 --- a/2021/28xxx/CVE-2021-28024.json +++ b/2021/28xxx/CVE-2021-28024.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-28024", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-28024", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Unauthorized system access in the login form in ServiceTonic Helpdesk software version < 9.0.35937 allows attacker to login without using a password." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.servicetonic.com/", - "refsource": "MISC", - "name": "https://www.servicetonic.com/" - }, - { - "refsource": "MISC", - "name": "https://www.srlabs.de/bites/chaining-three-zero-day-exploits-in-itsm-software-servicetonic-for-remote-code-execution", - "url": "https://www.srlabs.de/bites/chaining-three-zero-day-exploits-in-itsm-software-servicetonic-for-remote-code-execution" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/28xxx/CVE-2021-28702.json b/2021/28xxx/CVE-2021-28702.json index 60f69ece1df..ddef0dd3588 100644 --- a/2021/28xxx/CVE-2021-28702.json +++ b/2021/28xxx/CVE-2021-28702.json @@ -104,11 +104,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-0b7a484688", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FDPRMOBBLS74ONYP3IXZZXSTLKR7GRQB/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-829f5f2f43", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2OIHEJ3R3EH5DYI2I5UMD2ULJ2ELA3EX/" } ] }, diff --git a/2021/28xxx/CVE-2021-28960.json b/2021/28xxx/CVE-2021-28960.json index 0ef3abb3cb6..844cbc4cfe6 100644 --- a/2021/28xxx/CVE-2021-28960.json +++ b/2021/28xxx/CVE-2021-28960.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "Zoho ManageEngine Desktop Central before build 10.0.683 allows unauthenticated command injection due to improper handling of an input command in on-demand operations." + "value": "ManageEngine Desktop Central before build 10.0.683 allows Unauthenticated Remote Code Execution during communication with Notification Server." } ] }, diff --git a/2021/29xxx/CVE-2021-29063.json b/2021/29xxx/CVE-2021-29063.json index cdaca727c80..79544bc4de0 100644 --- a/2021/29xxx/CVE-2021-29063.json +++ b/2021/29xxx/CVE-2021-29063.json @@ -81,11 +81,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-244a18163c", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MS2U6GLXQSRZJE2HVUAUMVFR2DWQLCZG/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-bc2153d8f0", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EIUX3XWY2K3MSO7QXMZXQQYAURARSPC5/" } ] } diff --git a/2021/29xxx/CVE-2021-29212.json b/2021/29xxx/CVE-2021-29212.json index 03df2978a6e..f5fe1f07a88 100644 --- a/2021/29xxx/CVE-2021-29212.json +++ b/2021/29xxx/CVE-2021-29212.json @@ -4,63 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-29212", - "ASSIGNER": "security-alert@hpe.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "iLO Amplifier Pack", - "version": { - "version_data": [ - { - "version_value": "Ver 1.80, Ver 1.81, Ver 1.90, and Ver 1.95" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "remote directory traversal" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn04189en_us", - "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn04189en_us" - }, - { - "refsource": "MISC", - "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1278/", - "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1278/" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A remote unauthenticated directory traversal security vulnerability has been identified in HPE iLO Amplifier Pack versions 1.80, 1.81, 1.90 and 1.95. The vulnerability could be remotely exploited to allow an unauthenticated user to run arbitrary code leading complete impact to confidentiality, integrity, and availability of the iLO Amplifier Pack appliance." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/29xxx/CVE-2021-29213.json b/2021/29xxx/CVE-2021-29213.json index 9ddc5103c95..826978dbb9c 100644 --- a/2021/29xxx/CVE-2021-29213.json +++ b/2021/29xxx/CVE-2021-29213.json @@ -4,58 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-29213", - "ASSIGNER": "security-alert@hpe.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "HPE ProLiant ML30 Gen10 Server; HPE ProLiant DL20 Gen10 Server; HPE ProLiant MicroServer Gen10 Plus", - "version": { - "version_data": [ - { - "version_value": "Prior to system ROM v2.52" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "local bypass security restrictions; local compromise of system integrity; local denial of service (DoS); local disclosure of sensitive information" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04197en_us", - "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04197en_us" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A potential local bypass of security restrictions vulnerability has been identified in HPE ProLiant DL20 Gen10, HPE ProLiant ML30 Gen10, and HPE ProLiant MicroServer Gen10 Plus server's system ROMs prior to version 2.52. The vulnerability could be locally exploited to cause disclosure of sensitive information, denial of service (DoS), and/or compromise system integrity." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/29xxx/CVE-2021-29243.json b/2021/29xxx/CVE-2021-29243.json index 7e4dc14387f..2bfc433991d 100644 --- a/2021/29xxx/CVE-2021-29243.json +++ b/2021/29xxx/CVE-2021-29243.json @@ -1,70 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-29243", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29243", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Cloudera Manager 5.x, 6.x, 7.1.x, 7.2.x, and 7.3.x allows XSS." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html", - "refsource": "MISC", - "name": "https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html" - }, - { - "refsource": "MISC", - "name": "https://my.cloudera.com/knowledge/TSB-2021-488-Cloudera-Manager-is-vulnerable-to-Cross-Site?id=322833", - "url": "https://my.cloudera.com/knowledge/TSB-2021-488-Cloudera-Manager-is-vulnerable-to-Cross-Site?id=322833" - } - ] - }, - "source": { - "discovery": "INTERNAL" } } \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29505.json b/2021/29xxx/CVE-2021-29505.json index bb8a0cd6678..d993f410b3f 100644 --- a/2021/29xxx/CVE-2021-29505.json +++ b/2021/29xxx/CVE-2021-29505.json @@ -116,11 +116,6 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20210708-0007/", "url": "https://security.netapp.com/advisory/ntap-20210708-0007/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-5e376c0ed9", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PVPHZA7VW2RRSDCOIPP2W6O5ND254TU7/" } ] }, diff --git a/2021/29xxx/CVE-2021-29735.json b/2021/29xxx/CVE-2021-29735.json index 49b66769fc3..e42ce81c7ca 100644 --- a/2021/29xxx/CVE-2021-29735.json +++ b/2021/29xxx/CVE-2021-29735.json @@ -1,105 +1,18 @@ { - "references" : { - "reference_data" : [ - { - "url" : "https://www.ibm.com/support/pages/node/6514007", - "refsource" : "CONFIRM", - "title" : "IBM Security Bulletin 6514007 (Security Guardium)", - "name" : "https://www.ibm.com/support/pages/node/6514007" - }, - { - "title" : "X-Force Vulnerability Report", - "name" : "ibm-guardium-cve202129735-xss (201239)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/201239" - } - ] - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29735", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "version" : { - "version_data" : [ - { - "version_value" : "10.5" - }, - { - "version_value" : "10.6" - }, - { - "version_value" : "11.0" - }, - { - "version_value" : "11.1" - }, - { - "version_value" : "11.2" - }, - { - "version_value" : "11.3" - } - ] - }, - "product_name" : "Security Guardium" - } - ] - }, - "vendor_name" : "IBM" + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } - ] - } - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Security Guardium 10.5, 10.6, 11.0, 11.1, 11.2, and 11.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session." - } - ] - }, - "impact" : { - "cvssv3" : { - "BM" : { - "AV" : "N", - "PR" : "H", - "UI" : "R", - "SCORE" : "4.800", - "AC" : "L", - "S" : "C", - "A" : "N", - "C" : "L", - "I" : "L" - }, - "TM" : { - "RC" : "C", - "E" : "H", - "RL" : "O" - } - } - }, - "data_version" : "4.0", - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "value" : "Cross-Site Scripting", - "lang" : "eng" - } - ] - } - ] - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "CVE_data_meta" : { - "STATE" : "PUBLIC", - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2021-29735", - "DATE_PUBLIC" : "2021-11-05T00:00:00" - } -} + ] + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29737.json b/2021/29xxx/CVE-2021-29737.json index 3da61416967..4a1cc0ac129 100644 --- a/2021/29xxx/CVE-2021-29737.json +++ b/2021/29xxx/CVE-2021-29737.json @@ -1,90 +1,18 @@ { + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29737", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "IBM InfoSphere Data Flow Designer Engine (IBM InfoSphere Information Server 11.7 ) component has improper validation of the REST API server certificate. IBM X-Force ID: 201301." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "data_type": "CVE", - "data_version": "4.0", - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "Obtain Information", - "lang": "eng" - } - ] - } - ] - }, - "impact": { - "cvssv3": { - "TM": { - "RC": "C", - "E": "U", - "RL": "O" - }, - "BM": { - "S": "U", - "SCORE": "5.900", - "AV": "N", - "I": "N", - "PR": "N", - "UI": "N", - "C": "H", - "A": "N", - "AC": "H" - } - } - }, - "data_format": "MITRE", - "CVE_data_meta": { - "ID": "CVE-2021-29737", - "DATE_PUBLIC": "2021-10-29T00:00:00", - "STATE": "PUBLIC", - "ASSIGNER": "psirt@us.ibm.com" - }, - "references": { - "reference_data": [ - { - "title": "IBM Security Bulletin 6509086 (InfoSphere Information Server)", - "name": "https://www.ibm.com/support/pages/node/6509086", - "refsource": "CONFIRM", - "url": "https://www.ibm.com/support/pages/node/6509086" - }, - { - "name": "ibm-infosphere-cve202129737-info-disc (201301)", - "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/201301", - "refsource": "XF", - "title": "X-Force Vulnerability Report" - } - ] - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "IBM", - "product": { - "product_data": [ - { - "product_name": "InfoSphere Information Server", - "version": { - "version_data": [ - { - "version_value": "11.7" - } - ] - } - } - ] - } - } - ] - } } } \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29738.json b/2021/29xxx/CVE-2021-29738.json index 31140324455..7e557aad9f8 100644 --- a/2021/29xxx/CVE-2021-29738.json +++ b/2021/29xxx/CVE-2021-29738.json @@ -1,89 +1,17 @@ { - "data_format": "MITRE", - "impact": { - "cvssv3": { - "TM": { - "RL": "O", - "RC": "C", - "E": "U" - }, - "BM": { - "PR": "L", - "I": "L", - "A": "N", - "AC": "L", - "C": "L", - "UI": "R", - "SCORE": "5.400", - "S": "C", - "AV": "N" - } - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Gain Access" - } - ] - } - ] - }, - "data_version": "4.0", "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29738", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "IBM InfoSphere Data Flow Designer (IBM InfoSphere Information Server 11.7 ) is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 201302." - } - ] - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "InfoSphere Information Server", - "version": { - "version_data": [ - { - "version_value": "11.7" - } - ] - } - } - ] - }, - "vendor_name": "IBM" - } - ] - } - }, - "CVE_data_meta": { - "ID": "CVE-2021-29738", - "STATE": "PUBLIC", - "ASSIGNER": "psirt@us.ibm.com", - "DATE_PUBLIC": "2021-10-29T00:00:00" - }, - "references": { - "reference_data": [ - { - "title": "IBM Security Bulletin 6509084 (InfoSphere Information Server)", - "name": "https://www.ibm.com/support/pages/node/6509084", - "refsource": "CONFIRM", - "url": "https://www.ibm.com/support/pages/node/6509084" - }, - { - "refsource": "XF", - "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/201302", - "name": "ibm-infosphere-cve202129738-ssrf (201302)", - "title": "X-Force Vulnerability Report" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/29xxx/CVE-2021-29753.json b/2021/29xxx/CVE-2021-29753.json index 82cc3d2aa0b..4c855aae649 100644 --- a/2021/29xxx/CVE-2021-29753.json +++ b/2021/29xxx/CVE-2021-29753.json @@ -1,112 +1,18 @@ { - "references" : { - "reference_data" : [ - { - "url" : "https://www.ibm.com/support/pages/node/6513703", - "refsource" : "CONFIRM", - "name" : "https://www.ibm.com/support/pages/node/6513703", - "title" : "IBM Security Bulletin 6513703 (Business Automation Workflow)" - }, - { - "title" : "X-Force Vulnerability Report", - "refsource" : "XF", - "name" : "ibm-baw-cve202129753-info-disc (201919)", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/201919" - } - ] - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Business Automation Workflow 18. 19, 20, 21, and IBM Business Process Manager 8.5 and d8.6 transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "value" : "Obtain Information", - "lang" : "eng" - } - ] - } - ] - }, - "impact" : { - "cvssv3" : { - "TM" : { - "RC" : "C", - "RL" : "O", - "E" : "U" - }, - "BM" : { - "PR" : "N", - "C" : "H", - "S" : "U", - "AV" : "N", - "UI" : "N", - "A" : "N", - "AC" : "H", - "SCORE" : "5.900", - "I" : "N" - } - } - }, - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "DATE_PUBLIC" : "2021-11-04T00:00:00", - "ID" : "CVE-2021-29753", - "STATE" : "PUBLIC" - }, - "data_type" : "CVE", - "data_format" : "MITRE", - "data_version" : "4.0", - "affects" : { - "vendor" : { - "vendor_data" : [ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29753", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "Business Process Manager", - "version" : { - "version_data" : [ - { - "version_value" : "8.5" - }, - { - "version_value" : "8.6" - } - ] - } - }, - { - "product_name" : "Business Automation Workflow", - "version" : { - "version_data" : [ - { - "version_value" : "18.0" - }, - { - "version_value" : "19.0" - }, - { - "version_value" : "20.0" - }, - { - "version_value" : "21.0" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } - ] - } - } -} + ] + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29771.json b/2021/29xxx/CVE-2021-29771.json index 5bc91b91fd5..901aa3e7f0d 100644 --- a/2021/29xxx/CVE-2021-29771.json +++ b/2021/29xxx/CVE-2021-29771.json @@ -1,90 +1,18 @@ { - "CVE_data_meta": { - "STATE": "PUBLIC", - "DATE_PUBLIC": "2021-10-29T00:00:00", - "ASSIGNER": "psirt@us.ibm.com", - "ID": "CVE-2021-29771" - }, - "references": { - "reference_data": [ - { - "title": "IBM Security Bulletin 6509614 (InfoSphere Information Server)", - "name": "https://www.ibm.com/support/pages/node/6509614", - "refsource": "CONFIRM", - "url": "https://www.ibm.com/support/pages/node/6509614" - }, - { - "title": "X-Force Vulnerability Report", - "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/202773", - "name": "ibm-infosphere-cve202129771-xss (202773)", - "refsource": "XF" - } - ] - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "version": { - "version_data": [ - { - "version_value": "11.7" - } - ] - }, - "product_name": "InfoSphere Information Server" - } - ] - }, - "vendor_name": "IBM" - } - ] - } - }, - "impact": { - "cvssv3": { - "TM": { - "RL": "O", - "E": "H", - "RC": "C" - }, - "BM": { - "AV": "N", - "SCORE": "5.400", - "S": "C", - "AC": "L", - "A": "N", - "UI": "R", - "C": "L", - "PR": "L", - "I": "L" - } - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "Cross-Site Scripting", - "lang": "eng" - } - ] - } - ] - }, + "data_type": "CVE", "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29771", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { - "value": "IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.", - "lang": "eng" + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "data_version": "4.0", - "data_type": "CVE" + } } \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29843.json b/2021/29xxx/CVE-2021-29843.json index 17170a1c4dc..862a89ffc4c 100644 --- a/2021/29xxx/CVE-2021-29843.json +++ b/2021/29xxx/CVE-2021-29843.json @@ -1,98 +1,17 @@ { - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-29843", - "DATE_PUBLIC": "2021-11-05T00:00:00", - "STATE": "PUBLIC", - "ASSIGNER": "psirt@us.ibm.com" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "MQ Appliance", - "version": { - "version_data": [ - { - "version_value": "9.1.LTS" - }, - { - "version_value": "9.1.CD" - }, - { - "version_value": "9.2.LTS" - }, - { - "version_value": "9.2.CD" - } - ] - } - } - ] - }, - "vendor_name": "IBM" - } - ] - } + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "IBM MQ 9.1 LTS, 9.1 CD, 9.2 LTS, and 9.2CD is vulnerable to a denial of service attack caused by an issue processing message properties. IBM X-Force ID: 205203." - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://www.ibm.com/support/pages/node/6513681", - "title": "IBM Security Bulletin 6513681 (MQ Appliance)", - "url": "https://www.ibm.com/support/pages/node/6513681", - "refsource": "CONFIRM" - }, - { - "name": "ibm-mq-cve202129843-dos (205203)", - "title": "X-Force Vulnerability Report", - "refsource": "XF", - "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/205203" - } - ] - }, - "impact": { - "cvssv3": { - "BM": { - "I": "N", - "C": "N", - "AC": "H", - "S": "U", - "SCORE": "5.300", - "A": "H", - "UI": "N", - "PR": "L", - "AV": "N" - }, - "TM": { - "RC": "C", - "RL": "O", - "E": "U" - } - } - }, - "data_version": "4.0", - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "Denial of Service", - "lang": "eng" - } - ] + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/29xxx/CVE-2021-29875.json b/2021/29xxx/CVE-2021-29875.json index c04043af3a1..a241396b459 100644 --- a/2021/29xxx/CVE-2021-29875.json +++ b/2021/29xxx/CVE-2021-29875.json @@ -1,90 +1,18 @@ { + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-29875", - "DATE_PUBLIC": "2021-10-29T00:00:00", - "STATE": "PUBLIC", - "ASSIGNER": "psirt@us.ibm.com" - }, - "references": { - "reference_data": [ - { - "title": "IBM Security Bulletin 6509616 (InfoSphere Information Server)", - "url": "https://www.ibm.com/support/pages/node/6509616", - "refsource": "CONFIRM", - "name": "https://www.ibm.com/support/pages/node/6509616" - }, - { - "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/206572", - "name": "ibm-infosphere-cve202129875-info-disc (206572)", - "refsource": "XF", - "title": "X-Force Vulnerability Report" - } - ] - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "IBM", - "product": { - "product_data": [ - { - "product_name": "InfoSphere Information Server", - "version": { - "version_data": [ - { - "version_value": "11.7" - } - ] - } - } - ] - } - } - ] - } + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "IBM InfoSphere Information Server 11.7 could allow an attacker to obtain sensitive information due to a insecure third party domain access vulnerability. IBM X-Force ID: 206572." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "data_type": "CVE", - "data_version": "4.0", - "impact": { - "cvssv3": { - "BM": { - "UI": "N", - "C": "H", - "AC": "H", - "A": "N", - "I": "N", - "PR": "N", - "AV": "N", - "S": "U", - "SCORE": "5.900" - }, - "TM": { - "RL": "O", - "E": "U", - "RC": "C" - } - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Obtain Information" - } - ] - } - ] - }, - "data_format": "MITRE" + } } \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29888.json b/2021/29xxx/CVE-2021-29888.json index 21fb6abeb2f..7441012683c 100644 --- a/2021/29xxx/CVE-2021-29888.json +++ b/2021/29xxx/CVE-2021-29888.json @@ -1,90 +1,18 @@ { - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "IBM", - "product": { - "product_data": [ - { - "product_name": "InfoSphere Information Server", - "version": { - "version_data": [ - { - "version_value": "11.7" - } - ] - } - } - ] - } - } - ] - } - }, - "references": { - "reference_data": [ - { - "refsource": "CONFIRM", - "name": "https://www.ibm.com/support/pages/node/6509618", - "url": "https://www.ibm.com/support/pages/node/6509618", - "title": "IBM Security Bulletin 6509618 (InfoSphere Information Server)" - }, - { - "title": "X-Force Vulnerability Report", - "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/207123", - "name": "ibm-infosphere-cve202129888-csrf (207123)", - "refsource": "XF" - } - ] - }, + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-29888", - "DATE_PUBLIC": "2021-10-29T00:00:00", - "STATE": "PUBLIC", - "ASSIGNER": "psirt@us.ibm.com" + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 207123." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "data_format": "MITRE", - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Gain Access" - } - ] - } - ] - }, - "impact": { - "cvssv3": { - "TM": { - "RL": "O", - "RC": "C", - "E": "U" - }, - "BM": { - "PR": "N", - "I": "H", - "AC": "L", - "A": "N", - "C": "N", - "UI": "R", - "SCORE": "6.500", - "S": "U", - "AV": "N" - } - } } } \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29991.json b/2021/29xxx/CVE-2021-29991.json index ac1359162b1..156bc9bc1e1 100644 --- a/2021/29xxx/CVE-2021-29991.json +++ b/2021/29xxx/CVE-2021-29991.json @@ -4,75 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-29991", - "ASSIGNER": "security@mozilla.org", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Mozilla", - "product": { - "product_data": [ - { - "product_name": "Firefox", - "version": { - "version_data": [ - { - "version_value": "91.0.1", - "version_affected": "<" - } - ] - } - }, - { - "product_name": "Thunderbird", - "version": { - "version_data": [ - { - "version_value": "91.0.1", - "version_affected": "<" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Header Splitting possible with HTTP/3 Responses" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.mozilla.org/security/advisories/mfsa2021-37/", - "refsource": "MISC", - "name": "https://www.mozilla.org/security/advisories/mfsa2021-37/" - }, - { - "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1724896", - "refsource": "MISC", - "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1724896" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Firefox incorrectly accepted a newline in a HTTP/3 header, interpretting it as two separate headers. This allowed for a header splitting attack against servers using HTTP/3. This vulnerability affects Firefox < 91.0.1 and Thunderbird < 91.0.1." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/29xxx/CVE-2021-29993.json b/2021/29xxx/CVE-2021-29993.json index 4b22064c89f..de6350ce505 100644 --- a/2021/29xxx/CVE-2021-29993.json +++ b/2021/29xxx/CVE-2021-29993.json @@ -4,64 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-29993", - "ASSIGNER": "security@mozilla.org", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Mozilla", - "product": { - "product_data": [ - { - "product_name": "Firefox", - "version": { - "version_data": [ - { - "version_value": "92", - "version_affected": "<" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Handling custom intents could lead to crashes and UI spoofs" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.mozilla.org/security/advisories/mfsa2021-38/", - "refsource": "MISC", - "name": "https://www.mozilla.org/security/advisories/mfsa2021-38/" - }, - { - "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1712242%2C1708767%2C1712240%2C1708544%2C1729259", - "refsource": "MISC", - "name": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1712242%2C1708767%2C1712240%2C1708544%2C1729259" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Firefox for Android allowed navigations through the `intent://` protocol, which could be used to cause crashes and UI spoofs. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 92." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/29xxx/CVE-2021-29994.json b/2021/29xxx/CVE-2021-29994.json index 008af9e772c..0de005e3928 100644 --- a/2021/29xxx/CVE-2021-29994.json +++ b/2021/29xxx/CVE-2021-29994.json @@ -1,71 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-29994", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29994", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Cloudera Hue 4.6.0 allows XSS." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/cloudera/hue", - "refsource": "MISC", - "name": "https://github.com/cloudera/hue" - }, - { - "refsource": "CONFIRM", - "name": "https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html", - "url": "https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html" - }, - { - "refsource": "CONFIRM", - "name": "https://my.cloudera.com/knowledge/TSB-2021-487-Cloudera-Hue-is-vulnerable-to-Cross-Site?id=324634", - "url": "https://my.cloudera.com/knowledge/TSB-2021-487-Cloudera-Hue-is-vulnerable-to-Cross-Site?id=324634" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/30xxx/CVE-2021-30132.json b/2021/30xxx/CVE-2021-30132.json index 69c2abb2d0a..00508bb0656 100644 --- a/2021/30xxx/CVE-2021-30132.json +++ b/2021/30xxx/CVE-2021-30132.json @@ -1,70 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-30132", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-30132", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of Privileges." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html", - "refsource": "MISC", - "name": "https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html" - }, - { - "refsource": "MISC", - "name": "https://my.cloudera.com/knowledge/TSB-2021-491-Authorization-Bypass-in-Cloudera-Manager?id=314482", - "url": "https://my.cloudera.com/knowledge/TSB-2021-491-Authorization-Bypass-in-Cloudera-Manager?id=314482" - } - ] - }, - "source": { - "discovery": "INTERNAL" } } \ No newline at end of file diff --git a/2021/30xxx/CVE-2021-30542.json b/2021/30xxx/CVE-2021-30542.json index b1e45094597..23c589929ea 100644 --- a/2021/30xxx/CVE-2021-30542.json +++ b/2021/30xxx/CVE-2021-30542.json @@ -64,11 +64,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-ab09a05562", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DDW7HAHTS3SDVXBQUY4SURELO5D4X7R/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-591b3a2af0", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PM7MOYYHJSWLIFZ4TPJTD7MSA3HSSLV2/" } ] }, diff --git a/2021/30xxx/CVE-2021-30543.json b/2021/30xxx/CVE-2021-30543.json index b7c08d68259..9716f117aa2 100644 --- a/2021/30xxx/CVE-2021-30543.json +++ b/2021/30xxx/CVE-2021-30543.json @@ -64,11 +64,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-ab09a05562", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DDW7HAHTS3SDVXBQUY4SURELO5D4X7R/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-591b3a2af0", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PM7MOYYHJSWLIFZ4TPJTD7MSA3HSSLV2/" } ] }, diff --git a/2021/30xxx/CVE-2021-30625.json b/2021/30xxx/CVE-2021-30625.json index 25a463a514c..5c9c3be10f3 100644 --- a/2021/30xxx/CVE-2021-30625.json +++ b/2021/30xxx/CVE-2021-30625.json @@ -59,11 +59,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-ab09a05562", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DDW7HAHTS3SDVXBQUY4SURELO5D4X7R/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-591b3a2af0", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PM7MOYYHJSWLIFZ4TPJTD7MSA3HSSLV2/" } ] }, diff --git a/2021/30xxx/CVE-2021-30626.json b/2021/30xxx/CVE-2021-30626.json index 2fb98a00827..aad81216d8a 100644 --- a/2021/30xxx/CVE-2021-30626.json +++ b/2021/30xxx/CVE-2021-30626.json @@ -59,11 +59,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-ab09a05562", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DDW7HAHTS3SDVXBQUY4SURELO5D4X7R/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-591b3a2af0", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PM7MOYYHJSWLIFZ4TPJTD7MSA3HSSLV2/" } ] }, diff --git a/2021/30xxx/CVE-2021-30627.json b/2021/30xxx/CVE-2021-30627.json index cfc6f012123..8e3346aff6d 100644 --- a/2021/30xxx/CVE-2021-30627.json +++ b/2021/30xxx/CVE-2021-30627.json @@ -59,11 +59,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-ab09a05562", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DDW7HAHTS3SDVXBQUY4SURELO5D4X7R/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-591b3a2af0", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PM7MOYYHJSWLIFZ4TPJTD7MSA3HSSLV2/" } ] }, diff --git a/2021/30xxx/CVE-2021-30628.json b/2021/30xxx/CVE-2021-30628.json index e3d0d156f8e..2dc17923834 100644 --- a/2021/30xxx/CVE-2021-30628.json +++ b/2021/30xxx/CVE-2021-30628.json @@ -59,11 +59,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-ab09a05562", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DDW7HAHTS3SDVXBQUY4SURELO5D4X7R/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-591b3a2af0", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PM7MOYYHJSWLIFZ4TPJTD7MSA3HSSLV2/" } ] }, diff --git a/2021/30xxx/CVE-2021-30629.json b/2021/30xxx/CVE-2021-30629.json index aff8752c7b1..41f0550ca7e 100644 --- a/2021/30xxx/CVE-2021-30629.json +++ b/2021/30xxx/CVE-2021-30629.json @@ -59,11 +59,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-ab09a05562", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DDW7HAHTS3SDVXBQUY4SURELO5D4X7R/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-591b3a2af0", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PM7MOYYHJSWLIFZ4TPJTD7MSA3HSSLV2/" } ] }, diff --git a/2021/30xxx/CVE-2021-30630.json b/2021/30xxx/CVE-2021-30630.json index 2377c65d48c..956b3ae0118 100644 --- a/2021/30xxx/CVE-2021-30630.json +++ b/2021/30xxx/CVE-2021-30630.json @@ -59,11 +59,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-ab09a05562", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DDW7HAHTS3SDVXBQUY4SURELO5D4X7R/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-591b3a2af0", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PM7MOYYHJSWLIFZ4TPJTD7MSA3HSSLV2/" } ] }, diff --git a/2021/30xxx/CVE-2021-30631.json b/2021/30xxx/CVE-2021-30631.json index 5525f9731b5..bf6aa4b519f 100644 --- a/2021/30xxx/CVE-2021-30631.json +++ b/2021/30xxx/CVE-2021-30631.json @@ -5,14 +5,14 @@ "CVE_data_meta": { "ID": "CVE-2021-30631", "ASSIGNER": "cve@mitre.org", - "STATE": "REJECT" + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } -} +} \ No newline at end of file diff --git a/2021/30xxx/CVE-2021-30632.json b/2021/30xxx/CVE-2021-30632.json index 636e802cc7f..877d0d7da29 100644 --- a/2021/30xxx/CVE-2021-30632.json +++ b/2021/30xxx/CVE-2021-30632.json @@ -59,11 +59,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-ab09a05562", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DDW7HAHTS3SDVXBQUY4SURELO5D4X7R/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-591b3a2af0", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PM7MOYYHJSWLIFZ4TPJTD7MSA3HSSLV2/" } ] }, diff --git a/2021/30xxx/CVE-2021-30633.json b/2021/30xxx/CVE-2021-30633.json index 39707b5bbcd..6ba8f0a7cf7 100644 --- a/2021/30xxx/CVE-2021-30633.json +++ b/2021/30xxx/CVE-2021-30633.json @@ -59,11 +59,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-ab09a05562", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DDW7HAHTS3SDVXBQUY4SURELO5D4X7R/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-591b3a2af0", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PM7MOYYHJSWLIFZ4TPJTD7MSA3HSSLV2/" } ] }, diff --git a/2021/30xxx/CVE-2021-30846.json b/2021/30xxx/CVE-2021-30846.json index 5b362408229..1db39743ecd 100644 --- a/2021/30xxx/CVE-2021-30846.json +++ b/2021/30xxx/CVE-2021-30846.json @@ -153,26 +153,6 @@ "refsource": "MLIST", "name": "[oss-security] 20211027 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006", "url": "http://www.openwall.com/lists/oss-security/2021/10/27/4" - }, - { - "refsource": "DEBIAN", - "name": "DSA-4995", - "url": "https://www.debian.org/security/2021/dsa-4995" - }, - { - "refsource": "DEBIAN", - "name": "DSA-4996", - "url": "https://www.debian.org/security/2021/dsa-4996" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-131360fa9a", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ON5SDVVPVPCAGFPW2GHYATZVZYLPW2L4/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-483d896d1d", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H6MGXCX7P5AHWOQ6IRT477UKT7IS4DAD/" } ] }, diff --git a/2021/30xxx/CVE-2021-30851.json b/2021/30xxx/CVE-2021-30851.json index dc74c742860..1163ffa5eb4 100644 --- a/2021/30xxx/CVE-2021-30851.json +++ b/2021/30xxx/CVE-2021-30851.json @@ -97,31 +97,6 @@ "refsource": "MISC", "url": "https://support.apple.com/en-us/HT212816", "name": "https://support.apple.com/en-us/HT212816" - }, - { - "refsource": "DEBIAN", - "name": "DSA-4995", - "url": "https://www.debian.org/security/2021/dsa-4995" - }, - { - "refsource": "DEBIAN", - "name": "DSA-4996", - "url": "https://www.debian.org/security/2021/dsa-4996" - }, - { - "refsource": "MLIST", - "name": "[oss-security] 20211031 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006", - "url": "http://www.openwall.com/lists/oss-security/2021/10/31/1" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-131360fa9a", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ON5SDVVPVPCAGFPW2GHYATZVZYLPW2L4/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-483d896d1d", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H6MGXCX7P5AHWOQ6IRT477UKT7IS4DAD/" } ] }, diff --git a/2021/31xxx/CVE-2021-31344.json b/2021/31xxx/CVE-2021-31344.json index 02a2029c8eb..2a871eb3b1c 100644 --- a/2021/31xxx/CVE-2021-31344.json +++ b/2021/31xxx/CVE-2021-31344.json @@ -1,206 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "productcert@siemens.com", - "ID": "CVE-2021-31344", - "STATE": "PUBLIC" - }, + "data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", - "data_type": "CVE", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Siemens", - "product": { - "product_data": [ - { - "product_name": "APOGEE MBC (PPC) (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE MBC (PPC) (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE MEC (PPC) (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE MEC (PPC) (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Compact (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Compact (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Modular (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Modular (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "Capital VSTAR", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "Nucleus NET", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "Nucleus ReadyStart V3", - "version": { - "version_data": [ - { - "version_value": "All versions < V2017.02.4" - } - ] - } - }, - { - "product_name": "Nucleus ReadyStart V4", - "version": { - "version_data": [ - { - "version_value": "All versions < V4.1.1" - } - ] - } - }, - { - "product_name": "Nucleus Source Code", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "TALON TC Compact (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "TALON TC Modular (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-843: Access of Resource Using Incompatible Type ('Type Confusion')" - } - ] - } - ] + "CVE_data_meta": { + "ID": "CVE-2021-31344", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions), APOGEE PXC Compact (P2 Ethernet) (All versions), APOGEE PXC Modular (BACnet) (All versions), APOGEE PXC Modular (P2 Ethernet) (All versions), Capital VSTAR (All versions), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.1), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions), TALON TC Modular (BACnet) (All versions). ICMP echo packets with fake IP options allow sending ICMP echo reply messages to arbitrary hosts on the network. (FSMD-2021-0004)" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf" - }, - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/31xxx/CVE-2021-31345.json b/2021/31xxx/CVE-2021-31345.json index 53ab6103c78..ab909b117f6 100644 --- a/2021/31xxx/CVE-2021-31345.json +++ b/2021/31xxx/CVE-2021-31345.json @@ -1,196 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "productcert@siemens.com", - "ID": "CVE-2021-31345", - "STATE": "PUBLIC" - }, + "data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", - "data_type": "CVE", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Siemens", - "product": { - "product_data": [ - { - "product_name": "APOGEE MBC (PPC) (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE MBC (PPC) (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE MEC (PPC) (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE MEC (PPC) (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Compact (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Compact (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Modular (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Modular (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "Capital VSTAR", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "Nucleus NET", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "Nucleus ReadyStart V3", - "version": { - "version_data": [ - { - "version_value": "All versions < V2017.02.4" - } - ] - } - }, - { - "product_name": "Nucleus Source Code", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "TALON TC Compact (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "TALON TC Modular (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-1284: Improper Validation of Specified Quantity in Input" - } - ] - } - ] + "CVE_data_meta": { + "ID": "CVE-2021-31345", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions), APOGEE PXC Compact (P2 Ethernet) (All versions), APOGEE PXC Modular (BACnet) (All versions), APOGEE PXC Modular (P2 Ethernet) (All versions), Capital VSTAR (All versions), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions), TALON TC Modular (BACnet) (All versions). The total length of an UDP payload (set in the IP header) is unchecked. This may lead to various side effects, including Information Leak and Denial-of-Service conditions, depending on a user-defined applications that runs on top of the UDP protocol. (FSMD-2021-0006)" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf" - }, - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/31xxx/CVE-2021-31346.json b/2021/31xxx/CVE-2021-31346.json index 1ee6a704c7d..020f94b6604 100644 --- a/2021/31xxx/CVE-2021-31346.json +++ b/2021/31xxx/CVE-2021-31346.json @@ -1,206 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "productcert@siemens.com", - "ID": "CVE-2021-31346", - "STATE": "PUBLIC" - }, + "data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", - "data_type": "CVE", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Siemens", - "product": { - "product_data": [ - { - "product_name": "APOGEE MBC (PPC) (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE MBC (PPC) (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE MEC (PPC) (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE MEC (PPC) (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Compact (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Compact (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Modular (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Modular (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "Capital VSTAR", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "Nucleus NET", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "Nucleus ReadyStart V3", - "version": { - "version_data": [ - { - "version_value": "All versions < V2017.02.4" - } - ] - } - }, - { - "product_name": "Nucleus ReadyStart V4", - "version": { - "version_data": [ - { - "version_value": "All versions < V4.1.1" - } - ] - } - }, - { - "product_name": "Nucleus Source Code", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "TALON TC Compact (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "TALON TC Modular (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-1284: Improper Validation of Specified Quantity in Input" - } - ] - } - ] + "CVE_data_meta": { + "ID": "CVE-2021-31346", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions), APOGEE PXC Compact (P2 Ethernet) (All versions), APOGEE PXC Modular (BACnet) (All versions), APOGEE PXC Modular (P2 Ethernet) (All versions), Capital VSTAR (All versions), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.1), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions), TALON TC Modular (BACnet) (All versions). The total length of an ICMP payload (set in the IP header) is unchecked. This may lead to various side effects, including Information Leak and Denial-of-Service conditions, depending on the network buffer organization in memory. (FSMD-2021-0007)" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf" - }, - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/31xxx/CVE-2021-31359.json b/2021/31xxx/CVE-2021-31359.json index c071d715076..12decdb2b6d 100644 --- a/2021/31xxx/CVE-2021-31359.json +++ b/2021/31xxx/CVE-2021-31359.json @@ -107,12 +107,6 @@ ] } }, - "configuration": [ - { - "lang": "eng", - "value": "There are several configuration options that enable DHCP service. For example:\n\n [edit interfaces ... family inet dhcp]\n\n [edit system processes dhcp-service]\n\n [edit forwarding-options dhcp-relay]\n" - } - ], "credit": [ { "lang": "eng", @@ -126,7 +120,7 @@ "description_data": [ { "lang": "eng", - "value": "A local privilege escalation vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged user to cause the Juniper DHCP daemon (jdhcpd) process to crash, resulting in a Denial of Service (DoS), or execute arbitrary commands as root. Continued processing of malicious input will repeatedly crash the system and sustain the Denial of Service (DoS) condition. Systems are only vulnerable if jdhcpd is running, which can be confirmed via the 'show system processes' command. For example: root@host# run show system processes extensive | match dhcp 26537 root -16 0 97568K 13692K RUN 0 0:01 3.71% jdhcpd This issue affects: Juniper Networks Junos OS: All versions, including the following supported releases: 15.1 versions prior to 15.1R7-S10; 17.4 versions prior to 17.4R3-S5; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R3-S9; 19.1 versions prior to 19.1R3-S6; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R3-S6; 20.1 versions prior to 20.1R2-S2, 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R2-S1, 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2. Juniper Networks Junos OS Evolved: All versions prior to 20.4R2-S3-EVO; All versions of 21.1-EVO." + "value": "A local privilege escalation vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged user to cause the Juniper DHCP daemon (jdhcpd) process to crash, resulting in a Denial of Service (DoS), or execute arbitrary commands as root. Continued processing of malicious input will repeatedly crash the system and sustain the Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: All versions, including the following supported releases: 15.1 versions prior to 15.1R7-S10; 17.4 versions prior to 17.4R3-S5; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R3-S9; 19.1 versions prior to 19.1R3-S6; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R3-S6; 20.1 versions prior to 20.1R2-S2, 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R2-S1, 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2. Juniper Networks Junos OS Evolved: All versions prior to 20.4R2-S3-EVO; All versions of 21.1-EVO." } ] }, diff --git a/2021/31xxx/CVE-2021-31360.json b/2021/31xxx/CVE-2021-31360.json index 4d7465a6b4b..45842ac4a3b 100644 --- a/2021/31xxx/CVE-2021-31360.json +++ b/2021/31xxx/CVE-2021-31360.json @@ -107,12 +107,6 @@ ] } }, - "configuration": [ - { - "lang": "eng", - "value": "There are several configuration options that enable DHCP service. For example:\n\n [edit interfaces ... family inet dhcp]\n\n [edit system processes dhcp-service]\n\n [edit forwarding-options dhcp-relay]" - } - ], "credit": [ { "lang": "eng", @@ -126,7 +120,7 @@ "description_data": [ { "lang": "eng", - "value": "An improper privilege management vulnerability in the Juniper Networks Junos OS and Junos OS Evolved command-line interpreter (CLI) allows a low-privileged user to overwrite local files as root, possibly leading to a system integrity issue or Denial of Service (DoS). Depending on the files overwritten, exploitation of this vulnerability could lead to a sustained Denial of Service (DoS) condition, requiring manual user intervention to recover. Systems are only vulnerable if jdhcpd is running, which can be confirmed via the 'show system processes' command. For example: root@host# run show system processes extensive | match dhcp 26537 root -16 0 97568K 13692K RUN 0 0:01 3.71% jdhcpd This issue affects: Juniper Networks Junos OS: All versions, including the following supported releases: 15.1 versions prior to 15.1R7-S10; 17.4 versions prior to 17.4R3-S5; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R3-S9; 19.1 versions prior to 19.1R3-S6; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R3-S6; 20.1 versions prior to 20.1R2-S2, 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R2-S1, 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2. Juniper Networks Junos OS Evolved: All versions prior to 20.4R2-S3-EVO; All versions of 21.1-EVO." + "value": "An improper privilege management vulnerability in the Juniper Networks Junos OS and Junos OS Evolved command-line interpreter (CLI) allows a low-privileged user to overwrite local files as root, possibly leading to a system integrity issue or Denial of Service (DoS). Depending on the files overwritten, exploitation of this vulnerability could lead to a sustained Denial of Service (DoS) condition, requiring manual user intervention to recover. This issue affects: Juniper Networks Junos OS: All versions, including the following supported releases: 15.1 versions prior to 15.1R7-S10; 17.4 versions prior to 17.4R3-S5; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R3-S9; 19.1 versions prior to 19.1R3-S6; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R3-S6; 20.1 versions prior to 20.1R2-S2, 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R2-S1, 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2. Juniper Networks Junos OS Evolved: All versions prior to 20.4R2-S3-EVO; All versions of 21.1-EVO." } ] }, diff --git a/2021/31xxx/CVE-2021-31371.json b/2021/31xxx/CVE-2021-31371.json index 58feeffdfde..d6f61b4d4b0 100644 --- a/2021/31xxx/CVE-2021-31371.json +++ b/2021/31xxx/CVE-2021-31371.json @@ -4,7 +4,7 @@ "DATE_PUBLIC": "2021-10-13T16:00:00.000Z", "ID": "CVE-2021-31371", "STATE": "PUBLIC", - "TITLE": "Junos OS: QFX5000 Series: Traffic from the network internal to the device (128.0.0.0) may be forwarded to egress interfaces." + "TITLE": "Junos OS: QFX5110 Series: Traffic from the network internal to the device (128.0.0.0) may be forwarded to egress interfaces." }, "affects": { "vendor": { @@ -17,78 +17,78 @@ "version": { "version_data": [ { - "platform": "QFX5000 Series", + "platform": "QFX5110 Series", "version_affected": "<", "version_value": "17.3R3-S12" }, { - "platform": "QFX5000 Series", + "platform": "QFX5110 Series", "version_affected": "<", "version_name": "18.1", "version_value": "18.1R3-S13" }, { - "platform": "QFX5000 Series", + "platform": "QFX5110 Series", "version_affected": "<", "version_name": "18.3", "version_value": "18.3R3-S5" }, { - "platform": "QFX5000 Series", + "platform": "QFX5110 Series", "version_affected": "<", "version_name": "19.1", "version_value": "19.1R3-S6" }, { - "platform": "QFX5000 Series", + "platform": "QFX5110 Series", "version_affected": "<", "version_name": "19.2", "version_value": "19.2R1-S7, 19.2R3-S3" }, { - "platform": "QFX5000 Series", + "platform": "QFX5110 Series", "version_affected": "<", "version_name": "19.3", "version_value": "19.3R2-S6, 19.3R3-S3" }, { - "platform": "QFX5000 Series", + "platform": "QFX5110 Series", "version_affected": "<", "version_name": "19.4", "version_value": "19.4R1-S4, 19.4R3-S5" }, { - "platform": "QFX5000 Series", + "platform": "QFX5110 Series", "version_affected": "<", "version_name": "20.1", "version_value": "20.1R2-S2, 20.1R3-S1" }, { - "platform": "QFX5000 Series", + "platform": "QFX5110 Series", "version_affected": "<", "version_name": "20.2", "version_value": "20.2R3-S2" }, { - "platform": "QFX5000 Series", + "platform": "QFX5110 Series", "version_affected": "<", "version_name": "20.3", "version_value": "20.3R3-S1" }, { - "platform": "QFX5000 Series", + "platform": "QFX5110 Series", "version_affected": "<", "version_name": "20.4", "version_value": "20.4R2-S1, 20.4R3" }, { - "platform": "QFX5000 Series", + "platform": "QFX5110 Series", "version_affected": "<", "version_name": "21.1", "version_value": "21.1R1-S1, 21.1R2" }, { - "platform": "QFX5000 Series", + "platform": "QFX5110 Series", "version_affected": "<", "version_name": "21.2", "version_value": "21.2R1" @@ -110,7 +110,7 @@ "description_data": [ { "lang": "eng", - "value": "Juniper Networks Junos OS uses the 128.0.0.0/2 subnet for internal communications between the RE and PFEs. It was discovered that packets utilizing these IP addresses may egress an QFX5000 Series switch, leaking configuration information such as heartbeats, kernel versions, etc. out to the Internet, leading to an information exposure vulnerability. This issue affects Juniper Networks Junos OS on QFX5110, QFX5120, QFX5200, QFX5210 Series, and QFX5100 with QFX 5e Series image installed: All versions prior to 17.3R3-S12; 18.1 versions prior to 18.1R3-S13; 18.3 versions prior to 18.3R3-S5; 19.1 versions prior to 19.1R3-S6; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R1-S4, 19.4R3-S5; 20.1 versions prior to 20.1R2-S2, 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R2-S1, 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2;" + "value": "Juniper Networks Junos OS uses the 128.0.0.0/2 subnet for internal communications between the RE and PFEs. It was discovered that packets utilizing these IP addresses may egress an QFX5110 switch, leaking configuration information such as heartbeats, kernel versions, etc. out to the Internet, leading to an information exposure vulnerability. This issue affects: Juniper Networks Junos OS on QFX5110 Series: All versions prior to 17.3R3-S12; 18.1 versions prior to 18.1R3-S13; 18.3 versions prior to 18.3R3-S5; 19.1 versions prior to 19.1R3-S6; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R1-S4, 19.4R3-S5; 20.1 versions prior to 20.1R2-S2, 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R2-S1, 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2;" } ] }, diff --git a/2021/31xxx/CVE-2021-31556.json b/2021/31xxx/CVE-2021-31556.json index 4ae6034a0ae..2cce511429d 100644 --- a/2021/31xxx/CVE-2021-31556.json +++ b/2021/31xxx/CVE-2021-31556.json @@ -71,11 +71,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-56d8173b5e", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CJDYJQWT43GBD6GNQ4OW7JOZ6WQ6DZTN/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-3dd1b66cbf", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDBPECBWN6LWNSWIQMVXK6PP4YFEUYHA/" } ] } diff --git a/2021/31xxx/CVE-2021-31559.json b/2021/31xxx/CVE-2021-31559.json deleted file mode 100644 index 08e7b8ca3c5..00000000000 --- a/2021/31xxx/CVE-2021-31559.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-31559", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/31xxx/CVE-2021-31599.json b/2021/31xxx/CVE-2021-31599.json index b273fb0d9cd..9304724ff73 100644 --- a/2021/31xxx/CVE-2021-31599.json +++ b/2021/31xxx/CVE-2021-31599.json @@ -1,81 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-31599", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-31599", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence Server through 7.x. A reports (.prpt) file allows the inclusion of BeanShell scripts to ease the production of complex reports. An authenticated user can run arbitrary code." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.hitachi.com/hirt/security/index.html", - "refsource": "MISC", - "name": "https://www.hitachi.com/hirt/security/index.html" - }, - { - "refsource": "MISC", - "name": "http://packetstormsecurity.com/files/164772/Pentaho-Business-Analytics-Pentaho-Business-Server-9.1-Remote-Code-Execution.html", - "url": "http://packetstormsecurity.com/files/164772/Pentaho-Business-Analytics-Pentaho-Business-Server-9.1-Remote-Code-Execution.html" - } - ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:L/S:U/UI:N", - "version": "3.1" - } } } \ No newline at end of file diff --git a/2021/31xxx/CVE-2021-31600.json b/2021/31xxx/CVE-2021-31600.json index 5ea583692f4..2dc26122a83 100644 --- a/2021/31xxx/CVE-2021-31600.json +++ b/2021/31xxx/CVE-2021-31600.json @@ -1,81 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-31600", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-31600", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence Server through 7.x. They implement a series of web services using the SOAP protocol to allow scripting interaction with the backend server. An authenticated user (regardless of privileges) can list all valid usernames." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.hitachi.com/hirt/security/index.html", - "refsource": "MISC", - "name": "https://www.hitachi.com/hirt/security/index.html" - }, - { - "refsource": "MISC", - "name": "http://packetstormsecurity.com/files/164787/Pentaho-Business-Analytics-Pentaho-Business-Server-9.1-User-Enumeration.html", - "url": "http://packetstormsecurity.com/files/164787/Pentaho-Business-Analytics-Pentaho-Business-Server-9.1-User-Enumeration.html" - } - ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AC:L/AV:N/A:N/C:L/I:N/PR:L/S:U/UI:N", - "version": "3.1" - } } } \ No newline at end of file diff --git a/2021/31xxx/CVE-2021-31601.json b/2021/31xxx/CVE-2021-31601.json index dc0960a1071..25af0ff40f1 100644 --- a/2021/31xxx/CVE-2021-31601.json +++ b/2021/31xxx/CVE-2021-31601.json @@ -1,81 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-31601", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-31601", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence Server through 7.x. They implement a series of web services using the SOAP protocol to allow scripting interaction with the backend server. An authenticated user (regardless of privileges) can list all databases connection details and credentials." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.hitachi.com/hirt/security/index.html", - "refsource": "MISC", - "name": "https://www.hitachi.com/hirt/security/index.html" - }, - { - "refsource": "MISC", - "name": "http://packetstormsecurity.com/files/164779/Pentaho-Business-Analytics-Pentaho-Business-Server-9.1-Insufficient-Access-Control.html", - "url": "http://packetstormsecurity.com/files/164779/Pentaho-Business-Analytics-Pentaho-Business-Server-9.1-Insufficient-Access-Control.html" - } - ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "confidentialityImpact": "HIGH", - "integrityImpact": "LOW", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AC:L/AV:N/A:N/C:H/I:L/PR:L/S:U/UI:N", - "version": "3.1" - } } } \ No newline at end of file diff --git a/2021/31xxx/CVE-2021-31602.json b/2021/31xxx/CVE-2021-31602.json index 85ee71a4b5d..1768b7f4967 100644 --- a/2021/31xxx/CVE-2021-31602.json +++ b/2021/31xxx/CVE-2021-31602.json @@ -1,81 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-31602", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-31602", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence Server through 7.x. The Security Model has different layers of Access Control. One of these layers is the applicationContext security, which is defined in the applicationContext-spring-security.xml file. The default configuration allows an unauthenticated user with no previous knowledge of the platform settings to extract pieces of information without possessing valid credentials." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.hitachi.com/hirt/security/index.html", - "refsource": "MISC", - "name": "https://www.hitachi.com/hirt/security/index.html" - }, - { - "refsource": "MISC", - "name": "http://packetstormsecurity.com/files/164784/Pentaho-Business-Analytics-Pentaho-Business-Server-9.1-Authentication-Bypass.html", - "url": "http://packetstormsecurity.com/files/164784/Pentaho-Business-Analytics-Pentaho-Business-Server-9.1-Authentication-Bypass.html" - } - ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AC:L/AV:N/A:N/C:L/I:N/PR:N/S:U/UI:N", - "version": "3.1" - } } } \ No newline at end of file diff --git a/2021/31xxx/CVE-2021-31682.json b/2021/31xxx/CVE-2021-31682.json index dc763d420e5..79e852b0992 100644 --- a/2021/31xxx/CVE-2021-31682.json +++ b/2021/31xxx/CVE-2021-31682.json @@ -61,11 +61,6 @@ "refsource": "MISC", "name": "https://github.com/3ndG4me/WebCTRL-OperatorLocale-Parameter-Reflected-XSS", "url": "https://github.com/3ndG4me/WebCTRL-OperatorLocale-Parameter-Reflected-XSS" - }, - { - "refsource": "MISC", - "name": "http://packetstormsecurity.com/files/164707/WebCTRL-OEM-6.5-Cross-Site-Scripting.html", - "url": "http://packetstormsecurity.com/files/164707/WebCTRL-OEM-6.5-Cross-Site-Scripting.html" } ] } diff --git a/2021/31xxx/CVE-2021-31848.json b/2021/31xxx/CVE-2021-31848.json index 660a86aaae2..fcc2b292537 100644 --- a/2021/31xxx/CVE-2021-31848.json +++ b/2021/31xxx/CVE-2021-31848.json @@ -1,91 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "psirt@mcafee.com", - "ID": "CVE-2021-31848", - "STATE": "PUBLIC", - "TITLE": "Data Loss Prevention (DLP) ePO extension - Cross site scripting (XSS)" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Data Loss Prevention (DLP) ePO extension", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_value": "11.7.100" - }, - { - "version_affected": "<", - "version_value": "11.6.400" - } - ] - } - } - ] - }, - "vendor_name": "McAfee" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-31848", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Cross site scripting (XSS) vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.7.100 allows a remote attacker to highjack an active DLP ePO administrator session by convincing the logged in administrator to click on a carefully crafted link in the case management part of the DLP ePO extension." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "HIGH", - "baseScore": 8.4, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "HIGH", - "scope": "CHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-79 Cross-site Scripting (XSS)" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10371", - "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10371" - } - ] - }, - "source": { - "advisory": "SB10371", - "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2021/31xxx/CVE-2021-31849.json b/2021/31xxx/CVE-2021-31849.json index 579ca5f1b6a..1a0edae9ce2 100644 --- a/2021/31xxx/CVE-2021-31849.json +++ b/2021/31xxx/CVE-2021-31849.json @@ -1,91 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "psirt@mcafee.com", - "ID": "CVE-2021-31849", - "STATE": "PUBLIC", - "TITLE": "Data Loss Prevention (DLP) ePO extension - SQL injection" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Data Loss Prevention (DLP) ePO extension", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_value": "11.7.100" - }, - { - "version_affected": "<", - "version_value": "11.6.400" - } - ] - } - } - ] - }, - "vendor_name": "McAfee" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-31849", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "SQL injection vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.7.100 allows a remote attacker logged into ePO as an administrator to inject arbitrary SQL into the ePO database through the user management section of the DLP ePO extension." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "HIGH", - "baseScore": 8.4, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "HIGH", - "scope": "CHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-89 SQL Injection" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10371", - "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10371" - } - ] - }, - "source": { - "advisory": "SB10371", - "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2021/31xxx/CVE-2021-31881.json b/2021/31xxx/CVE-2021-31881.json index 23b0ad41960..d51959f67c1 100644 --- a/2021/31xxx/CVE-2021-31881.json +++ b/2021/31xxx/CVE-2021-31881.json @@ -1,196 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "productcert@siemens.com", - "ID": "CVE-2021-31881", - "STATE": "PUBLIC" - }, + "data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", - "data_type": "CVE", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Siemens", - "product": { - "product_data": [ - { - "product_name": "APOGEE MBC (PPC) (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE MBC (PPC) (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE MEC (PPC) (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE MEC (PPC) (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Compact (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Compact (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Modular (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Modular (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "Capital VSTAR", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "Nucleus NET", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "Nucleus ReadyStart V3", - "version": { - "version_data": [ - { - "version_value": "All versions < V2017.02.4" - } - ] - } - }, - { - "product_name": "Nucleus Source Code", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "TALON TC Compact (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "TALON TC Modular (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-125: Out-of-bounds Read" - } - ] - } - ] + "CVE_data_meta": { + "ID": "CVE-2021-31881", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions), APOGEE PXC Compact (P2 Ethernet) (All versions), APOGEE PXC Modular (BACnet) (All versions), APOGEE PXC Modular (P2 Ethernet) (All versions), Capital VSTAR (All versions), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions), TALON TC Modular (BACnet) (All versions). When processing a DHCP OFFER message, the DHCP client application does not validate the length of the Vendor option(s), leading to Denial-of-Service conditions. (FSMD-2021-0008)" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf" - }, - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/31xxx/CVE-2021-31882.json b/2021/31xxx/CVE-2021-31882.json index e8cdbb999ad..f4953b7930a 100644 --- a/2021/31xxx/CVE-2021-31882.json +++ b/2021/31xxx/CVE-2021-31882.json @@ -1,196 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "productcert@siemens.com", - "ID": "CVE-2021-31882", - "STATE": "PUBLIC" - }, + "data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", - "data_type": "CVE", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Siemens", - "product": { - "product_data": [ - { - "product_name": "APOGEE MBC (PPC) (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE MBC (PPC) (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE MEC (PPC) (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE MEC (PPC) (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Compact (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Compact (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Modular (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Modular (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "Capital VSTAR", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "Nucleus NET", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "Nucleus ReadyStart V3", - "version": { - "version_data": [ - { - "version_value": "All versions < V2017.02.4" - } - ] - } - }, - { - "product_name": "Nucleus Source Code", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "TALON TC Compact (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "TALON TC Modular (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer" - } - ] - } - ] + "CVE_data_meta": { + "ID": "CVE-2021-31882", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions), APOGEE PXC Compact (P2 Ethernet) (All versions), APOGEE PXC Modular (BACnet) (All versions), APOGEE PXC Modular (P2 Ethernet) (All versions), Capital VSTAR (All versions), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions), TALON TC Modular (BACnet) (All versions). The DHCP client application does not validate the length of the Domain Name Server IP option(s) (0x06) when processing DHCP ACK packets. This may lead to Denial-of-Service conditions. (FSMD-2021-0011)" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf" - }, - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/31xxx/CVE-2021-31883.json b/2021/31xxx/CVE-2021-31883.json index 055a855a360..ba3f9cd973e 100644 --- a/2021/31xxx/CVE-2021-31883.json +++ b/2021/31xxx/CVE-2021-31883.json @@ -1,196 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "productcert@siemens.com", - "ID": "CVE-2021-31883", - "STATE": "PUBLIC" - }, + "data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", - "data_type": "CVE", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Siemens", - "product": { - "product_data": [ - { - "product_name": "APOGEE MBC (PPC) (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE MBC (PPC) (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE MEC (PPC) (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE MEC (PPC) (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Compact (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Compact (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Modular (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Modular (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "Capital VSTAR", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "Nucleus NET", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "Nucleus ReadyStart V3", - "version": { - "version_data": [ - { - "version_value": "All versions < V2017.02.4" - } - ] - } - }, - { - "product_name": "Nucleus Source Code", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "TALON TC Compact (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "TALON TC Modular (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer" - } - ] - } - ] + "CVE_data_meta": { + "ID": "CVE-2021-31883", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions), APOGEE PXC Compact (P2 Ethernet) (All versions), APOGEE PXC Modular (BACnet) (All versions), APOGEE PXC Modular (P2 Ethernet) (All versions), Capital VSTAR (All versions), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions), TALON TC Modular (BACnet) (All versions). When processing a DHCP ACK message, the DHCP client application does not validate the length of the Vendor option(s), leading to Denial-of-Service conditions. (FSMD-2021-0013)" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf" - }, - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/31xxx/CVE-2021-31884.json b/2021/31xxx/CVE-2021-31884.json index 89ed5a9b56b..19225417c6e 100644 --- a/2021/31xxx/CVE-2021-31884.json +++ b/2021/31xxx/CVE-2021-31884.json @@ -1,196 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "productcert@siemens.com", - "ID": "CVE-2021-31884", - "STATE": "PUBLIC" - }, + "data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", - "data_type": "CVE", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Siemens", - "product": { - "product_data": [ - { - "product_name": "APOGEE MBC (PPC) (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE MBC (PPC) (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE MEC (PPC) (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE MEC (PPC) (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Compact (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Compact (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Modular (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Modular (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "Capital VSTAR", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "Nucleus NET", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "Nucleus ReadyStart V3", - "version": { - "version_data": [ - { - "version_value": "All versions < V2017.02.4" - } - ] - } - }, - { - "product_name": "Nucleus Source Code", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "TALON TC Compact (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "TALON TC Modular (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-170: Improper Null Termination" - } - ] - } - ] + "CVE_data_meta": { + "ID": "CVE-2021-31884", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions), APOGEE PXC Compact (P2 Ethernet) (All versions), APOGEE PXC Modular (BACnet) (All versions), APOGEE PXC Modular (P2 Ethernet) (All versions), Capital VSTAR (All versions), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions), TALON TC Modular (BACnet) (All versions). The DHCP client application assumes that the data supplied with the \u201cHostname\u201d DHCP option is NULL terminated. In cases when global hostname variable is not defined, this may lead to Out-of-bound reads, writes, and Denial-of-service conditions. (FSMD-2021-0014)" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf" - }, - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/31xxx/CVE-2021-31885.json b/2021/31xxx/CVE-2021-31885.json index 64fb029c647..8f86b666a9e 100644 --- a/2021/31xxx/CVE-2021-31885.json +++ b/2021/31xxx/CVE-2021-31885.json @@ -1,206 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "productcert@siemens.com", - "ID": "CVE-2021-31885", - "STATE": "PUBLIC" - }, + "data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", - "data_type": "CVE", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Siemens", - "product": { - "product_data": [ - { - "product_name": "APOGEE MBC (PPC) (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE MBC (PPC) (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE MEC (PPC) (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE MEC (PPC) (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Compact (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Compact (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Modular (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Modular (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "Capital VSTAR", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "Nucleus NET", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "Nucleus ReadyStart V3", - "version": { - "version_data": [ - { - "version_value": "All versions < V2017.02.4" - } - ] - } - }, - { - "product_name": "Nucleus ReadyStart V4", - "version": { - "version_data": [ - { - "version_value": "All versions < V4.1.1" - } - ] - } - }, - { - "product_name": "Nucleus Source Code", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "TALON TC Compact (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "TALON TC Modular (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-805: Buffer Access with Incorrect Length Value" - } - ] - } - ] + "CVE_data_meta": { + "ID": "CVE-2021-31885", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions), APOGEE PXC Compact (P2 Ethernet) (All versions), APOGEE PXC Modular (BACnet) (All versions), APOGEE PXC Modular (P2 Ethernet) (All versions), Capital VSTAR (All versions), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.1), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions), TALON TC Modular (BACnet) (All versions). TFTP server application allows for reading the contents of the TFTP memory buffer via sending malformed TFTP commands. (FSMD-2021-0009)" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf" - }, - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/31xxx/CVE-2021-31886.json b/2021/31xxx/CVE-2021-31886.json index 3e9e9fc454a..b12aa315d78 100644 --- a/2021/31xxx/CVE-2021-31886.json +++ b/2021/31xxx/CVE-2021-31886.json @@ -1,196 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "productcert@siemens.com", - "ID": "CVE-2021-31886", - "STATE": "PUBLIC" - }, + "data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", - "data_type": "CVE", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Siemens", - "product": { - "product_data": [ - { - "product_name": "APOGEE MBC (PPC) (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE MBC (PPC) (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE MEC (PPC) (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE MEC (PPC) (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Compact (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Compact (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Modular (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Modular (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "Capital VSTAR", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "Nucleus NET", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "Nucleus ReadyStart V3", - "version": { - "version_data": [ - { - "version_value": "All versions < V2017.02.4" - } - ] - } - }, - { - "product_name": "Nucleus Source Code", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "TALON TC Compact (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "TALON TC Modular (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-170: Improper Null Termination" - } - ] - } - ] + "CVE_data_meta": { + "ID": "CVE-2021-31886", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions), APOGEE PXC Compact (P2 Ethernet) (All versions), APOGEE PXC Modular (BACnet) (All versions), APOGEE PXC Modular (P2 Ethernet) (All versions), Capital VSTAR (All versions), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions), TALON TC Modular (BACnet) (All versions). FTP server does not properly validate the length of the \u201cUSER\u201d command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution. (FSMD-2021-0010)" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf" - }, - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/31xxx/CVE-2021-31887.json b/2021/31xxx/CVE-2021-31887.json index 2080d3cbe73..2f70f4a8611 100644 --- a/2021/31xxx/CVE-2021-31887.json +++ b/2021/31xxx/CVE-2021-31887.json @@ -1,196 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "productcert@siemens.com", - "ID": "CVE-2021-31887", - "STATE": "PUBLIC" - }, + "data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", - "data_type": "CVE", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Siemens", - "product": { - "product_data": [ - { - "product_name": "APOGEE MBC (PPC) (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE MBC (PPC) (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE MEC (PPC) (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE MEC (PPC) (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Compact (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Compact (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Modular (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Modular (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "Capital VSTAR", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "Nucleus NET", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "Nucleus ReadyStart V3", - "version": { - "version_data": [ - { - "version_value": "All versions < V2017.02.4" - } - ] - } - }, - { - "product_name": "Nucleus Source Code", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "TALON TC Compact (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "TALON TC Modular (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-170: Improper Null Termination" - } - ] - } - ] + "CVE_data_meta": { + "ID": "CVE-2021-31887", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions), APOGEE PXC Compact (P2 Ethernet) (All versions), APOGEE PXC Modular (BACnet) (All versions), APOGEE PXC Modular (P2 Ethernet) (All versions), Capital VSTAR (All versions), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions), TALON TC Modular (BACnet) (All versions). FTP server does not properly validate the length of the \u201cPWD/XPWD\u201d command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution. (FSMD-2021-0016)" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf" - }, - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/31xxx/CVE-2021-31888.json b/2021/31xxx/CVE-2021-31888.json index 4bd2926845a..052a3d5000f 100644 --- a/2021/31xxx/CVE-2021-31888.json +++ b/2021/31xxx/CVE-2021-31888.json @@ -1,196 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "productcert@siemens.com", - "ID": "CVE-2021-31888", - "STATE": "PUBLIC" - }, + "data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", - "data_type": "CVE", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Siemens", - "product": { - "product_data": [ - { - "product_name": "APOGEE MBC (PPC) (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE MBC (PPC) (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE MEC (PPC) (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE MEC (PPC) (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Compact (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Compact (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Modular (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Modular (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "Capital VSTAR", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "Nucleus NET", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "Nucleus ReadyStart V3", - "version": { - "version_data": [ - { - "version_value": "All versions < V2017.02.4" - } - ] - } - }, - { - "product_name": "Nucleus Source Code", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "TALON TC Compact (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "TALON TC Modular (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-170: Improper Null Termination" - } - ] - } - ] + "CVE_data_meta": { + "ID": "CVE-2021-31888", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions), APOGEE PXC Compact (P2 Ethernet) (All versions), APOGEE PXC Modular (BACnet) (All versions), APOGEE PXC Modular (P2 Ethernet) (All versions), Capital VSTAR (All versions), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions), TALON TC Modular (BACnet) (All versions). FTP server does not properly validate the length of the \u201cMKD/XMKD\u201d command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution. (FSMD-2021-0018)" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf" - }, - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/31xxx/CVE-2021-31889.json b/2021/31xxx/CVE-2021-31889.json index cff4681d849..81998adfd1c 100644 --- a/2021/31xxx/CVE-2021-31889.json +++ b/2021/31xxx/CVE-2021-31889.json @@ -1,196 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "productcert@siemens.com", - "ID": "CVE-2021-31889", - "STATE": "PUBLIC" - }, + "data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", - "data_type": "CVE", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Siemens", - "product": { - "product_data": [ - { - "product_name": "APOGEE MBC (PPC) (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE MBC (PPC) (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE MEC (PPC) (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE MEC (PPC) (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Compact (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Compact (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Modular (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Modular (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "Capital VSTAR", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "Nucleus NET", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "Nucleus ReadyStart V3", - "version": { - "version_data": [ - { - "version_value": "All versions < V2017.02.4" - } - ] - } - }, - { - "product_name": "Nucleus Source Code", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "TALON TC Compact (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "TALON TC Modular (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-191: Integer Underflow (Wrap or Wraparound)" - } - ] - } - ] + "CVE_data_meta": { + "ID": "CVE-2021-31889", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions), APOGEE PXC Compact (P2 Ethernet) (All versions), APOGEE PXC Modular (BACnet) (All versions), APOGEE PXC Modular (P2 Ethernet) (All versions), Capital VSTAR (All versions), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions), TALON TC Modular (BACnet) (All versions). Malformed TCP packets with a corrupted SACK option leads to Information Leaks and Denial-of-Service conditions. (FSMD-2021-0015)" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf" - }, - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/31xxx/CVE-2021-31890.json b/2021/31xxx/CVE-2021-31890.json index f4af590c394..81298367118 100644 --- a/2021/31xxx/CVE-2021-31890.json +++ b/2021/31xxx/CVE-2021-31890.json @@ -1,206 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "productcert@siemens.com", - "ID": "CVE-2021-31890", - "STATE": "PUBLIC" - }, + "data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", - "data_type": "CVE", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Siemens", - "product": { - "product_data": [ - { - "product_name": "APOGEE MBC (PPC) (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE MBC (PPC) (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE MEC (PPC) (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE MEC (PPC) (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Compact (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Compact (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Modular (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "APOGEE PXC Modular (P2 Ethernet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "Capital VSTAR", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "Nucleus NET", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "Nucleus ReadyStart V3", - "version": { - "version_data": [ - { - "version_value": "All versions < V2017.02.4" - } - ] - } - }, - { - "product_name": "Nucleus ReadyStart V4", - "version": { - "version_data": [ - { - "version_value": "All versions < V4.1.1" - } - ] - } - }, - { - "product_name": "Nucleus Source Code", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "TALON TC Compact (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "TALON TC Modular (BACnet)", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-240: Improper Handling of Inconsistent Structural Elements" - } - ] - } - ] + "CVE_data_meta": { + "ID": "CVE-2021-31890", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions), APOGEE PXC Compact (P2 Ethernet) (All versions), APOGEE PXC Modular (BACnet) (All versions), APOGEE PXC Modular (P2 Ethernet) (All versions), Capital VSTAR (All versions), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.1), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions), TALON TC Modular (BACnet) (All versions). The total length of an TCP payload (set in the IP header) is unchecked. This may lead to various side effects, including Information Leak and Denial-of-Service conditions, depending on the network buffer organization in memory. (FSMD-2021-0017)" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf" - }, - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/32xxx/CVE-2021-32481.json b/2021/32xxx/CVE-2021-32481.json index a3e85d5a3c8..d7a3dc76409 100644 --- a/2021/32xxx/CVE-2021-32481.json +++ b/2021/32xxx/CVE-2021-32481.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-32481", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-32481", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Cloudera Hue 4.6.0 allows XSS via the type parameter." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#hue", - "refsource": "MISC", - "name": "https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#hue" - }, - { - "refsource": "CONFIRM", - "name": "https://my.cloudera.com/knowledge/TSB-2021-487-Cloudera-Hue-is-vulnerable-to-Cross-Site?id=324634", - "url": "https://my.cloudera.com/knowledge/TSB-2021-487-Cloudera-Hue-is-vulnerable-to-Cross-Site?id=324634" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/32xxx/CVE-2021-32482.json b/2021/32xxx/CVE-2021-32482.json index 3586d134a34..470a7285166 100644 --- a/2021/32xxx/CVE-2021-32482.json +++ b/2021/32xxx/CVE-2021-32482.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-32482", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-32482", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Cloudera Manager 5.x, 6.x, 7.1.x, 7.2.x, and 7.3.x allows XSS via the path parameter." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#cloudera_manager", - "refsource": "MISC", - "name": "https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#cloudera_manager" - }, - { - "refsource": "MISC", - "name": "https://my.cloudera.com/knowledge/TSB-2021-488-Cloudera-Manager-is-vulnerable-to-Cross-Site?id=322833", - "url": "https://my.cloudera.com/knowledge/TSB-2021-488-Cloudera-Manager-is-vulnerable-to-Cross-Site?id=322833" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/32xxx/CVE-2021-32483.json b/2021/32xxx/CVE-2021-32483.json index e40686fe5ad..a4cdd191792 100644 --- a/2021/32xxx/CVE-2021-32483.json +++ b/2021/32xxx/CVE-2021-32483.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-32483", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-32483", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of Privileges to view the restricted Dashboard." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#cloudera_manager", - "refsource": "MISC", - "name": "https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#cloudera_manager" - }, - { - "refsource": "MISC", - "name": "https://my.cloudera.com/knowledge/TSB-2021-491-Authorization-Bypass-in-Cloudera-Manager?id=314482", - "url": "https://my.cloudera.com/knowledge/TSB-2021-491-Authorization-Bypass-in-Cloudera-Manager?id=314482" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/32xxx/CVE-2021-32558.json b/2021/32xxx/CVE-2021-32558.json index 64679d1486b..786e1bf32c2 100644 --- a/2021/32xxx/CVE-2021-32558.json +++ b/2021/32xxx/CVE-2021-32558.json @@ -76,11 +76,6 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20210804 [SECURITY] [DLA 2729-1] asterisk security update", "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00005.html" - }, - { - "refsource": "DEBIAN", - "name": "DSA-4999", - "url": "https://www.debian.org/security/2021/dsa-4999" } ] } diff --git a/2021/32xxx/CVE-2021-32595.json b/2021/32xxx/CVE-2021-32595.json index c00ae1aff7e..c51495e9f5a 100644 --- a/2021/32xxx/CVE-2021-32595.json +++ b/2021/32xxx/CVE-2021-32595.json @@ -4,74 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-32595", - "ASSIGNER": "psirt@fortinet.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Fortinet", - "product": { - "product_data": [ - { - "product_name": "Fortinet FortiPortal", - "version": { - "version_data": [ - { - "version_value": "FortiPortal before 6.0.6" - } - ] - } - } - ] - } - } - ] - } - }, - "impact": { - "cvss": { - "attackComplexity": "Low", - "attackVector": "Network", - "availabilityImpact": "High", - "baseScore": 6.4, - "baseSeverity": "Medium", - "confidentialityImpact": "None", - "integrityImpact": "None", - "privilegesRequired": "Low", - "scope": "Unchanged", - "userInteraction": "None", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:F/RL:U/RC:C", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Denial of service" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "CONFIRM", - "name": "https://fortiguard.com/advisory/FG-IR-21-096", - "url": "https://fortiguard.com/advisory/FG-IR-21-096" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Multiple uncontrolled resource consumption vulnerabilities in the web interface of FortiPortal before 6.0.6 may allow a single low-privileged user to induce a denial of service via multiple HTTP requests." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/32xxx/CVE-2021-32626.json b/2021/32xxx/CVE-2021-32626.json index 5a3c1cce78c..da05c6029b3 100644 --- a/2021/32xxx/CVE-2021-32626.json +++ b/2021/32xxx/CVE-2021-32626.json @@ -107,21 +107,6 @@ "refsource": "MLIST", "name": "[druid-commits] 20211025 [GitHub] [druid] jihoonson opened a new pull request #11844: Bump netty4 to 4.1.68; suppress CVE-2021-37136 and CVE-2021-37137 for netty3", "url": "https://lists.apache.org/thread.html/r75490c61c2cb7b6ae2c81238fd52ae13636c60435abcd732d41531a0@%3Ccommits.druid.apache.org%3E" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-aa94492a09", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/" - }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20211104-0003/", - "url": "https://security.netapp.com/advisory/ntap-20211104-0003/" - }, - { - "refsource": "DEBIAN", - "name": "DSA-5001", - "url": "https://www.debian.org/security/2021/dsa-5001" } ] }, diff --git a/2021/32xxx/CVE-2021-32627.json b/2021/32xxx/CVE-2021-32627.json index 869e3023685..603472bb14c 100644 --- a/2021/32xxx/CVE-2021-32627.json +++ b/2021/32xxx/CVE-2021-32627.json @@ -102,21 +102,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-61c487f241", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-aa94492a09", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/" - }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20211104-0003/", - "url": "https://security.netapp.com/advisory/ntap-20211104-0003/" - }, - { - "refsource": "DEBIAN", - "name": "DSA-5001", - "url": "https://www.debian.org/security/2021/dsa-5001" } ] }, diff --git a/2021/32xxx/CVE-2021-32628.json b/2021/32xxx/CVE-2021-32628.json index b89597efecc..783c74bc36e 100644 --- a/2021/32xxx/CVE-2021-32628.json +++ b/2021/32xxx/CVE-2021-32628.json @@ -102,21 +102,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-61c487f241", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-aa94492a09", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/" - }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20211104-0003/", - "url": "https://security.netapp.com/advisory/ntap-20211104-0003/" - }, - { - "refsource": "DEBIAN", - "name": "DSA-5001", - "url": "https://www.debian.org/security/2021/dsa-5001" } ] }, diff --git a/2021/32xxx/CVE-2021-32672.json b/2021/32xxx/CVE-2021-32672.json index 01d4c9549fb..f5aef4eb74e 100644 --- a/2021/32xxx/CVE-2021-32672.json +++ b/2021/32xxx/CVE-2021-32672.json @@ -94,21 +94,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-61c487f241", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-aa94492a09", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/" - }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20211104-0003/", - "url": "https://security.netapp.com/advisory/ntap-20211104-0003/" - }, - { - "refsource": "DEBIAN", - "name": "DSA-5001", - "url": "https://www.debian.org/security/2021/dsa-5001" } ] }, diff --git a/2021/32xxx/CVE-2021-32675.json b/2021/32xxx/CVE-2021-32675.json index 7e68dd1c4c4..d9819c5a02e 100644 --- a/2021/32xxx/CVE-2021-32675.json +++ b/2021/32xxx/CVE-2021-32675.json @@ -99,21 +99,6 @@ "refsource": "MLIST", "name": "[geode-notifications] 20211013 [GitHub] [geode] jdeppe-pivotal opened a new pull request #6994: GEODE-9676: Limit array and string sizes for unauthenticated Radish connections", "url": "https://lists.apache.org/thread.html/ra603ff6e04549d7f290f61f9b11e2d2e4dba693b05ff053f4ec6bc47@%3Cnotifications.geode.apache.org%3E" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-aa94492a09", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/" - }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20211104-0003/", - "url": "https://security.netapp.com/advisory/ntap-20211104-0003/" - }, - { - "refsource": "DEBIAN", - "name": "DSA-5001", - "url": "https://www.debian.org/security/2021/dsa-5001" } ] }, diff --git a/2021/32xxx/CVE-2021-32686.json b/2021/32xxx/CVE-2021-32686.json index 66de3fd917a..842dfa58169 100644 --- a/2021/32xxx/CVE-2021-32686.json +++ b/2021/32xxx/CVE-2021-32686.json @@ -88,11 +88,6 @@ "name": "https://github.com/pjsip/pjproject/releases/tag/2.11.1", "refsource": "MISC", "url": "https://github.com/pjsip/pjproject/releases/tag/2.11.1" - }, - { - "refsource": "DEBIAN", - "name": "DSA-4999", - "url": "https://www.debian.org/security/2021/dsa-4999" } ] }, diff --git a/2021/32xxx/CVE-2021-32687.json b/2021/32xxx/CVE-2021-32687.json index 95c6e4c82b1..0cc8148bab8 100644 --- a/2021/32xxx/CVE-2021-32687.json +++ b/2021/32xxx/CVE-2021-32687.json @@ -102,21 +102,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-61c487f241", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-aa94492a09", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/" - }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20211104-0003/", - "url": "https://security.netapp.com/advisory/ntap-20211104-0003/" - }, - { - "refsource": "DEBIAN", - "name": "DSA-5001", - "url": "https://www.debian.org/security/2021/dsa-5001" } ] }, diff --git a/2021/32xxx/CVE-2021-32749.json b/2021/32xxx/CVE-2021-32749.json index e83086095b5..91855b5eb8d 100644 --- a/2021/32xxx/CVE-2021-32749.json +++ b/2021/32xxx/CVE-2021-32749.json @@ -94,11 +94,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-0ab8f6a19a", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WHJK2X2MR2WDYZMCW7COZXJDUSDYMY6/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-a18b79d182", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZRYQ77MTX5WSV33VCJLK4KBKR55QZ7ZA/" } ] }, diff --git a/2021/32xxx/CVE-2021-32761.json b/2021/32xxx/CVE-2021-32761.json index f5cb0bda88a..b6ddf30962e 100644 --- a/2021/32xxx/CVE-2021-32761.json +++ b/2021/32xxx/CVE-2021-32761.json @@ -112,11 +112,6 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20210827 [SECURITY] [DLA 2717-2] redis security update", "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00026.html" - }, - { - "refsource": "DEBIAN", - "name": "DSA-5001", - "url": "https://www.debian.org/security/2021/dsa-5001" } ] }, diff --git a/2021/32xxx/CVE-2021-32762.json b/2021/32xxx/CVE-2021-32762.json index 7ae427bb288..567e2bf7729 100644 --- a/2021/32xxx/CVE-2021-32762.json +++ b/2021/32xxx/CVE-2021-32762.json @@ -102,21 +102,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-61c487f241", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-aa94492a09", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/" - }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20211104-0003/", - "url": "https://security.netapp.com/advisory/ntap-20211104-0003/" - }, - { - "refsource": "DEBIAN", - "name": "DSA-5001", - "url": "https://www.debian.org/security/2021/dsa-5001" } ] }, diff --git a/2021/32xxx/CVE-2021-32765.json b/2021/32xxx/CVE-2021-32765.json index 053c880c612..43da7b6bfb1 100644 --- a/2021/32xxx/CVE-2021-32765.json +++ b/2021/32xxx/CVE-2021-32765.json @@ -96,11 +96,6 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20211012 [SECURITY] [DLA 2783-1] hiredis security update", "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00007.html" - }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20211104-0003/", - "url": "https://security.netapp.com/advisory/ntap-20211104-0003/" } ] }, diff --git a/2021/33xxx/CVE-2021-33193.json b/2021/33xxx/CVE-2021-33193.json index b3db4cb5439..480aeb26ffb 100644 --- a/2021/33xxx/CVE-2021-33193.json +++ b/2021/33xxx/CVE-2021-33193.json @@ -102,11 +102,6 @@ "refsource": "CONFIRM", "name": "https://www.tenable.com/security/tns-2021-17", "url": "https://www.tenable.com/security/tns-2021-17" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-f94985afca", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EUVJVRJRBW5QVX4OY3NOHZDQ3B3YOTSG/" } ] }, diff --git a/2021/33xxx/CVE-2021-33209.json b/2021/33xxx/CVE-2021-33209.json index 3d6cf3606d9..04964d1e976 100644 --- a/2021/33xxx/CVE-2021-33209.json +++ b/2021/33xxx/CVE-2021-33209.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-33209", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-33209", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "An issue was discovered in Fimer Aurora Vision before 2.97.10. The response to a failed login attempt discloses whether the username or password is wrong, helping an attacker to enumerate usernames. This can make a brute-force attack easier." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://twitter.com/FIMERspa", - "refsource": "MISC", - "name": "https://twitter.com/FIMERspa" - }, - { - "refsource": "MISC", - "name": "https://fimeronline.sharepoint.com/:b:/s/GLB-publicsp/EeKCnV76jG5Pn9Ud30fTlesBlk-SZS3uFU80Gt8IEWiE4Q?e=Tdmabs", - "url": "https://fimeronline.sharepoint.com/:b:/s/GLB-publicsp/EeKCnV76jG5Pn9Ud30fTlesBlk-SZS3uFU80Gt8IEWiE4Q?e=Tdmabs" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/33xxx/CVE-2021-33210.json b/2021/33xxx/CVE-2021-33210.json index 1ec5513033c..9cbd5da4c58 100644 --- a/2021/33xxx/CVE-2021-33210.json +++ b/2021/33xxx/CVE-2021-33210.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-33210", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-33210", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "An issue was discovered in Fimer Aurora Vision before 2.97.10. An attacker can (in the WebUI) obtain plant information without authentication by reading the response of APIs from a kiosk view of a plant." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://twitter.com/FIMERspa", - "refsource": "MISC", - "name": "https://twitter.com/FIMERspa" - }, - { - "refsource": "MISC", - "name": "https://fimeronline.sharepoint.com/:b:/s/GLB-publicsp/EZGyNsndR-hNgtWtDsxoRAoBchaLX4o7RWdTiX1qgD19WQ?e=I9uW0p", - "url": "https://fimeronline.sharepoint.com/:b:/s/GLB-publicsp/EZGyNsndR-hNgtWtDsxoRAoBchaLX4o7RWdTiX1qgD19WQ?e=I9uW0p" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/33xxx/CVE-2021-33259.json b/2021/33xxx/CVE-2021-33259.json index 1aa19f9ca19..f4a9b3b54a2 100644 --- a/2021/33xxx/CVE-2021-33259.json +++ b/2021/33xxx/CVE-2021-33259.json @@ -1,76 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-33259", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-33259", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Several web interfaces in D-Link DIR-868LW 1.12b have no authentication requirements for access, allowing for attackers to obtain users' DNS query history." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "http://d-link.com", - "refsource": "MISC", - "name": "http://d-link.com" - }, - { - "url": "https://www.dlink.com/en/security-bulletin/", - "refsource": "MISC", - "name": "https://www.dlink.com/en/security-bulletin/" - }, - { - "url": "http://dir-868lw.com", - "refsource": "MISC", - "name": "http://dir-868lw.com" - }, - { - "url": "https://github.com/jayus0821/uai-poc/blob/main/D-Link/DIR-868L/webaccess_UAI.md", - "refsource": "MISC", - "name": "https://github.com/jayus0821/uai-poc/blob/main/D-Link/DIR-868L/webaccess_UAI.md" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/33xxx/CVE-2021-33425.json b/2021/33xxx/CVE-2021-33425.json index 4d534c7b8f8..e86a3b3148c 100644 --- a/2021/33xxx/CVE-2021-33425.json +++ b/2021/33xxx/CVE-2021-33425.json @@ -56,11 +56,6 @@ "url": "http://openwrt.com", "refsource": "MISC", "name": "http://openwrt.com" - }, - { - "refsource": "MLIST", - "name": "[oss-security] 20211109 [CVE-2021-43523] Incorrect handling of special characters in domain names in uclibc and uclibc-ng", - "url": "http://www.openwall.com/lists/oss-security/2021/11/09/1" } ] } diff --git a/2021/33xxx/CVE-2021-33593.json b/2021/33xxx/CVE-2021-33593.json index cf361f5babd..b90bc89b019 100644 --- a/2021/33xxx/CVE-2021-33593.json +++ b/2021/33xxx/CVE-2021-33593.json @@ -4,69 +4,15 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-33593", - "ASSIGNER": "cve@navercorp.com", - "STATE": "PUBLIC" - }, - "credit": [ - { - "lang": "eng", - "value": "YoKo Kho from Telkom Indonesia" - } - ], - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "NAVER Whale browser", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_value": "1.14.0" - } - ] - } - } - ] - }, - "vendor_name": "NAVER" - } - ] - } + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Whale browser for iOS before 1.14.0 has an inconsistent user interface issue that allows an attacker to obfuscate the address bar which may lead to address bar spoofing." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-451: User Interface (UI) Misrepresentation of Critical Information" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://cve.naver.com/detail/cve-2021-43059", - "refsource": "CONFIRM", - "url": "https://cve.naver.com/detail/cve-2021-43059" - } - ] - }, - "source": { - "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2021/33xxx/CVE-2021-33611.json b/2021/33xxx/CVE-2021-33611.json index de655f138cd..951fb1ef155 100644 --- a/2021/33xxx/CVE-2021-33611.json +++ b/2021/33xxx/CVE-2021-33611.json @@ -1,111 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security@vaadin.com", - "DATE_PUBLIC": "2021-11-01T09:45:00.000Z", - "ID": "CVE-2021-33611", - "STATE": "PUBLIC", - "TITLE": "Reflected cross-site scripting in vaadin-menu-bar webjar resources in Vaadin 14" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Vaadin", - "version": { - "version_data": [ - { - "version_affected": ">=", - "version_value": "14.0.0" - }, - { - "version_affected": "<=", - "version_value": "14.4.4" - } - ] - } - }, - { - "product_name": "vaadin-menu-bar", - "version": { - "version_data": [ - { - "version_affected": ">=", - "version_value": "1.0.0" - }, - { - "version_affected": "<=", - "version_value": "1.2.0" - } - ] - } - } - ] - }, - "vendor_name": "Vaadin" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-33611", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Missing output sanitization in test sources in org.webjars.bowergithub.vaadin:vaadin-menu-bar versions 1.0.0 through 1.2.0 (Vaadin 14.0.0 through 14.4.4) allows remote attackers to execute malicious JavaScript in browser by opening crafted URL" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "privilegesRequired": "NONE", - "scope": "CHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-79 Cross-site Scripting (XSS)" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://vaadin.com/security/cve-2021-33611", - "refsource": "CONFIRM", - "url": "https://vaadin.com/security/cve-2021-33611" - }, - { - "name": "https://github.com/vaadin/vaadin-menu-bar/pull/126", - "refsource": "CONFIRM", - "url": "https://github.com/vaadin/vaadin-menu-bar/pull/126" - } - ] - }, - "source": { - "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2021/33xxx/CVE-2021-33800.json b/2021/33xxx/CVE-2021-33800.json index 5de50bd3a64..946741ebee0 100644 --- a/2021/33xxx/CVE-2021-33800.json +++ b/2021/33xxx/CVE-2021-33800.json @@ -4,58 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-33800", - "ASSIGNER": "Alibaba-CNA@list.alibaba-inc.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "Druid", - "version": { - "version_data": [ - { - "version_value": "1.2.3" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Directory Traversal" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://security.alibaba.com/announcement/announcement?id=214", - "url": "https://security.alibaba.com/announcement/announcement?id=214" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "In Druid 1.2.3, visiting the path with parameter in a certain function can lead to directory traversal." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/33xxx/CVE-2021-33813.json b/2021/33xxx/CVE-2021-33813.json index bffbcc7cacf..4d3fc8d72ca 100644 --- a/2021/33xxx/CVE-2021-33813.json +++ b/2021/33xxx/CVE-2021-33813.json @@ -116,16 +116,6 @@ "refsource": "MLIST", "name": "[solr-issues] 20210819 [jira] [Resolved] (SOLR-15529) High security vulnerability in JDOM library bundled within Solr 8.9 CVE-2021-33813", "url": "https://lists.apache.org/thread.html/r21c406c7ed88fe340db7dbae75e58355159e6c324037c7d5547bf40b@%3Cissues.solr.apache.org%3E" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-3cb0d02576", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AH46QHE5GIMT6BL6C3GDTOYF27JYILXM/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-f88d2dcc47", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EWFVYTHGILOQXUA7U3SPOERQXL7OPSZG/" } ] } diff --git a/2021/33xxx/CVE-2021-33829.json b/2021/33xxx/CVE-2021-33829.json index 95f36e72d6c..2c30eae3e58 100644 --- a/2021/33xxx/CVE-2021-33829.json +++ b/2021/33xxx/CVE-2021-33829.json @@ -76,11 +76,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-87578dca12", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WAGNWHFIQAVCP537KFFS2A2GDG66J7XD/" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211109 [SECURITY] [DLA 2813-1] ckeditor security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00007.html" } ] } diff --git a/2021/33xxx/CVE-2021-33845.json b/2021/33xxx/CVE-2021-33845.json deleted file mode 100644 index a988c3a65b0..00000000000 --- a/2021/33xxx/CVE-2021-33845.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-33845", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/33xxx/CVE-2021-33910.json b/2021/33xxx/CVE-2021-33910.json index 31a0fbdf881..fdc8902575f 100644 --- a/2021/33xxx/CVE-2021-33910.json +++ b/2021/33xxx/CVE-2021-33910.json @@ -126,11 +126,6 @@ "refsource": "MLIST", "name": "[oss-security] 20210907 Re: Pop!_OS Membership to linux-distros list", "url": "http://www.openwall.com/lists/oss-security/2021/09/07/3" - }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20211104-0008/", - "url": "https://security.netapp.com/advisory/ntap-20211104-0008/" } ] } diff --git a/2021/34xxx/CVE-2021-34585.json b/2021/34xxx/CVE-2021-34585.json index 2a5a9ad3b84..4fcb0fe734f 100644 --- a/2021/34xxx/CVE-2021-34585.json +++ b/2021/34xxx/CVE-2021-34585.json @@ -73,7 +73,7 @@ "description": [ { "lang": "eng", - "value": "CWE-252 Unchecked Return Value" + "value": "CWE-754 Improper Check for Unusual or Exceptional Conditions" } ] } @@ -87,8 +87,8 @@ "url": "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=16876&token=a3f1d937f95e7034879f4f2ea8e5a99b168256a7&download=" }, { - "name": "https://www.tenable.com/security/research/tra-2021-47", "refsource": "MISC", + "name": "https://www.tenable.com/security/research/tra-2021-47", "url": "https://www.tenable.com/security/research/tra-2021-47" } ] diff --git a/2021/34xxx/CVE-2021-34593.json b/2021/34xxx/CVE-2021-34593.json index 9d164a02445..3c81ede122a 100644 --- a/2021/34xxx/CVE-2021-34593.json +++ b/2021/34xxx/CVE-2021-34593.json @@ -90,16 +90,6 @@ "name": "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=16877&token=8faab0fc1e069f4edfca5d5aba8146139f67a175&download=", "refsource": "CONFIRM", "url": "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=16877&token=8faab0fc1e069f4edfca5d5aba8146139f67a175&download=" - }, - { - "refsource": "FULLDISC", - "name": "20211029 SEC Consult SA-20211028-0 :: Denial of Service in CODESYS V2", - "url": "http://seclists.org/fulldisclosure/2021/Oct/64" - }, - { - "refsource": "MISC", - "name": "http://packetstormsecurity.com/files/164716/CODESYS-2.4.7.0-Denial-Of-Service.html", - "url": "http://packetstormsecurity.com/files/164716/CODESYS-2.4.7.0-Denial-Of-Service.html" } ] }, diff --git a/2021/34xxx/CVE-2021-34594.json b/2021/34xxx/CVE-2021-34594.json index b5e385d74d6..b3b9275daa2 100644 --- a/2021/34xxx/CVE-2021-34594.json +++ b/2021/34xxx/CVE-2021-34594.json @@ -1,111 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "info@cert.vde.com", - "DATE_PUBLIC": "2021-11-04T06:00:00.000Z", - "ID": "CVE-2021-34594", - "STATE": "PUBLIC", - "TITLE": "Beckhoff: Relative path traversal vulnerability through TwinCAT OPC UA Server" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "TwinCAT OPC UA Server", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "TF6100", - "version_value": "4.3.48.0" - }, - { - "version_affected": "<", - "version_name": "TS6100", - "version_value": "4.3.48.0" - }, - { - "version_affected": "<", - "version_name": "TcOpcUaServer version", - "version_value": "3.2.0.19423" - } - ] - } - } - ] - }, - "vendor_name": "Beckhoff Automation" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "Beckhoff Automation thanks Johannes Olegård, Emre Süren, and Robert Lagerström for reporting the issue and for support and efforts with the coordinated disclosure." - } - ], - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-34594", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "TwinCAT OPC UA Server in TF6100 and TS6100 in product versions before 4.3.48.0 or with TcOpcUaServer versions below 3.2.0.194 are prone to a relative path traversal that allow administrators to create or delete any files on the system." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "HIGH", - "baseScore": 6.5, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "NONE", - "integrityImpact": "HIGH", - "privilegesRequired": "HIGH", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-23 Relative Path Traversal" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://cert.vde.com/en/advisories/VDE-2021-051/", - "refsource": "CONFIRM", - "url": "https://cert.vde.com/en/advisories/VDE-2021-051/" - } - ] - }, - "solution": [ - { - "lang": "eng", - "value": "Please update to a recent version of the affected product (TF6100 or TS6100 version >= 4.3.48.0)" - } - ], - "source": { - "advisory": "VDE-2021-051", - "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2021/34xxx/CVE-2021-34597.json b/2021/34xxx/CVE-2021-34597.json index d3adf5d54a6..b462913d8ad 100644 --- a/2021/34xxx/CVE-2021-34597.json +++ b/2021/34xxx/CVE-2021-34597.json @@ -1,116 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "info@cert.vde.com", - "DATE_PUBLIC": "2021-11-03T08:54:00.000Z", - "ID": "CVE-2021-34597", - "STATE": "PUBLIC", - "TITLE": "Phoenix Contact: PC Worx/-Express prone to improper input validation vulnerability" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "PC Worx", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "PC Worx", - "version_value": "1.88" - }, - { - "version_affected": "<=", - "version_name": "PC Worx-Express", - "version_value": "1.88" - } - ] - } - } - ] - }, - "vendor_name": "Phoenix Contact" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "The vulnerability was discovered by Jake Baines of Dragos Inc. We kindly appreciate the coordinated disclosure of these vulnerabilities by the finder. " - }, - { - "lang": "eng", - "value": "PHOENIX CONTACT thanks CERT@VDE for the coordination and support with this publication." - } - ], - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-34597", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Improper Input Validation vulnerability in PC Worx Automation Suite of Phoenix Contact up to version 1.88 could allow an attacker with a manipulated project file to unpack arbitrary files outside of the selected project directory." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-20 Improper Input Validation" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://cert.vde.com/en/advisories/VDE-2021-052/", - "refsource": "CONFIRM", - "url": "https://cert.vde.com/en/advisories/VDE-2021-052/" - } - ] - }, - "solution": [ - { - "lang": "eng", - "value": "With the next version of Automation Worx Software Suite additional plausibility checks for archive content will be implemented." - } - ], - "source": { - "advisory": "VDE-2021-052", - "discovery": "EXTERNAL" - }, - "work_around": [ - { - "lang": "eng", - "value": "Temporary Fix / Mitigation\nWe strongly recommend customers to exchange project files only using secure file exchange services. Project files should not be exchanged via unencrypted email.\nIn addition, we recommend exchanging or storing project files together with a checksum to ensure their integrity." - } - ] + } } \ No newline at end of file diff --git a/2021/34xxx/CVE-2021-34684.json b/2021/34xxx/CVE-2021-34684.json index 9358fa86d06..ab1d30fd917 100644 --- a/2021/34xxx/CVE-2021-34684.json +++ b/2021/34xxx/CVE-2021-34684.json @@ -1,81 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-34684", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-34684", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Hitachi Vantara Pentaho Business Analytics through 9.1 allows an unauthenticated user to execute arbitrary SQL queries on any Pentaho data source and thus retrieve data from the related databases, as demonstrated by an api/repos/dashboards/editor URI." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.hitachi.com/hirt/security/index.html", - "refsource": "MISC", - "name": "https://www.hitachi.com/hirt/security/index.html" - }, - { - "refsource": "MISC", - "name": "http://packetstormsecurity.com/files/164791/Pentaho-Business-Analytics-Pentaho-Business-Server-9.1-SQL-Injection.html", - "url": "http://packetstormsecurity.com/files/164791/Pentaho-Business-Analytics-Pentaho-Business-Server-9.1-SQL-Injection.html" - } - ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N", - "version": "3.1" - } } } \ No newline at end of file diff --git a/2021/34xxx/CVE-2021-34685.json b/2021/34xxx/CVE-2021-34685.json index 12d87c28d06..4cf51ff40fe 100644 --- a/2021/34xxx/CVE-2021-34685.json +++ b/2021/34xxx/CVE-2021-34685.json @@ -1,81 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-34685", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-34685", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "UploadService in Hitachi Vantara Pentaho Business Analytics through 9.1 does not properly verify uploaded user files, which allows an authenticated user to upload various files of different file types. Specifically, a .jsp file is not allowed, but a .jsp. file is allowed (and leads to remote code execution)." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.hitachi.com/hirt/security/index.html", - "refsource": "MISC", - "name": "https://www.hitachi.com/hirt/security/index.html" - }, - { - "refsource": "MISC", - "name": "http://packetstormsecurity.com/files/164775/Pentaho-Business-Analytics-Pentaho-Business-Server-9.1-Filename-Bypass.html", - "url": "http://packetstormsecurity.com/files/164775/Pentaho-Business-Analytics-Pentaho-Business-Server-9.1-Filename-Bypass.html" - } - ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "confidentialityImpact": "NONE", - "integrityImpact": "LOW", - "privilegesRequired": "HIGH", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AC:L/AV:N/A:N/C:N/I:L/PR:H/S:U/UI:N", - "version": "3.1" - } } } \ No newline at end of file diff --git a/2021/34xxx/CVE-2021-34701.json b/2021/34xxx/CVE-2021-34701.json index b1fd2a21f78..2dbd7f419c5 100644 --- a/2021/34xxx/CVE-2021-34701.json +++ b/2021/34xxx/CVE-2021-34701.json @@ -1,88 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "psirt@cisco.com", - "DATE_PUBLIC": "2021-11-03T16:00:00", - "ID": "CVE-2021-34701", - "STATE": "PUBLIC", - "TITLE": "Cisco Unified Communications Products Path Traversal Vulnerability" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Cisco Unity Connection ", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "Cisco" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-34701", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), and Cisco Unity Connection could allow an authenticated, remote attacker to access sensitive data on an affected device. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request that contains directory traversal character sequences to an affected system. A successful exploit could allow the attacker to access sensitive files on the affected system." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "exploit": [ - { - "lang": "eng", - "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. " - } - ], - "impact": { - "cvss": { - "baseScore": "4.3", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N ", - "version": "3.0" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-22" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "20211103 Cisco Unified Communications Products Path Traversal Vulnerability", - "refsource": "CISCO", - "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-path-trav-dKCvktvO" - } - ] - }, - "source": { - "advisory": "cisco-sa-cucm-path-trav-dKCvktvO", - "defect": [ - [ - "CSCvy64877", - "CSCvy89690", - "CSCvy89691" - ] - ], - "discovery": "INTERNAL" } } \ No newline at end of file diff --git a/2021/34xxx/CVE-2021-34731.json b/2021/34xxx/CVE-2021-34731.json index 3f870abd064..807a795250f 100644 --- a/2021/34xxx/CVE-2021-34731.json +++ b/2021/34xxx/CVE-2021-34731.json @@ -1,86 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "psirt@cisco.com", - "DATE_PUBLIC": "2021-11-03T16:00:00", - "ID": "CVE-2021-34731", - "STATE": "PUBLIC", - "TITLE": "Cisco Prime Access Registrar Stored Cross-Site Scripting Vulnerability" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Cisco Prime Access Registrar ", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "Cisco" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-34731", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability in the web-based management interface of Cisco Prime Access Registrar could allow an authenticated, remote attacker to perform a stored cross-site scripting attack on an affected system. This vulnerability exists because the web-based management interface does not sufficiently validate user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker would need valid administrative credentials. Cisco expects to release software updates that address this vulnerability." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "exploit": [ - { - "lang": "eng", - "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. " - } - ], - "impact": { - "cvss": { - "baseScore": "4.8", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N ", - "version": "3.0" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-79" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "20211103 Cisco Prime Access Registrar Stored Cross-Site Scripting Vulnerability", - "refsource": "CISCO", - "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cpar-strd-xss-A4DCVETG" - } - ] - }, - "source": { - "advisory": "cisco-sa-cpar-strd-xss-A4DCVETG", - "defect": [ - [ - "CSCvz17427" - ] - ], - "discovery": "INTERNAL" } } \ No newline at end of file diff --git a/2021/34xxx/CVE-2021-34739.json b/2021/34xxx/CVE-2021-34739.json index c34cf4eebde..6d29dff3e40 100644 --- a/2021/34xxx/CVE-2021-34739.json +++ b/2021/34xxx/CVE-2021-34739.json @@ -1,88 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "psirt@cisco.com", - "DATE_PUBLIC": "2021-11-03T16:00:00", - "ID": "CVE-2021-34739", - "STATE": "PUBLIC", - "TITLE": "Cisco Small Business Series Switches Session Credentials Replay Vulnerability" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Cisco Small Business Smart and Managed Switches ", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "Cisco" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-34739", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability in the web-based management interface of multiple Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to replay valid user session credentials and gain unauthorized access to the web-based management interface of an affected device. This vulnerability is due to insufficient expiration of session credentials. An attacker could exploit this vulnerability by conducting a man-in-the-middle attack against an affected device to intercept valid session credentials and then replaying the intercepted credentials toward the same device at a later time. A successful exploit could allow the attacker to access the web-based management interface with administrator privileges." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "exploit": [ - { - "lang": "eng", - "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. " - } - ], - "impact": { - "cvss": { - "baseScore": "8.1", - "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H ", - "version": "3.0" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-613" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "20211103 Cisco Small Business Series Switches Session Credentials Replay Vulnerability", - "refsource": "CISCO", - "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smb-switches-tokens-UzwpR4e5" - } - ] - }, - "source": { - "advisory": "cisco-sa-smb-switches-tokens-UzwpR4e5", - "defect": [ - [ - "CSCvx48953", - "CSCvx48962", - "CSCvx52310" - ] - ], - "discovery": "INTERNAL" } } \ No newline at end of file diff --git a/2021/34xxx/CVE-2021-34741.json b/2021/34xxx/CVE-2021-34741.json index 7c536058123..009bf289709 100644 --- a/2021/34xxx/CVE-2021-34741.json +++ b/2021/34xxx/CVE-2021-34741.json @@ -1,86 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "psirt@cisco.com", - "DATE_PUBLIC": "2021-11-03T16:00:00", - "ID": "CVE-2021-34741", - "STATE": "PUBLIC", - "TITLE": "Cisco Email Security Appliance Denial of Service Vulnerability" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Cisco Email Security Appliance (ESA) ", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "Cisco" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-34741", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability in the email scanning algorithm of Cisco AsyncOS software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to perform a denial of service (DoS) attack against an affected device. This vulnerability is due to insufficient input validation of incoming emails. An attacker could exploit this vulnerability by sending a crafted email through Cisco ESA. A successful exploit could allow the attacker to exhaust all the available CPU resources on an affected device for an extended period of time, preventing other emails from being processed and resulting in a DoS condition." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "exploit": [ - { - "lang": "eng", - "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. " - } - ], - "impact": { - "cvss": { - "baseScore": "7.5", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H ", - "version": "3.0" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-770" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "20211103 Cisco Email Security Appliance Denial of Service Vulnerability", - "refsource": "CISCO", - "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-dos-JOm9ETfO" - } - ] - }, - "source": { - "advisory": "cisco-sa-esa-dos-JOm9ETfO", - "defect": [ - [ - "CSCvy59938" - ] - ], - "discovery": "INTERNAL" } } \ No newline at end of file diff --git a/2021/34xxx/CVE-2021-34773.json b/2021/34xxx/CVE-2021-34773.json index 5eb8e3ba24a..c32018c5a27 100644 --- a/2021/34xxx/CVE-2021-34773.json +++ b/2021/34xxx/CVE-2021-34773.json @@ -1,87 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "psirt@cisco.com", - "DATE_PUBLIC": "2021-11-03T16:00:00", - "ID": "CVE-2021-34773", - "STATE": "PUBLIC", - "TITLE": "Cisco Unified Communications Products Cross-Site Request Forgery Vulnerability" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Cisco Unified Communications Manager ", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "Cisco" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-34773", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), and Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected device. This vulnerability is due to insufficient CSRF protections for the web-based management interface on an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the targeted user. These actions could include modifying the device configuration and deleting (but not creating) user accounts." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "exploit": [ - { - "lang": "eng", - "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. " - } - ], - "impact": { - "cvss": { - "baseScore": "6.5", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N ", - "version": "3.0" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-352" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "20211103 Cisco Unified Communications Products Cross-Site Request Forgery Vulnerability", - "refsource": "CISCO", - "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucm-csrf-xrTkDu3H" - } - ] - }, - "source": { - "advisory": "cisco-sa-ucm-csrf-xrTkDu3H", - "defect": [ - [ - "CSCvy86674", - "CSCvz73888" - ] - ], - "discovery": "INTERNAL" } } \ No newline at end of file diff --git a/2021/34xxx/CVE-2021-34774.json b/2021/34xxx/CVE-2021-34774.json index 9a80b89bff0..01d5e53f586 100644 --- a/2021/34xxx/CVE-2021-34774.json +++ b/2021/34xxx/CVE-2021-34774.json @@ -1,86 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "psirt@cisco.com", - "DATE_PUBLIC": "2021-11-03T16:00:00", - "ID": "CVE-2021-34774", - "STATE": "PUBLIC", - "TITLE": "Cisco Common Services Platform Collector Information Disclosure Vulnerability" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Cisco Common Services Platform Collector Software ", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "Cisco" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-34774", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability in the web-based management interface of Cisco Common Services Platform Collector (CSPC) could allow an authenticated, remote attacker to access sensitive data on an affected system. This vulnerability exists because the application does not sufficiently protect sensitive data when responding to a specific API request. An attacker could exploit the vulnerability by sending a crafted HTTP request to the affected application. A successful exploit could allow the attacker to obtain sensitive information about the users of the application, including security questions and answers. To exploit this vulnerability an attacker would need valid Administrator credentials. Cisco expects to release software updates that address this vulnerability." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "exploit": [ - { - "lang": "eng", - "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. " - } - ], - "impact": { - "cvss": { - "baseScore": "4.9", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N ", - "version": "3.0" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-200" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "20211103 Cisco Common Services Platform Collector Information Disclosure Vulnerability", - "refsource": "CISCO", - "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cspc-info-disc-KM3bGVL" - } - ] - }, - "source": { - "advisory": "cisco-sa-cspc-info-disc-KM3bGVL", - "defect": [ - [ - "CSCvz05854" - ] - ], - "discovery": "INTERNAL" } } \ No newline at end of file diff --git a/2021/34xxx/CVE-2021-34784.json b/2021/34xxx/CVE-2021-34784.json index d7d8cfaf945..c48835fd44d 100644 --- a/2021/34xxx/CVE-2021-34784.json +++ b/2021/34xxx/CVE-2021-34784.json @@ -1,87 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "psirt@cisco.com", - "DATE_PUBLIC": "2021-11-03T16:00:00", - "ID": "CVE-2021-34784", - "STATE": "PUBLIC", - "TITLE": "Cisco Prime Infrastructure and Evolved Programmable Network Manager Stored Cross-Site Scripting Vulnerability" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Cisco Prime Infrastructure ", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "Cisco" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-34784", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "exploit": [ - { - "lang": "eng", - "value": "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerability described in this advisory. " - } - ], - "impact": { - "cvss": { - "baseScore": "5.4", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N ", - "version": "3.0" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-79" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "20211103 Cisco Prime Infrastructure and Evolved Programmable Network Manager Stored Cross-Site Scripting Vulnerability", - "refsource": "CISCO", - "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-epnm-xss-U2JK537j" - } - ] - }, - "source": { - "advisory": "cisco-sa-pi-epnm-xss-U2JK537j", - "defect": [ - [ - "CSCvz07282", - "CSCvz09504" - ] - ], - "discovery": "INTERNAL" } } \ No newline at end of file diff --git a/2021/34xxx/CVE-2021-34795.json b/2021/34xxx/CVE-2021-34795.json index 5926e116626..9841c1f973f 100644 --- a/2021/34xxx/CVE-2021-34795.json +++ b/2021/34xxx/CVE-2021-34795.json @@ -1,88 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "psirt@cisco.com", - "DATE_PUBLIC": "2021-11-03T16:00:00", - "ID": "CVE-2021-34795", - "STATE": "PUBLIC", - "TITLE": "Cisco Catalyst PON Series Switches Optical Network Terminal Vulnerabilities" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Cisco Catalyst PON Series ", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "Cisco" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-34795", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Multiple vulnerabilities in the web-based management interface of the Cisco Catalyst Passive Optical Network (PON) Series Switches Optical Network Terminal (ONT) could allow an unauthenticated, remote attacker to perform the following actions: Log in with a default credential if the Telnet protocol is enabled Perform command injection Modify the configuration For more information about these vulnerabilities, see the Details section of this advisory." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "exploit": [ - { - "lang": "eng", - "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. " - } - ], - "impact": { - "cvss": { - "baseScore": "10.0", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H ", - "version": "3.0" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-284" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "20211103 Cisco Catalyst PON Series Switches Optical Network Terminal Vulnerabilities", - "refsource": "CISCO", - "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catpon-multivulns-CE3DSYGr" - } - ] - }, - "source": { - "advisory": "cisco-sa-catpon-multivulns-CE3DSYGr", - "defect": [ - [ - "CSCvz61943", - "CSCvz61948", - "CSCvz67097" - ] - ], - "discovery": "INTERNAL" } } \ No newline at end of file diff --git a/2021/35xxx/CVE-2021-35053.json b/2021/35xxx/CVE-2021-35053.json index c0ecc8ed594..5563346c8b6 100644 --- a/2021/35xxx/CVE-2021-35053.json +++ b/2021/35xxx/CVE-2021-35053.json @@ -4,63 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-35053", - "ASSIGNER": "vulnerability@kaspersky.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "Kaspersky Endpoint Security for Windows", - "version": { - "version_data": [ - { - "version_value": "KES versions from 11.1 to 11.6 (inclusively)" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "DoS" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://support.kaspersky.com/general/vulnerability.aspx?el=12430#01112021", - "url": "https://support.kaspersky.com/general/vulnerability.aspx?el=12430#01112021" - }, - { - "refsource": "MISC", - "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1280/", - "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1280/" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Possible system denial of service in case of arbitrary changing Firefox browser parameters. An attacker could change specific Firefox browser parameters file in a certain way and then reboot the system to make the system unbootable." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/35xxx/CVE-2021-35197.json b/2021/35xxx/CVE-2021-35197.json index b2f79e9eb34..0ac744c0b13 100644 --- a/2021/35xxx/CVE-2021-35197.json +++ b/2021/35xxx/CVE-2021-35197.json @@ -86,11 +86,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-56d8173b5e", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CJDYJQWT43GBD6GNQ4OW7JOZ6WQ6DZTN/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-3dd1b66cbf", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDBPECBWN6LWNSWIQMVXK6PP4YFEUYHA/" } ] } diff --git a/2021/35xxx/CVE-2021-35368.json b/2021/35xxx/CVE-2021-35368.json index 922b3f491f1..273efca7df2 100644 --- a/2021/35xxx/CVE-2021-35368.json +++ b/2021/35xxx/CVE-2021-35368.json @@ -1,76 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-35368", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-35368", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "OWASP ModSecurity Core Rule Set 3.1.x before 3.1.2, 3.2.x before 3.2.1, and 3.3.x before 3.3.2 is affected by a Request Body Bypass via a trailing pathname." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://owasp.org/www-project-modsecurity-core-rule-set/", - "url": "https://owasp.org/www-project-modsecurity-core-rule-set/" - }, - { - "refsource": "MISC", - "name": "https://portswigger.net/daily-swig/lessons-learned-how-a-severe-vulnerability-in-the-owasp-modsecurity-core-rule-set-sparked-much-needed-change", - "url": "https://portswigger.net/daily-swig/lessons-learned-how-a-severe-vulnerability-in-the-owasp-modsecurity-core-rule-set-sparked-much-needed-change" - }, - { - "refsource": "CONFIRM", - "name": "https://portswigger.net/daily-swig/waf-bypass-severe-owasp-modsecurity-core-rule-set-bug-was-present-for-several-years", - "url": "https://portswigger.net/daily-swig/waf-bypass-severe-owasp-modsecurity-core-rule-set-bug-was-present-for-several-years" - }, - { - "refsource": "CONFIRM", - "name": "https://coreruleset.org/20210630/cve-2021-35368-crs-request-body-bypass/", - "url": "https://coreruleset.org/20210630/cve-2021-35368-crs-request-body-bypass/" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/35xxx/CVE-2021-35488.json b/2021/35xxx/CVE-2021-35488.json index df35e570d1f..5674fd08d46 100644 --- a/2021/35xxx/CVE-2021-35488.json +++ b/2021/35xxx/CVE-2021-35488.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-35488", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-35488", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Thruk 2.40-2 allows /thruk/#cgi-bin/status.cgi?style=combined&title={TITLE] Reflected XSS via the host or title parameter. An attacker could inject arbitrary JavaScript into status.cgi. The payload would be triggered every time an authenticated user browses the page containing it." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://www.gruppotim.it/redteam", - "url": "https://www.gruppotim.it/redteam" - }, - { - "url": "https://www.thruk.org/changelog.html", - "refsource": "MISC", - "name": "https://www.thruk.org/changelog.html" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/35xxx/CVE-2021-35489.json b/2021/35xxx/CVE-2021-35489.json index 24aebeaac50..8fcfa291a70 100644 --- a/2021/35xxx/CVE-2021-35489.json +++ b/2021/35xxx/CVE-2021-35489.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-35489", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-35489", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Thruk 2.40-2 allows /thruk/#cgi-bin/extinfo.cgi?type=2&host={HOSTNAME]&service={SERVICENAME]&backend={BACKEND] Reflected XSS via the host or service parameter. An attacker could inject arbitrary JavaScript into extinfo.cgi. The malicious payload would be triggered every time an authenticated user browses the page containing it." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://www.gruppotim.it/redteam", - "url": "https://www.gruppotim.it/redteam" - }, - { - "url": "https://www.thruk.org/changelog.html", - "refsource": "MISC", - "name": "https://www.thruk.org/changelog.html" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/35xxx/CVE-2021-35496.json b/2021/35xxx/CVE-2021-35496.json index 2386ddc5e1d..bb2ae45dd59 100644 --- a/2021/35xxx/CVE-2021-35496.json +++ b/2021/35xxx/CVE-2021-35496.json @@ -2,7 +2,6 @@ "CVE_data_meta": { "ASSIGNER": "security@tibco.com", "DATE_PUBLIC": "2021-10-12T17:00:00Z", - "UPDATED": "2021-11-02T17:00:00Z", "ID": "CVE-2021-35496", "STATE": "PUBLIC", "TITLE": "TIBCO JasperReports XML Eternal Entity (XXE) vulnerability" @@ -136,7 +135,7 @@ "description_data": [ { "lang": "eng", - "value": "The XMLA Connections component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server - Community Edition, TIBCO JasperReports Server - Developer Edition, TIBCO JasperReports Server for AWS Marketplace, TIBCO JasperReports Server for ActiveMatrix BPM, and TIBCO JasperReports Server for Microsoft Azure contains a difficult to exploit vulnerability that allows a low privileged attacker with network access to interfere with XML processing in the affected component. Affected releases are TIBCO Software Inc.'s TIBCO JasperReports Server: versions 7.2.1 and below, TIBCO JasperReports Server: versions 7.5.0 and 7.5.1, TIBCO JasperReports Server: version 7.8.0, TIBCO JasperReports Server: version 7.9.0, TIBCO JasperReports Server - Community Edition: versions 7.8.0 and below, TIBCO JasperReports Server - Developer Edition: versions 7.9.0 and below, TIBCO JasperReports Server for AWS Marketplace: versions 7.9.0 and below, TIBCO JasperReports Server for ActiveMatrix BPM: versions 7.9.0 and below, and TIBCO JasperReports Server for Microsoft Azure: version 7.8.0." + "value": "The XMLA Connections component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server - Community Edition, TIBCO JasperReports Server - Developer Edition, TIBCO JasperReports Server for AWS Marketplace, TIBCO JasperReports Server for ActiveMatrix BPM, and TIBCO JasperReports Server for Microsoft Azure contains a difficult to exploit vulnerability that allows a low privileged attacker with network access to interfere with XML processing in the affected component. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s TIBCO JasperReports Server: versions 7.2.1 and below, TIBCO JasperReports Server: versions 7.5.0 and 7.5.1, TIBCO JasperReports Server: version 7.8.0, TIBCO JasperReports Server: version 7.9.0, TIBCO JasperReports Server - Community Edition: versions 7.8.0 and below, TIBCO JasperReports Server - Developer Edition: versions 7.9.0 and below, TIBCO JasperReports Server for AWS Marketplace: versions 7.9.0 and below, TIBCO JasperReports Server for ActiveMatrix BPM: versions 7.9.0 and below, and TIBCO JasperReports Server for Microsoft Azure: version 7.8.0." } ] }, @@ -144,15 +143,15 @@ "cvss": { "attackComplexity": "HIGH", "attackVector": "NETWORK", - "availabilityImpact": "HIGH", - "baseScore": 7.5, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", + "availabilityImpact": "LOW", + "baseScore": 4.6, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L", "version": "3.0" } }, @@ -162,7 +161,7 @@ "description": [ { "lang": "eng", - "value": "Successful execution of this vulnerability can result in unauthorized read, update, insert or delete access to the affected systems data and the ability to cause a denial of service (DOS) on the affected system." + "value": "Successful execution of this vulnerability can result in unauthorized read access, as well as unauthorized update, insert or delete access to a subset of the affected systems data and the ability to cause a partial denial of service (partial DOS) on the affected system." } ] } @@ -174,6 +173,11 @@ "name": "https://www.tibco.com/services/support/advisories", "refsource": "CONFIRM", "url": "https://www.tibco.com/services/support/advisories" + }, + { + "refsource": "CONFIRM", + "name": "https://www.tibco.com/support/advisories/2021/10/tibco-security-advisory-october-12-2021-tibco-jasperreports-server-2021-35496", + "url": "https://www.tibco.com/support/advisories/2021/10/tibco-security-advisory-october-12-2021-tibco-jasperreports-server-2021-35496" } ] }, diff --git a/2021/35xxx/CVE-2021-35550.json b/2021/35xxx/CVE-2021-35550.json index 5b6609469e9..46c0835aba6 100644 --- a/2021/35xxx/CVE-2021-35550.json +++ b/2021/35xxx/CVE-2021-35550.json @@ -105,26 +105,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-1cc8ffd122", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-eb3e3e87d3", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-107c8c5063", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" - }, - { - "refsource": "DEBIAN", - "name": "DSA-5000", - "url": "https://www.debian.org/security/2021/dsa-5000" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211109 [SECURITY] [DLA 2814-1] openjdk-8 security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html" } ] } diff --git a/2021/35xxx/CVE-2021-35556.json b/2021/35xxx/CVE-2021-35556.json index 6c6c0fb6bb9..0eb8121f0ff 100644 --- a/2021/35xxx/CVE-2021-35556.json +++ b/2021/35xxx/CVE-2021-35556.json @@ -99,36 +99,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-7701833090", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-9a51a6f8b1", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V362B2BWTH5IJDL45QPQGMBKIQOG7JX5/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-1cc8ffd122", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-eb3e3e87d3", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-107c8c5063", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" - }, - { - "refsource": "DEBIAN", - "name": "DSA-5000", - "url": "https://www.debian.org/security/2021/dsa-5000" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211109 [SECURITY] [DLA 2814-1] openjdk-8 security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html" } ] } diff --git a/2021/35xxx/CVE-2021-35559.json b/2021/35xxx/CVE-2021-35559.json index cdf479c6133..ee44af3a878 100644 --- a/2021/35xxx/CVE-2021-35559.json +++ b/2021/35xxx/CVE-2021-35559.json @@ -99,36 +99,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-7701833090", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-9a51a6f8b1", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V362B2BWTH5IJDL45QPQGMBKIQOG7JX5/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-1cc8ffd122", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-eb3e3e87d3", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-107c8c5063", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" - }, - { - "refsource": "DEBIAN", - "name": "DSA-5000", - "url": "https://www.debian.org/security/2021/dsa-5000" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211109 [SECURITY] [DLA 2814-1] openjdk-8 security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html" } ] } diff --git a/2021/35xxx/CVE-2021-35561.json b/2021/35xxx/CVE-2021-35561.json index 3e59646f8a1..eb643cde666 100644 --- a/2021/35xxx/CVE-2021-35561.json +++ b/2021/35xxx/CVE-2021-35561.json @@ -99,36 +99,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-7701833090", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-9a51a6f8b1", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V362B2BWTH5IJDL45QPQGMBKIQOG7JX5/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-1cc8ffd122", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-eb3e3e87d3", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-107c8c5063", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" - }, - { - "refsource": "DEBIAN", - "name": "DSA-5000", - "url": "https://www.debian.org/security/2021/dsa-5000" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211109 [SECURITY] [DLA 2814-1] openjdk-8 security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html" } ] } diff --git a/2021/35xxx/CVE-2021-35564.json b/2021/35xxx/CVE-2021-35564.json index 258ecbcfb76..3e5260b5cd9 100644 --- a/2021/35xxx/CVE-2021-35564.json +++ b/2021/35xxx/CVE-2021-35564.json @@ -99,36 +99,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-7701833090", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-9a51a6f8b1", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V362B2BWTH5IJDL45QPQGMBKIQOG7JX5/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-1cc8ffd122", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-eb3e3e87d3", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-107c8c5063", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" - }, - { - "refsource": "DEBIAN", - "name": "DSA-5000", - "url": "https://www.debian.org/security/2021/dsa-5000" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211109 [SECURITY] [DLA 2814-1] openjdk-8 security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html" } ] } diff --git a/2021/35xxx/CVE-2021-35565.json b/2021/35xxx/CVE-2021-35565.json index d6570baf498..770fb625a05 100644 --- a/2021/35xxx/CVE-2021-35565.json +++ b/2021/35xxx/CVE-2021-35565.json @@ -105,26 +105,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-1cc8ffd122", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-eb3e3e87d3", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-107c8c5063", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" - }, - { - "refsource": "DEBIAN", - "name": "DSA-5000", - "url": "https://www.debian.org/security/2021/dsa-5000" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211109 [SECURITY] [DLA 2814-1] openjdk-8 security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html" } ] } diff --git a/2021/35xxx/CVE-2021-35567.json b/2021/35xxx/CVE-2021-35567.json index fc4556249b9..dddd79ce933 100644 --- a/2021/35xxx/CVE-2021-35567.json +++ b/2021/35xxx/CVE-2021-35567.json @@ -90,26 +90,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-7701833090", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-1cc8ffd122", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-107c8c5063", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" - }, - { - "refsource": "DEBIAN", - "name": "DSA-5000", - "url": "https://www.debian.org/security/2021/dsa-5000" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211109 [SECURITY] [DLA 2814-1] openjdk-8 security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html" } ] } diff --git a/2021/35xxx/CVE-2021-35578.json b/2021/35xxx/CVE-2021-35578.json index 9dee12130cd..9d294e0c22f 100644 --- a/2021/35xxx/CVE-2021-35578.json +++ b/2021/35xxx/CVE-2021-35578.json @@ -95,21 +95,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-1cc8ffd122", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-107c8c5063", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" - }, - { - "refsource": "DEBIAN", - "name": "DSA-5000", - "url": "https://www.debian.org/security/2021/dsa-5000" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211109 [SECURITY] [DLA 2814-1] openjdk-8 security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html" } ] } diff --git a/2021/35xxx/CVE-2021-35586.json b/2021/35xxx/CVE-2021-35586.json index 1eb0c86b442..93dd5669d29 100644 --- a/2021/35xxx/CVE-2021-35586.json +++ b/2021/35xxx/CVE-2021-35586.json @@ -99,21 +99,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-1cc8ffd122", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-107c8c5063", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" - }, - { - "refsource": "DEBIAN", - "name": "DSA-5000", - "url": "https://www.debian.org/security/2021/dsa-5000" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211109 [SECURITY] [DLA 2814-1] openjdk-8 security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html" } ] } diff --git a/2021/35xxx/CVE-2021-35588.json b/2021/35xxx/CVE-2021-35588.json index 967764589ac..761d2200349 100644 --- a/2021/35xxx/CVE-2021-35588.json +++ b/2021/35xxx/CVE-2021-35588.json @@ -91,16 +91,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-1cc8ffd122", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-107c8c5063", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211109 [SECURITY] [DLA 2814-1] openjdk-8 security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html" } ] } diff --git a/2021/35xxx/CVE-2021-35603.json b/2021/35xxx/CVE-2021-35603.json index 62a2cd243fe..0e1087e1afd 100644 --- a/2021/35xxx/CVE-2021-35603.json +++ b/2021/35xxx/CVE-2021-35603.json @@ -99,21 +99,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-1cc8ffd122", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-107c8c5063", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" - }, - { - "refsource": "DEBIAN", - "name": "DSA-5000", - "url": "https://www.debian.org/security/2021/dsa-5000" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211109 [SECURITY] [DLA 2814-1] openjdk-8 security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html" } ] } diff --git a/2021/35xxx/CVE-2021-35976.json b/2021/35xxx/CVE-2021-35976.json index 676c943dd29..c37f5ac0537 100644 --- a/2021/35xxx/CVE-2021-35976.json +++ b/2021/35xxx/CVE-2021-35976.json @@ -52,11 +52,6 @@ }, "references": { "reference_data": [ - { - "refsource": "MISC", - "name": "https://www.bouali.io/cves/cve-2021-35976", - "url": "https://www.bouali.io/cves/cve-2021-35976" - }, { "refsource": "CONFIRM", "name": "https://support.plesk.com/hc/en-us/articles/4402990507026", diff --git a/2021/36xxx/CVE-2021-36172.json b/2021/36xxx/CVE-2021-36172.json index 60e363577ce..cadc9451f54 100644 --- a/2021/36xxx/CVE-2021-36172.json +++ b/2021/36xxx/CVE-2021-36172.json @@ -4,74 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-36172", - "ASSIGNER": "psirt@fortinet.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Fortinet", - "product": { - "product_data": [ - { - "product_name": "Fortinet FortiPortal", - "version": { - "version_data": [ - { - "version_value": "FortiPortal before 6.0.6" - } - ] - } - } - ] - } - } - ] - } - }, - "impact": { - "cvss": { - "attackComplexity": "Low", - "attackVector": "Network", - "availabilityImpact": "None", - "baseScore": 3.8, - "baseSeverity": "Low", - "confidentialityImpact": "Low", - "integrityImpact": "None", - "privilegesRequired": "Low", - "scope": "Unchanged", - "userInteraction": "None", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:W/RC:C", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Information disclosure" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "CONFIRM", - "name": "https://fortiguard.com/advisory/FG-IR-21-104", - "url": "https://fortiguard.com/advisory/FG-IR-21-104" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "An improper restriction of XML external entity reference vulnerability in the parser of XML responses of FortiPortal before 6.0.6 may allow an attacker who controls the producer of XML reports consumed by FortiPortal to trigger a denial of service or read arbitrary files from the underlying file system by means of specifically crafted XML documents." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/36xxx/CVE-2021-36174.json b/2021/36xxx/CVE-2021-36174.json index 12cd77e2274..86487e79597 100644 --- a/2021/36xxx/CVE-2021-36174.json +++ b/2021/36xxx/CVE-2021-36174.json @@ -4,74 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-36174", - "ASSIGNER": "psirt@fortinet.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Fortinet", - "product": { - "product_data": [ - { - "product_name": "Fortinet FortiPortal", - "version": { - "version_data": [ - { - "version_value": "FortiPortal before 6.0.6" - } - ] - } - } - ] - } - } - ] - } - }, - "impact": { - "cvss": { - "attackComplexity": "Low", - "attackVector": "Network", - "availabilityImpact": "Low", - "baseScore": 4.1, - "baseSeverity": "Medium", - "confidentialityImpact": "None", - "integrityImpact": "None", - "privilegesRequired": "None", - "scope": "Unchanged", - "userInteraction": "Required", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:U/RC:C", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Denial of service" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "CONFIRM", - "name": "https://fortiguard.com/advisory/FG-IR-21-109", - "url": "https://fortiguard.com/advisory/FG-IR-21-109" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A memory allocation with excessive size value vulnerability in the license verification function of FortiPortal before 6.0.6 may allow an attacker to perform a denial of service attack via specially crafted license blobs." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/36xxx/CVE-2021-36176.json b/2021/36xxx/CVE-2021-36176.json index 17f95897aaa..4b78c39b91b 100644 --- a/2021/36xxx/CVE-2021-36176.json +++ b/2021/36xxx/CVE-2021-36176.json @@ -4,74 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-36176", - "ASSIGNER": "psirt@fortinet.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Fortinet", - "product": { - "product_data": [ - { - "product_name": "Fortinet FortiPortal", - "version": { - "version_data": [ - { - "version_value": "FortiPortal before 6.0.6" - } - ] - } - } - ] - } - } - ] - } - }, - "impact": { - "cvss": { - "attackComplexity": "Low", - "attackVector": "Network", - "availabilityImpact": "None", - "baseScore": 5.8, - "baseSeverity": "Medium", - "confidentialityImpact": "Low", - "integrityImpact": "Low", - "privilegesRequired": "None", - "scope": "Changed", - "userInteraction": "Required", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:P/RL:U/RC:C", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Execute unauthorized code or commands" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "CONFIRM", - "name": "https://fortiguard.com/advisory/FG-IR-21-100", - "url": "https://fortiguard.com/advisory/FG-IR-21-100" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Multiple uncontrolled resource consumption vulnerabilities in the web interface of FortiPortal before 6.0.6 may allow a single low-privileged user to induce a denial of service via multiple HTTP requests." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/36xxx/CVE-2021-36181.json b/2021/36xxx/CVE-2021-36181.json index ac62c50c151..088cd88c7f6 100644 --- a/2021/36xxx/CVE-2021-36181.json +++ b/2021/36xxx/CVE-2021-36181.json @@ -4,74 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-36181", - "ASSIGNER": "psirt@fortinet.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Fortinet", - "product": { - "product_data": [ - { - "product_name": "Fortinet FortiPortal", - "version": { - "version_data": [ - { - "version_value": "FortiPortal before 6.0.6" - } - ] - } - } - ] - } - } - ] - } - }, - "impact": { - "cvss": { - "attackComplexity": "High", - "attackVector": "Network", - "availabilityImpact": "None", - "baseScore": 3.0, - "baseSeverity": "Low", - "confidentialityImpact": "None", - "integrityImpact": "Low", - "privilegesRequired": "Low", - "scope": "Unchanged", - "userInteraction": "None", - "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:U/RC:C", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Denial of service" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "CONFIRM", - "name": "https://fortiguard.com/advisory/FG-IR-21-102", - "url": "https://fortiguard.com/advisory/FG-IR-21-102" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A concurrent execution using shared resource with improper Synchronization vulnerability ('Race Condition') in the customer database interface of FortiPortal before 6.0.6 may allow an authenticated, low-privilege user to bring the underlying database data into an inconsistent state via specific coordination of web requests." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/36xxx/CVE-2021-36183.json b/2021/36xxx/CVE-2021-36183.json index b18d9a0f570..10dd0ad77b6 100644 --- a/2021/36xxx/CVE-2021-36183.json +++ b/2021/36xxx/CVE-2021-36183.json @@ -4,74 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-36183", - "ASSIGNER": "psirt@fortinet.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Fortinet", - "product": { - "product_data": [ - { - "product_name": "Fortinet FortiClientWindows", - "version": { - "version_data": [ - { - "version_value": "FortiClientWindows 7.0.1, 7.0.0, 6.4.2, 6.4.1, 6.4.0" - } - ] - } - } - ] - } - } - ] - } - }, - "impact": { - "cvss": { - "attackComplexity": "High", - "attackVector": "Local", - "availabilityImpact": "High", - "baseScore": 7.2, - "baseSeverity": "High", - "confidentialityImpact": "High", - "integrityImpact": "High", - "privilegesRequired": "None", - "scope": "Unchanged", - "userInteraction": "None", - "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:X/RC:X", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Execute unauthorized code or commands" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "CONFIRM", - "name": "https://fortiguard.com/advisory/FG-IR-20-079", - "url": "https://fortiguard.com/advisory/FG-IR-20-079" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "An improper authorization vulnerability [CWE-285] in FortiClient for Windows versions 7.0.1 and below and 6.4.2 and below may allow a local unprivileged attacker to escalate their privileges to SYSTEM via the named pipe responsible for Forticlient updates." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/36xxx/CVE-2021-36184.json b/2021/36xxx/CVE-2021-36184.json index a638e50950f..1c5ba4093f9 100644 --- a/2021/36xxx/CVE-2021-36184.json +++ b/2021/36xxx/CVE-2021-36184.json @@ -4,74 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-36184", - "ASSIGNER": "psirt@fortinet.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Fortinet", - "product": { - "product_data": [ - { - "product_name": "Fortinet FortiWLM", - "version": { - "version_data": [ - { - "version_value": "FortiWLM 8.6.1, 8.6.0, 8.5.2, 8.5.1, 8.5.0, 8.4.2, 8.4.1, 8.4.0, 8.3.2, 8.3.1, 8.3.0, 8.2.2" - } - ] - } - } - ] - } - } - ] - } - }, - "impact": { - "cvss": { - "attackComplexity": "Low", - "attackVector": "Network", - "availabilityImpact": "High", - "baseScore": 8.3, - "baseSeverity": "High", - "confidentialityImpact": "High", - "integrityImpact": "High", - "privilegesRequired": "Low", - "scope": "Unchanged", - "userInteraction": "None", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:C", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Information disclosure" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "CONFIRM", - "name": "https://fortiguard.com/advisory/FG-IR-21-107", - "url": "https://fortiguard.com/advisory/FG-IR-21-107" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A improper neutralization of Special Elements used in an SQL Command ('SQL Injection') in Fortinet FortiWLM version 8.6.1 and below allows attacker to disclosure device, users and database information via crafted HTTP requests." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/36xxx/CVE-2021-36185.json b/2021/36xxx/CVE-2021-36185.json index 3f42d013c64..c593e39cde0 100644 --- a/2021/36xxx/CVE-2021-36185.json +++ b/2021/36xxx/CVE-2021-36185.json @@ -4,74 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-36185", - "ASSIGNER": "psirt@fortinet.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Fortinet", - "product": { - "product_data": [ - { - "product_name": "Fortinet FortiWLM", - "version": { - "version_data": [ - { - "version_value": "FortiWLM 8.6.1, 8.6.0, 8.5.2, 8.5.1, 8.5.0, 8.4.2, 8.4.1, 8.4.0, 8.3.2, 8.3.1, 8.3.0, 8.2.2" - } - ] - } - } - ] - } - } - ] - } - }, - "impact": { - "cvss": { - "attackComplexity": "Low", - "attackVector": "Network", - "availabilityImpact": "High", - "baseScore": 8.3, - "baseSeverity": "High", - "confidentialityImpact": "High", - "integrityImpact": "High", - "privilegesRequired": "Low", - "scope": "Unchanged", - "userInteraction": "None", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:C", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Execute unauthorized code or commands" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "CONFIRM", - "name": "https://fortiguard.com/advisory/FG-IR-21-110", - "url": "https://fortiguard.com/advisory/FG-IR-21-110" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A improper neutralization of special elements used in an OS command ('OS Command Injection') in Fortinet FortiWLM version 8.6.1 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/36xxx/CVE-2021-36186.json b/2021/36xxx/CVE-2021-36186.json index 25e7fdcccd7..3ee4e49c928 100644 --- a/2021/36xxx/CVE-2021-36186.json +++ b/2021/36xxx/CVE-2021-36186.json @@ -4,74 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-36186", - "ASSIGNER": "psirt@fortinet.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Fortinet", - "product": { - "product_data": [ - { - "product_name": "Fortinet FortiWeb", - "version": { - "version_data": [ - { - "version_value": "FortiWeb 6.4.0, 6.3.15, 6.3.14, 6.3.13, 6.3.12, 6.3.11, 6.3.10, 6.3.9, 6.3.8, 6.3.7, 6.3.6, 6.3.5, 6.3.4, 6.3.3, 6.3.2, 6.3.1, 6.3.0, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0" - } - ] - } - } - ] - } - } - ] - } - }, - "impact": { - "cvss": { - "attackComplexity": "Low", - "attackVector": "Adjacent", - "availabilityImpact": "High", - "baseScore": 8.3, - "baseSeverity": "High", - "confidentialityImpact": "High", - "integrityImpact": "High", - "privilegesRequired": "None", - "scope": "Unchanged", - "userInteraction": "None", - "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:C", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Execute unauthorized code or commands" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "CONFIRM", - "name": "https://fortiguard.com/advisory/FG-IR-21-119", - "url": "https://fortiguard.com/advisory/FG-IR-21-119" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A stack-based buffer overflow in Fortinet FortiWeb version 6.4.0, version 6.3.15 and below, 6.2.5 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/36xxx/CVE-2021-36187.json b/2021/36xxx/CVE-2021-36187.json index 54bb5831f51..fc7f7758f82 100644 --- a/2021/36xxx/CVE-2021-36187.json +++ b/2021/36xxx/CVE-2021-36187.json @@ -4,74 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-36187", - "ASSIGNER": "psirt@fortinet.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Fortinet", - "product": { - "product_data": [ - { - "product_name": "Fortinet FortiWeb", - "version": { - "version_data": [ - { - "version_value": "FortiWeb 6.4.0, 6.3.15, 6.3.14, 6.3.13, 6.3.12, 6.3.11, 6.3.10, 6.3.9, 6.3.8, 6.3.7, 6.3.6, 6.3.5, 6.3.4, 6.3.3, 6.3.2, 6.3.1, 6.3.0, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.1.2, 6.1.1, 6.1.0, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.9.1, 5.9.0, 5.8.7, 5.8.6, 5.8.5, 5.8.3, 5.8.2, 5.8.1, 5.8.0, 5.7.3, 5.7.2, 5.7.1, 5.7.0, 5.6.2, 5.6.1, 5.6.0, 5.5.7, 5.5.6, 5.5.5, 5.5.4, 5.5.3, 5.5.2, 5.5.1, 5.5.0, 5.4.1, 5.4.0, 5.3.9, 5.3.8, 5.3.7, 5.3.6, 5.3.5, 5.3.4, 5.3.3, 5.3.2, 5.3.1, 5.3.0, 5.2.4, 5.2.3, 5.2.2, 5.2.1, 5.2.0, 5.1.4, 5.1.3, 5.1.2, 5.1.1, 5.1.0, 5.0.6, 5.0.5, 5.0.4, 5.0.3, 5.0.2, 5.0.1, 5.0.0, 4.4.7, 4.4.6, 4.4.5, 4.4.4, 4.4.3, 4.4.2, 4.4.1, 4.4.0, 4.3.7, 4.3.6, 4.3.5, 4.3.4, 4.3.3, 4.3.2, 4.3.1, 4.2.4, 4.2.3, 4.2.2, 4.2.0, 4.1.2, 4.1.1, 4.1.0, 4.0.2, 3.0.0" - } - ] - } - } - ] - } - } - ] - } - }, - "impact": { - "cvss": { - "attackComplexity": "Low", - "attackVector": "Network", - "availabilityImpact": "Low", - "baseScore": 5.0, - "baseSeverity": "Medium", - "confidentialityImpact": "None", - "integrityImpact": "None", - "privilegesRequired": "None", - "scope": "Unchanged", - "userInteraction": "None", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:C", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Denial of service" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "CONFIRM", - "name": "https://fortiguard.com/advisory/FG-IR-21-039", - "url": "https://fortiguard.com/advisory/FG-IR-21-039" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A uncontrolled resource consumption in Fortinet FortiWeb version 6.4.0, version 6.3.15 and below, 6.2.5 and below allows attacker to cause a denial of service for webserver daemon via crafted HTTP requests" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/36xxx/CVE-2021-36192.json b/2021/36xxx/CVE-2021-36192.json index 58ad6c9972b..41c63ac27db 100644 --- a/2021/36xxx/CVE-2021-36192.json +++ b/2021/36xxx/CVE-2021-36192.json @@ -4,74 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-36192", - "ASSIGNER": "psirt@fortinet.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Fortinet", - "product": { - "product_data": [ - { - "product_name": "Fortinet FortiManager", - "version": { - "version_data": [ - { - "version_value": "FortiManager 7.0.1 and below, 6.4.6 and below, 6.2.x, 6.0.x, 5.6.0" - } - ] - } - } - ] - } - } - ] - } - }, - "impact": { - "cvss": { - "attackComplexity": "Low", - "attackVector": "Local", - "availabilityImpact": "None", - "baseScore": 5.1, - "baseSeverity": "Medium", - "confidentialityImpact": "Low", - "integrityImpact": "Low", - "privilegesRequired": "Low", - "scope": "Changed", - "userInteraction": "None", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N/E:F/RL:U/RC:C", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Information disclosure" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "CONFIRM", - "name": "https://fortiguard.com/advisory/FG-IR-21-103", - "url": "https://fortiguard.com/advisory/FG-IR-21-103" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in FortiManager 7.0.1 and below, 6.4.6 and below, 6.2.x, 6.0.x, 5.6.0 may allow a FortiGate user to see scripts from other ADOMS." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/36xxx/CVE-2021-36222.json b/2021/36xxx/CVE-2021-36222.json index e8f358106a7..a21ef54f010 100644 --- a/2021/36xxx/CVE-2021-36222.json +++ b/2021/36xxx/CVE-2021-36222.json @@ -81,11 +81,6 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20211022-0003/", "url": "https://security.netapp.com/advisory/ntap-20211022-0003/" - }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20211104-0007/", - "url": "https://security.netapp.com/advisory/ntap-20211104-0007/" } ] } diff --git a/2021/36xxx/CVE-2021-36560.json b/2021/36xxx/CVE-2021-36560.json index 883dc5928e5..78bc494f421 100644 --- a/2021/36xxx/CVE-2021-36560.json +++ b/2021/36xxx/CVE-2021-36560.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-36560", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36560", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Phone Shop Sales Managements System using PHP with Source Code 1.0 is vulnerable to authentication bypass which leads to account takeover of the admin." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.sourcecodester.com/", - "refsource": "MISC", - "name": "https://www.sourcecodester.com/" - }, - { - "refsource": "MISC", - "name": "https://pratikkhalane91.medium.com/cve-2021-35559-bb62022dd08a", - "url": "https://pratikkhalane91.medium.com/cve-2021-35559-bb62022dd08a" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/36xxx/CVE-2021-36697.json b/2021/36xxx/CVE-2021-36697.json index 54d275fd9f6..e4226450d3e 100644 --- a/2021/36xxx/CVE-2021-36697.json +++ b/2021/36xxx/CVE-2021-36697.json @@ -1,71 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-36697", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36697", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "With an admin account, the .htaccess file in Artica Pandora FMS <=755 can be overwritten with the File Manager component. The new .htaccess file contains a Rewrite Rule with a type definition. A normal PHP file can be uploaded with this new \"file type\" and the code can be executed with an HTTP request." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "http://artica.com", - "refsource": "MISC", - "name": "http://artica.com" - }, - { - "url": "http://pandora.com", - "refsource": "MISC", - "name": "http://pandora.com" - }, - { - "refsource": "MISC", - "name": "https://k4m1ll0.com/chained_exploit_htaccess.html", - "url": "https://k4m1ll0.com/chained_exploit_htaccess.html" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/36xxx/CVE-2021-36698.json b/2021/36xxx/CVE-2021-36698.json index e8d8eb6620c..49a4f55be93 100644 --- a/2021/36xxx/CVE-2021-36698.json +++ b/2021/36xxx/CVE-2021-36698.json @@ -1,71 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-36698", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36698", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Pandora FMS through 755 allows XSS via a new Event Filter with a crafted name." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "http://artica.com", - "refsource": "MISC", - "name": "http://artica.com" - }, - { - "url": "http://pandora.com", - "refsource": "MISC", - "name": "http://pandora.com" - }, - { - "refsource": "MISC", - "name": "https://k4m1ll0.com/chained_exploit_htaccess.html", - "url": "https://k4m1ll0.com/chained_exploit_htaccess.html" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/36xxx/CVE-2021-36794.json b/2021/36xxx/CVE-2021-36794.json index d38d7524d55..a5af78bfcca 100644 --- a/2021/36xxx/CVE-2021-36794.json +++ b/2021/36xxx/CVE-2021-36794.json @@ -1,75 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-36794", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36794", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "In Siren Investigate before 11.1.4, when enabling the cluster feature of the Siren Alert application, TLS verifications are disabled globally in the Siren Investigate main process." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://community.siren.io/c/announcements", - "refsource": "MISC", - "name": "https://community.siren.io/c/announcements" - }, - { - "url": "https://docs.siren.io/index", - "refsource": "MISC", - "name": "https://docs.siren.io/index" - }, - { - "refsource": "MISC", - "name": "https://docs.siren.io/siren-platform-user-guide/11.1/release-notes.html#_security_fixes_3", - "url": "https://docs.siren.io/siren-platform-user-guide/11.1/release-notes.html#_security_fixes_3" - } - ] - }, - "source": { - "discovery": "INTERNAL" } } \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36799.json b/2021/36xxx/CVE-2021-36799.json index e94d92aa8d7..bf8862b8511 100644 --- a/2021/36xxx/CVE-2021-36799.json +++ b/2021/36xxx/CVE-2021-36799.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "** UNSUPPORTED WHEN ASSIGNED ** KNX ETS5 through 5.7.6 uses the hard-coded password ETS5Password, with a salt value of Ivan Medvedev, allowing local users to read project information. NOTE: This vulnerability only affects products that are no longer supported by the maintainer." + "value": "Hard-coded password and salt for encryption of project files in KNX Association's ETS5 (all versions up to v5.7.6) allows a local unprivileged user to access cryptographic keys of KNX devices stored in the project files via decryption with the known password \"ETS5Password\" and salt \"Ivan Medvedev\"." } ] }, diff --git a/2021/36xxx/CVE-2021-36808.json b/2021/36xxx/CVE-2021-36808.json index cc89c3d9993..a702da69620 100644 --- a/2021/36xxx/CVE-2021-36808.json +++ b/2021/36xxx/CVE-2021-36808.json @@ -4,66 +4,15 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-36808", - "ASSIGNER": "security-alert@sophos.com", - "STATE": "PUBLIC" + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Sophos Secure Workspace for Android", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_value": "9.7.3115" - } - ] - } - } - ] - }, - "vendor_name": "Sophos" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "Christian Niel Angel" - } - ], "description": { "description_data": [ { "lang": "eng", - "value": "A local attacker could bypass the app password using a race condition in Sophos Secure Workspace for Android before version 9.7.3115." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20211029-ssw-pw-bypass", - "refsource": "CONFIRM", - "url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20211029-ssw-pw-bypass" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } -} +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36922.json b/2021/36xxx/CVE-2021-36922.json index 8b5c7a6b17c..aa42721fd0c 100644 --- a/2021/36xxx/CVE-2021-36922.json +++ b/2021/36xxx/CVE-2021-36922.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-36922", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36922", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve unauthorized access to USB devices (Escalation of Privileges, Denial of Service, Code Execution, and Information Disclosure) via a crafted Device IO Control packet to a device." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.sentinelone.com/resources/category/report/", - "refsource": "MISC", - "name": "https://www.sentinelone.com/resources/category/report/" - }, - { - "refsource": "MISC", - "name": "https://www.realtek.com/images/safe-report/Realtek_RtsUpx_Security_Advisory_Report.pdf", - "url": "https://www.realtek.com/images/safe-report/Realtek_RtsUpx_Security_Advisory_Report.pdf" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/36xxx/CVE-2021-36923.json b/2021/36xxx/CVE-2021-36923.json index c2d7b42eaf8..1d4238247e2 100644 --- a/2021/36xxx/CVE-2021-36923.json +++ b/2021/36xxx/CVE-2021-36923.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-36923", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36923", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve unauthorized access to USB device privileged IN and OUT instructions (leading to Escalation of Privileges, Denial of Service, Code Execution, and Information Disclosure) via a crafted Device IO Control packet to a device." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.sentinelone.com/resources/category/report/", - "refsource": "MISC", - "name": "https://www.sentinelone.com/resources/category/report/" - }, - { - "refsource": "MISC", - "name": "https://www.realtek.com/images/safe-report/Realtek_RtsUpx_Security_Advisory_Report.pdf", - "url": "https://www.realtek.com/images/safe-report/Realtek_RtsUpx_Security_Advisory_Report.pdf" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/36xxx/CVE-2021-36924.json b/2021/36xxx/CVE-2021-36924.json index e82657b8ea3..ebb846b1c7d 100644 --- a/2021/36xxx/CVE-2021-36924.json +++ b/2021/36xxx/CVE-2021-36924.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-36924", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36924", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve a pool overflow (leading to Escalation of Privileges, Denial of Service, and Code Execution) via a crafted Device IO Control packet to a device." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.sentinelone.com/resources/category/report/", - "refsource": "MISC", - "name": "https://www.sentinelone.com/resources/category/report/" - }, - { - "refsource": "MISC", - "name": "https://www.realtek.com/images/safe-report/Realtek_RtsUpx_Security_Advisory_Report.pdf", - "url": "https://www.realtek.com/images/safe-report/Realtek_RtsUpx_Security_Advisory_Report.pdf" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/36xxx/CVE-2021-36925.json b/2021/36xxx/CVE-2021-36925.json index 8196f350643..f2644996c72 100644 --- a/2021/36xxx/CVE-2021-36925.json +++ b/2021/36xxx/CVE-2021-36925.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-36925", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36925", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve an arbitrary read or write operation from/to physical memory (leading to Escalation of Privileges, Denial of Service, Code Execution, and Information Disclosure) via a crafted Device IO Control packet to a device." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.sentinelone.com/resources/category/report/", - "refsource": "MISC", - "name": "https://www.sentinelone.com/resources/category/report/" - }, - { - "refsource": "MISC", - "name": "https://www.realtek.com/images/safe-report/Realtek_RtsUpx_Security_Advisory_Report.pdf", - "url": "https://www.realtek.com/images/safe-report/Realtek_RtsUpx_Security_Advisory_Report.pdf" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/36xxx/CVE-2021-36957.json b/2021/36xxx/CVE-2021-36957.json index d75b4c71db9..7efaa86b160 100644 --- a/2021/36xxx/CVE-2021-36957.json +++ b/2021/36xxx/CVE-2021-36957.json @@ -1,18 +1,271 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-36957", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-36957", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Windows", + "version": { + "version_data": [ + { + "version_value": "10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "10 Version 1809 for x64-based Systems" + }, + { + "version_value": "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value": "10 Version 1607 for 32-bit Systems" + }, + { + "version_value": "10 Version 1607 for x64-based Systems" + } + ] + } + }, + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "2019" + }, + { + "version_value": "2019 (Core installation)" + }, + { + "version_value": "2016" + }, + { + "version_value": "2016 (Core installation)" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 2004 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 20H2 (Server Core Installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Windows Desktop Bridge Elevation of Privilege Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36957" + } + ] + } +} diff --git a/2021/37xxx/CVE-2021-37147.json b/2021/37xxx/CVE-2021-37147.json index e9140a5e296..4c4849a9b85 100644 --- a/2021/37xxx/CVE-2021-37147.json +++ b/2021/37xxx/CVE-2021-37147.json @@ -1,78 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security@apache.org", - "ID": "CVE-2021-37147", - "STATE": "PUBLIC", - "TITLE": "Request Smuggling - LF line ending" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Apache Traffic Server", - "version": { - "version_data": [ - { - "version_value": "8.0.0 to 8.1.2 and 9.0.0 to 9.1.0" - } - ] - } - } - ] - }, - "vendor_name": "Apache Software Foundation" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "Apache Traffic Server would like to thank Mattias Grenfeldt and Asta Olofsson for reporting this issue." - } - ], - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-37147", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Improper input validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.1.0." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": [ - {} - ], - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-20 Improper Input Validation" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://lists.apache.org/thread/k01797hyncx53659wr3o72s5cvkc3164", - "name": "https://lists.apache.org/thread/k01797hyncx53659wr3o72s5cvkc3164" - } - ] - }, - "source": { - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/37xxx/CVE-2021-37148.json b/2021/37xxx/CVE-2021-37148.json index 1c528841f0d..3d19df08c23 100644 --- a/2021/37xxx/CVE-2021-37148.json +++ b/2021/37xxx/CVE-2021-37148.json @@ -1,78 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security@apache.org", - "ID": "CVE-2021-37148", - "STATE": "PUBLIC", - "TITLE": "Request Smuggling - transfer encoding validation" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Apache Traffic Server", - "version": { - "version_data": [ - { - "version_value": "8.0.0 to 8.1.2 and 9.0.0 to 9.0.1" - } - ] - } - } - ] - }, - "vendor_name": "Apache Software Foundation" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "Apache Traffic Server would like to thank Mattias Grenfeldt and Asta Olofsson for reporting this issue" - } - ], - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-37148", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Improper input validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.0.1." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": [ - {} - ], - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-20 Improper Input Validation" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://lists.apache.org/thread/k01797hyncx53659wr3o72s5cvkc3164", - "name": "https://lists.apache.org/thread/k01797hyncx53659wr3o72s5cvkc3164" - } - ] - }, - "source": { - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/37xxx/CVE-2021-37149.json b/2021/37xxx/CVE-2021-37149.json index aabccda69b2..7865301d72f 100644 --- a/2021/37xxx/CVE-2021-37149.json +++ b/2021/37xxx/CVE-2021-37149.json @@ -1,78 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security@apache.org", - "ID": "CVE-2021-37149", - "STATE": "PUBLIC", - "TITLE": "Request Smuggling - multiple attacks" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Apache Traffic Server", - "version": { - "version_data": [ - { - "version_value": "8.0.0 to 8.1.2 and 9.0.0 to 9.1.0" - } - ] - } - } - ] - }, - "vendor_name": "Apache Software Foundation" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "Apache Traffic Server would like to thank Mattias Grenfeldt and Asta Olofsson for reporting this issue" - } - ], - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-37149", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.1.0." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": [ - {} - ], - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-20 Improper Input Validation" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://lists.apache.org/thread/k01797hyncx53659wr3o72s5cvkc3164", - "name": "https://lists.apache.org/thread/k01797hyncx53659wr3o72s5cvkc3164" - } - ] - }, - "source": { - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/37xxx/CVE-2021-37157.json b/2021/37xxx/CVE-2021-37157.json index fdfcc81120f..8494e896a41 100644 --- a/2021/37xxx/CVE-2021-37157.json +++ b/2021/37xxx/CVE-2021-37157.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-37157", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-37157", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "An issue was discovered in OpenGamePanel OGP-Agent-Linux through 2021-08-14. $HOME/OGP/Cfg/Config.pm has the root password in cleartext." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/OpenGamePanel/OGP-Agent-Linux/commits/master", - "refsource": "MISC", - "name": "https://github.com/OpenGamePanel/OGP-Agent-Linux/commits/master" - }, - { - "refsource": "MISC", - "name": "https://www.exploit-db.com/exploits/50373", - "url": "https://www.exploit-db.com/exploits/50373" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/37xxx/CVE-2021-37158.json b/2021/37xxx/CVE-2021-37158.json index 9a3c255877a..86b17398073 100644 --- a/2021/37xxx/CVE-2021-37158.json +++ b/2021/37xxx/CVE-2021-37158.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-37158", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-37158", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "An issue was discovered in OpenGamePanel OGP-Agent-Linux through 2021-08-14. An authenticated attacker could inject OS commands by starting a Counter-Strike server and using the map field to enter a Bash command." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://www.exploit-db.com/exploits/50373", - "url": "https://www.exploit-db.com/exploits/50373" - }, - { - "refsource": "MISC", - "name": "https://github.com/OpenGamePanel/OGP-Website/pull/561", - "url": "https://github.com/OpenGamePanel/OGP-Website/pull/561" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/37xxx/CVE-2021-37207.json b/2021/37xxx/CVE-2021-37207.json index af0ef586755..34d1be9bf17 100644 --- a/2021/37xxx/CVE-2021-37207.json +++ b/2021/37xxx/CVE-2021-37207.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "productcert@siemens.com", - "ID": "CVE-2021-37207", - "STATE": "PUBLIC" - }, + "data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", - "data_type": "CVE", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Siemens", - "product": { - "product_data": [ - { - "product_name": "SENTRON powermanager V3", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-732: Incorrect Permission Assignment for Critical Resource" - } - ] - } - ] + "CVE_data_meta": { + "ID": "CVE-2021-37207", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in SENTRON powermanager V3 (All versions). The affected application assigns improper access rights to a specific folder containing configuration files. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-537983.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-537983.pdf" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/37xxx/CVE-2021-37220.json b/2021/37xxx/CVE-2021-37220.json index 7d1fca5afe3..63e9fd56c0f 100644 --- a/2021/37xxx/CVE-2021-37220.json +++ b/2021/37xxx/CVE-2021-37220.json @@ -61,11 +61,6 @@ "url": "http://git.ghostscript.com/?p=mupdf.git;h=f5712c9949d026e4b891b25837edd2edc166151f", "refsource": "MISC", "name": "http://git.ghostscript.com/?p=mupdf.git;h=f5712c9949d026e4b891b25837edd2edc166151f" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-e1d8a99caa", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TKRMREIYUBGG2GV73CU7BJNW2Q34IP23/" } ] } diff --git a/2021/37xxx/CVE-2021-37471.json b/2021/37xxx/CVE-2021-37471.json index 3e9d0b2db5e..a69dc35580f 100644 --- a/2021/37xxx/CVE-2021-37471.json +++ b/2021/37xxx/CVE-2021-37471.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-37471", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-37471", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A restricted shell escape sequence is possible on Cradlepoint IBR900-600 7.2.60 devices that can lead to an attacker denying the availability of all console or SSH command-line access." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://cradlepoint.com/product/endpoints/ibr900/", - "refsource": "MISC", - "name": "https://cradlepoint.com/product/endpoints/ibr900/" - }, - { - "refsource": "MISC", - "name": "https://securitybytes.me/posts/cve-2021-37471/", - "url": "https://securitybytes.me/posts/cve-2021-37471/" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/37xxx/CVE-2021-37695.json b/2021/37xxx/CVE-2021-37695.json index baf1eddc50a..e8daa03df0e 100644 --- a/2021/37xxx/CVE-2021-37695.json +++ b/2021/37xxx/CVE-2021-37695.json @@ -98,11 +98,6 @@ "url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpuoct2021.html" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211109 [SECURITY] [DLA 2813-1] ckeditor security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00007.html" } ] }, diff --git a/2021/37xxx/CVE-2021-37726.json b/2021/37xxx/CVE-2021-37726.json index a32fdf0c119..4a9def00356 100644 --- a/2021/37xxx/CVE-2021-37726.json +++ b/2021/37xxx/CVE-2021-37726.json @@ -48,11 +48,6 @@ "refsource": "MISC", "name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-017.txt", "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-017.txt" - }, - { - "refsource": "CONFIRM", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-917476.pdf", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-917476.pdf" } ] }, diff --git a/2021/37xxx/CVE-2021-37727.json b/2021/37xxx/CVE-2021-37727.json index 2a4b547163c..805247bfbca 100644 --- a/2021/37xxx/CVE-2021-37727.json +++ b/2021/37xxx/CVE-2021-37727.json @@ -60,11 +60,6 @@ "refsource": "MISC", "name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-017.txt", "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-017.txt" - }, - { - "refsource": "CONFIRM", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-917476.pdf", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-917476.pdf" } ] }, diff --git a/2021/37xxx/CVE-2021-37730.json b/2021/37xxx/CVE-2021-37730.json index f60cb637ceb..eac29b26fcc 100644 --- a/2021/37xxx/CVE-2021-37730.json +++ b/2021/37xxx/CVE-2021-37730.json @@ -60,11 +60,6 @@ "refsource": "MISC", "name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-017.txt", "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-017.txt" - }, - { - "refsource": "CONFIRM", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-917476.pdf", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-917476.pdf" } ] }, diff --git a/2021/37xxx/CVE-2021-37732.json b/2021/37xxx/CVE-2021-37732.json index e1bb8b5d253..121083bd53c 100644 --- a/2021/37xxx/CVE-2021-37732.json +++ b/2021/37xxx/CVE-2021-37732.json @@ -60,11 +60,6 @@ "refsource": "MISC", "name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-017.txt", "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-017.txt" - }, - { - "refsource": "CONFIRM", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-917476.pdf", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-917476.pdf" } ] }, diff --git a/2021/37xxx/CVE-2021-37734.json b/2021/37xxx/CVE-2021-37734.json index 8f50e5c76e1..b9cc1b45508 100644 --- a/2021/37xxx/CVE-2021-37734.json +++ b/2021/37xxx/CVE-2021-37734.json @@ -63,11 +63,6 @@ "refsource": "MISC", "name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-017.txt", "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-017.txt" - }, - { - "refsource": "CONFIRM", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-917476.pdf", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-917476.pdf" } ] }, diff --git a/2021/37xxx/CVE-2021-37735.json b/2021/37xxx/CVE-2021-37735.json index 67eb2dffbbc..c43ca6306f4 100644 --- a/2021/37xxx/CVE-2021-37735.json +++ b/2021/37xxx/CVE-2021-37735.json @@ -54,11 +54,6 @@ "refsource": "MISC", "name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-017.txt", "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-017.txt" - }, - { - "refsource": "CONFIRM", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-917476.pdf", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-917476.pdf" } ] }, diff --git a/2021/37xxx/CVE-2021-37806.json b/2021/37xxx/CVE-2021-37806.json index e631990b01d..55927f030e7 100644 --- a/2021/37xxx/CVE-2021-37806.json +++ b/2021/37xxx/CVE-2021-37806.json @@ -56,16 +56,6 @@ "url": "https://packetstormsecurity.com/files/163626/Vehicle-Parking-Management-System-1.0-SQL-Injection.html", "refsource": "MISC", "name": "https://packetstormsecurity.com/files/163626/Vehicle-Parking-Management-System-1.0-SQL-Injection.html" - }, - { - "refsource": "MISC", - "name": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-37806", - "url": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-37806" - }, - { - "refsource": "MISC", - "name": "https://streamable.com/rfcchi", - "url": "https://streamable.com/rfcchi" } ] } diff --git a/2021/37xxx/CVE-2021-37842.json b/2021/37xxx/CVE-2021-37842.json index 148bea81764..543211ecb99 100644 --- a/2021/37xxx/CVE-2021-37842.json +++ b/2021/37xxx/CVE-2021-37842.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-37842", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-37842", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "metakv in Couchbase Server 7.0.0 uses Cleartext for Storage of Sensitive Information. Remote Cluster XDCR credentials can get leaked in debug logs. Config key tombstone purging was added in Couchbase Server 7.0.0. This issue happens when a config key, which is being logged, has a tombstone purger time-stamp attached to it." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://docs.couchbase.com/server/current/release-notes/relnotes.html", - "refsource": "MISC", - "name": "https://docs.couchbase.com/server/current/release-notes/relnotes.html" - }, - { - "url": "https://www.couchbase.com/alerts", - "refsource": "MISC", - "name": "https://www.couchbase.com/alerts" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/37xxx/CVE-2021-37850.json b/2021/37xxx/CVE-2021-37850.json index d304f05a62a..7b9da1057e7 100644 --- a/2021/37xxx/CVE-2021-37850.json +++ b/2021/37xxx/CVE-2021-37850.json @@ -1,125 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security@eset.com", - "ID": "CVE-2021-37850", - "STATE": "PUBLIC", - "TITLE": "Denial of service in ESET for Mac products" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "ESET Cyber Security", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_value": "6.10.700" - } - ] - } - }, - { - "product_name": "ESET Cyber Security Pro", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_value": "6.10.700" - } - ] - } - }, - { - "product_name": "ESET Endpoint Antivirus for macOS", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_value": "6.10.910.0" - } - ] - } - }, - { - "product_name": "ESET Endpoint Security for macOS", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_value": "6.10.910.0" - } - ] - } - } - ] - }, - "vendor_name": "ESET, spol. s r.o." - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "ESET values the principles of responsible disclosure within the security industry and would like to express our thanks to Teiei Shu (\u5ef7\u53e1 \u5468) who reported this issue." - } - ], - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-37850", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "ESET was made aware of a vulnerability in its consumer and business products for macOS that enables a user logged on to the system to stop the ESET daemon, effectively disabling the protection of the ESET security product until a system reboot." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 5.5, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Denial Of Service" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://support.eset.com/en/ca8151", - "name": "https://support.eset.com/en/ca8151" - } - ] - }, - "source": { - "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2021/37xxx/CVE-2021-37956.json b/2021/37xxx/CVE-2021-37956.json index 71c54a59976..8b0ea405507 100644 --- a/2021/37xxx/CVE-2021-37956.json +++ b/2021/37xxx/CVE-2021-37956.json @@ -59,11 +59,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-ab09a05562", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DDW7HAHTS3SDVXBQUY4SURELO5D4X7R/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-591b3a2af0", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PM7MOYYHJSWLIFZ4TPJTD7MSA3HSSLV2/" } ] }, diff --git a/2021/37xxx/CVE-2021-37957.json b/2021/37xxx/CVE-2021-37957.json index c27f4cd568a..2833e75f47a 100644 --- a/2021/37xxx/CVE-2021-37957.json +++ b/2021/37xxx/CVE-2021-37957.json @@ -59,11 +59,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-ab09a05562", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DDW7HAHTS3SDVXBQUY4SURELO5D4X7R/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-591b3a2af0", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PM7MOYYHJSWLIFZ4TPJTD7MSA3HSSLV2/" } ] }, diff --git a/2021/37xxx/CVE-2021-37958.json b/2021/37xxx/CVE-2021-37958.json index 72b025c2365..d9e729d1ef7 100644 --- a/2021/37xxx/CVE-2021-37958.json +++ b/2021/37xxx/CVE-2021-37958.json @@ -59,11 +59,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-ab09a05562", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DDW7HAHTS3SDVXBQUY4SURELO5D4X7R/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-591b3a2af0", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PM7MOYYHJSWLIFZ4TPJTD7MSA3HSSLV2/" } ] }, diff --git a/2021/37xxx/CVE-2021-37959.json b/2021/37xxx/CVE-2021-37959.json index d6d510a5d2b..0042291b39a 100644 --- a/2021/37xxx/CVE-2021-37959.json +++ b/2021/37xxx/CVE-2021-37959.json @@ -59,11 +59,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-ab09a05562", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DDW7HAHTS3SDVXBQUY4SURELO5D4X7R/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-591b3a2af0", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PM7MOYYHJSWLIFZ4TPJTD7MSA3HSSLV2/" } ] }, diff --git a/2021/37xxx/CVE-2021-37960.json b/2021/37xxx/CVE-2021-37960.json index 15fc1715606..61cbd23d600 100644 --- a/2021/37xxx/CVE-2021-37960.json +++ b/2021/37xxx/CVE-2021-37960.json @@ -5,14 +5,14 @@ "CVE_data_meta": { "ID": "CVE-2021-37960", "ASSIGNER": "cve@mitre.org", - "STATE": "REJECT" + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } -} +} \ No newline at end of file diff --git a/2021/37xxx/CVE-2021-37961.json b/2021/37xxx/CVE-2021-37961.json index f1d60af5e3e..45c84eb8d3b 100644 --- a/2021/37xxx/CVE-2021-37961.json +++ b/2021/37xxx/CVE-2021-37961.json @@ -59,11 +59,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-ab09a05562", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DDW7HAHTS3SDVXBQUY4SURELO5D4X7R/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-591b3a2af0", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PM7MOYYHJSWLIFZ4TPJTD7MSA3HSSLV2/" } ] }, diff --git a/2021/37xxx/CVE-2021-37962.json b/2021/37xxx/CVE-2021-37962.json index 7b5f48f76fa..d4b67945de5 100644 --- a/2021/37xxx/CVE-2021-37962.json +++ b/2021/37xxx/CVE-2021-37962.json @@ -59,11 +59,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-ab09a05562", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DDW7HAHTS3SDVXBQUY4SURELO5D4X7R/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-591b3a2af0", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PM7MOYYHJSWLIFZ4TPJTD7MSA3HSSLV2/" } ] }, diff --git a/2021/37xxx/CVE-2021-37963.json b/2021/37xxx/CVE-2021-37963.json index ec72519da8a..0ad6776d13d 100644 --- a/2021/37xxx/CVE-2021-37963.json +++ b/2021/37xxx/CVE-2021-37963.json @@ -59,11 +59,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-ab09a05562", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DDW7HAHTS3SDVXBQUY4SURELO5D4X7R/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-591b3a2af0", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PM7MOYYHJSWLIFZ4TPJTD7MSA3HSSLV2/" } ] }, diff --git a/2021/37xxx/CVE-2021-37964.json b/2021/37xxx/CVE-2021-37964.json index 7e3df41ba63..d0358bb46f4 100644 --- a/2021/37xxx/CVE-2021-37964.json +++ b/2021/37xxx/CVE-2021-37964.json @@ -59,11 +59,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-ab09a05562", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DDW7HAHTS3SDVXBQUY4SURELO5D4X7R/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-591b3a2af0", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PM7MOYYHJSWLIFZ4TPJTD7MSA3HSSLV2/" } ] }, diff --git a/2021/37xxx/CVE-2021-37965.json b/2021/37xxx/CVE-2021-37965.json index f3c0d1f9e7c..185f6cc217d 100644 --- a/2021/37xxx/CVE-2021-37965.json +++ b/2021/37xxx/CVE-2021-37965.json @@ -59,11 +59,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-ab09a05562", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DDW7HAHTS3SDVXBQUY4SURELO5D4X7R/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-591b3a2af0", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PM7MOYYHJSWLIFZ4TPJTD7MSA3HSSLV2/" } ] }, diff --git a/2021/37xxx/CVE-2021-37966.json b/2021/37xxx/CVE-2021-37966.json index 383c22fe2bf..f2afcdbdc57 100644 --- a/2021/37xxx/CVE-2021-37966.json +++ b/2021/37xxx/CVE-2021-37966.json @@ -59,11 +59,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-ab09a05562", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DDW7HAHTS3SDVXBQUY4SURELO5D4X7R/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-591b3a2af0", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PM7MOYYHJSWLIFZ4TPJTD7MSA3HSSLV2/" } ] }, diff --git a/2021/37xxx/CVE-2021-37967.json b/2021/37xxx/CVE-2021-37967.json index c3c544c4953..432e80c9686 100644 --- a/2021/37xxx/CVE-2021-37967.json +++ b/2021/37xxx/CVE-2021-37967.json @@ -59,11 +59,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-ab09a05562", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DDW7HAHTS3SDVXBQUY4SURELO5D4X7R/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-591b3a2af0", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PM7MOYYHJSWLIFZ4TPJTD7MSA3HSSLV2/" } ] }, diff --git a/2021/37xxx/CVE-2021-37968.json b/2021/37xxx/CVE-2021-37968.json index 6bbd6dd880e..7b5761f62c1 100644 --- a/2021/37xxx/CVE-2021-37968.json +++ b/2021/37xxx/CVE-2021-37968.json @@ -59,11 +59,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-ab09a05562", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DDW7HAHTS3SDVXBQUY4SURELO5D4X7R/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-591b3a2af0", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PM7MOYYHJSWLIFZ4TPJTD7MSA3HSSLV2/" } ] }, diff --git a/2021/37xxx/CVE-2021-37969.json b/2021/37xxx/CVE-2021-37969.json index 5bcb17a080f..a8bdb036841 100644 --- a/2021/37xxx/CVE-2021-37969.json +++ b/2021/37xxx/CVE-2021-37969.json @@ -59,11 +59,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-ab09a05562", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DDW7HAHTS3SDVXBQUY4SURELO5D4X7R/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-591b3a2af0", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PM7MOYYHJSWLIFZ4TPJTD7MSA3HSSLV2/" } ] }, diff --git a/2021/37xxx/CVE-2021-37970.json b/2021/37xxx/CVE-2021-37970.json index 6eaee868bd8..039e5a41eb4 100644 --- a/2021/37xxx/CVE-2021-37970.json +++ b/2021/37xxx/CVE-2021-37970.json @@ -59,11 +59,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-ab09a05562", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DDW7HAHTS3SDVXBQUY4SURELO5D4X7R/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-591b3a2af0", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PM7MOYYHJSWLIFZ4TPJTD7MSA3HSSLV2/" } ] }, diff --git a/2021/37xxx/CVE-2021-37971.json b/2021/37xxx/CVE-2021-37971.json index c1e03f04ea0..e52097b4b75 100644 --- a/2021/37xxx/CVE-2021-37971.json +++ b/2021/37xxx/CVE-2021-37971.json @@ -59,11 +59,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-ab09a05562", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DDW7HAHTS3SDVXBQUY4SURELO5D4X7R/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-591b3a2af0", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PM7MOYYHJSWLIFZ4TPJTD7MSA3HSSLV2/" } ] }, diff --git a/2021/37xxx/CVE-2021-37972.json b/2021/37xxx/CVE-2021-37972.json index e0899eb3f10..a7de7750fc7 100644 --- a/2021/37xxx/CVE-2021-37972.json +++ b/2021/37xxx/CVE-2021-37972.json @@ -64,11 +64,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-359a715688", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B7G7UQ57NOKHQBYIHNJAFKFVWOQ6ZNU6/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-591b3a2af0", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PM7MOYYHJSWLIFZ4TPJTD7MSA3HSSLV2/" } ] }, diff --git a/2021/37xxx/CVE-2021-37973.json b/2021/37xxx/CVE-2021-37973.json index 50b74194e1e..a2bd66e5ccd 100644 --- a/2021/37xxx/CVE-2021-37973.json +++ b/2021/37xxx/CVE-2021-37973.json @@ -59,11 +59,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-ab09a05562", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DDW7HAHTS3SDVXBQUY4SURELO5D4X7R/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-591b3a2af0", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PM7MOYYHJSWLIFZ4TPJTD7MSA3HSSLV2/" } ] }, diff --git a/2021/37xxx/CVE-2021-37974.json b/2021/37xxx/CVE-2021-37974.json index 21d76cd26c0..fb64391647a 100644 --- a/2021/37xxx/CVE-2021-37974.json +++ b/2021/37xxx/CVE-2021-37974.json @@ -59,16 +59,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-116eff380f", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D63JZ3ROXCUHP4CFWDHCPZNTGET7T34R/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-5ffabdc080", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRFXUDH46PFVE75VQVWY6PYY5DK3S2XT/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-5093f11905", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RNARCF5HEZK7GJXZRN5TQ45AQDCRM2WO/" } ] }, diff --git a/2021/37xxx/CVE-2021-37975.json b/2021/37xxx/CVE-2021-37975.json index 805a1bde757..afc2bcc4cfe 100644 --- a/2021/37xxx/CVE-2021-37975.json +++ b/2021/37xxx/CVE-2021-37975.json @@ -59,16 +59,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-116eff380f", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D63JZ3ROXCUHP4CFWDHCPZNTGET7T34R/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-5ffabdc080", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRFXUDH46PFVE75VQVWY6PYY5DK3S2XT/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-5093f11905", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RNARCF5HEZK7GJXZRN5TQ45AQDCRM2WO/" } ] }, diff --git a/2021/37xxx/CVE-2021-37976.json b/2021/37xxx/CVE-2021-37976.json index 90fd39d609b..f9fe670644e 100644 --- a/2021/37xxx/CVE-2021-37976.json +++ b/2021/37xxx/CVE-2021-37976.json @@ -59,16 +59,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-116eff380f", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D63JZ3ROXCUHP4CFWDHCPZNTGET7T34R/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-5ffabdc080", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRFXUDH46PFVE75VQVWY6PYY5DK3S2XT/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-5093f11905", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RNARCF5HEZK7GJXZRN5TQ45AQDCRM2WO/" } ] }, diff --git a/2021/37xxx/CVE-2021-37977.json b/2021/37xxx/CVE-2021-37977.json index 08d67b8d848..a0c39598c59 100644 --- a/2021/37xxx/CVE-2021-37977.json +++ b/2021/37xxx/CVE-2021-37977.json @@ -4,69 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-37977", - "ASSIGNER": "chrome-cve-admin@google.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Google", - "product": { - "product_data": [ - { - "product_name": "Chrome", - "version": { - "version_data": [ - { - "version_value": "94.0.4606.81", - "version_affected": "<" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Use after free" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://crbug.com/1252878", - "refsource": "MISC", - "name": "https://crbug.com/1252878" - }, - { - "url": "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop.html", - "refsource": "MISC", - "name": "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop.html" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-5093f11905", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RNARCF5HEZK7GJXZRN5TQ45AQDCRM2WO/" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Use after free in Garbage Collection in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/37xxx/CVE-2021-37978.json b/2021/37xxx/CVE-2021-37978.json index d33bfc6ae3b..dc48b5cf73b 100644 --- a/2021/37xxx/CVE-2021-37978.json +++ b/2021/37xxx/CVE-2021-37978.json @@ -4,69 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-37978", - "ASSIGNER": "chrome-cve-admin@google.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Google", - "product": { - "product_data": [ - { - "product_name": "Chrome", - "version": { - "version_data": [ - { - "version_value": "94.0.4606.81", - "version_affected": "<" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Heap buffer overflow" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop.html", - "refsource": "MISC", - "name": "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop.html" - }, - { - "url": "https://crbug.com/1236318", - "refsource": "MISC", - "name": "https://crbug.com/1236318" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-5093f11905", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RNARCF5HEZK7GJXZRN5TQ45AQDCRM2WO/" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Heap buffer overflow in Blink in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/37xxx/CVE-2021-37979.json b/2021/37xxx/CVE-2021-37979.json index 3d534dcb3b5..423734aa064 100644 --- a/2021/37xxx/CVE-2021-37979.json +++ b/2021/37xxx/CVE-2021-37979.json @@ -4,69 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-37979", - "ASSIGNER": "chrome-cve-admin@google.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Google", - "product": { - "product_data": [ - { - "product_name": "Chrome", - "version": { - "version_data": [ - { - "version_value": "94.0.4606.81", - "version_affected": "<" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Heap buffer overflow" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop.html", - "refsource": "MISC", - "name": "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop.html" - }, - { - "url": "https://crbug.com/1247260", - "refsource": "MISC", - "name": "https://crbug.com/1247260" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-5093f11905", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RNARCF5HEZK7GJXZRN5TQ45AQDCRM2WO/" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "heap buffer overflow in WebRTC in Google Chrome prior to 94.0.4606.81 allowed a remote attacker who convinced a user to browse to a malicious website to potentially exploit heap corruption via a crafted HTML page." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/37xxx/CVE-2021-37980.json b/2021/37xxx/CVE-2021-37980.json index e89272a9a46..052ad77e427 100644 --- a/2021/37xxx/CVE-2021-37980.json +++ b/2021/37xxx/CVE-2021-37980.json @@ -4,69 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-37980", - "ASSIGNER": "chrome-cve-admin@google.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Google", - "product": { - "product_data": [ - { - "product_name": "Chrome", - "version": { - "version_data": [ - { - "version_value": "94.0.4606.81", - "version_affected": "<" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Inappropriate implementation" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop.html", - "refsource": "MISC", - "name": "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop.html" - }, - { - "url": "https://crbug.com/1254631", - "refsource": "MISC", - "name": "https://crbug.com/1254631" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-5093f11905", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RNARCF5HEZK7GJXZRN5TQ45AQDCRM2WO/" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Inappropriate implementation in Sandbox in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially bypass site isolation via Windows." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/37xxx/CVE-2021-37981.json b/2021/37xxx/CVE-2021-37981.json index 86cae6451d3..d940c8cf2dd 100644 --- a/2021/37xxx/CVE-2021-37981.json +++ b/2021/37xxx/CVE-2021-37981.json @@ -4,64 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-37981", - "ASSIGNER": "chrome-cve-admin@google.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Google", - "product": { - "product_data": [ - { - "product_name": "Chrome", - "version": { - "version_data": [ - { - "version_value": "95.0.4638.54", - "version_affected": "<" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Heap buffer overflow" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://crbug.com/1246631", - "refsource": "MISC", - "name": "https://crbug.com/1246631" - }, - { - "url": "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html", - "refsource": "MISC", - "name": "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/37xxx/CVE-2021-37982.json b/2021/37xxx/CVE-2021-37982.json index 04740ec91fc..7cde50ce7db 100644 --- a/2021/37xxx/CVE-2021-37982.json +++ b/2021/37xxx/CVE-2021-37982.json @@ -4,64 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-37982", - "ASSIGNER": "chrome-cve-admin@google.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Google", - "product": { - "product_data": [ - { - "product_name": "Chrome", - "version": { - "version_data": [ - { - "version_value": "95.0.4638.54", - "version_affected": "<" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Use after free" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html", - "refsource": "MISC", - "name": "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html" - }, - { - "url": "https://crbug.com/1248661", - "refsource": "MISC", - "name": "https://crbug.com/1248661" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Use after free in Incognito in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/37xxx/CVE-2021-37983.json b/2021/37xxx/CVE-2021-37983.json index a66a3b79558..3ce5948eee3 100644 --- a/2021/37xxx/CVE-2021-37983.json +++ b/2021/37xxx/CVE-2021-37983.json @@ -4,64 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-37983", - "ASSIGNER": "chrome-cve-admin@google.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Google", - "product": { - "product_data": [ - { - "product_name": "Chrome", - "version": { - "version_data": [ - { - "version_value": "95.0.4638.54", - "version_affected": "<" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Use after free" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html", - "refsource": "MISC", - "name": "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html" - }, - { - "url": "https://crbug.com/1249810", - "refsource": "MISC", - "name": "https://crbug.com/1249810" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Use after free in Dev Tools in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/37xxx/CVE-2021-37984.json b/2021/37xxx/CVE-2021-37984.json index c156f05e7bc..52cc080e820 100644 --- a/2021/37xxx/CVE-2021-37984.json +++ b/2021/37xxx/CVE-2021-37984.json @@ -4,64 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-37984", - "ASSIGNER": "chrome-cve-admin@google.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Google", - "product": { - "product_data": [ - { - "product_name": "Chrome", - "version": { - "version_data": [ - { - "version_value": "95.0.4638.54", - "version_affected": "<" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Heap buffer overflow" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html", - "refsource": "MISC", - "name": "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html" - }, - { - "url": "https://crbug.com/1253399", - "refsource": "MISC", - "name": "https://crbug.com/1253399" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Heap buffer overflow in PDFium in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/37xxx/CVE-2021-37985.json b/2021/37xxx/CVE-2021-37985.json index 41ec3e69bae..da413031dfb 100644 --- a/2021/37xxx/CVE-2021-37985.json +++ b/2021/37xxx/CVE-2021-37985.json @@ -4,64 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-37985", - "ASSIGNER": "chrome-cve-admin@google.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Google", - "product": { - "product_data": [ - { - "product_name": "Chrome", - "version": { - "version_data": [ - { - "version_value": "95.0.4638.54", - "version_affected": "<" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Use after free" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html", - "refsource": "MISC", - "name": "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html" - }, - { - "url": "https://crbug.com/1241860", - "refsource": "MISC", - "name": "https://crbug.com/1241860" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Use after free in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had convinced a user to allow for connection to debugger to potentially exploit heap corruption via a crafted HTML page." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/37xxx/CVE-2021-37986.json b/2021/37xxx/CVE-2021-37986.json index a222af61d2c..937fc1334a0 100644 --- a/2021/37xxx/CVE-2021-37986.json +++ b/2021/37xxx/CVE-2021-37986.json @@ -4,64 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-37986", - "ASSIGNER": "chrome-cve-admin@google.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Google", - "product": { - "product_data": [ - { - "product_name": "Chrome", - "version": { - "version_data": [ - { - "version_value": "95.0.4638.54", - "version_affected": "<" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Heap buffer overflow" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html", - "refsource": "MISC", - "name": "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html" - }, - { - "url": "https://crbug.com/1242404", - "refsource": "MISC", - "name": "https://crbug.com/1242404" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Heap buffer overflow in Settings in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to engage with Dev Tools to potentially exploit heap corruption via a crafted HTML page." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/37xxx/CVE-2021-37987.json b/2021/37xxx/CVE-2021-37987.json index e74f2466e93..6daf85ada35 100644 --- a/2021/37xxx/CVE-2021-37987.json +++ b/2021/37xxx/CVE-2021-37987.json @@ -4,64 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-37987", - "ASSIGNER": "chrome-cve-admin@google.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Google", - "product": { - "product_data": [ - { - "product_name": "Chrome", - "version": { - "version_data": [ - { - "version_value": "95.0.4638.54", - "version_affected": "<" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Use after free" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html", - "refsource": "MISC", - "name": "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html" - }, - { - "url": "https://crbug.com/1206928", - "refsource": "MISC", - "name": "https://crbug.com/1206928" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Use after free in Network APIs in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/37xxx/CVE-2021-37988.json b/2021/37xxx/CVE-2021-37988.json index a10bd0221cc..45565438799 100644 --- a/2021/37xxx/CVE-2021-37988.json +++ b/2021/37xxx/CVE-2021-37988.json @@ -4,64 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-37988", - "ASSIGNER": "chrome-cve-admin@google.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Google", - "product": { - "product_data": [ - { - "product_name": "Chrome", - "version": { - "version_data": [ - { - "version_value": "95.0.4638.54", - "version_affected": "<" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Use after free" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html", - "refsource": "MISC", - "name": "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html" - }, - { - "url": "https://crbug.com/1228248", - "refsource": "MISC", - "name": "https://crbug.com/1228248" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Use after free in Profiles in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who convinced a user to engage in specific gestures to potentially exploit heap corruption via a crafted HTML page." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/37xxx/CVE-2021-37989.json b/2021/37xxx/CVE-2021-37989.json index 0a63f7ac108..8c881b9738c 100644 --- a/2021/37xxx/CVE-2021-37989.json +++ b/2021/37xxx/CVE-2021-37989.json @@ -4,64 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-37989", - "ASSIGNER": "chrome-cve-admin@google.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Google", - "product": { - "product_data": [ - { - "product_name": "Chrome", - "version": { - "version_data": [ - { - "version_value": "95.0.4638.54", - "version_affected": "<" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Inappropriate implementation" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html", - "refsource": "MISC", - "name": "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html" - }, - { - "url": "https://crbug.com/1233067", - "refsource": "MISC", - "name": "https://crbug.com/1233067" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Inappropriate implementation in Blink in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to abuse content security policy via a crafted HTML page." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/37xxx/CVE-2021-37990.json b/2021/37xxx/CVE-2021-37990.json index 41ba2195d74..8c338111725 100644 --- a/2021/37xxx/CVE-2021-37990.json +++ b/2021/37xxx/CVE-2021-37990.json @@ -4,64 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-37990", - "ASSIGNER": "chrome-cve-admin@google.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Google", - "product": { - "product_data": [ - { - "product_name": "Chrome", - "version": { - "version_data": [ - { - "version_value": "95.0.4638.54", - "version_affected": "<" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Inappropriate implementation" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html", - "refsource": "MISC", - "name": "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html" - }, - { - "url": "https://crbug.com/1247395", - "refsource": "MISC", - "name": "https://crbug.com/1247395" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Inappropriate implementation in WebView in Google Chrome on Android prior to 95.0.4638.54 allowed a remote attacker to leak cross-origin data via a crafted app." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/37xxx/CVE-2021-37991.json b/2021/37xxx/CVE-2021-37991.json index 2a4961610bf..5c60d14acde 100644 --- a/2021/37xxx/CVE-2021-37991.json +++ b/2021/37xxx/CVE-2021-37991.json @@ -4,64 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-37991", - "ASSIGNER": "chrome-cve-admin@google.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Google", - "product": { - "product_data": [ - { - "product_name": "Chrome", - "version": { - "version_data": [ - { - "version_value": "95.0.4638.54", - "version_affected": "<" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Race" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html", - "refsource": "MISC", - "name": "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html" - }, - { - "url": "https://crbug.com/1250660", - "refsource": "MISC", - "name": "https://crbug.com/1250660" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Race in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/37xxx/CVE-2021-37992.json b/2021/37xxx/CVE-2021-37992.json index 2f2a399e24e..9b658b48bc6 100644 --- a/2021/37xxx/CVE-2021-37992.json +++ b/2021/37xxx/CVE-2021-37992.json @@ -4,64 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-37992", - "ASSIGNER": "chrome-cve-admin@google.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Google", - "product": { - "product_data": [ - { - "product_name": "Chrome", - "version": { - "version_data": [ - { - "version_value": "95.0.4638.54", - "version_affected": "<" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Out of bounds read" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html", - "refsource": "MISC", - "name": "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html" - }, - { - "url": "https://crbug.com/1253746", - "refsource": "MISC", - "name": "https://crbug.com/1253746" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Out of bounds read in WebAudio in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/37xxx/CVE-2021-37993.json b/2021/37xxx/CVE-2021-37993.json index c6f07743f77..1afd5fc7a36 100644 --- a/2021/37xxx/CVE-2021-37993.json +++ b/2021/37xxx/CVE-2021-37993.json @@ -4,64 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-37993", - "ASSIGNER": "chrome-cve-admin@google.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Google", - "product": { - "product_data": [ - { - "product_name": "Chrome", - "version": { - "version_data": [ - { - "version_value": "95.0.4638.54", - "version_affected": "<" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Use after free" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html", - "refsource": "MISC", - "name": "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html" - }, - { - "url": "https://crbug.com/1255332", - "refsource": "MISC", - "name": "https://crbug.com/1255332" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Use after free in PDF Accessibility in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/37xxx/CVE-2021-37994.json b/2021/37xxx/CVE-2021-37994.json index 3d0ef8dec5a..a63287420c6 100644 --- a/2021/37xxx/CVE-2021-37994.json +++ b/2021/37xxx/CVE-2021-37994.json @@ -4,64 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-37994", - "ASSIGNER": "chrome-cve-admin@google.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Google", - "product": { - "product_data": [ - { - "product_name": "Chrome", - "version": { - "version_data": [ - { - "version_value": "95.0.4638.54", - "version_affected": "<" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Inappropriate implementation" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html", - "refsource": "MISC", - "name": "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html" - }, - { - "url": "https://crbug.com/1100761", - "refsource": "MISC", - "name": "https://crbug.com/1100761" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Inappropriate implementation in iFrame Sandbox in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/37xxx/CVE-2021-37995.json b/2021/37xxx/CVE-2021-37995.json index d826ccbaa68..8c577daa9dc 100644 --- a/2021/37xxx/CVE-2021-37995.json +++ b/2021/37xxx/CVE-2021-37995.json @@ -4,64 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-37995", - "ASSIGNER": "chrome-cve-admin@google.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Google", - "product": { - "product_data": [ - { - "product_name": "Chrome", - "version": { - "version_data": [ - { - "version_value": "95.0.4638.54", - "version_affected": "<" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Inappropriate implementation" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html", - "refsource": "MISC", - "name": "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html" - }, - { - "url": "https://crbug.com/1242315", - "refsource": "MISC", - "name": "https://crbug.com/1242315" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Inappropriate implementation in WebApp Installer in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially overlay and spoof the contents of the Omnibox (URL bar) via a crafted HTML page." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/37xxx/CVE-2021-37996.json b/2021/37xxx/CVE-2021-37996.json index f18b18b61d7..4885c95af24 100644 --- a/2021/37xxx/CVE-2021-37996.json +++ b/2021/37xxx/CVE-2021-37996.json @@ -4,64 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-37996", - "ASSIGNER": "chrome-cve-admin@google.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Google", - "product": { - "product_data": [ - { - "product_name": "Chrome", - "version": { - "version_data": [ - { - "version_value": "95.0.4638.54", - "version_affected": "<" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Insufficient validation of untrusted input" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html", - "refsource": "MISC", - "name": "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html" - }, - { - "url": "https://crbug.com/1243020", - "refsource": "MISC", - "name": "https://crbug.com/1243020" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Insufficient validation of untrusted input Downloads in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to bypass navigation restrictions via a malicious file." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/38xxx/CVE-2021-38114.json b/2021/38xxx/CVE-2021-38114.json index 34f4db5f275..897e8e9227c 100644 --- a/2021/38xxx/CVE-2021-38114.json +++ b/2021/38xxx/CVE-2021-38114.json @@ -71,11 +71,6 @@ "refsource": "DEBIAN", "name": "DSA-4990", "url": "https://www.debian.org/security/2021/dsa-4990" - }, - { - "refsource": "DEBIAN", - "name": "DSA-4998", - "url": "https://www.debian.org/security/2021/dsa-4998" } ] } diff --git a/2021/38xxx/CVE-2021-38161.json b/2021/38xxx/CVE-2021-38161.json index db0008894da..73bd6373f5c 100644 --- a/2021/38xxx/CVE-2021-38161.json +++ b/2021/38xxx/CVE-2021-38161.json @@ -1,72 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security@apache.org", - "ID": "CVE-2021-38161", - "STATE": "PUBLIC", - "TITLE": "Not validating origin TLS certificate" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Apache Traffic Server", - "version": { - "version_data": [ - { - "version_value": "8.0.0 to 8.0.8" - } - ] - } - } - ] - }, - "vendor_name": "Apache Software Foundation" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-38161", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Improper Authentication vulnerability in TLS origin verification of Apache Traffic Server allows for man in the middle attacks. This issue affects Apache Traffic Server 8.0.0 to 8.0.8." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": [ - {} - ], - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-287 Improper Authentication" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://lists.apache.org/thread/k01797hyncx53659wr3o72s5cvkc3164", - "name": "https://lists.apache.org/thread/k01797hyncx53659wr3o72s5cvkc3164" - } - ] - }, - "source": { - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/38xxx/CVE-2021-38171.json b/2021/38xxx/CVE-2021-38171.json index be3826612a5..f8eaa844de6 100644 --- a/2021/38xxx/CVE-2021-38171.json +++ b/2021/38xxx/CVE-2021-38171.json @@ -66,11 +66,6 @@ "refsource": "DEBIAN", "name": "DSA-4990", "url": "https://www.debian.org/security/2021/dsa-4990" - }, - { - "refsource": "DEBIAN", - "name": "DSA-4998", - "url": "https://www.debian.org/security/2021/dsa-4998" } ] } diff --git a/2021/38xxx/CVE-2021-38291.json b/2021/38xxx/CVE-2021-38291.json index 2b62ba70240..a531bd7f852 100644 --- a/2021/38xxx/CVE-2021-38291.json +++ b/2021/38xxx/CVE-2021-38291.json @@ -61,11 +61,6 @@ "refsource": "DEBIAN", "name": "DSA-4990", "url": "https://www.debian.org/security/2021/dsa-4990" - }, - { - "refsource": "DEBIAN", - "name": "DSA-4998", - "url": "https://www.debian.org/security/2021/dsa-4998" } ] } diff --git a/2021/38xxx/CVE-2021-38356.json b/2021/38xxx/CVE-2021-38356.json index cf41213fcdc..72b9f27f17c 100644 --- a/2021/38xxx/CVE-2021-38356.json +++ b/2021/38xxx/CVE-2021-38356.json @@ -1,96 +1,18 @@ { - "CVE_data_meta": { - "AKA": "Wordfence", - "ASSIGNER": "security@wordfence.com", - "DATE_PUBLIC": "2021-11-28T10:14:00.000Z", - "ID": "CVE-2021-38356", - "STATE": "PUBLIC", - "TITLE": "NextScripts: Social Networks Auto-Poster <= 4.3.20 Reflected Cross-Site Scripting" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "NextScripts: Social Networks Auto-Poster", - "version": { - "version_data": [ - { - "platform": "WordPress", - "version_affected": "<=", - "version_name": "4.3.20", - "version_value": "4.3.20" - } - ] - } - } - ] - }, - "vendor_name": "NextScripts" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "Ramuel Gall, Wordfence" - } - ], - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-38356", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "The NextScripts: Social Networks Auto-Poster <= 4.3.20 WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the $_REQUEST['page'] parameter which is echoed out on inc/nxs_class_snap.php by supplying the appropriate value 'nxssnap-post' to load the page in $_GET['page'] along with malicious JavaScript in $_POST['page']." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "privilegesRequired": "NONE", - "scope": "CHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-79 Cross-site Scripting (XSS)" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://www.wordfence.com/blog/2021/10/xss-vulnerability-in-nextscripts-social-networks-auto-poster-plugin-impacts-100000-sites/", - "name": "https://www.wordfence.com/blog/2021/10/xss-vulnerability-in-nextscripts-social-networks-auto-poster-plugin-impacts-100000-sites/" - } - ] - }, - "source": { - "discovery": "INTERNAL" } } \ No newline at end of file diff --git a/2021/38xxx/CVE-2021-38403.json b/2021/38xxx/CVE-2021-38403.json index 08747cc9769..ac22162d91e 100644 --- a/2021/38xxx/CVE-2021-38403.json +++ b/2021/38xxx/CVE-2021-38403.json @@ -1,101 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "ics-cert@hq.dhs.gov", - "DATE_PUBLIC": "2021-10-21T18:29:00.000Z", - "ID": "CVE-2021-38403", - "STATE": "PUBLIC", - "TITLE": "Delta Electronics DIALink" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "DIALink", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "All", - "version_value": "1.2.4.0" - } - ] - } - } - ] - }, - "vendor_name": "Delta Electronics" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "Michael Heinzl reported these vulnerabilities to CISA." - } - ], - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-38403", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to cross-site scripting because an authenticated attacker can inject arbitrary JavaScript code into the parameter supplier of the API maintenance, which may allow an attacker to remotely execute code." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "privilegesRequired": "HIGH", - "scope": "CHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-79 Cross-site Scripting (XSS)" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-294-02", - "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-294-02" - } - ] - }, - "source": { - "advisory": "ICSA-21-294-02", - "discovery": "UNKNOWN" - }, - "work_around": [ - { - "lang": "eng", - "value": "Delta Electronics is aware of the vulnerabilities and is currently working on an update. " - } - ] + } } \ No newline at end of file diff --git a/2021/38xxx/CVE-2021-38407.json b/2021/38xxx/CVE-2021-38407.json index 6d0818742f3..ae1caf165c7 100644 --- a/2021/38xxx/CVE-2021-38407.json +++ b/2021/38xxx/CVE-2021-38407.json @@ -1,101 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "ics-cert@hq.dhs.gov", - "DATE_PUBLIC": "2021-10-21T18:29:00.000Z", - "ID": "CVE-2021-38407", - "STATE": "PUBLIC", - "TITLE": "Delta Electronics DIALink" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "DIALink", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "All", - "version_value": "1.2.4.0" - } - ] - } - } - ] - }, - "vendor_name": "Delta Electronics" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "Michael Heinzl reported these vulnerabilities to CISA." - } - ], - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-38407", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to cross-site scripting because an authenticated attacker can inject arbitrary JavaScript code into the parameter name of the API devices, which may allow an attacker to remotely execute code." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "privilegesRequired": "HIGH", - "scope": "CHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-79 Cross-site Scripting (XSS)" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-294-02", - "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-294-02" - } - ] - }, - "source": { - "advisory": "ICSA-21-294-02", - "discovery": "UNKNOWN" - }, - "work_around": [ - { - "lang": "eng", - "value": "Delta Electronics is aware of the vulnerabilities and is currently working on an update. " - } - ] + } } \ No newline at end of file diff --git a/2021/38xxx/CVE-2021-38411.json b/2021/38xxx/CVE-2021-38411.json index 533ceefceb3..cabf8a745e2 100644 --- a/2021/38xxx/CVE-2021-38411.json +++ b/2021/38xxx/CVE-2021-38411.json @@ -1,101 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "ics-cert@hq.dhs.gov", - "DATE_PUBLIC": "2021-10-21T18:29:00.000Z", - "ID": "CVE-2021-38411", - "STATE": "PUBLIC", - "TITLE": "Delta Electronics DIALink" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "DIALink", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "All", - "version_value": "1.2.4.0" - } - ] - } - } - ] - }, - "vendor_name": "Delta Electronics" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "Michael Heinzl reported these vulnerabilities to CISA." - } - ], - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-38411", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to cross-site scripting because an authenticated attacker can inject arbitrary JavaScript code into the parameter deviceName of the API modbusWriter-Reader, which may allow an attacker to remotely execute code." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "privilegesRequired": "HIGH", - "scope": "CHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-79 Cross-site Scripting (XSS)" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-294-02", - "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-294-02" - } - ] - }, - "source": { - "advisory": "ICSA-21-294-02", - "discovery": "UNKNOWN" - }, - "work_around": [ - { - "lang": "eng", - "value": "Delta Electronics is aware of the vulnerabilities and is currently working on an update. " - } - ] + } } \ No newline at end of file diff --git a/2021/38xxx/CVE-2021-38416.json b/2021/38xxx/CVE-2021-38416.json index f01f7d348b3..fd23dc4dafb 100644 --- a/2021/38xxx/CVE-2021-38416.json +++ b/2021/38xxx/CVE-2021-38416.json @@ -1,101 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "ics-cert@hq.dhs.gov", - "DATE_PUBLIC": "2021-10-21T18:29:00.000Z", - "ID": "CVE-2021-38416", - "STATE": "PUBLIC", - "TITLE": "Delta Electronics DIALink" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "DIALink", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "All", - "version_value": "1.2.4.0" - } - ] - } - } - ] - }, - "vendor_name": "Delta Electronics" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "Michael Heinzl reported these vulnerabilities to CISA." - } - ], - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-38416", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Delta Electronics DIALink versions 1.2.4.0 and prior insecurely loads libraries, which may allow an attacker to use DLL hijacking and takeover the system where the software is installed." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-427 Uncontrolled Search Path Element" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-294-02", - "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-294-02" - } - ] - }, - "source": { - "advisory": "ICSA-21-294-02", - "discovery": "UNKNOWN" - }, - "work_around": [ - { - "lang": "eng", - "value": "Delta Electronics is aware of the vulnerabilities and is currently working on an update. " - } - ] + } } \ No newline at end of file diff --git a/2021/38xxx/CVE-2021-38418.json b/2021/38xxx/CVE-2021-38418.json index 7778dcfd248..b878148fe65 100644 --- a/2021/38xxx/CVE-2021-38418.json +++ b/2021/38xxx/CVE-2021-38418.json @@ -1,101 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "ics-cert@hq.dhs.gov", - "DATE_PUBLIC": "2021-10-21T18:29:00.000Z", - "ID": "CVE-2021-38418", - "STATE": "PUBLIC", - "TITLE": "Delta Electronics DIALink" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "DIALink", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "All", - "version_value": "1.2.4.0" - } - ] - } - } - ] - }, - "vendor_name": "Delta Electronics" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "Michael Heinzl reported these vulnerabilities to CISA." - } - ], - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-38418", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Delta Electronics DIALink versions 1.2.4.0 and prior runs by default on HTTP, which may allow an attacker to be positioned between the traffic and perform a machine-in-the-middle attack to access information without authorization." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "ADJACENT_NETWORK", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-319 Cleartext Transmission of Sensitive Information" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-294-02", - "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-294-02" - } - ] - }, - "source": { - "advisory": "ICSA-21-294-02", - "discovery": "UNKNOWN" - }, - "work_around": [ - { - "lang": "eng", - "value": "Delta Electronics is aware of the vulnerabilities and is currently working on an update. " - } - ] + } } \ No newline at end of file diff --git a/2021/38xxx/CVE-2021-38420.json b/2021/38xxx/CVE-2021-38420.json index b88211a9654..afdbabc956e 100644 --- a/2021/38xxx/CVE-2021-38420.json +++ b/2021/38xxx/CVE-2021-38420.json @@ -1,101 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "ics-cert@hq.dhs.gov", - "DATE_PUBLIC": "2021-10-21T18:29:00.000Z", - "ID": "CVE-2021-38420", - "STATE": "PUBLIC", - "TITLE": "Delta Electronics DIALink" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "DIALink", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "All", - "version_value": "1.2.4.0" - } - ] - } - } - ] - }, - "vendor_name": "Delta Electronics" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "Michael Heinzl reported these vulnerabilities to CISA." - } - ], - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-38420", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Delta Electronics DIALink versions 1.2.4.0 and prior default permissions give extensive permissions to low-privileged user accounts, which may allow an attacker to modify the installation directory and upload malicious files." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-427 Uncontrolled Search Path Element" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-294-02", - "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-294-02" - } - ] - }, - "source": { - "advisory": "ICSA-21-294-02", - "discovery": "UNKNOWN" - }, - "work_around": [ - { - "lang": "eng", - "value": "Delta Electronics is aware of the vulnerabilities and is currently working on an update. " - } - ] + } } \ No newline at end of file diff --git a/2021/38xxx/CVE-2021-38422.json b/2021/38xxx/CVE-2021-38422.json index 5aa54311557..14ee563a37c 100644 --- a/2021/38xxx/CVE-2021-38422.json +++ b/2021/38xxx/CVE-2021-38422.json @@ -1,101 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "ics-cert@hq.dhs.gov", - "DATE_PUBLIC": "2021-10-21T18:29:00.000Z", - "ID": "CVE-2021-38422", - "STATE": "PUBLIC", - "TITLE": "Delta Electronics DIALink" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "DIALink", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "All", - "version_value": "1.2.4.0" - } - ] - } - } - ] - }, - "vendor_name": "Delta Electronics" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "Michael Heinzl reported these vulnerabilities to CISA." - } - ], - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-38422", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Delta Electronics DIALink versions 1.2.4.0 and prior stores sensitive information in cleartext, which may allow an attacker to have extensive access to the application directory and escalate privileges." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-312 Cleartext Storage of Sensitive Information" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-294-02", - "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-294-02" - } - ] - }, - "source": { - "advisory": "ICSA-21-294-02", - "discovery": "UNKNOWN" - }, - "work_around": [ - { - "lang": "eng", - "value": "Delta Electronics is aware of the vulnerabilities and is currently working on an update. " - } - ] + } } \ No newline at end of file diff --git a/2021/38xxx/CVE-2021-38424.json b/2021/38xxx/CVE-2021-38424.json index 3e3abc9e416..08810fc1804 100644 --- a/2021/38xxx/CVE-2021-38424.json +++ b/2021/38xxx/CVE-2021-38424.json @@ -1,101 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "ics-cert@hq.dhs.gov", - "DATE_PUBLIC": "2021-10-21T18:29:00.000Z", - "ID": "CVE-2021-38424", - "STATE": "PUBLIC", - "TITLE": "Delta Electronics DIALink" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "DIALink", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "All", - "version_value": "1.2.4.0" - } - ] - } - } - ] - }, - "vendor_name": "Delta Electronics" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "Michael Heinzl reported these vulnerabilities to CISA." - } - ], - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-38424", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "The tag interface of Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to an attacker injecting formulas into the tag data. Those formulas may then be executed when it is opened with a spreadsheet application." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "LOW", - "baseScore": 5.9, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "privilegesRequired": "HIGH", - "scope": "CHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-1236 Improper Neutralization of Formula Elements in a CSV File" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-294-02", - "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-294-02" - } - ] - }, - "source": { - "advisory": "ICSA-21-294-02", - "discovery": "UNKNOWN" - }, - "work_around": [ - { - "lang": "eng", - "value": "Delta Electronics is aware of the vulnerabilities and is currently working on an update. " - } - ] + } } \ No newline at end of file diff --git a/2021/38xxx/CVE-2021-38428.json b/2021/38xxx/CVE-2021-38428.json index d00a273d2d2..4d3937e8342 100644 --- a/2021/38xxx/CVE-2021-38428.json +++ b/2021/38xxx/CVE-2021-38428.json @@ -1,101 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "ics-cert@hq.dhs.gov", - "DATE_PUBLIC": "2021-10-21T18:29:00.000Z", - "ID": "CVE-2021-38428", - "STATE": "PUBLIC", - "TITLE": "Delta Electronics DIALink" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "DIALink", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "All", - "version_value": "1.2.4.0" - } - ] - } - } - ] - }, - "vendor_name": "Delta Electronics" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "Michael Heinzl reported these vulnerabilities to CISA." - } - ], - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-38428", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to cross-site scripting because an authenticated attacker can inject arbitrary JavaScript code into the parameter name of the API schedule, which may allow an attacker to remotely execute code." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "privilegesRequired": "HIGH", - "scope": "CHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-79 Cross-site Scripting (XSS)" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-294-02", - "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-294-02" - } - ] - }, - "source": { - "advisory": "ICSA-21-294-02", - "discovery": "UNKNOWN" - }, - "work_around": [ - { - "lang": "eng", - "value": "Delta Electronics is aware of the vulnerabilities and is currently working on an update. " - } - ] + } } \ No newline at end of file diff --git a/2021/38xxx/CVE-2021-38488.json b/2021/38xxx/CVE-2021-38488.json index 7cf00beb08e..87925b61d1d 100644 --- a/2021/38xxx/CVE-2021-38488.json +++ b/2021/38xxx/CVE-2021-38488.json @@ -1,101 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "ics-cert@hq.dhs.gov", - "DATE_PUBLIC": "2021-10-21T18:29:00.000Z", - "ID": "CVE-2021-38488", - "STATE": "PUBLIC", - "TITLE": "Delta Electronics DIALink" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "DIALink", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "All", - "version_value": "1.2.4.0" - } - ] - } - } - ] - }, - "vendor_name": "Delta Electronics" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "Michael Heinzl reported these vulnerabilities to CISA." - } - ], - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-38488", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to cross-site scripting because an authenticated attacker can inject arbitrary JavaScript code into the parameter comment of the API events, which may allow an attacker to remotely execute code." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "privilegesRequired": "HIGH", - "scope": "CHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-79 Cross-site Scripting (XSS)" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-294-02", - "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-294-02" - } - ] - }, - "source": { - "advisory": "ICSA-21-294-02", - "discovery": "UNKNOWN" - }, - "work_around": [ - { - "lang": "eng", - "value": "Delta Electronics is aware of the vulnerabilities and is currently working on an update. " - } - ] + } } \ No newline at end of file diff --git a/2021/38xxx/CVE-2021-38491.json b/2021/38xxx/CVE-2021-38491.json index fc9fc50fced..7c83c87f33e 100644 --- a/2021/38xxx/CVE-2021-38491.json +++ b/2021/38xxx/CVE-2021-38491.json @@ -4,64 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-38491", - "ASSIGNER": "security@mozilla.org", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Mozilla", - "product": { - "product_data": [ - { - "product_name": "Firefox", - "version": { - "version_data": [ - { - "version_value": "92", - "version_affected": "<" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Mixed-Content-Blocking was unable to check opaque origins" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.mozilla.org/security/advisories/mfsa2021-38/", - "refsource": "MISC", - "name": "https://www.mozilla.org/security/advisories/mfsa2021-38/" - }, - { - "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1551886", - "refsource": "MISC", - "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1551886" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Mixed-content checks were unable to analyze opaque origins which led to some mixed content being loaded. This vulnerability affects Firefox < 92." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/38xxx/CVE-2021-38492.json b/2021/38xxx/CVE-2021-38492.json index 3ba0b40711e..6779cb59ab8 100644 --- a/2021/38xxx/CVE-2021-38492.json +++ b/2021/38xxx/CVE-2021-38492.json @@ -4,114 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-38492", - "ASSIGNER": "security@mozilla.org", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Mozilla", - "product": { - "product_data": [ - { - "product_name": "Firefox", - "version": { - "version_data": [ - { - "version_value": "92", - "version_affected": "<" - } - ] - } - }, - { - "product_name": "Thunderbird", - "version": { - "version_data": [ - { - "version_value": "91.1", - "version_affected": "<" - }, - { - "version_value": "78.14", - "version_affected": "<" - } - ] - } - }, - { - "product_name": "Firefox ESR", - "version": { - "version_data": [ - { - "version_value": "78.14", - "version_affected": "<" - }, - { - "version_value": "91.1", - "version_affected": "<" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Navigating to `mk:` URL scheme could load Internet Explorer" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.mozilla.org/security/advisories/mfsa2021-40/", - "refsource": "MISC", - "name": "https://www.mozilla.org/security/advisories/mfsa2021-40/" - }, - { - "url": "https://www.mozilla.org/security/advisories/mfsa2021-41/", - "refsource": "MISC", - "name": "https://www.mozilla.org/security/advisories/mfsa2021-41/" - }, - { - "url": "https://www.mozilla.org/security/advisories/mfsa2021-38/", - "refsource": "MISC", - "name": "https://www.mozilla.org/security/advisories/mfsa2021-38/" - }, - { - "url": "https://www.mozilla.org/security/advisories/mfsa2021-42/", - "refsource": "MISC", - "name": "https://www.mozilla.org/security/advisories/mfsa2021-42/" - }, - { - "url": "https://www.mozilla.org/security/advisories/mfsa2021-39/", - "refsource": "MISC", - "name": "https://www.mozilla.org/security/advisories/mfsa2021-39/" - }, - { - "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1721107", - "refsource": "MISC", - "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1721107" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "When delegating navigations to the operating system, Firefox would accept the `mk` scheme which might allow attackers to launch pages and execute scripts in Internet Explorer in unprivileged mode. *This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 92, Thunderbird < 91.1, Thunderbird < 78.14, Firefox ESR < 78.14, and Firefox ESR < 91.1." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/38xxx/CVE-2021-38493.json b/2021/38xxx/CVE-2021-38493.json index 55c05085f17..5f0a2a6a3df 100644 --- a/2021/38xxx/CVE-2021-38493.json +++ b/2021/38xxx/CVE-2021-38493.json @@ -4,96 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-38493", - "ASSIGNER": "security@mozilla.org", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Mozilla", - "product": { - "product_data": [ - { - "product_name": "Firefox ESR", - "version": { - "version_data": [ - { - "version_value": "78.14", - "version_affected": "<" - } - ] - } - }, - { - "product_name": "Thunderbird", - "version": { - "version_data": [ - { - "version_value": "78.14", - "version_affected": "<" - } - ] - } - }, - { - "product_name": "Firefox", - "version": { - "version_data": [ - { - "version_value": "92", - "version_affected": "<" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Memory safety bugs fixed in Firefox 92, Firefox ESR 78.14 and Firefox ESR 91.1" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.mozilla.org/security/advisories/mfsa2021-38/", - "refsource": "MISC", - "name": "https://www.mozilla.org/security/advisories/mfsa2021-38/" - }, - { - "url": "https://www.mozilla.org/security/advisories/mfsa2021-42/", - "refsource": "MISC", - "name": "https://www.mozilla.org/security/advisories/mfsa2021-42/" - }, - { - "url": "https://www.mozilla.org/security/advisories/mfsa2021-39/", - "refsource": "MISC", - "name": "https://www.mozilla.org/security/advisories/mfsa2021-39/" - }, - { - "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1723391%2C1724101%2C1724107", - "refsource": "MISC", - "name": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1723391%2C1724101%2C1724107" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Mozilla developers reported memory safety bugs present in Firefox 91 and Firefox ESR 78.13. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 78.14, Thunderbird < 78.14, and Firefox < 92." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/38xxx/CVE-2021-38494.json b/2021/38xxx/CVE-2021-38494.json index 6876c531690..03c5a52133b 100644 --- a/2021/38xxx/CVE-2021-38494.json +++ b/2021/38xxx/CVE-2021-38494.json @@ -4,64 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-38494", - "ASSIGNER": "security@mozilla.org", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Mozilla", - "product": { - "product_data": [ - { - "product_name": "Firefox", - "version": { - "version_data": [ - { - "version_value": "92", - "version_affected": "<" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Memory safety bugs fixed in Firefox 92" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.mozilla.org/security/advisories/mfsa2021-38/", - "refsource": "MISC", - "name": "https://www.mozilla.org/security/advisories/mfsa2021-38/" - }, - { - "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1723920%2C1725638", - "refsource": "MISC", - "name": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1723920%2C1725638" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Mozilla developers reported memory safety bugs present in Firefox 91. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 92." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/38xxx/CVE-2021-38495.json b/2021/38xxx/CVE-2021-38495.json index 3696eaf501b..fd0af3c5fb0 100644 --- a/2021/38xxx/CVE-2021-38495.json +++ b/2021/38xxx/CVE-2021-38495.json @@ -4,80 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-38495", - "ASSIGNER": "security@mozilla.org", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Mozilla", - "product": { - "product_data": [ - { - "product_name": "Thunderbird", - "version": { - "version_data": [ - { - "version_value": "91.1", - "version_affected": "<" - } - ] - } - }, - { - "product_name": "Firefox ESR", - "version": { - "version_data": [ - { - "version_value": "91.1", - "version_affected": "<" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Memory safety bugs fixed in Thunderbird 91.1" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.mozilla.org/security/advisories/mfsa2021-40/", - "refsource": "MISC", - "name": "https://www.mozilla.org/security/advisories/mfsa2021-40/" - }, - { - "url": "https://www.mozilla.org/security/advisories/mfsa2021-41/", - "refsource": "MISC", - "name": "https://www.mozilla.org/security/advisories/mfsa2021-41/" - }, - { - "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1723391%2C1723920%2C1724101%2C1724107", - "refsource": "MISC", - "name": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1723391%2C1723920%2C1724101%2C1724107" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Mozilla developers reported memory safety bugs present in Thunderbird 78.13.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 91.1 and Firefox ESR < 91.1." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/38xxx/CVE-2021-38496.json b/2021/38xxx/CVE-2021-38496.json index f4ebe829f85..145d10357f1 100644 --- a/2021/38xxx/CVE-2021-38496.json +++ b/2021/38xxx/CVE-2021-38496.json @@ -4,114 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-38496", - "ASSIGNER": "security@mozilla.org", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Mozilla", - "product": { - "product_data": [ - { - "product_name": "Thunderbird", - "version": { - "version_data": [ - { - "version_value": "78.15", - "version_affected": "<" - }, - { - "version_value": "91.2", - "version_affected": "<" - } - ] - } - }, - { - "product_name": "Firefox ESR", - "version": { - "version_data": [ - { - "version_value": "91.2", - "version_affected": "<" - }, - { - "version_value": "78.15", - "version_affected": "<" - } - ] - } - }, - { - "product_name": "Firefox", - "version": { - "version_data": [ - { - "version_value": "93", - "version_affected": "<" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Use-after-free in MessageTask" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.mozilla.org/security/advisories/mfsa2021-47/", - "refsource": "MISC", - "name": "https://www.mozilla.org/security/advisories/mfsa2021-47/" - }, - { - "url": "https://www.mozilla.org/security/advisories/mfsa2021-45/", - "refsource": "MISC", - "name": "https://www.mozilla.org/security/advisories/mfsa2021-45/" - }, - { - "url": "https://www.mozilla.org/security/advisories/mfsa2021-43/", - "refsource": "MISC", - "name": "https://www.mozilla.org/security/advisories/mfsa2021-43/" - }, - { - "url": "https://www.mozilla.org/security/advisories/mfsa2021-46/", - "refsource": "MISC", - "name": "https://www.mozilla.org/security/advisories/mfsa2021-46/" - }, - { - "url": "https://www.mozilla.org/security/advisories/mfsa2021-44/", - "refsource": "MISC", - "name": "https://www.mozilla.org/security/advisories/mfsa2021-44/" - }, - { - "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1725335", - "refsource": "MISC", - "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1725335" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "During operations on MessageTasks, a task may have been removed while it was still scheduled, resulting in memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.15, Thunderbird < 91.2, Firefox ESR < 91.2, Firefox ESR < 78.15, and Firefox < 93." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/38xxx/CVE-2021-38497.json b/2021/38xxx/CVE-2021-38497.json index c9d101e3445..dc31752672e 100644 --- a/2021/38xxx/CVE-2021-38497.json +++ b/2021/38xxx/CVE-2021-38497.json @@ -4,96 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-38497", - "ASSIGNER": "security@mozilla.org", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Mozilla", - "product": { - "product_data": [ - { - "product_name": "Firefox", - "version": { - "version_data": [ - { - "version_value": "93", - "version_affected": "<" - } - ] - } - }, - { - "product_name": "Thunderbird", - "version": { - "version_data": [ - { - "version_value": "91.2", - "version_affected": "<" - } - ] - } - }, - { - "product_name": "Firefox ESR", - "version": { - "version_data": [ - { - "version_value": "91.2", - "version_affected": "<" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Validation message could have been overlaid on another origin" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.mozilla.org/security/advisories/mfsa2021-47/", - "refsource": "MISC", - "name": "https://www.mozilla.org/security/advisories/mfsa2021-47/" - }, - { - "url": "https://www.mozilla.org/security/advisories/mfsa2021-45/", - "refsource": "MISC", - "name": "https://www.mozilla.org/security/advisories/mfsa2021-45/" - }, - { - "url": "https://www.mozilla.org/security/advisories/mfsa2021-43/", - "refsource": "MISC", - "name": "https://www.mozilla.org/security/advisories/mfsa2021-43/" - }, - { - "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1726621", - "refsource": "MISC", - "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1726621" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Through use of reportValidity() and window.open(), a plain-text validation message could have been overlaid on another origin, leading to possible user confusion and spoofing attacks. This vulnerability affects Firefox < 93, Thunderbird < 91.2, and Firefox ESR < 91.2." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/38xxx/CVE-2021-38498.json b/2021/38xxx/CVE-2021-38498.json index fc8ac728760..53a16a9c37d 100644 --- a/2021/38xxx/CVE-2021-38498.json +++ b/2021/38xxx/CVE-2021-38498.json @@ -4,96 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-38498", - "ASSIGNER": "security@mozilla.org", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Mozilla", - "product": { - "product_data": [ - { - "product_name": "Firefox", - "version": { - "version_data": [ - { - "version_value": "93", - "version_affected": "<" - } - ] - } - }, - { - "product_name": "Thunderbird", - "version": { - "version_data": [ - { - "version_value": "91.2", - "version_affected": "<" - } - ] - } - }, - { - "product_name": "Firefox ESR", - "version": { - "version_data": [ - { - "version_value": "91.2", - "version_affected": "<" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Use-after-free of nsLanguageAtomService object" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.mozilla.org/security/advisories/mfsa2021-47/", - "refsource": "MISC", - "name": "https://www.mozilla.org/security/advisories/mfsa2021-47/" - }, - { - "url": "https://www.mozilla.org/security/advisories/mfsa2021-45/", - "refsource": "MISC", - "name": "https://www.mozilla.org/security/advisories/mfsa2021-45/" - }, - { - "url": "https://www.mozilla.org/security/advisories/mfsa2021-43/", - "refsource": "MISC", - "name": "https://www.mozilla.org/security/advisories/mfsa2021-43/" - }, - { - "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1729642", - "refsource": "MISC", - "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1729642" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "During process shutdown, a document could have caused a use-after-free of a languages service object, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 93, Thunderbird < 91.2, and Firefox ESR < 91.2." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/38xxx/CVE-2021-38499.json b/2021/38xxx/CVE-2021-38499.json index 0b369b22c71..654c7501adf 100644 --- a/2021/38xxx/CVE-2021-38499.json +++ b/2021/38xxx/CVE-2021-38499.json @@ -4,64 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-38499", - "ASSIGNER": "security@mozilla.org", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Mozilla", - "product": { - "product_data": [ - { - "product_name": "Firefox", - "version": { - "version_data": [ - { - "version_value": "93", - "version_affected": "<" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Memory safety bugs fixed in Firefox 93" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.mozilla.org/security/advisories/mfsa2021-43/", - "refsource": "MISC", - "name": "https://www.mozilla.org/security/advisories/mfsa2021-43/" - }, - { - "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1667102%2C1723170%2C1725356%2C1727364", - "refsource": "MISC", - "name": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1667102%2C1723170%2C1725356%2C1727364" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Mozilla developers reported memory safety bugs present in Firefox 92. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 93." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/38xxx/CVE-2021-38500.json b/2021/38xxx/CVE-2021-38500.json index 0d65cedc635..e207fc6da65 100644 --- a/2021/38xxx/CVE-2021-38500.json +++ b/2021/38xxx/CVE-2021-38500.json @@ -4,114 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-38500", - "ASSIGNER": "security@mozilla.org", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Mozilla", - "product": { - "product_data": [ - { - "product_name": "Thunderbird", - "version": { - "version_data": [ - { - "version_value": "78.15", - "version_affected": "<" - }, - { - "version_value": "91.2", - "version_affected": "<" - } - ] - } - }, - { - "product_name": "Firefox ESR", - "version": { - "version_data": [ - { - "version_value": "91.2", - "version_affected": "<" - }, - { - "version_value": "78.15", - "version_affected": "<" - } - ] - } - }, - { - "product_name": "Firefox", - "version": { - "version_data": [ - { - "version_value": "93", - "version_affected": "<" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.mozilla.org/security/advisories/mfsa2021-47/", - "refsource": "MISC", - "name": "https://www.mozilla.org/security/advisories/mfsa2021-47/" - }, - { - "url": "https://www.mozilla.org/security/advisories/mfsa2021-45/", - "refsource": "MISC", - "name": "https://www.mozilla.org/security/advisories/mfsa2021-45/" - }, - { - "url": "https://www.mozilla.org/security/advisories/mfsa2021-43/", - "refsource": "MISC", - "name": "https://www.mozilla.org/security/advisories/mfsa2021-43/" - }, - { - "url": "https://www.mozilla.org/security/advisories/mfsa2021-46/", - "refsource": "MISC", - "name": "https://www.mozilla.org/security/advisories/mfsa2021-46/" - }, - { - "url": "https://www.mozilla.org/security/advisories/mfsa2021-44/", - "refsource": "MISC", - "name": "https://www.mozilla.org/security/advisories/mfsa2021-44/" - }, - { - "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1725854%2C1728321", - "refsource": "MISC", - "name": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1725854%2C1728321" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Mozilla developers reported memory safety bugs present in Firefox 92 and Firefox ESR 91.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 78.15, Thunderbird < 91.2, Firefox ESR < 91.2, Firefox ESR < 78.15, and Firefox < 93." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/38xxx/CVE-2021-38501.json b/2021/38xxx/CVE-2021-38501.json index 7c8645ea700..279e7d6a746 100644 --- a/2021/38xxx/CVE-2021-38501.json +++ b/2021/38xxx/CVE-2021-38501.json @@ -4,96 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-38501", - "ASSIGNER": "security@mozilla.org", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Mozilla", - "product": { - "product_data": [ - { - "product_name": "Firefox", - "version": { - "version_data": [ - { - "version_value": "93", - "version_affected": "<" - } - ] - } - }, - { - "product_name": "Thunderbird", - "version": { - "version_data": [ - { - "version_value": "91.2", - "version_affected": "<" - } - ] - } - }, - { - "product_name": "Firefox ESR", - "version": { - "version_data": [ - { - "version_value": "91.2", - "version_affected": "<" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Memory safety bugs fixed in Firefox 93 and Firefox ESR 91.2" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.mozilla.org/security/advisories/mfsa2021-47/", - "refsource": "MISC", - "name": "https://www.mozilla.org/security/advisories/mfsa2021-47/" - }, - { - "url": "https://www.mozilla.org/security/advisories/mfsa2021-45/", - "refsource": "MISC", - "name": "https://www.mozilla.org/security/advisories/mfsa2021-45/" - }, - { - "url": "https://www.mozilla.org/security/advisories/mfsa2021-43/", - "refsource": "MISC", - "name": "https://www.mozilla.org/security/advisories/mfsa2021-43/" - }, - { - "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1685354%2C1715755%2C1723176", - "refsource": "MISC", - "name": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1685354%2C1715755%2C1723176" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Mozilla developers reported memory safety bugs present in Firefox 92 and Firefox ESR 91.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 93, Thunderbird < 91.2, and Firefox ESR < 91.2." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/38xxx/CVE-2021-38502.json b/2021/38xxx/CVE-2021-38502.json index a5ec8044dc8..1e4843517f7 100644 --- a/2021/38xxx/CVE-2021-38502.json +++ b/2021/38xxx/CVE-2021-38502.json @@ -4,64 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-38502", - "ASSIGNER": "security@mozilla.org", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Mozilla", - "product": { - "product_data": [ - { - "product_name": "Thunderbird", - "version": { - "version_data": [ - { - "version_value": "91.2", - "version_affected": "<" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Downgrade attack on SMTP STARTTLS connections" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.mozilla.org/security/advisories/mfsa2021-47/", - "refsource": "MISC", - "name": "https://www.mozilla.org/security/advisories/mfsa2021-47/" - }, - { - "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1733366", - "refsource": "MISC", - "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1733366" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Thunderbird ignored the configuration to require STARTTLS security for an SMTP connection. A MITM could perform a downgrade attack to intercept transmitted messages, or could take control of the authenticated session to execute SMTP commands chosen by the MITM. If an unprotected authentication method was configured, the MITM could obtain the authentication credentials, too. This vulnerability affects Thunderbird < 91.2." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/38xxx/CVE-2021-38562.json b/2021/38xxx/CVE-2021-38562.json index a251e07f041..eb6a6676b39 100644 --- a/2021/38xxx/CVE-2021-38562.json +++ b/2021/38xxx/CVE-2021-38562.json @@ -61,11 +61,6 @@ "refsource": "CONFIRM", "name": "https://github.com/bestpractical/rt/commit/70749bb66cb13dd70bd53340c371038a5f3ca57c", "url": "https://github.com/bestpractical/rt/commit/70749bb66cb13dd70bd53340c371038a5f3ca57c" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-825dd1879f", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2JK57CEEXLQF7MGBCUX76DZHXML7LUSQ/" } ] } diff --git a/2021/38xxx/CVE-2021-38631.json b/2021/38xxx/CVE-2021-38631.json index e68b7643d28..2573d6305eb 100644 --- a/2021/38xxx/CVE-2021-38631.json +++ b/2021/38xxx/CVE-2021-38631.json @@ -1,18 +1,322 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-38631", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-38631", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Windows", + "version": { + "version_data": [ + { + "version_value": "10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "10 Version 1809 for x64-based Systems" + }, + { + "version_value": "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value": "10 for 32-bit Systems" + }, + { + "version_value": "10 for x64-based Systems" + }, + { + "version_value": "10 Version 1607 for 32-bit Systems" + }, + { + "version_value": "10 Version 1607 for x64-based Systems" + }, + { + "version_value": "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value": "7 for x64-based Systems Service Pack 1" + }, + { + "version_value": "8.1 for 32-bit systems" + }, + { + "version_value": "8.1 for x64-based systems" + }, + { + "version_value": "RT 8.1" + } + ] + } + }, + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "2019" + }, + { + "version_value": "2019 (Core installation)" + }, + { + "version_value": "2016" + }, + { + "version_value": "2016 (Core installation)" + }, + { + "version_value": "2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" + }, + { + "version_value": "2008 for x64-based Systems Service Pack 2" + }, + { + "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)" + }, + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value": "2012" + }, + { + "version_value": "2012 (Core installation)" + }, + { + "version_value": "2012 R2" + }, + { + "version_value": "2012 R2 (Core installation)" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 2004 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 20H2 (Server Core Installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-41371." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38631" + } + ] + } +} diff --git a/2021/38xxx/CVE-2021-38665.json b/2021/38xxx/CVE-2021-38665.json index ee8f7c237d2..71f7a12ca4b 100644 --- a/2021/38xxx/CVE-2021-38665.json +++ b/2021/38xxx/CVE-2021-38665.json @@ -1,18 +1,275 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-38665", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-38665", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Windows", + "version": { + "version_data": [ + { + "version_value": "10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "10 Version 1809 for x64-based Systems" + }, + { + "version_value": "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value": "10 for 32-bit Systems" + }, + { + "version_value": "10 for x64-based Systems" + }, + { + "version_value": "10 Version 1607 for 32-bit Systems" + }, + { + "version_value": "10 Version 1607 for x64-based Systems" + }, + { + "version_value": "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value": "7 for x64-based Systems Service Pack 1" + }, + { + "version_value": "8.1 for 32-bit systems" + }, + { + "version_value": "8.1 for x64-based systems" + }, + { + "version_value": "RT 8.1" + } + ] + } + }, + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "2019" + }, + { + "version_value": "2016" + }, + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value": "2012" + }, + { + "version_value": "2012 R2" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Remote Desktop client for Windows Desktop", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Remote Desktop Protocol Client Information Disclosure Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38665" + } + ] + } +} diff --git a/2021/38xxx/CVE-2021-38666.json b/2021/38xxx/CVE-2021-38666.json index 664520aa3b7..3eedd8f292e 100644 --- a/2021/38xxx/CVE-2021-38666.json +++ b/2021/38xxx/CVE-2021-38666.json @@ -1,18 +1,332 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-38666", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-38666", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Windows", + "version": { + "version_data": [ + { + "version_value": "10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "10 Version 1809 for x64-based Systems" + }, + { + "version_value": "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value": "10 for 32-bit Systems" + }, + { + "version_value": "10 for x64-based Systems" + }, + { + "version_value": "10 Version 1607 for 32-bit Systems" + }, + { + "version_value": "10 Version 1607 for x64-based Systems" + }, + { + "version_value": "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value": "7 for x64-based Systems Service Pack 1" + }, + { + "version_value": "8.1 for 32-bit systems" + }, + { + "version_value": "8.1 for x64-based systems" + }, + { + "version_value": "RT 8.1" + } + ] + } + }, + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "2019" + }, + { + "version_value": "2019 (Core installation)" + }, + { + "version_value": "2016" + }, + { + "version_value": "2016 (Core installation)" + }, + { + "version_value": "2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" + }, + { + "version_value": "2008 for x64-based Systems Service Pack 2" + }, + { + "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)" + }, + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value": "2012" + }, + { + "version_value": "2012 (Core installation)" + }, + { + "version_value": "2012 R2" + }, + { + "version_value": "2012 R2 (Core installation)" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Remote Desktop client for Windows Desktop", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 2004 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 20H2 (Server Core Installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Remote Desktop Client Remote Code Execution Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38666" + } + ] + } +} diff --git a/2021/38xxx/CVE-2021-38727.json b/2021/38xxx/CVE-2021-38727.json index 3f3dd628c23..9410542409c 100644 --- a/2021/38xxx/CVE-2021-38727.json +++ b/2021/38xxx/CVE-2021-38727.json @@ -56,16 +56,6 @@ "url": "https://github.com/daylightstudio/FUEL-CMS/issues/582", "refsource": "MISC", "name": "https://github.com/daylightstudio/FUEL-CMS/issues/582" - }, - { - "refsource": "MISC", - "name": "https://www.nu11secur1ty.com/2021/10/cve-2021-38727.html", - "url": "https://www.nu11secur1ty.com/2021/10/cve-2021-38727.html" - }, - { - "refsource": "MISC", - "name": "https://streamable.com/lxw3ln", - "url": "https://streamable.com/lxw3ln" } ] } diff --git a/2021/38xxx/CVE-2021-38840.json b/2021/38xxx/CVE-2021-38840.json index 043ee466610..dfba189d537 100644 --- a/2021/38xxx/CVE-2021-38840.json +++ b/2021/38xxx/CVE-2021-38840.json @@ -71,11 +71,6 @@ "refsource": "MISC", "name": "https://www.exploit-db.com/exploits/50204", "url": "https://www.exploit-db.com/exploits/50204" - }, - { - "refsource": "MISC", - "name": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-38840", - "url": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-38840" } ] } diff --git a/2021/38xxx/CVE-2021-38847.json b/2021/38xxx/CVE-2021-38847.json index c88a94e3a89..8ce6099d4aa 100644 --- a/2021/38xxx/CVE-2021-38847.json +++ b/2021/38xxx/CVE-2021-38847.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-38847", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-38847", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "S-Cart v6.4.1 and below was discovered to contain an arbitrary file upload vulnerability in the Editor module on the Admin panel. This vulnerability allows attackers to execute arbitrary code via a crafted IMG file." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/bousalman/S-Cart-Arbitrary-File-Upload", - "refsource": "MISC", - "name": "https://github.com/bousalman/S-Cart-Arbitrary-File-Upload" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/38xxx/CVE-2021-38948.json b/2021/38xxx/CVE-2021-38948.json index 50f470c98a3..e947787ccd9 100644 --- a/2021/38xxx/CVE-2021-38948.json +++ b/2021/38xxx/CVE-2021-38948.json @@ -1,90 +1,18 @@ { + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-38948", - "STATE": "PUBLIC", - "ASSIGNER": "psirt@us.ibm.com", - "DATE_PUBLIC": "2021-10-29T00:00:00" - }, - "references": { - "reference_data": [ - { - "url": "https://www.ibm.com/support/pages/node/6509632", - "refsource": "CONFIRM", - "name": "https://www.ibm.com/support/pages/node/6509632", - "title": "IBM Security Bulletin 6509632 (InfoSphere Information Server)" - }, - { - "title": "X-Force Vulnerability Report", - "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/211402", - "name": "ibm-infosphere-cve202138948-xxe (211402)", - "refsource": "XF" - } - ] - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "IBM", - "product": { - "product_data": [ - { - "product_name": "InfoSphere Information Server", - "version": { - "version_data": [ - { - "version_value": "11.7" - } - ] - } - } - ] - } - } - ] - } + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "IBM InfoSphere Information Server 11.7 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 211402." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "data_type": "CVE", - "data_version": "4.0", - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "Gain Access", - "lang": "eng" - } - ] - } - ] - }, - "impact": { - "cvssv3": { - "BM": { - "SCORE": "7.100", - "S": "U", - "AV": "N", - "PR": "L", - "I": "N", - "A": "L", - "AC": "L", - "C": "H", - "UI": "N" - }, - "TM": { - "RL": "O", - "RC": "C", - "E": "U" - } - } - }, - "data_format": "MITRE" + } } \ No newline at end of file diff --git a/2021/39xxx/CVE-2021-39139.json b/2021/39xxx/CVE-2021-39139.json index b453dd63de2..1999b2ffc42 100644 --- a/2021/39xxx/CVE-2021-39139.json +++ b/2021/39xxx/CVE-2021-39139.json @@ -106,11 +106,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-d894ca87dc", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QGXIU3YDPG6OGTDHMBLAFN7BPBERXREB/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-5e376c0ed9", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PVPHZA7VW2RRSDCOIPP2W6O5ND254TU7/" } ] }, diff --git a/2021/39xxx/CVE-2021-39140.json b/2021/39xxx/CVE-2021-39140.json index 95f4891b224..88b80902412 100644 --- a/2021/39xxx/CVE-2021-39140.json +++ b/2021/39xxx/CVE-2021-39140.json @@ -106,11 +106,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-d894ca87dc", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QGXIU3YDPG6OGTDHMBLAFN7BPBERXREB/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-5e376c0ed9", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PVPHZA7VW2RRSDCOIPP2W6O5ND254TU7/" } ] }, diff --git a/2021/39xxx/CVE-2021-39141.json b/2021/39xxx/CVE-2021-39141.json index 38a0e3c38c0..6e71e9acb68 100644 --- a/2021/39xxx/CVE-2021-39141.json +++ b/2021/39xxx/CVE-2021-39141.json @@ -106,11 +106,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-d894ca87dc", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QGXIU3YDPG6OGTDHMBLAFN7BPBERXREB/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-5e376c0ed9", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PVPHZA7VW2RRSDCOIPP2W6O5ND254TU7/" } ] }, diff --git a/2021/39xxx/CVE-2021-39144.json b/2021/39xxx/CVE-2021-39144.json index 7b19bb48532..5a961a27c48 100644 --- a/2021/39xxx/CVE-2021-39144.json +++ b/2021/39xxx/CVE-2021-39144.json @@ -106,11 +106,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-d894ca87dc", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QGXIU3YDPG6OGTDHMBLAFN7BPBERXREB/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-5e376c0ed9", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PVPHZA7VW2RRSDCOIPP2W6O5ND254TU7/" } ] }, diff --git a/2021/39xxx/CVE-2021-39145.json b/2021/39xxx/CVE-2021-39145.json index fcf4d37904b..180c81d25cc 100644 --- a/2021/39xxx/CVE-2021-39145.json +++ b/2021/39xxx/CVE-2021-39145.json @@ -106,11 +106,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-d894ca87dc", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QGXIU3YDPG6OGTDHMBLAFN7BPBERXREB/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-5e376c0ed9", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PVPHZA7VW2RRSDCOIPP2W6O5ND254TU7/" } ] }, diff --git a/2021/39xxx/CVE-2021-39146.json b/2021/39xxx/CVE-2021-39146.json index 107d2c01a99..6de6ebcf5c9 100644 --- a/2021/39xxx/CVE-2021-39146.json +++ b/2021/39xxx/CVE-2021-39146.json @@ -106,11 +106,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-d894ca87dc", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QGXIU3YDPG6OGTDHMBLAFN7BPBERXREB/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-5e376c0ed9", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PVPHZA7VW2RRSDCOIPP2W6O5ND254TU7/" } ] }, diff --git a/2021/39xxx/CVE-2021-39147.json b/2021/39xxx/CVE-2021-39147.json index 40ec55327a1..841e32b8629 100644 --- a/2021/39xxx/CVE-2021-39147.json +++ b/2021/39xxx/CVE-2021-39147.json @@ -106,11 +106,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-d894ca87dc", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QGXIU3YDPG6OGTDHMBLAFN7BPBERXREB/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-5e376c0ed9", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PVPHZA7VW2RRSDCOIPP2W6O5ND254TU7/" } ] }, diff --git a/2021/39xxx/CVE-2021-39148.json b/2021/39xxx/CVE-2021-39148.json index e83cd2d5cbb..4ca01b70ba7 100644 --- a/2021/39xxx/CVE-2021-39148.json +++ b/2021/39xxx/CVE-2021-39148.json @@ -106,11 +106,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-d894ca87dc", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QGXIU3YDPG6OGTDHMBLAFN7BPBERXREB/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-5e376c0ed9", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PVPHZA7VW2RRSDCOIPP2W6O5ND254TU7/" } ] }, diff --git a/2021/39xxx/CVE-2021-39149.json b/2021/39xxx/CVE-2021-39149.json index 184f9867938..95d9a9f2d32 100644 --- a/2021/39xxx/CVE-2021-39149.json +++ b/2021/39xxx/CVE-2021-39149.json @@ -106,11 +106,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-d894ca87dc", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QGXIU3YDPG6OGTDHMBLAFN7BPBERXREB/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-5e376c0ed9", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PVPHZA7VW2RRSDCOIPP2W6O5ND254TU7/" } ] }, diff --git a/2021/39xxx/CVE-2021-39150.json b/2021/39xxx/CVE-2021-39150.json index a7078b0e3e6..1ab0d409fee 100644 --- a/2021/39xxx/CVE-2021-39150.json +++ b/2021/39xxx/CVE-2021-39150.json @@ -106,11 +106,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-d894ca87dc", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QGXIU3YDPG6OGTDHMBLAFN7BPBERXREB/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-5e376c0ed9", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PVPHZA7VW2RRSDCOIPP2W6O5ND254TU7/" } ] }, diff --git a/2021/39xxx/CVE-2021-39151.json b/2021/39xxx/CVE-2021-39151.json index 5b8cb8f4889..8b1691fbb53 100644 --- a/2021/39xxx/CVE-2021-39151.json +++ b/2021/39xxx/CVE-2021-39151.json @@ -106,11 +106,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-d894ca87dc", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QGXIU3YDPG6OGTDHMBLAFN7BPBERXREB/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-5e376c0ed9", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PVPHZA7VW2RRSDCOIPP2W6O5ND254TU7/" } ] }, diff --git a/2021/39xxx/CVE-2021-39152.json b/2021/39xxx/CVE-2021-39152.json index ccc423b5e90..857b4a9faa6 100644 --- a/2021/39xxx/CVE-2021-39152.json +++ b/2021/39xxx/CVE-2021-39152.json @@ -106,11 +106,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-d894ca87dc", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QGXIU3YDPG6OGTDHMBLAFN7BPBERXREB/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-5e376c0ed9", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PVPHZA7VW2RRSDCOIPP2W6O5ND254TU7/" } ] }, diff --git a/2021/39xxx/CVE-2021-39153.json b/2021/39xxx/CVE-2021-39153.json index 7388ecbc921..3e506715896 100644 --- a/2021/39xxx/CVE-2021-39153.json +++ b/2021/39xxx/CVE-2021-39153.json @@ -106,11 +106,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-d894ca87dc", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QGXIU3YDPG6OGTDHMBLAFN7BPBERXREB/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-5e376c0ed9", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PVPHZA7VW2RRSDCOIPP2W6O5ND254TU7/" } ] }, diff --git a/2021/39xxx/CVE-2021-39154.json b/2021/39xxx/CVE-2021-39154.json index ee11b81f586..590cbef4873 100644 --- a/2021/39xxx/CVE-2021-39154.json +++ b/2021/39xxx/CVE-2021-39154.json @@ -106,11 +106,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-d894ca87dc", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QGXIU3YDPG6OGTDHMBLAFN7BPBERXREB/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-5e376c0ed9", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PVPHZA7VW2RRSDCOIPP2W6O5ND254TU7/" } ] }, diff --git a/2021/39xxx/CVE-2021-39182.json b/2021/39xxx/CVE-2021-39182.json index 8338515e8fd..2d7ac777c15 100644 --- a/2021/39xxx/CVE-2021-39182.json +++ b/2021/39xxx/CVE-2021-39182.json @@ -1,104 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-39182", - "STATE": "PUBLIC", - "TITLE": "Use of Password Hash With Insufficient Computational Effort and Use of a Broken or Risky Cryptographic Algorithm and Reversible One-Way Hash in hashing.py" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "EnroCrypt", - "version": { - "version_data": [ - { - "version_value": "< 1.1.4" - } - ] - } - } - ] - }, - "vendor_name": "Morgan-Phoenix" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-39182", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "EnroCrypt is a Python module for encryption and hashing. Prior to version 1.1.4, EnroCrypt used the MD5 hashing algorithm in the hashing file. Beginners who are unfamiliar with hashes can face problems as MD5 is considered an insecure hashing algorithm. The vulnerability is patched in v1.1.4 of the product. As a workaround, users can remove the `MD5` hashing function from the file `hashing.py`." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 7.5, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-327: Use of a Broken or Risky Cryptographic Algorithm" - } - ] - }, - { - "description": [ - { - "lang": "eng", - "value": "CWE-328: Reversible One-Way Hash" - } - ] - }, - { - "description": [ - { - "lang": "eng", - "value": "CWE-916: Use of Password Hash With Insufficient Computational Effort" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/Morgan-Phoenix/EnroCrypt/security/advisories/GHSA-35m5-8cvj-8783", - "refsource": "CONFIRM", - "url": "https://github.com/Morgan-Phoenix/EnroCrypt/security/advisories/GHSA-35m5-8cvj-8783" - }, - { - "name": "https://github.com/Morgan-Phoenix/EnroCrypt/commit/e652d56ac60eadfc26489ab83927af13a9b9d8ce", - "refsource": "MISC", - "url": "https://github.com/Morgan-Phoenix/EnroCrypt/commit/e652d56ac60eadfc26489ab83927af13a9b9d8ce" - } - ] - }, - "source": { - "advisory": "GHSA-35m5-8cvj-8783", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/39xxx/CVE-2021-39226.json b/2021/39xxx/CVE-2021-39226.json index fb2769bb898..45eec630791 100644 --- a/2021/39xxx/CVE-2021-39226.json +++ b/2021/39xxx/CVE-2021-39226.json @@ -106,11 +106,6 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20211029-0008/", "url": "https://security.netapp.com/advisory/ntap-20211029-0008/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-01588ab0bf", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCKBFUSY6V4VU5AQUYWKISREZX5NLQJT/" } ] }, diff --git a/2021/39xxx/CVE-2021-39237.json b/2021/39xxx/CVE-2021-39237.json index 7c4609af46b..608a7e99964 100644 --- a/2021/39xxx/CVE-2021-39237.json +++ b/2021/39xxx/CVE-2021-39237.json @@ -4,67 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-39237", - "ASSIGNER": "hp-security-alert@hp.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "HP LaserJet; HP LaserJet Managed; HP PageWide; HP PageWide Managed printers", - "version": { - "version_data": [ - { - "version_value": "FS3: before 3.9.8" - }, - { - "version_value": "FS4: before 4.11.2.1" - }, - { - "version_value": "FS: before 5.3" - }, - { - "version_value": "FS5: before 5.3" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Information disclosure" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://support.hp.com/us-en/document/ish_5000124-5000148-16", - "url": "https://support.hp.com/us-en/document/ish_5000124-5000148-16" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Certain HP LaserJet, HP LaserJet Managed, HP PageWide, and HP PageWide Managed printers may be vulnerable to potential information disclosure." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/39xxx/CVE-2021-39238.json b/2021/39xxx/CVE-2021-39238.json index e2f1fa1a10b..a89057af565 100644 --- a/2021/39xxx/CVE-2021-39238.json +++ b/2021/39xxx/CVE-2021-39238.json @@ -4,67 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-39238", - "ASSIGNER": "hp-security-alert@hp.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "HP Enterprise LaserJet; HP LaserJet Managed; HP Enterprise PageWide; HP PageWide Managed printers", - "version": { - "version_data": [ - { - "version_value": "FS3: before 3.9.8" - }, - { - "version_value": "FS4: before 4.11.2.1" - }, - { - "version_value": "FS: before 5.3" - }, - { - "version_value": "FS5: before 5.3" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Potential buffer overflow." - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://support.hp.com/us-en/document/ish_5000383-5000409-16", - "url": "https://support.hp.com/us-en/document/ish_5000383-5000409-16" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Certain HP Enterprise LaserJet, HP LaserJet Managed, HP Enterprise PageWide, HP PageWide Managed products may be vulnerable to potential buffer overflow." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/39xxx/CVE-2021-39330.json b/2021/39xxx/CVE-2021-39330.json index 488176c6972..811ebc89d7d 100644 --- a/2021/39xxx/CVE-2021-39330.json +++ b/2021/39xxx/CVE-2021-39330.json @@ -1,18 +1,106 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "AKA": "Wordfence", + "ASSIGNER": "security@wordfence.com", + "DATE_PUBLIC": "2021-10-13T20:40:00.000Z", "ID": "CVE-2021-39330", - "ASSIGNER": "cve@mitre.org", - "STATE": "REJECT" + "STATE": "PUBLIC", + "TITLE": "Formidable Form Builder \u2013 Contact Form, Survey & Quiz Forms Plugin for WordPress <= 5.0.06 Authenticated Stored Cross-Site Scripting" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Formidable Form Builder", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "5.0.06", + "version_value": "5.0.06" + } + ] + } + } + ] + }, + "vendor_name": "Formidable" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "Thinkland Security Team" + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-24608. Reason: This candidate is a duplicate of CVE-2021-24608. Notes: All CVE users should reference CVE-2021-24608 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + "value": "The Formidable Form Builder WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization found in the ~/classes/helpers/FrmAppHelper.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 5.0.06. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "HIGH", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-site Scripting (XSS)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2021-39330", + "name": "https://www.wordfence.com/vulnerability-advisories/#CVE-2021-39330" + }, + { + "refsource": "MISC", + "url": "https://plugins.trac.wordpress.org/changeset/2609911/formidable/trunk/classes/helpers/FrmAppHelper.php", + "name": "https://plugins.trac.wordpress.org/changeset/2609911/formidable/trunk/classes/helpers/FrmAppHelper.php" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "Update to version 5.0.07 or newer. " + } + ], + "source": { + "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2021/39xxx/CVE-2021-39333.json b/2021/39xxx/CVE-2021-39333.json index 99783ea0a17..573a41922ab 100644 --- a/2021/39xxx/CVE-2021-39333.json +++ b/2021/39xxx/CVE-2021-39333.json @@ -1,94 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security@wordfence.com", - "ID": "CVE-2021-39333", - "STATE": "PUBLIC", - "TITLE": "Hashthemes Demo Importer <= 1.1.1 Improper Access Control Allowing Content Deletion" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Hashthemes Demo Importer", - "version": { - "version_data": [ - { - "platform": "WordPress", - "version_affected": "<=", - "version_name": "1.1.1", - "version_value": "1.1.1" - } - ] - } - } - ] - }, - "vendor_name": "Hashthemes" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "Ramuel Gall, Wordfence" - } - ], - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-39333", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "The Hashthemes Demo Importer Plugin <= 1.1.1 for WordPress contained several AJAX functions which relied on a nonce which was visible to all logged-in users for access control, allowing them to execute a function that truncated nearly all database tables and removed the contents of wp-content/uploads." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "HIGH", - "baseScore": 8.1, - "baseSeverity": "HIGH", - "confidentialityImpact": "NONE", - "integrityImpact": "HIGH", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-284 Improper Access Control" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://www.wordfence.com/blog/2021/10/site-deletion-vulnerability-in-hashthemes-plugin/", - "name": "https://www.wordfence.com/blog/2021/10/site-deletion-vulnerability-in-hashthemes-plugin/" - } - ] - }, - "source": { - "discovery": "INTERNAL" } } \ No newline at end of file diff --git a/2021/39xxx/CVE-2021-39340.json b/2021/39xxx/CVE-2021-39340.json index 89ea4487d46..15663179c19 100644 --- a/2021/39xxx/CVE-2021-39340.json +++ b/2021/39xxx/CVE-2021-39340.json @@ -1,111 +1,18 @@ { - "CVE_data_meta": { - "AKA": "Wordfence", - "ASSIGNER": "security@wordfence.com", - "DATE_PUBLIC": "2021-10-25T13:41:00.000Z", - "ID": "CVE-2021-39340", - "STATE": "PUBLIC", - "TITLE": "Notification \u2013 Custom Notifications and Alerts for WordPress <= 7.2.4 Authenticated Stored Cross-Site Scripting" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Notification \u2013 Custom Notifications and Alerts for WordPress", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "7.2.4", - "version_value": "7.2.4" - } - ] - } - } - ] - }, - "vendor_name": "Notification \u2013 Custom Notifications and Alerts for WordPress" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "Thinkland Security Team" - } - ], - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-39340", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "The Notification WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/src/classes/Utils/Settings.php file which made it possible for attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 7.2.4. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 4.8, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "privilegesRequired": "HIGH", - "scope": "CHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-79 Cross-site Scripting (XSS)" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://github.com/BigTiger2020/word-press/blob/main/Notification.md", - "name": "https://github.com/BigTiger2020/word-press/blob/main/Notification.md" - }, - { - "refsource": "MISC", - "url": "https://wordfence.com/vulnerability-advisories/#CVE-2021-39340", - "name": "https://wordfence.com/vulnerability-advisories/#CVE-2021-39340" - }, - { - "refsource": "MISC", - "url": "https://plugins.trac.wordpress.org/browser/notification/tags/7.2.4/src/classes/Utils/Settings.php#L167", - "name": "https://plugins.trac.wordpress.org/browser/notification/tags/7.2.4/src/classes/Utils/Settings.php#L167" - } - ] - }, - "solution": [ - { - "lang": "eng", - "value": "Update to version 8.0.0, or newer. " - } - ], - "source": { - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/39xxx/CVE-2021-39341.json b/2021/39xxx/CVE-2021-39341.json index 4c2d3ae99b1..95358311569 100644 --- a/2021/39xxx/CVE-2021-39341.json +++ b/2021/39xxx/CVE-2021-39341.json @@ -1,119 +1,18 @@ { - "CVE_data_meta": { - "AKA": "Wordfence", - "ASSIGNER": "security@wordfence.com", - "DATE_PUBLIC": "2021-11-01T09:02:00.000Z", - "ID": "CVE-2021-39341", - "STATE": "PUBLIC", - "TITLE": "OptinMonster <= 2.6.4 Unprotected REST-API Endpoints" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "OptinMonster", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "2.6.4", - "version_value": "2.6.4" - } - ] - } - } - ] - }, - "vendor_name": "OptinMonster" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "Chloe Chamberland, Wordfence" - } - ], - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-39341", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "The OptinMonster WordPress plugin is vulnerable to sensitive information disclosure and unauthorized setting updates due to insufficient authorization validation via the logged_in_or_has_api_key function in the ~/OMAPI/RestApi.php file that can used to exploit inject malicious web scripts on sites with the plugin installed. This affects versions up to, and including, 2.6.4." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 8.2, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "LOW", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-285 Improper Authorization" - } - ] - }, - { - "description": [ - { - "lang": "eng", - "value": "CWE-319 Cleartext Transmission of Sensitive Information" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://www.wordfence.com/blog/2021/10/1000000-sites-affected-by-optinmonster-vulnerabilities/", - "name": "https://www.wordfence.com/blog/2021/10/1000000-sites-affected-by-optinmonster-vulnerabilities/" - }, - { - "refsource": "MISC", - "url": "https://wordfence.com/vulnerability-advisories/#CVE-2021-39341", - "name": "https://wordfence.com/vulnerability-advisories/#CVE-2021-39341" - }, - { - "refsource": "MISC", - "url": "https://plugins.trac.wordpress.org/browser/optinmonster/trunk/OMAPI/RestApi.php?rev=2606519#L1460", - "name": "https://plugins.trac.wordpress.org/browser/optinmonster/trunk/OMAPI/RestApi.php?rev=2606519#L1460" - } - ] - }, - "solution": [ - { - "lang": "eng", - "value": "Update to version 2.6.5, or newer. " - } - ], - "source": { - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/39xxx/CVE-2021-39346.json b/2021/39xxx/CVE-2021-39346.json index 28a4744a55b..d1ebc045083 100644 --- a/2021/39xxx/CVE-2021-39346.json +++ b/2021/39xxx/CVE-2021-39346.json @@ -1,111 +1,18 @@ { - "CVE_data_meta": { - "AKA": "Wordfence", - "ASSIGNER": "security@wordfence.com", - "DATE_PUBLIC": "2021-11-01T10:32:00.000Z", - "ID": "CVE-2021-39346", - "STATE": "PUBLIC", - "TITLE": "Google Maps Easy <= 1.9.33 Authenticated Stored Cross-Site Scripting" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Google Maps Easy", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "1.9.33", - "version_value": "1.9.33" - } - ] - } - } - ] - }, - "vendor_name": "Google Maps Easy" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "Thinkland Security Team" - } - ], - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-39346", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "The Google Maps Easy WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/modules/marker_groups/views/tpl/mgrEditMarkerGroup.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 1.9.33. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 4.8, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "privilegesRequired": "HIGH", - "scope": "CHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-79 Cross-site Scripting (XSS)" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://github.com/BigTiger2020/word-press/blob/main/Google%20Maps%20Easy.md", - "name": "https://github.com/BigTiger2020/word-press/blob/main/Google%20Maps%20Easy.md" - }, - { - "refsource": "MISC", - "url": "https://plugins.trac.wordpress.org/changeset/2620851/google-maps-easy/trunk/modules/marker_groups/views/tpl/mgrEditMarkerGroup.php", - "name": "https://plugins.trac.wordpress.org/changeset/2620851/google-maps-easy/trunk/modules/marker_groups/views/tpl/mgrEditMarkerGroup.php" - }, - { - "refsource": "MISC", - "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2021-39346", - "name": "https://www.wordfence.com/vulnerability-advisories/#CVE-2021-39346" - } - ] - }, - "solution": [ - { - "lang": "eng", - "value": "Update to version 1.10.1 or newer. " - } - ], - "source": { - "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2021/39xxx/CVE-2021-39358.json b/2021/39xxx/CVE-2021-39358.json index 77064cc19bb..65d88cc8d44 100644 --- a/2021/39xxx/CVE-2021-39358.json +++ b/2021/39xxx/CVE-2021-39358.json @@ -71,11 +71,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-9c737bb848", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GRCVZUNPTNFQQQCEZVP7RYY6OKHPDBC5/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-743a0aafa0", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WXXAF56BYLSES4UCLXKFCODZXTNAZ2G6/" } ] } diff --git a/2021/39xxx/CVE-2021-39360.json b/2021/39xxx/CVE-2021-39360.json index d081847fc04..e28cbbc8512 100644 --- a/2021/39xxx/CVE-2021-39360.json +++ b/2021/39xxx/CVE-2021-39360.json @@ -71,11 +71,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-c3395a5df6", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IDXCHOCVP3VSAKDBQSLER2DQHFIOUHAT/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-77ce69dba6", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UG7TUICJM4QJHI4QJ2RHOSQE2QWD3KO3/" } ] } diff --git a/2021/39xxx/CVE-2021-39411.json b/2021/39xxx/CVE-2021-39411.json index fa4bc4e1fd2..cc0ca457c4e 100644 --- a/2021/39xxx/CVE-2021-39411.json +++ b/2021/39xxx/CVE-2021-39411.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-39411", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-39411", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Multiple Cross Site Scripting (XSS) vulnerabilities exist in PHPGurukul Hospital Management System 4.0 via the (1) searchdata parameter in (a) doctor/search.php and (b) admin/patient-search.php, and the (2) fromdate and (3) todate parameters in admin/betweendates-detailsreports.php." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://sisl.lab.uic.edu/projects/chess/hmsp/", - "refsource": "MISC", - "name": "https://sisl.lab.uic.edu/projects/chess/hmsp/" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/39xxx/CVE-2021-39412.json b/2021/39xxx/CVE-2021-39412.json index b9d871599cc..1aefd393cbe 100644 --- a/2021/39xxx/CVE-2021-39412.json +++ b/2021/39xxx/CVE-2021-39412.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-39412", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-39412", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Multiple Cross Site Scripting (XSS) vulnerabilities exists in PHPGurukul Shopping v3.1 via the (1) callback parameter in (a) server_side/scripts/id_jsonp.php, (b) server_side/scripts/jsonp.php, and (c) scripts/objects_jsonp.php, the (2) value parameter in examples_support/editable_ajax.php, and the (3) PHP_SELF parameter in captcha/index.php." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://sisl.lab.uic.edu/projects/chess/php-gurukul-shopping/", - "refsource": "MISC", - "name": "https://sisl.lab.uic.edu/projects/chess/php-gurukul-shopping/" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/39xxx/CVE-2021-39413.json b/2021/39xxx/CVE-2021-39413.json index 9a8f1ac1556..6d20aa27ead 100644 --- a/2021/39xxx/CVE-2021-39413.json +++ b/2021/39xxx/CVE-2021-39413.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-39413", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-39413", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Multiple Cross Site Scripting (XSS) vulnerabilities exits in SEO Panel v4.8.0 via the (1) to_time parameter in (a) backlinks.php, (b) analytics.php, (c) log.php, (d) overview.php, (e) pagespeed.php, (f) rank.php, (g) review.php, (h) saturationchecker.php, (i) social_media.php, and (j) reports.php; the (2) from_time parameter in (a) backlinks.php, (b) analytics.php, (c) log.php, (d) overview.php, (e) pagespeed.php, (f) rank.php, (g) review.php, (h) saturationchecker.php, (i) social_media.php, (j) webmaster-tools.php, and (k) reports.php; the (3) order_col parameter in (a) analytics.php, (b) review.php, (c) social_media.php, and (d) webmaster-tools.php; and the (4) pageno parameter in (a) alerts.php, (b) log.php, (c) keywords.php, (d) proxy.php, (e) searchengine.php, and (f) siteauditor.php." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://sisl.lab.uic.edu/projects/chess/seo-panel/", - "refsource": "MISC", - "name": "https://sisl.lab.uic.edu/projects/chess/seo-panel/" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/39xxx/CVE-2021-39416.json b/2021/39xxx/CVE-2021-39416.json index d2f15b973da..79d54dc286f 100644 --- a/2021/39xxx/CVE-2021-39416.json +++ b/2021/39xxx/CVE-2021-39416.json @@ -1,71 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-39416", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-39416", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Multiple Cross Site Scripting (XSS) vulnerabilities exists in Remote Clinic v2.0 in (1) patients/register-patient.php via the (a) Contact, (b) Email, (c) Weight, (d) Profession, (e) ref_contact, (f) address, (g) gender, (h) age, and (i) serial parameters; in (2) patients/edit-patient.php via the (a) Contact, (b) Email, (c) Weight, Profession, (d) ref_contact, (e) address, (f) serial, (g) age, and (h) gender parameters; in (3) staff/edit-my-profile.php via the (a) Title, (b) First Name, (c) Last Name, (d) Skype, and (e) Address parameters; and in (4) clinics/settings.php via the (a) portal_name, (b) guardian_short_name, (c) guardian_name, (d) opening_time, (e) closing_time, (f) access_level_5, (g) access_level_4, (h) access_level_ 3, (i) access_level_2, (j) access_level_1, (k) currency, (l) mobile_number, (m) address, (n) patient_contact, (o) patient_address, and (p) patient_email parameters." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://sisl.lab.uic.edu/projects/chess/remote-clinic/", - "refsource": "MISC", - "name": "https://sisl.lab.uic.edu/projects/chess/remote-clinic/" - }, - { - "url": "https://github.com/remoteclinic/RemoteClinic/issues/17", - "refsource": "MISC", - "name": "https://github.com/remoteclinic/RemoteClinic/issues/17" - }, - { - "url": "https://remoteclinic.io", - "refsource": "MISC", - "name": "https://remoteclinic.io" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/39xxx/CVE-2021-39420.json b/2021/39xxx/CVE-2021-39420.json index 0f8638ee2ae..272328b34e4 100644 --- a/2021/39xxx/CVE-2021-39420.json +++ b/2021/39xxx/CVE-2021-39420.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-39420", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-39420", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Multiple Cross Site Scripting (XSS) vulnerabilities exist in VFront 0.99.5 via the (1) s parameter in search_all.php and the (2) msg parameter in add.attach.php." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://sisl.lab.uic.edu/projects/chess/vfront0-99-5/", - "refsource": "MISC", - "name": "https://sisl.lab.uic.edu/projects/chess/vfront0-99-5/" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/39xxx/CVE-2021-39895.json b/2021/39xxx/CVE-2021-39895.json index 1cdbb70360c..6d451695894 100644 --- a/2021/39xxx/CVE-2021-39895.json +++ b/2021/39xxx/CVE-2021-39895.json @@ -4,97 +4,15 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-39895", - "ASSIGNER": "cve@gitlab.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "GitLab", - "product": { - "product_data": [ - { - "product_name": "GitLab", - "version": { - "version_data": [ - { - "version_value": ">=8.0, <14.1.7" - }, - { - "version_value": ">=14.2, <14.2.5" - }, - { - "version_value": ">=14.3, <14.3.1" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Configuration in GitLab" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://gitlab.com/gitlab-org/gitlab/-/issues/337824", - "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/337824", - "refsource": "MISC" - }, - { - "name": "https://hackerone.com/reports/1272535", - "url": "https://hackerone.com/reports/1272535", - "refsource": "MISC" - }, - { - "name": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39895.json", - "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39895.json", - "refsource": "CONFIRM" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "In all versions of GitLab CE/EE since version 8.0, an attacker can set the pipeline schedules to be active in a project export so when an unsuspecting owner imports that project, pipelines are active by default on that project. Under specialized conditions, this may lead to information disclosure if the project is imported from an untrusted source." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "vectorString": "AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L", - "attackComplexity": "HIGH", - "attackVector": "NETWORK", - "availabilityImpact": "LOW", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "HIGH", - "scope": "UNCHANGED", - "userInteraction": "REQUIRED", - "version": "3.1", - "baseScore": 6.0, - "baseSeverity": "MEDIUM" - } - }, - "credit": [ - { - "lang": "eng", - "value": "Thanks @justas_b for reporting this vulnerability through our HackerOne bug bounty program." - } - ] + } } \ No newline at end of file diff --git a/2021/39xxx/CVE-2021-39897.json b/2021/39xxx/CVE-2021-39897.json index 7d62028cc87..a368568609a 100644 --- a/2021/39xxx/CVE-2021-39897.json +++ b/2021/39xxx/CVE-2021-39897.json @@ -4,97 +4,15 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-39897", - "ASSIGNER": "cve@gitlab.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "GitLab", - "product": { - "product_data": [ - { - "product_name": "GitLab", - "version": { - "version_data": [ - { - "version_value": ">=12.9, <12.9.8" - }, - { - "version_value": ">=12.10, <12.10.7" - }, - { - "version_value": ">=13.0, <13.0.1" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Improper access control in GitLab" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://gitlab.com/gitlab-org/gitlab/-/issues/341017", - "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/341017", - "refsource": "MISC" - }, - { - "name": "https://hackerone.com/reports/1330806", - "url": "https://hackerone.com/reports/1330806", - "refsource": "MISC" - }, - { - "name": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39897.json", - "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39897.json", - "refsource": "CONFIRM" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Improper access control in GitLab CE/EE version 10.5 and above allowed subgroup members with inherited access to a project from a parent group to still have access even after the subgroup is transferred" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "vectorString": "AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N", - "attackComplexity": "HIGH", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "REQUIRED", - "version": "3.1", - "baseScore": 2.6, - "baseSeverity": "LOW" - } - }, - "credit": [ - { - "lang": "eng", - "value": "Thanks joaxcar for reporting this vulnerability through our HackerOne bug bounty program" - } - ] + } } \ No newline at end of file diff --git a/2021/39xxx/CVE-2021-39898.json b/2021/39xxx/CVE-2021-39898.json index c75fad7b2ce..715229e9c0d 100644 --- a/2021/39xxx/CVE-2021-39898.json +++ b/2021/39xxx/CVE-2021-39898.json @@ -4,97 +4,15 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-39898", - "ASSIGNER": "cve@gitlab.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "GitLab", - "product": { - "product_data": [ - { - "product_name": "GitLab", - "version": { - "version_data": [ - { - "version_value": ">=10.6, <14.1.7" - }, - { - "version_value": ">=14.2, <14.2.5" - }, - { - "version_value": ">=14.3, <14.3.1" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Information exposure in GitLab" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://gitlab.com/gitlab-org/gitlab/-/issues/33734", - "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/33734", - "refsource": "MISC" - }, - { - "name": "https://hackerone.com/reports/698068", - "url": "https://hackerone.com/reports/698068", - "refsource": "MISC" - }, - { - "name": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39898.json", - "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39898.json", - "refsource": "CONFIRM" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "In all versions of GitLab CE/EE since version 10.6, a project export leaks the external webhook token value which may allow access to the project which it was exported from." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "vectorString": "AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", - "attackComplexity": "HIGH", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "version": "3.1", - "baseScore": 3.6, - "baseSeverity": "LOW" - } - }, - "credit": [ - { - "lang": "eng", - "value": "Thanks @xanbanx for reporting this vulnerability through our HackerOne bug bounty program." - } - ] + } } \ No newline at end of file diff --git a/2021/39xxx/CVE-2021-39901.json b/2021/39xxx/CVE-2021-39901.json index e64fd503757..760e88798fc 100644 --- a/2021/39xxx/CVE-2021-39901.json +++ b/2021/39xxx/CVE-2021-39901.json @@ -4,97 +4,15 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-39901", - "ASSIGNER": "cve@gitlab.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "GitLab", - "product": { - "product_data": [ - { - "product_name": "GitLab", - "version": { - "version_data": [ - { - "version_value": ">=11.10, <14.2.6" - }, - { - "version_value": ">=14.3, <14.3.4" - }, - { - "version_value": ">=14.4, <14.4.1" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Information exposure in GitLab" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://gitlab.com/gitlab-org/gitlab/-/issues/11640", - "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/11640", - "refsource": "MISC" - }, - { - "name": "https://hackerone.com/reports/565884", - "url": "https://hackerone.com/reports/565884", - "refsource": "MISC" - }, - { - "name": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39901.json", - "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39901.json", - "refsource": "CONFIRM" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "In all versions of GitLab CE/EE since version 11.10, an admin of a group can see the SCIM token of that group by visiting a specific endpoint." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "vectorString": "AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "privilegesRequired": "HIGH", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "version": "3.1", - "baseScore": 2.6, - "baseSeverity": "LOW" - } - }, - "credit": [ - { - "lang": "eng", - "value": "Thanks @ngalog for reporting this vulnerability through our HackerOne bug bounty program." - } - ] + } } \ No newline at end of file diff --git a/2021/39xxx/CVE-2021-39902.json b/2021/39xxx/CVE-2021-39902.json index 2a136837132..b30d2178ada 100644 --- a/2021/39xxx/CVE-2021-39902.json +++ b/2021/39xxx/CVE-2021-39902.json @@ -4,97 +4,15 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-39902", - "ASSIGNER": "cve@gitlab.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "GitLab", - "product": { - "product_data": [ - { - "product_name": "GitLab", - "version": { - "version_data": [ - { - "version_value": ">=13.4, <14.2.6" - }, - { - "version_value": ">=14.3, <14.3.4" - }, - { - "version_value": ">=14.4, <14.4.1" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Incorrect authorization in GitLab" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://gitlab.com/gitlab-org/gitlab/-/issues/341479", - "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/341479", - "refsource": "MISC" - }, - { - "name": "https://hackerone.com/reports/1341674", - "url": "https://hackerone.com/reports/1341674", - "refsource": "MISC" - }, - { - "name": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39902.json", - "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39902.json", - "refsource": "CONFIRM" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Incorrect Authorization in GitLab CE/EE 13.4 or above allows a user with guest membership in a project to modify the severity of an incident." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "vectorString": "AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "confidentialityImpact": "NONE", - "integrityImpact": "LOW", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "version": "3.1", - "baseScore": 4.2, - "baseSeverity": "MEDIUM" - } - }, - "credit": [ - { - "lang": "eng", - "value": "Thanks @cradlr for reporting this vulnerability through our HackerOne bug bounty program" - } - ] + } } \ No newline at end of file diff --git a/2021/39xxx/CVE-2021-39903.json b/2021/39xxx/CVE-2021-39903.json index 4c6d4f6c805..dcbaa69cf29 100644 --- a/2021/39xxx/CVE-2021-39903.json +++ b/2021/39xxx/CVE-2021-39903.json @@ -4,97 +4,15 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-39903", - "ASSIGNER": "cve@gitlab.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "GitLab", - "product": { - "product_data": [ - { - "product_name": "GitLab", - "version": { - "version_data": [ - { - "version_value": ">=13.0, <14.2.6" - }, - { - "version_value": ">=14.3, <14.3.4" - }, - { - "version_value": ">=14.4, <14.4.1" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Improper authorization in GitLab" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://gitlab.com/gitlab-org/gitlab/-/issues/300017", - "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/300017", - "refsource": "MISC" - }, - { - "name": "https://hackerone.com/reports/1086781", - "url": "https://hackerone.com/reports/1086781", - "refsource": "MISC" - }, - { - "name": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39903.json", - "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39903.json", - "refsource": "CONFIRM" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "In all versions of GitLab CE/EE since version 13.0, a privileged user, through an API call, can change the visibility level of a group or a project to a restricted option even after the instance administrator sets that visibility option as restricted in settings." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "vectorString": "AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "HIGH", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "version": "3.1", - "baseScore": 6.4, - "baseSeverity": "MEDIUM" - } - }, - "credit": [ - { - "lang": "eng", - "value": "Thanks @s4nderdevelopment for reporting this vulnerability through our HackerOne bug bounty program." - } - ] + } } \ No newline at end of file diff --git a/2021/39xxx/CVE-2021-39904.json b/2021/39xxx/CVE-2021-39904.json index 242f79f6e37..95cd163ccbe 100644 --- a/2021/39xxx/CVE-2021-39904.json +++ b/2021/39xxx/CVE-2021-39904.json @@ -4,97 +4,15 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-39904", - "ASSIGNER": "cve@gitlab.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "GitLab", - "product": { - "product_data": [ - { - "product_name": "GitLab", - "version": { - "version_data": [ - { - "version_value": ">=13.1, <14.4.1" - }, - { - "version_value": ">=13.0, <14.3.4" - }, - { - "version_value": ">=12.10, <14.2.6" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Improper access control in GitLab" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://gitlab.com/gitlab-org/gitlab/-/issues/295298", - "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/295298", - "refsource": "MISC" - }, - { - "name": "https://hackerone.com/reports/1063420", - "url": "https://hackerone.com/reports/1063420", - "refsource": "MISC" - }, - { - "name": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39904.json", - "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39904.json", - "refsource": "CONFIRM" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "An Improper Access Control vulnerability in the GraphQL API in GitLab CE/EE since version 13.1 allows a Merge Request creator to resolve discussions and apply suggestions after a project owner has locked the Merge Request" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "vectorString": "AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "confidentialityImpact": "NONE", - "integrityImpact": "LOW", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "version": "3.1", - "baseScore": 4.2, - "baseSeverity": "MEDIUM" - } - }, - "credit": [ - { - "lang": "eng", - "value": "Thanks jimeno for reporting this vulnerability through our HackerOne bug bounty program" - } - ] + } } \ No newline at end of file diff --git a/2021/39xxx/CVE-2021-39905.json b/2021/39xxx/CVE-2021-39905.json index fefc2ef2d85..98311328a85 100644 --- a/2021/39xxx/CVE-2021-39905.json +++ b/2021/39xxx/CVE-2021-39905.json @@ -4,91 +4,15 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-39905", - "ASSIGNER": "cve@gitlab.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "GitLab", - "product": { - "product_data": [ - { - "product_name": "GitLab", - "version": { - "version_data": [ - { - "version_value": ">=8.9.6, <14.2.6" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Information exposure in GitLab" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://gitlab.com/gitlab-org/gitlab/-/issues/28226", - "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/28226", - "refsource": "MISC" - }, - { - "name": "https://hackerone.com/reports/538029", - "url": "https://hackerone.com/reports/538029", - "refsource": "MISC" - }, - { - "name": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39905.json", - "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39905.json", - "refsource": "CONFIRM" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "An information disclosure vulnerability in the GitLab CE/EE API since version 8.9.6 allows a user to see basic information on private groups that a public project has been shared with" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "vectorString": "AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "version": "3.1", - "baseScore": 4.2, - "baseSeverity": "MEDIUM" - } - }, - "credit": [ - { - "lang": "eng", - "value": "Thanks rafiem for reporting this vulnerability through our HackerOne bug bounty program" - } - ] + } } \ No newline at end of file diff --git a/2021/39xxx/CVE-2021-39906.json b/2021/39xxx/CVE-2021-39906.json index 2285639c675..a3775265f16 100644 --- a/2021/39xxx/CVE-2021-39906.json +++ b/2021/39xxx/CVE-2021-39906.json @@ -4,97 +4,15 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-39906", - "ASSIGNER": "cve@gitlab.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "GitLab", - "product": { - "product_data": [ - { - "product_name": "GitLab", - "version": { - "version_data": [ - { - "version_value": ">=13.5, <14.2.6" - }, - { - "version_value": ">=14.3, <14.3.4" - }, - { - "version_value": ">=14.4, <14.4.1" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Improper neutralization of input during web page generation ('cross-site scripting') in GitLab" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://gitlab.com/gitlab-org/gitlab/-/issues/341566", - "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/341566", - "refsource": "MISC" - }, - { - "name": "https://hackerone.com/reports/1347600", - "url": "https://hackerone.com/reports/1347600", - "refsource": "MISC" - }, - { - "name": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39906.json", - "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39906.json", - "refsource": "CONFIRM" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Improper validation of ipynb files in GitLab CE/EE version 13.5 and above allows an attacker to execute arbitrary JavaScript code on the victim's behalf." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "vectorString": "AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N", - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "LOW", - "scope": "CHANGED", - "userInteraction": "REQUIRED", - "version": "3.1", - "baseScore": 8.7, - "baseSeverity": "HIGH" - } - }, - "credit": [ - { - "lang": "eng", - "value": "Thanks @saleemrashid for reporting this vulnerability through our HackerOne bug bounty program" - } - ] + } } \ No newline at end of file diff --git a/2021/39xxx/CVE-2021-39907.json b/2021/39xxx/CVE-2021-39907.json index bba3be64c71..4e1109febba 100644 --- a/2021/39xxx/CVE-2021-39907.json +++ b/2021/39xxx/CVE-2021-39907.json @@ -4,97 +4,15 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-39907", - "ASSIGNER": "cve@gitlab.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "GitLab", - "product": { - "product_data": [ - { - "product_name": "GitLab", - "version": { - "version_data": [ - { - "version_value": ">=14.4, <14.4.1" - }, - { - "version_value": ">=14.3, <14.3.4" - }, - { - "version_value": ">=13.7, <14.2.6" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Uncontrolled resource consumption in GitLab" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://gitlab.com/gitlab-org/gitlab/-/issues/299869", - "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/299869", - "refsource": "MISC" - }, - { - "name": "https://hackerone.com/reports/1083182", - "url": "https://hackerone.com/reports/1083182", - "refsource": "MISC" - }, - { - "name": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39907.json", - "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39907.json", - "refsource": "CONFIRM" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A potential DOS vulnerability was discovered in GitLab CE/EE starting with version 13.7. The stripping of EXIF data from certain images resulted in high CPU usage." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "LOW", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "version": "3.1", - "baseScore": 5.3, - "baseSeverity": "MEDIUM" - } - }, - "credit": [ - { - "lang": "eng", - "value": "Thanks @ajxchapman for reporting this vulnerability through our HackerOne bug bounty program" - } - ] + } } \ No newline at end of file diff --git a/2021/39xxx/CVE-2021-39909.json b/2021/39xxx/CVE-2021-39909.json index b513b5bdad6..aa92ddbb299 100644 --- a/2021/39xxx/CVE-2021-39909.json +++ b/2021/39xxx/CVE-2021-39909.json @@ -4,97 +4,15 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-39909", - "ASSIGNER": "cve@gitlab.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "GitLab", - "product": { - "product_data": [ - { - "product_name": "GitLab", - "version": { - "version_data": [ - { - "version_value": ">=11.3, <14.4.1" - }, - { - "version_value": ">=11.2, <14.3.4" - }, - { - "version_value": ">=11.1, <14.2.6" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Unverified ownership in GitLab" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://gitlab.com/gitlab-org/gitlab/-/issues/335191", - "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/335191", - "refsource": "MISC" - }, - { - "name": "https://hackerone.com/reports/1237750", - "url": "https://hackerone.com/reports/1237750", - "refsource": "MISC" - }, - { - "name": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39909.json", - "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39909.json", - "refsource": "CONFIRM" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Lack of email address ownership verification in the CODEOWNERS feature in all versions of GitLab EE since version 11.3 allows an attacker to bypass CODEOWNERS Merge Request approval requirement under rare circumstances" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "vectorString": "AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N", - "attackComplexity": "HIGH", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "confidentialityImpact": "NONE", - "integrityImpact": "HIGH", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "version": "3.1", - "baseScore": 5.2, - "baseSeverity": "MEDIUM" - } - }, - "credit": [ - { - "lang": "eng", - "value": "Thanks vaib25vicky for reporting this vulnerability through our HackerOne bug bounty program" - } - ] + } } \ No newline at end of file diff --git a/2021/39xxx/CVE-2021-39911.json b/2021/39xxx/CVE-2021-39911.json index fc490b7028f..ac5afcd8ab0 100644 --- a/2021/39xxx/CVE-2021-39911.json +++ b/2021/39xxx/CVE-2021-39911.json @@ -4,92 +4,15 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-39911", - "ASSIGNER": "cve@gitlab.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "GitLab", - "product": { - "product_data": [ - { - "product_name": "GitLab", - "version": { - "version_data": [ - { - "version_value": ">=13.9, <14.4.1" - }, - { - "version_value": ">=13.8, <14.3.4" - }, - { - "version_value": ">=13.7, <14.2.6" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Exposure of private information ('privacy violation') in GitLab" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://gitlab.com/gitlab-org/gitlab/-/issues/297470", - "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/297470", - "refsource": "MISC" - }, - { - "name": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39911.json", - "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39911.json", - "refsource": "CONFIRM" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "An improper access control flaw in GitLab CE/EE since version 13.9 exposes private email address of Issue and Merge Requests assignee to Webhook data consumers" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "vectorString": "AV:P/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N", - "attackComplexity": "HIGH", - "attackVector": "PHYSICAL", - "availabilityImpact": "NONE", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "REQUIRED", - "version": "3.1", - "baseScore": 1.7, - "baseSeverity": "LOW" - } - }, - "credit": [ - { - "lang": "eng", - "value": "This vulnerability has been discovered internally by the GitLab team" - } - ] + } } \ No newline at end of file diff --git a/2021/39xxx/CVE-2021-39912.json b/2021/39xxx/CVE-2021-39912.json index 52dd8b3d097..e1a234be925 100644 --- a/2021/39xxx/CVE-2021-39912.json +++ b/2021/39xxx/CVE-2021-39912.json @@ -4,97 +4,15 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-39912", - "ASSIGNER": "cve@gitlab.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "GitLab", - "product": { - "product_data": [ - { - "product_name": "GitLab", - "version": { - "version_data": [ - { - "version_value": ">=14.4, <14.4.1" - }, - { - "version_value": ">=14.3, <14.3.4" - }, - { - "version_value": ">=13.7, <14.2.6" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Uncontrolled resource consumption in GitLab" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://gitlab.com/gitlab-org/gitlab/-/issues/341363", - "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/341363", - "refsource": "MISC" - }, - { - "name": "https://hackerone.com/reports/1330882", - "url": "https://hackerone.com/reports/1330882", - "refsource": "MISC" - }, - { - "name": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39912.json", - "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39912.json", - "refsource": "CONFIRM" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A potential DoS vulnerability was discovered in GitLab CE/EE starting with version 13.7. Using a malformed TIFF images was possible to trigger memory exhaustion." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "LOW", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "version": "3.1", - "baseScore": 5.3, - "baseSeverity": "MEDIUM" - } - }, - "credit": [ - { - "lang": "eng", - "value": "Thanks @haquaman for reporting this vulnerability through our HackerOne bug bounty program" - } - ] + } } \ No newline at end of file diff --git a/2021/39xxx/CVE-2021-39913.json b/2021/39xxx/CVE-2021-39913.json index 77e1b31f364..4d5f8b207a2 100644 --- a/2021/39xxx/CVE-2021-39913.json +++ b/2021/39xxx/CVE-2021-39913.json @@ -4,92 +4,15 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-39913", - "ASSIGNER": "cve@gitlab.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "GitLab", - "product": { - "product_data": [ - { - "product_name": "GitLab", - "version": { - "version_data": [ - { - "version_value": ">=0.8.0, <14.4.1" - }, - { - "version_value": ">=0.8.0, <14.3.4" - }, - { - "version_value": ">=0.8.0, <14.2.6" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Inclusion of sensitive information in log files in GitLab" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://gitlab.com/gitlab-org/gitlab/-/issues/28074", - "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/28074", - "refsource": "MISC" - }, - { - "name": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39913.json", - "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39913.json", - "refsource": "CONFIRM" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Accidental logging of system root password in the migration log in all versions of GitLab CE/EE allows an attacker with local file system access to obtain system root-level privileges" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "vectorString": "AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "NONE", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "privilegesRequired": "HIGH", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "version": "3.1", - "baseScore": 4.4, - "baseSeverity": "MEDIUM" - } - }, - "credit": [ - { - "lang": "eng", - "value": "This vulnerability has been discovered internally by the GitLab team" - } - ] + } } \ No newline at end of file diff --git a/2021/39xxx/CVE-2021-39914.json b/2021/39xxx/CVE-2021-39914.json index 812bfa905f9..7fb8db45a5f 100644 --- a/2021/39xxx/CVE-2021-39914.json +++ b/2021/39xxx/CVE-2021-39914.json @@ -4,92 +4,15 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-39914", - "ASSIGNER": "cve@gitlab.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "GitLab", - "product": { - "product_data": [ - { - "product_name": "GitLab", - "version": { - "version_data": [ - { - "version_value": ">=8.13, <14.2.6" - }, - { - "version_value": ">=14.3.0, <14.3.4" - }, - { - "version_value": ">=14.4.0, <14.4.1" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Uncontrolled resource consumption in GitLab" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://gitlab.com/gitlab-org/gitlab/-/issues/289948", - "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/289948", - "refsource": "MISC" - }, - { - "name": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39914.json", - "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39914.json", - "refsource": "CONFIRM" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A regular expression denial of service issue in GitLab versions 8.13 to 14.2.5, 14.3.0 to 14.3.3 and 14.4.0 could cause excessive usage of resources when a specially crafted username was used when provisioning a new user" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "vectorString": "AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L", - "attackComplexity": "HIGH", - "attackVector": "NETWORK", - "availabilityImpact": "LOW", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "version": "3.1", - "baseScore": 3.0, - "baseSeverity": "LOW" - } - }, - "credit": [ - { - "lang": "eng", - "value": "This vulnerability has been discovered internally by the GitLab team" - } - ] + } } \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3440.json b/2021/3xxx/CVE-2021-3440.json index ff14538a849..a0e27bb61e8 100644 --- a/2021/3xxx/CVE-2021-3440.json +++ b/2021/3xxx/CVE-2021-3440.json @@ -4,58 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-3440", - "ASSIGNER": "hp-security-alert@hp.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "HP Print and Scan Doctor, an application within the HP Smart App for Windows", - "version": { - "version_data": [ - { - "version_value": "Before 128.1.217" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "local elevation of privilege" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://support.hp.com/us-en/document/ish_4120228-4120263-16/hpsbpi03727", - "url": "https://support.hp.com/us-en/document/ish_4120228-4120263-16/hpsbpi03727" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "HP Print and Scan Doctor, an application within the HP Smart App for Windows, is potentially vulnerable to local elevation of privilege." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/3xxx/CVE-2021-3520.json b/2021/3xxx/CVE-2021-3520.json index 0a97836e04a..4834c7e75bf 100644 --- a/2021/3xxx/CVE-2021-3520.json +++ b/2021/3xxx/CVE-2021-3520.json @@ -58,11 +58,6 @@ "url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpuoct2021.html" - }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20211104-0005/", - "url": "https://security.netapp.com/advisory/ntap-20211104-0005/" } ] }, diff --git a/2021/3xxx/CVE-2021-3576.json b/2021/3xxx/CVE-2021-3576.json index cab51be3401..3e2316174af 100644 --- a/2021/3xxx/CVE-2021-3576.json +++ b/2021/3xxx/CVE-2021-3576.json @@ -95,11 +95,6 @@ "refsource": "MISC", "url": "https://www.bitdefender.com/support/security-advisories/privilege-escalation-via-seimpersonateprivilege-in-bitdefender-endpoint-security-tools-va-9848/", "name": "https://www.bitdefender.com/support/security-advisories/privilege-escalation-via-seimpersonateprivilege-in-bitdefender-endpoint-security-tools-va-9848/" - }, - { - "refsource": "MISC", - "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1276/", - "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1276/" } ] }, diff --git a/2021/3xxx/CVE-2021-3579.json b/2021/3xxx/CVE-2021-3579.json index 8f9cac786dd..66c49063415 100644 --- a/2021/3xxx/CVE-2021-3579.json +++ b/2021/3xxx/CVE-2021-3579.json @@ -95,11 +95,6 @@ "refsource": "MISC", "url": "https://www.bitdefender.com/support/security-advisories/incorrect-default-permissions-vulnerability-in-bdservicehost-exe-and-vulnerability-scan-exe-va-9848/", "name": "https://www.bitdefender.com/support/security-advisories/incorrect-default-permissions-vulnerability-in-bdservicehost-exe-and-vulnerability-scan-exe-va-9848/" - }, - { - "refsource": "MISC", - "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1277/", - "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1277/" } ] }, diff --git a/2021/3xxx/CVE-2021-3580.json b/2021/3xxx/CVE-2021-3580.json index 496ded28f0a..8ff898e5a4c 100644 --- a/2021/3xxx/CVE-2021-3580.json +++ b/2021/3xxx/CVE-2021-3580.json @@ -53,11 +53,6 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20210918 [SECURITY] [DLA 2760-1] nettle security update", "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html" - }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20211104-0006/", - "url": "https://security.netapp.com/advisory/ntap-20211104-0006/" } ] }, diff --git a/2021/3xxx/CVE-2021-3641.json b/2021/3xxx/CVE-2021-3641.json index 6ed2b07788f..ed71c369712 100644 --- a/2021/3xxx/CVE-2021-3641.json +++ b/2021/3xxx/CVE-2021-3641.json @@ -1,102 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve-requests@bitdefender.com", - "DATE_PUBLIC": "2021-10-30T09:00:00.000Z", - "ID": "CVE-2021-3641", - "STATE": "PUBLIC", - "TITLE": "Improper Link Resolution Before File Access in Bitdefender GravityZone (VA-9921)" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "GravityZone", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_value": "7.1.2.33" - } - ] - } - } - ] - }, - "vendor_name": "Bitdefender" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "@Kharosx0 working with Trend Micro Zero Day Initiative" - } - ], - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-3641", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Improper Link Resolution Before File Access ('Link Following') vulnerability in the EPAG component of Bitdefender Endpoint Security Tools for Windows allows a local attacker to cause a denial of service. This issue affects: Bitdefender GravityZone version 7.1.2.33 and prior versions." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 6.1, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "NONE", - "integrityImpact": "LOW", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-59 Improper Link Resolution Before File Access ('Link Following')" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://www.bitdefender.com/support/security-advisories/improper-link-resolution-before-file-access-in-bitdefender-gravityzone-va-9921", - "name": "https://www.bitdefender.com/support/security-advisories/improper-link-resolution-before-file-access-in-bitdefender-gravityzone-va-9921" - } - ] - }, - "solution": [ - { - "lang": "eng", - "value": "An automatic update to a newer version of Bitdefender Endpoint Security Tools for Windows fixes the issue" - } - ], - "source": { - "defect": [ - "VA-9921" - ], - "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3704.json b/2021/3xxx/CVE-2021-3704.json index 7d073bb35ad..1e8cb38ebb2 100644 --- a/2021/3xxx/CVE-2021-3704.json +++ b/2021/3xxx/CVE-2021-3704.json @@ -4,58 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-3704", - "ASSIGNER": "hp-security-alert@hp.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "HP LaserJet Pro M501 Series J8H61A; HP LaserJet Pro M501 Series J8H60A", - "version": { - "version_data": [ - { - "version_value": "before 20210810" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Denial of Service" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://support.hp.com/us-en/document/ish_4411563-4411589-16/hpsbpi03741", - "url": "https://support.hp.com/us-en/document/ish_4411563-4411589-16/hpsbpi03741" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Potential security vulnerabilities have been discovered on a certain HP LaserJet Pro printer that may allow a Denial of Service on the device." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/3xxx/CVE-2021-3705.json b/2021/3xxx/CVE-2021-3705.json index 560c96982a9..0575a8a2e60 100644 --- a/2021/3xxx/CVE-2021-3705.json +++ b/2021/3xxx/CVE-2021-3705.json @@ -4,58 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-3705", - "ASSIGNER": "hp-security-alert@hp.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "HP LaserJet Pro M501 Series J8H61A; HP LaserJet Pro M501 Series J8H60A", - "version": { - "version_data": [ - { - "version_value": "before 20210810" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "unauthorized configuration" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://support.hp.com/us-en/document/ish_4411563-4411589-16/hpsbpi03741", - "url": "https://support.hp.com/us-en/document/ish_4411563-4411589-16/hpsbpi03741" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Potential security vulnerabilities have been discovered on a certain HP LaserJet Pro printer that may allow an unauthorized user to reconfigure, reset the device." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/3xxx/CVE-2021-3765.json b/2021/3xxx/CVE-2021-3765.json index 19fba0fa3dc..81104fd637c 100644 --- a/2021/3xxx/CVE-2021-3765.json +++ b/2021/3xxx/CVE-2021-3765.json @@ -1,89 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security@huntr.dev", - "ID": "CVE-2021-3765", - "STATE": "PUBLIC", - "TITLE": "Inefficient Regular Expression Complexity in validatorjs/validator.js" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "validatorjs/validator.js", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_value": "13.7.0" - } - ] - } - } - ] - }, - "vendor_name": "validatorjs" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-3765", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "validator.js is vulnerable to Inefficient Regular Expression Complexity" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "LOW", - "baseScore": 5.3, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", - "version": "3.0" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-1333 Inefficient Regular Expression Complexity" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://huntr.dev/bounties/c37e975c-21a3-4c5f-9b57-04d63b28cfc9", - "refsource": "CONFIRM", - "url": "https://huntr.dev/bounties/c37e975c-21a3-4c5f-9b57-04d63b28cfc9" - }, - { - "name": "https://github.com/validatorjs/validator.js/commit/496fc8b2a7f5997acaaec33cc44d0b8dba5fb5e1", - "refsource": "MISC", - "url": "https://github.com/validatorjs/validator.js/commit/496fc8b2a7f5997acaaec33cc44d0b8dba5fb5e1" - } - ] - }, - "source": { - "advisory": "c37e975c-21a3-4c5f-9b57-04d63b28cfc9", - "discovery": "EXTERNAL" } -} +} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3774.json b/2021/3xxx/CVE-2021-3774.json index d95667ae9e7..b88c0ea9df9 100644 --- a/2021/3xxx/CVE-2021-3774.json +++ b/2021/3xxx/CVE-2021-3774.json @@ -1,100 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve-coordination@incibe.es", - "ID": "CVE-2021-3774", - "STATE": "PUBLIC", - "TITLE": "Meross MSS550X Missing Encryption of Sensitive Data" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Meross Smart Wi-Fi 2 Way Wall Switch", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "3.1.3", - "version_value": "3.1.3" - } - ] - } - } - ] - }, - "vendor_name": "Meross" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "Gerard Fuguet Morales" - } - ], - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-3774", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Meross Smart Wi-Fi 2 Way Wall Switch (MSS550X), on its 3.1.3 version and before, creates an open Wi-Fi Access Point without the required security measures in its initial setup. This could allow a remote attacker to obtain the Wi-Fi SSID as well as the password configured by the user from Meross app via Http/JSON plain request." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 9.3, - "baseSeverity": "CRITICAL", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "NONE", - "scope": "CHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-311: Missing Encryption of Sensitive Data" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://www.incibe-cert.es/en/early-warning/security-advisories/meross-mss550x-missing-encryption-sensitive-data", - "refsource": "CONFIRM", - "url": "https://www.incibe-cert.es/en/early-warning/security-advisories/meross-mss550x-missing-encryption-sensitive-data" - } - ] - }, - "solution": [ - { - "lang": "eng", - "value": "This vulnerability has been solved by Meross in MSS550X version 3.2.3" - } - ], - "source": { - "advisory": "INCIBE-2021-0451", - "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3778.json b/2021/3xxx/CVE-2021-3778.json index d412c02c697..717d7575d64 100644 --- a/2021/3xxx/CVE-2021-3778.json +++ b/2021/3xxx/CVE-2021-3778.json @@ -94,11 +94,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-84f4cf3244", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S42L4Z4DTW4LHLQ4FJ33VEOXRCBE7WN4/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-6988830606", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7K4JJBIH3OQSZRVTWKCJCDLGMFGQ5DOH/" } ] }, diff --git a/2021/3xxx/CVE-2021-3796.json b/2021/3xxx/CVE-2021-3796.json index 39ee172269d..bfda869fed9 100644 --- a/2021/3xxx/CVE-2021-3796.json +++ b/2021/3xxx/CVE-2021-3796.json @@ -94,11 +94,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-84f4cf3244", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S42L4Z4DTW4LHLQ4FJ33VEOXRCBE7WN4/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-6988830606", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7K4JJBIH3OQSZRVTWKCJCDLGMFGQ5DOH/" } ] }, diff --git a/2021/3xxx/CVE-2021-3872.json b/2021/3xxx/CVE-2021-3872.json index 1e500eb008a..a5894f26e3a 100644 --- a/2021/3xxx/CVE-2021-3872.json +++ b/2021/3xxx/CVE-2021-3872.json @@ -84,11 +84,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-84f4cf3244", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S42L4Z4DTW4LHLQ4FJ33VEOXRCBE7WN4/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-6988830606", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7K4JJBIH3OQSZRVTWKCJCDLGMFGQ5DOH/" } ] }, diff --git a/2021/3xxx/CVE-2021-3875.json b/2021/3xxx/CVE-2021-3875.json index dbb4369158c..5f036f0c8c3 100644 --- a/2021/3xxx/CVE-2021-3875.json +++ b/2021/3xxx/CVE-2021-3875.json @@ -84,11 +84,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-84f4cf3244", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S42L4Z4DTW4LHLQ4FJ33VEOXRCBE7WN4/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-6988830606", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7K4JJBIH3OQSZRVTWKCJCDLGMFGQ5DOH/" } ] }, diff --git a/2021/3xxx/CVE-2021-3896.json b/2021/3xxx/CVE-2021-3896.json index c2e8e28773c..09c655d374b 100644 --- a/2021/3xxx/CVE-2021-3896.json +++ b/2021/3xxx/CVE-2021-3896.json @@ -5,13 +5,13 @@ "CVE_data_meta": { "ID": "CVE-2021-3896", "ASSIGNER": "cve@mitre.org", - "STATE": "REJECT" + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-43389. Reason: This candidate is a reservation duplicate of CVE-2021-43389. Notes: All CVE users should reference CVE-2021-43389 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/3xxx/CVE-2021-3903.json b/2021/3xxx/CVE-2021-3903.json index c2ad5f1866f..ae7707f72b9 100644 --- a/2021/3xxx/CVE-2021-3903.json +++ b/2021/3xxx/CVE-2021-3903.json @@ -79,11 +79,6 @@ "name": "https://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43", "refsource": "MISC", "url": "https://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-af135cabe2", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DU26T75PYA3OF7XJGNKMT2ZCQEU4UKP5/" } ] }, @@ -91,4 +86,4 @@ "advisory": "35738a4f-55ce-446c-b836-2fb0b39625f8", "discovery": "EXTERNAL" } -} \ No newline at end of file +} diff --git a/2021/3xxx/CVE-2021-3915.json b/2021/3xxx/CVE-2021-3915.json deleted file mode 100644 index 3e579ef5cb4..00000000000 --- a/2021/3xxx/CVE-2021-3915.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-3915", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3916.json b/2021/3xxx/CVE-2021-3916.json deleted file mode 100644 index e3c1d0defa6..00000000000 --- a/2021/3xxx/CVE-2021-3916.json +++ /dev/null @@ -1,89 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "security@huntr.dev", - "ID": "CVE-2021-3916", - "STATE": "PUBLIC", - "TITLE": "Path Traversal in bookstackapp/bookstack" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "bookstackapp/bookstack", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_value": "21.10.3" - } - ] - } - } - ] - }, - "vendor_name": "bookstackapp" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "bookstack is vulnerable to Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')" - } - ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 6.5, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", - "version": "3.0" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://huntr.dev/bounties/0be32e6b-7c48-43f0-9cec-433000ad8f64", - "refsource": "CONFIRM", - "url": "https://huntr.dev/bounties/0be32e6b-7c48-43f0-9cec-433000ad8f64" - }, - { - "name": "https://github.com/bookstackapp/bookstack/commit/43830a372fc51a8793199d04a34c3f4ebdfccc7b", - "refsource": "MISC", - "url": "https://github.com/bookstackapp/bookstack/commit/43830a372fc51a8793199d04a34c3f4ebdfccc7b" - } - ] - }, - "source": { - "advisory": "0be32e6b-7c48-43f0-9cec-433000ad8f64", - "discovery": "EXTERNAL" - } -} diff --git a/2021/3xxx/CVE-2021-3917.json b/2021/3xxx/CVE-2021-3917.json deleted file mode 100644 index 2c6ab107f16..00000000000 --- a/2021/3xxx/CVE-2021-3917.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-3917", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3918.json b/2021/3xxx/CVE-2021-3918.json deleted file mode 100644 index 3d456ca0493..00000000000 --- a/2021/3xxx/CVE-2021-3918.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-3918", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3919.json b/2021/3xxx/CVE-2021-3919.json deleted file mode 100644 index fc9b918bce4..00000000000 --- a/2021/3xxx/CVE-2021-3919.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-3919", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3920.json b/2021/3xxx/CVE-2021-3920.json deleted file mode 100644 index 65f07abd1ec..00000000000 --- a/2021/3xxx/CVE-2021-3920.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-3920", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3921.json b/2021/3xxx/CVE-2021-3921.json deleted file mode 100644 index a7c37e5ca8f..00000000000 --- a/2021/3xxx/CVE-2021-3921.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-3921", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3922.json b/2021/3xxx/CVE-2021-3922.json deleted file mode 100644 index 62898a83aed..00000000000 --- a/2021/3xxx/CVE-2021-3922.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-3922", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3923.json b/2021/3xxx/CVE-2021-3923.json deleted file mode 100644 index 25becc23ca1..00000000000 --- a/2021/3xxx/CVE-2021-3923.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-3923", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3924.json b/2021/3xxx/CVE-2021-3924.json deleted file mode 100644 index 27bcfed1ed1..00000000000 --- a/2021/3xxx/CVE-2021-3924.json +++ /dev/null @@ -1,89 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "security@huntr.dev", - "ID": "CVE-2021-3924", - "STATE": "PUBLIC", - "TITLE": "Path Traversal in getgrav/grav" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "getgrav/grav", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_value": "1.7.24" - } - ] - } - } - ] - }, - "vendor_name": "getgrav" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "grav is vulnerable to Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')" - } - ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", - "version": "3.0" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://huntr.dev/bounties/7ca13522-d0c9-4eff-a7dd-6fd1a7f205a2", - "refsource": "CONFIRM", - "url": "https://huntr.dev/bounties/7ca13522-d0c9-4eff-a7dd-6fd1a7f205a2" - }, - { - "name": "https://github.com/getgrav/grav/commit/8f9c417c04b89dc8d2de60b95e7696821b2826ce", - "refsource": "MISC", - "url": "https://github.com/getgrav/grav/commit/8f9c417c04b89dc8d2de60b95e7696821b2826ce" - } - ] - }, - "source": { - "advisory": "7ca13522-d0c9-4eff-a7dd-6fd1a7f205a2", - "discovery": "EXTERNAL" - } -} diff --git a/2021/3xxx/CVE-2021-3925.json b/2021/3xxx/CVE-2021-3925.json deleted file mode 100644 index 37c435ffcd4..00000000000 --- a/2021/3xxx/CVE-2021-3925.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-3925", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3926.json b/2021/3xxx/CVE-2021-3926.json deleted file mode 100644 index 53a67cc0bc7..00000000000 --- a/2021/3xxx/CVE-2021-3926.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-3926", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3927.json b/2021/3xxx/CVE-2021-3927.json deleted file mode 100644 index 5619be687b4..00000000000 --- a/2021/3xxx/CVE-2021-3927.json +++ /dev/null @@ -1,89 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "security@huntr.dev", - "ID": "CVE-2021-3927", - "STATE": "PUBLIC", - "TITLE": "Heap-based Buffer Overflow in vim/vim" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "vim/vim", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_value": "8.2.3581" - } - ] - } - } - ] - }, - "vendor_name": "vim" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "vim is vulnerable to Heap-based Buffer Overflow" - } - ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 7.3, - "baseSeverity": "HIGH", - "confidentialityImpact": "LOW", - "integrityImpact": "HIGH", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H", - "version": "3.0" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-122 Heap-based Buffer Overflow" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://huntr.dev/bounties/9c2b2c82-48bb-4be9-ab8f-a48ea252d1b0", - "refsource": "CONFIRM", - "url": "https://huntr.dev/bounties/9c2b2c82-48bb-4be9-ab8f-a48ea252d1b0" - }, - { - "name": "https://github.com/vim/vim/commit/0b5b06cb4777d1401fdf83e7d48d287662236e7e", - "refsource": "MISC", - "url": "https://github.com/vim/vim/commit/0b5b06cb4777d1401fdf83e7d48d287662236e7e" - } - ] - }, - "source": { - "advisory": "9c2b2c82-48bb-4be9-ab8f-a48ea252d1b0", - "discovery": "EXTERNAL" - } -} diff --git a/2021/3xxx/CVE-2021-3928.json b/2021/3xxx/CVE-2021-3928.json deleted file mode 100644 index 5761d3136df..00000000000 --- a/2021/3xxx/CVE-2021-3928.json +++ /dev/null @@ -1,89 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "security@huntr.dev", - "ID": "CVE-2021-3928", - "STATE": "PUBLIC", - "TITLE": "Stack-based Buffer Overflow in vim/vim" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "vim/vim", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_value": "8.2.3582" - } - ] - } - } - ] - }, - "vendor_name": "vim" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "vim is vulnerable to Stack-based Buffer Overflow" - } - ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 7.3, - "baseSeverity": "HIGH", - "confidentialityImpact": "LOW", - "integrityImpact": "HIGH", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H", - "version": "3.0" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-121 Stack-based Buffer Overflow" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://huntr.dev/bounties/29c3ebd2-d601-481c-bf96-76975369d0cd", - "refsource": "CONFIRM", - "url": "https://huntr.dev/bounties/29c3ebd2-d601-481c-bf96-76975369d0cd" - }, - { - "name": "https://github.com/vim/vim/commit/15d9890eee53afc61eb0a03b878a19cb5672f732", - "refsource": "MISC", - "url": "https://github.com/vim/vim/commit/15d9890eee53afc61eb0a03b878a19cb5672f732" - } - ] - }, - "source": { - "advisory": "29c3ebd2-d601-481c-bf96-76975369d0cd", - "discovery": "EXTERNAL" - } -} diff --git a/2021/3xxx/CVE-2021-3929.json b/2021/3xxx/CVE-2021-3929.json deleted file mode 100644 index 0d91f450911..00000000000 --- a/2021/3xxx/CVE-2021-3929.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-3929", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3930.json b/2021/3xxx/CVE-2021-3930.json deleted file mode 100644 index 9721def05e8..00000000000 --- a/2021/3xxx/CVE-2021-3930.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-3930", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3931.json b/2021/3xxx/CVE-2021-3931.json deleted file mode 100644 index 31d20e69286..00000000000 --- a/2021/3xxx/CVE-2021-3931.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-3931", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3932.json b/2021/3xxx/CVE-2021-3932.json deleted file mode 100644 index 2e575653238..00000000000 --- a/2021/3xxx/CVE-2021-3932.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-3932", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3933.json b/2021/3xxx/CVE-2021-3933.json deleted file mode 100644 index 3931cf73351..00000000000 --- a/2021/3xxx/CVE-2021-3933.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-3933", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3934.json b/2021/3xxx/CVE-2021-3934.json deleted file mode 100644 index a7a42ee8a5c..00000000000 --- a/2021/3xxx/CVE-2021-3934.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-3934", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3935.json b/2021/3xxx/CVE-2021-3935.json deleted file mode 100644 index 09943a79c07..00000000000 --- a/2021/3xxx/CVE-2021-3935.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-3935", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3936.json b/2021/3xxx/CVE-2021-3936.json deleted file mode 100644 index 67474f637f2..00000000000 --- a/2021/3xxx/CVE-2021-3936.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-3936", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3937.json b/2021/3xxx/CVE-2021-3937.json deleted file mode 100644 index 0f44f047510..00000000000 --- a/2021/3xxx/CVE-2021-3937.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-3937", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3938.json b/2021/3xxx/CVE-2021-3938.json deleted file mode 100644 index 0630de36e7a..00000000000 --- a/2021/3xxx/CVE-2021-3938.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-3938", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3939.json b/2021/3xxx/CVE-2021-3939.json deleted file mode 100644 index 451e39175a5..00000000000 --- a/2021/3xxx/CVE-2021-3939.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-3939", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3940.json b/2021/3xxx/CVE-2021-3940.json deleted file mode 100644 index 93b8f1aa46d..00000000000 --- a/2021/3xxx/CVE-2021-3940.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-3940", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3941.json b/2021/3xxx/CVE-2021-3941.json deleted file mode 100644 index c00134494b5..00000000000 --- a/2021/3xxx/CVE-2021-3941.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-3941", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3942.json b/2021/3xxx/CVE-2021-3942.json deleted file mode 100644 index 52cb6da2e79..00000000000 --- a/2021/3xxx/CVE-2021-3942.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-3942", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/40xxx/CVE-2021-40112.json b/2021/40xxx/CVE-2021-40112.json index 7b618d7d0b4..e7c75bcb476 100644 --- a/2021/40xxx/CVE-2021-40112.json +++ b/2021/40xxx/CVE-2021-40112.json @@ -1,88 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "psirt@cisco.com", - "DATE_PUBLIC": "2021-11-03T16:00:00", - "ID": "CVE-2021-40112", - "STATE": "PUBLIC", - "TITLE": "Cisco Catalyst PON Series Switches Optical Network Terminal Vulnerabilities" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Cisco Catalyst PON Series ", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "Cisco" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-40112", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Multiple vulnerabilities in the web-based management interface of the Cisco Catalyst Passive Optical Network (PON) Series Switches Optical Network Terminal (ONT) could allow an unauthenticated, remote attacker to perform the following actions: Log in with a default credential if the Telnet protocol is enabled Perform command injection Modify the configuration For more information about these vulnerabilities, see the Details section of this advisory." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "exploit": [ - { - "lang": "eng", - "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. " - } - ], - "impact": { - "cvss": { - "baseScore": "10.0", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H ", - "version": "3.0" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-284" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "20211103 Cisco Catalyst PON Series Switches Optical Network Terminal Vulnerabilities", - "refsource": "CISCO", - "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catpon-multivulns-CE3DSYGr" - } - ] - }, - "source": { - "advisory": "cisco-sa-catpon-multivulns-CE3DSYGr", - "defect": [ - [ - "CSCvz61943", - "CSCvz61948", - "CSCvz67097" - ] - ], - "discovery": "INTERNAL" } } \ No newline at end of file diff --git a/2021/40xxx/CVE-2021-40113.json b/2021/40xxx/CVE-2021-40113.json index 004b5326152..db74f8117b4 100644 --- a/2021/40xxx/CVE-2021-40113.json +++ b/2021/40xxx/CVE-2021-40113.json @@ -1,88 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "psirt@cisco.com", - "DATE_PUBLIC": "2021-11-03T16:00:00", - "ID": "CVE-2021-40113", - "STATE": "PUBLIC", - "TITLE": "Cisco Catalyst PON Series Switches Optical Network Terminal Vulnerabilities" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Cisco Catalyst PON Series ", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "Cisco" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-40113", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Multiple vulnerabilities in the web-based management interface of the Cisco Catalyst Passive Optical Network (PON) Series Switches Optical Network Terminal (ONT) could allow an unauthenticated, remote attacker to perform the following actions: Log in with a default credential if the Telnet protocol is enabled Perform command injection Modify the configuration For more information about these vulnerabilities, see the Details section of this advisory." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "exploit": [ - { - "lang": "eng", - "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. " - } - ], - "impact": { - "cvss": { - "baseScore": "10.0", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H ", - "version": "3.0" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-284" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "20211103 Cisco Catalyst PON Series Switches Optical Network Terminal Vulnerabilities", - "refsource": "CISCO", - "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catpon-multivulns-CE3DSYGr" - } - ] - }, - "source": { - "advisory": "cisco-sa-catpon-multivulns-CE3DSYGr", - "defect": [ - [ - "CSCvz61943", - "CSCvz61948", - "CSCvz67097" - ] - ], - "discovery": "INTERNAL" } } \ No newline at end of file diff --git a/2021/40xxx/CVE-2021-40115.json b/2021/40xxx/CVE-2021-40115.json index 86d00f5b752..5eb117ffcd2 100644 --- a/2021/40xxx/CVE-2021-40115.json +++ b/2021/40xxx/CVE-2021-40115.json @@ -1,86 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "psirt@cisco.com", - "DATE_PUBLIC": "2021-11-03T16:00:00", - "ID": "CVE-2021-40115", - "STATE": "PUBLIC", - "TITLE": "Cisco Webex Video Mesh Cross-Site Scripting Vulnerability" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Cisco Webex Video Mesh ", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "Cisco" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-40115", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability in Cisco Webex Video Mesh could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "exploit": [ - { - "lang": "eng", - "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. " - } - ], - "impact": { - "cvss": { - "baseScore": "6.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N ", - "version": "3.0" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-79" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "20211103 Cisco Webex Video Mesh Cross-Site Scripting Vulnerability", - "refsource": "CISCO", - "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-videomesh-xss-qjm2BDQf" - } - ] - }, - "source": { - "advisory": "cisco-sa-videomesh-xss-qjm2BDQf", - "defect": [ - [ - "CSCvz59100" - ] - ], - "discovery": "INTERNAL" } } \ No newline at end of file diff --git a/2021/40xxx/CVE-2021-40119.json b/2021/40xxx/CVE-2021-40119.json index 679aff9f112..6e7d5e75a70 100644 --- a/2021/40xxx/CVE-2021-40119.json +++ b/2021/40xxx/CVE-2021-40119.json @@ -1,86 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "psirt@cisco.com", - "DATE_PUBLIC": "2021-11-03T16:00:00", - "ID": "CVE-2021-40119", - "STATE": "PUBLIC", - "TITLE": "Cisco Policy Suite Static SSH Keys Vulnerability" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Cisco Policy Suite (CPS) Software ", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "Cisco" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-40119", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability in the key-based SSH authentication mechanism of Cisco Policy Suite could allow an unauthenticated, remote attacker to log in to an affected system as the root user. This vulnerability is due to the re-use of static SSH keys across installations. An attacker could exploit this vulnerability by extracting a key from a system under their control. A successful exploit could allow the attacker to log in to an affected system as the root user." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "exploit": [ - { - "lang": "eng", - "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. " - } - ], - "impact": { - "cvss": { - "baseScore": "9.8", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H ", - "version": "3.0" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-321" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "20211103 Cisco Policy Suite Static SSH Keys Vulnerability", - "refsource": "CISCO", - "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cps-static-key-JmS92hNv" - } - ] - }, - "source": { - "advisory": "cisco-sa-cps-static-key-JmS92hNv", - "defect": [ - [ - "CSCvw24544" - ] - ], - "discovery": "INTERNAL" } } \ No newline at end of file diff --git a/2021/40xxx/CVE-2021-40120.json b/2021/40xxx/CVE-2021-40120.json index c4b721a761f..b9b7d956bae 100644 --- a/2021/40xxx/CVE-2021-40120.json +++ b/2021/40xxx/CVE-2021-40120.json @@ -1,87 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "psirt@cisco.com", - "DATE_PUBLIC": "2021-11-03T16:00:00", - "ID": "CVE-2021-40120", - "STATE": "PUBLIC", - "TITLE": "Cisco Small Business RV Series Routers Command Injection Vulnerability" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Cisco Small Business RV Series Router Firmware ", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "Cisco" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-40120", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an authenticated, remote attacker with administrative privileges to inject arbitrary commands into the underlying operating system and execute them using root-level privileges. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending malicious input to a specific field in the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system as a user with root-level privileges." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "exploit": [ - { - "lang": "eng", - "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. " - } - ], - "impact": { - "cvss": { - "baseScore": "6.5", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N ", - "version": "3.0" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-20" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "20211103 Cisco Small Business RV Series Routers Command Injection Vulnerability", - "refsource": "CISCO", - "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbrv-cmdinjection-Z5cWFdK" - } - ] - }, - "source": { - "advisory": "cisco-sa-sbrv-cmdinjection-Z5cWFdK", - "defect": [ - [ - "CSCvz75703", - "CSCvz75705" - ] - ], - "discovery": "INTERNAL" } } \ No newline at end of file diff --git a/2021/40xxx/CVE-2021-40124.json b/2021/40xxx/CVE-2021-40124.json index 94a05aa10b1..496f070c4ee 100644 --- a/2021/40xxx/CVE-2021-40124.json +++ b/2021/40xxx/CVE-2021-40124.json @@ -1,86 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "psirt@cisco.com", - "DATE_PUBLIC": "2021-11-03T16:00:00", - "ID": "CVE-2021-40124", - "STATE": "PUBLIC", - "TITLE": "Cisco AnyConnect Secure Mobility Client for Windows with Network Access Manager Module Privilege Escalation Vulnerability" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Cisco AnyConnect Secure Mobility Client ", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "Cisco" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-40124", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability in the Network Access Manager (NAM) module of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to escalate privileges on an affected device. This vulnerability is due to incorrect privilege assignment to scripts executed before user logon. An attacker could exploit this vulnerability by configuring a script to be executed before logon. A successful exploit could allow the attacker to execute arbitrary code with SYSTEM privileges." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "exploit": [ - { - "lang": "eng", - "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. " - } - ], - "impact": { - "cvss": { - "baseScore": "6.7", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H ", - "version": "3.0" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-266" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "20211103 Cisco AnyConnect Secure Mobility Client for Windows with Network Access Manager Module Privilege Escalation Vulnerability", - "refsource": "CISCO", - "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-nam-priv-yCsRNUGT" - } - ] - }, - "source": { - "advisory": "cisco-sa-anyconnect-nam-priv-yCsRNUGT", - "defect": [ - [ - "CSCvz67203" - ] - ], - "discovery": "INTERNAL" } } \ No newline at end of file diff --git a/2021/40xxx/CVE-2021-40126.json b/2021/40xxx/CVE-2021-40126.json index a353e93ad48..d7362f3bd45 100644 --- a/2021/40xxx/CVE-2021-40126.json +++ b/2021/40xxx/CVE-2021-40126.json @@ -1,86 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "psirt@cisco.com", - "DATE_PUBLIC": "2021-11-03T16:00:00", - "ID": "CVE-2021-40126", - "STATE": "PUBLIC", - "TITLE": "Cisco Umbrella Email Enumeration Vulnerability" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Cisco Umbrella Insights Virtual Appliance ", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "Cisco" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-40126", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability in the web-based dashboard of Cisco Umbrella could allow an authenticated, remote attacker to perform an email enumeration attack against the Umbrella infrastructure. This vulnerability is due to an overly descriptive error message on the dashboard that appears when a user attempts to modify their email address when the new address already exists in the system. An attacker could exploit this vulnerability by attempting to modify the user's email address. A successful exploit could allow the attacker to enumerate email addresses of users in the system." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "exploit": [ - { - "lang": "eng", - "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. " - } - ], - "impact": { - "cvss": { - "baseScore": "4.3", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N ", - "version": "3.0" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-210" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "20211103 Cisco Umbrella Email Enumeration Vulnerability", - "refsource": "CISCO", - "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-umbrella-user-enum-S7XfJwDE" - } - ] - }, - "source": { - "advisory": "cisco-sa-umbrella-user-enum-S7XfJwDE", - "defect": [ - [ - "CSCvz11942" - ] - ], - "discovery": "INTERNAL" } } \ No newline at end of file diff --git a/2021/40xxx/CVE-2021-40127.json b/2021/40xxx/CVE-2021-40127.json index 269a7d1c84b..5684889e745 100644 --- a/2021/40xxx/CVE-2021-40127.json +++ b/2021/40xxx/CVE-2021-40127.json @@ -1,86 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "psirt@cisco.com", - "DATE_PUBLIC": "2021-11-03T16:00:00", - "ID": "CVE-2021-40127", - "STATE": "PUBLIC", - "TITLE": "Cisco Small Business 200, 300, and 500 Series Switches Web-Based Management Interface Denial of Service Vulnerability" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Cisco Small Business Smart and Managed Switches ", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "Cisco" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-40127", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability in the web-based management interface of Cisco Small Business 200 Series Smart Switches, Cisco Small Business 300 Series Managed Switches, and Cisco Small Business 500 Series Stackable Managed Switches could allow an unauthenticated, remote attacker to render the web-based management interface unusable, resulting in a denial of service (DoS) condition. This vulnerability is due to improper validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to cause a permanent invalid redirect for requests sent to the web-based management interface of the device, resulting in a DoS condition." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "exploit": [ - { - "lang": "eng", - "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. " - } - ], - "impact": { - "cvss": { - "baseScore": "5.3", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L ", - "version": "3.0" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-20" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "20211103 Cisco Small Business 200, 300, and 500 Series Switches Web-Based Management Interface Denial of Service Vulnerability", - "refsource": "CISCO", - "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smb-switches-web-dos-xMyFFkt8" - } - ] - }, - "source": { - "advisory": "cisco-sa-smb-switches-web-dos-xMyFFkt8", - "defect": [ - [ - "CSCvz62174" - ] - ], - "discovery": "INTERNAL" } } \ No newline at end of file diff --git a/2021/40xxx/CVE-2021-40128.json b/2021/40xxx/CVE-2021-40128.json index 8bd7e2e0a7a..918032287f8 100644 --- a/2021/40xxx/CVE-2021-40128.json +++ b/2021/40xxx/CVE-2021-40128.json @@ -1,86 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "psirt@cisco.com", - "DATE_PUBLIC": "2021-11-03T16:00:00", - "ID": "CVE-2021-40128", - "STATE": "PUBLIC", - "TITLE": "Cisco Webex Meetings Email Content Injection Vulnerability" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Cisco Webex Meetings ", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "Cisco" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-40128", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability in the account activation feature of Cisco Webex Meetings could allow an unauthenticated, remote attacker to send an account activation email with an activation link that points to an arbitrary domain. This vulnerability is due to insufficient validation of user-supplied parameters. An attacker could exploit this vulnerability by sending a crafted HTTP request to the account activation page of Cisco Webex Meetings. A successful exploit could allow the attacker to send to any recipient an account activation email that contains a tampered activation link, which could direct the user to an attacker-controlled website." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "exploit": [ - { - "lang": "eng", - "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. " - } - ], - "impact": { - "cvss": { - "baseScore": "5.3", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N ", - "version": "3.0" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-183" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "20211103 Cisco Webex Meetings Email Content Injection Vulnerability", - "refsource": "CISCO", - "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-activation-3sdNFxcy" - } - ] - }, - "source": { - "advisory": "cisco-sa-webex-activation-3sdNFxcy", - "defect": [ - [ - "CSCvz11314" - ] - ], - "discovery": "INTERNAL" } } \ No newline at end of file diff --git a/2021/40xxx/CVE-2021-40260.json b/2021/40xxx/CVE-2021-40260.json index bbd1d120363..8dd7ce16e99 100644 --- a/2021/40xxx/CVE-2021-40260.json +++ b/2021/40xxx/CVE-2021-40260.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-40260", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-40260", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Multiple Cross Site Scripting (XSS) vulnerabilities exist in SourceCodester Tailor Management 1.0 via the (1) eid parameter in (a) partedit.php and (b) customeredit.php, the (2) id parameter in (a) editmeasurement.php and (b) addpayment.php, and the (3) error parameter in index.php." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://sisl.lab.uic.edu/projects/chess/tailor-management/", - "refsource": "MISC", - "name": "https://sisl.lab.uic.edu/projects/chess/tailor-management/" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/40xxx/CVE-2021-40261.json b/2021/40xxx/CVE-2021-40261.json index 7e1b9c9b74f..c4f631f9c62 100644 --- a/2021/40xxx/CVE-2021-40261.json +++ b/2021/40xxx/CVE-2021-40261.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-40261", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-40261", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Multiple Cross Site Scripting (XSS) vulnerabilities exist in SourceCodester CASAP Automated Enrollment System 1.0 via the (1) user_username and (2) category parameters in save_class.php, the (3) firstname, (4) class, and (5) status parameters in student_table.php, the (6) category and (7) class_name parameters in add_class1.php, the (8) fname, (9) mname,(10) lname, (11) address, (12) class, (13) gfname, (14) gmname, (15) glname, (16) rship, (17) status, (18) transport, and (19) route parameters in add_student.php, the (20) fname, (21) mname, (22) lname, (23) address, (24) class, (25) fgname, (26) gmname, (27) glname, (28) rship, (29) status, (30) transport, and (31) route parameters in save_stud.php,the (32) status, (33) fname, and (34) lname parameters in add_user.php, the (35) username, (36) firstname, and (37) status parameters in users.php, the (38) fname, (39) lname, and (40) status parameters in save_user.php, and the (41) activity_log, (42) aprjun, (43) class, (44) janmar, (45) Julsep,(46) octdec, (47) Students and (48) users parameters in table_name." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://sisl.lab.uic.edu/projects/chess/casap-automated-enrollment-system/", - "refsource": "MISC", - "name": "https://sisl.lab.uic.edu/projects/chess/casap-automated-enrollment-system/" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/40xxx/CVE-2021-40348.json b/2021/40xxx/CVE-2021-40348.json index 04cded0931d..b3c7629224e 100644 --- a/2021/40xxx/CVE-2021-40348.json +++ b/2021/40xxx/CVE-2021-40348.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-40348", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-40348", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Spacewalk 2.10, and derivatives such as Uyuni 2021.08, allows code injection. rhn-config-satellite.pl doesn't sanitize the configuration filename used to append Spacewalk-specific key-value pair. The script is intended to be run by the tomcat user account with Sudo, according to the installation setup. This can lead to the ability of an attacker to use --option to append arbitrary code to a root-owned file that eventually will be executed by the system. This is fixed in Uyuni spacewalk-admin 4.3.2-1." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "http://www.openwall.com/lists/oss-security/2021/10/28/4", - "url": "http://www.openwall.com/lists/oss-security/2021/10/28/4" - }, - { - "refsource": "CONFIRM", - "name": "https://github.com/uyuni-project/uyuni/commit/790c7388efac6923c5475e01c1ff718dffa9f052", - "url": "https://github.com/uyuni-project/uyuni/commit/790c7388efac6923c5475e01c1ff718dffa9f052" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/40xxx/CVE-2021-40358.json b/2021/40xxx/CVE-2021-40358.json index 4a2ef5ccc3d..55a3530a2de 100644 --- a/2021/40xxx/CVE-2021-40358.json +++ b/2021/40xxx/CVE-2021-40358.json @@ -1,131 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "productcert@siemens.com", - "ID": "CVE-2021-40358", - "STATE": "PUBLIC" - }, + "data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", - "data_type": "CVE", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Siemens", - "product": { - "product_data": [ - { - "product_name": "SIMATIC PCS 7 V8.2 and earlier", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "SIMATIC PCS 7 V9.0", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "SIMATIC PCS 7 V9.1", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "SIMATIC WinCC V15 and earlier", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "SIMATIC WinCC V16", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "SIMATIC WinCC V17", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "SIMATIC WinCC V7.4 and earlier", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "SIMATIC WinCC V7.5", - "version": { - "version_data": [ - { - "version_value": "All versions < V7.5 SP2 Update 5" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')" - } - ] - } - ] + "CVE_data_meta": { + "ID": "CVE-2021-40358", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions), SIMATIC WinCC V15 and earlier (All versions), SIMATIC WinCC V16 (All versions), SIMATIC WinCC V17 (All versions), SIMATIC WinCC V7.4 and earlier (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 5). Legitimate file operations of the affected systems do not properly neutralize special elements within the pathname. An attacker could then cause the pathname to resolve to a location outside of the restricted directory on the server and read, write or delete unexpected critical files." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-840188.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-840188.pdf" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/40xxx/CVE-2021-40359.json b/2021/40xxx/CVE-2021-40359.json index a9437a43ae2..3838d28d3cf 100644 --- a/2021/40xxx/CVE-2021-40359.json +++ b/2021/40xxx/CVE-2021-40359.json @@ -1,131 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "productcert@siemens.com", - "ID": "CVE-2021-40359", - "STATE": "PUBLIC" - }, + "data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", - "data_type": "CVE", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Siemens", - "product": { - "product_data": [ - { - "product_name": "SIMATIC PCS 7 V8.2 and earlier", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "SIMATIC PCS 7 V9.0", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "SIMATIC PCS 7 V9.1", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "SIMATIC WinCC V15 and earlier", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "SIMATIC WinCC V16", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "SIMATIC WinCC V17", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "SIMATIC WinCC V7.4 and earlier", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "SIMATIC WinCC V7.5", - "version": { - "version_data": [ - { - "version_value": "All versions < V7.5 SP2 Update 5" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')" - } - ] - } - ] + "CVE_data_meta": { + "ID": "CVE-2021-40359", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions), SIMATIC WinCC V15 and earlier (All versions), SIMATIC WinCC V16 (All versions), SIMATIC WinCC V17 (All versions), SIMATIC WinCC V7.4 and earlier (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 5). When downloading files, the affected systems do not properly neutralize special elements within the pathname. An attacker could then cause the pathname to resolve to a location outside of the restricted directory on the server and read unexpected critical files." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-840188.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-840188.pdf" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/40xxx/CVE-2021-40364.json b/2021/40xxx/CVE-2021-40364.json index a8c7fb3d11e..08b2c080c7f 100644 --- a/2021/40xxx/CVE-2021-40364.json +++ b/2021/40xxx/CVE-2021-40364.json @@ -1,131 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "productcert@siemens.com", - "ID": "CVE-2021-40364", - "STATE": "PUBLIC" - }, + "data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", - "data_type": "CVE", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Siemens", - "product": { - "product_data": [ - { - "product_name": "SIMATIC PCS 7 V8.2 and earlier", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "SIMATIC PCS 7 V9.0", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "SIMATIC PCS 7 V9.1", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "SIMATIC WinCC V15 and earlier", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "SIMATIC WinCC V16", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "SIMATIC WinCC V17", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "SIMATIC WinCC V7.4 and earlier", - "version": { - "version_data": [ - { - "version_value": "All versions" - } - ] - } - }, - { - "product_name": "SIMATIC WinCC V7.5", - "version": { - "version_data": [ - { - "version_value": "All versions < V7.5 SP2 Update 5" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-532: Insertion of Sensitive Information into Log File" - } - ] - } - ] + "CVE_data_meta": { + "ID": "CVE-2021-40364", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions), SIMATIC WinCC V15 and earlier (All versions), SIMATIC WinCC V16 (All versions), SIMATIC WinCC V17 (All versions), SIMATIC WinCC V7.4 and earlier (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 5). The affected systems store sensitive information in log files. An attacker with access to the log files could publicly expose the information or reuse it to develop further attacks on the system." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-840188.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-840188.pdf" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/40xxx/CVE-2021-40366.json b/2021/40xxx/CVE-2021-40366.json index 66859ead94a..7931f76b363 100644 --- a/2021/40xxx/CVE-2021-40366.json +++ b/2021/40xxx/CVE-2021-40366.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "productcert@siemens.com", - "ID": "CVE-2021-40366", - "STATE": "PUBLIC" - }, + "data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", - "data_type": "CVE", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Siemens", - "product": { - "product_data": [ - { - "product_name": "Climatix POL909 (AWM module)", - "version": { - "version_data": [ - { - "version_value": "All versions < V11.34" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-311: Missing Encryption of Sensitive Data" - } - ] - } - ] + "CVE_data_meta": { + "ID": "CVE-2021-40366", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in Climatix POL909 (AWM module) (All versions < V11.34). The web server of affected devices transmits data without TLS encryption. This could allow an unauthenticated remote attacker in a man-in-the-middle position to read sensitive data, such as administrator credentials, or modify data in transit." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-703715.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-703715.pdf" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/40xxx/CVE-2021-40442.json b/2021/40xxx/CVE-2021-40442.json index 80339dfe507..c12e8b40698 100644 --- a/2021/40xxx/CVE-2021-40442.json +++ b/2021/40xxx/CVE-2021-40442.json @@ -1,18 +1,168 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-40442", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-40442", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft SharePoint Enterprise Server", + "version": { + "version_data": [ + { + "version_value": "2013 Service Pack 1" + } + ] + } + }, + { + "product_name": "Microsoft Office", + "version": { + "version_data": [ + { + "version_value": "2019 for 32-bit editions" + }, + { + "version_value": "2019 for 64-bit editions" + }, + { + "version_value": "2019 for Mac" + } + ] + } + }, + { + "product_name": "Microsoft Office Online Server", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft 365 Apps for Enterprise for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft 365 Apps for Enterprise for 64-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Office LTSC for Mac 2021", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Office LTSC 2021 for 64-bit editions", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Office LTSC 2021 for 32-bit editions", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Excel", + "version": { + "version_data": [ + { + "version_value": "2016 (32-bit edition)" + }, + { + "version_value": "2016 (64-bit edition)" + }, + { + "version_value": "2013 RT Service Pack 1" + }, + { + "version_value": "2013 Service Pack 1 (32-bit editions)" + }, + { + "version_value": "2013 Service Pack 1 (64-bit editions)" + } + ] + } + }, + { + "product_name": "Microsoft Office Web Apps", + "version": { + "version_data": [ + { + "version_value": "Server 2013 Service Pack 1" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Excel Remote Code Execution Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40442" + } + ] + } +} diff --git a/2021/40xxx/CVE-2021-40577.json b/2021/40xxx/CVE-2021-40577.json index 3c86db85c38..bb5bc743c79 100644 --- a/2021/40xxx/CVE-2021-40577.json +++ b/2021/40xxx/CVE-2021-40577.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-40577", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-40577", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Online Enrollment Management System in PHP and PayPal Free Source Code 1.0 in the Add-Users page via the Name parameter." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://medium.com/@J03KR/cve-2021-40577-ec96a831ba71", - "url": "https://medium.com/@J03KR/cve-2021-40577-ec96a831ba71" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/40xxx/CVE-2021-40848.json b/2021/40xxx/CVE-2021-40848.json index 216a967ad0a..bb935b0b572 100644 --- a/2021/40xxx/CVE-2021-40848.json +++ b/2021/40xxx/CVE-2021-40848.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-40848", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-40848", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, exported CSV files could contain characters that a spreadsheet program could interpret as a command, leading to execution of a malicious string locally on a device, aka CSV injection." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://bugs.launchpad.net/mahara/+bug/1930471", - "refsource": "MISC", - "name": "https://bugs.launchpad.net/mahara/+bug/1930471" - }, - { - "refsource": "MISC", - "name": "https://mahara.org/interaction/forum/topic.php?id=8950", - "url": "https://mahara.org/interaction/forum/topic.php?id=8950" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/40xxx/CVE-2021-40849.json b/2021/40xxx/CVE-2021-40849.json index ce0cb31a3ef..f63f044f01a 100644 --- a/2021/40xxx/CVE-2021-40849.json +++ b/2021/40xxx/CVE-2021-40849.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-40849", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-40849", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, the account associated with a web services token is vulnerable to being exploited and logged into, resulting in information disclosure (at a minimum) and often escalation of privileges." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://bugs.launchpad.net/mahara/+bug/1930469", - "refsource": "MISC", - "name": "https://bugs.launchpad.net/mahara/+bug/1930469" - }, - { - "refsource": "MISC", - "name": "https://mahara.org/interaction/forum/topic.php?id=8949", - "url": "https://mahara.org/interaction/forum/topic.php?id=8949" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/40xxx/CVE-2021-40985.json b/2021/40xxx/CVE-2021-40985.json index 04c97ae598d..c4bfc2521b7 100644 --- a/2021/40xxx/CVE-2021-40985.json +++ b/2021/40xxx/CVE-2021-40985.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-40985", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-40985", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Buffer overflow vulnerability in htmldoc before 1.9.12, allows attackers to cause a denial of service via a crafted BMP image to image_load_bmp." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/michaelrsweet/htmldoc/commit/f12b9666e582a8e7b70f11b28e5ffc49ad625d43", - "refsource": "MISC", - "name": "https://github.com/michaelrsweet/htmldoc/commit/f12b9666e582a8e7b70f11b28e5ffc49ad625d43" - }, - { - "url": "https://github.com/michaelrsweet/htmldoc/issues/444", - "refsource": "MISC", - "name": "https://github.com/michaelrsweet/htmldoc/issues/444" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/41xxx/CVE-2021-41019.json b/2021/41xxx/CVE-2021-41019.json index 90652ad529d..bc5753a615f 100644 --- a/2021/41xxx/CVE-2021-41019.json +++ b/2021/41xxx/CVE-2021-41019.json @@ -4,74 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-41019", - "ASSIGNER": "psirt@fortinet.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Fortinet", - "product": { - "product_data": [ - { - "product_name": "Fortinet FortiOS", - "version": { - "version_data": [ - { - "version_value": "FortiOS 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1" - } - ] - } - } - ] - } - } - ] - } - }, - "impact": { - "cvss": { - "attackComplexity": "Low", - "attackVector": "Adjacent", - "availabilityImpact": "None", - "baseScore": 3.2, - "baseSeverity": "Low", - "confidentialityImpact": "Low", - "integrityImpact": "None", - "privilegesRequired": "None", - "scope": "Unchanged", - "userInteraction": "Required", - "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:U/RC:C", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Information disclosure" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "CONFIRM", - "name": "https://fortiguard.com/advisory/FG-IR-21-074", - "url": "https://fortiguard.com/advisory/FG-IR-21-074" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "An improper validation of certificate with host mismatch [CWE-297] vulnerability in FortiOS versions 6.4.6 and below may allow the connection to a malicious LDAP server via options in GUI, leading to disclosure of sensitive information, such as AD credentials." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/41xxx/CVE-2021-41022.json b/2021/41xxx/CVE-2021-41022.json index 74ef6aaeb2e..9c9b203ea80 100644 --- a/2021/41xxx/CVE-2021-41022.json +++ b/2021/41xxx/CVE-2021-41022.json @@ -4,74 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-41022", - "ASSIGNER": "psirt@fortinet.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Fortinet", - "product": { - "product_data": [ - { - "product_name": "Fortinet FortiSIEMWindowsAgent", - "version": { - "version_data": [ - { - "version_value": "FortiSIEMWindowsAgent 4.1.4, 4.1.3, 4.1.2, 4.1.1, 4.1.0, 4.0.0, 3.3.0, 3.2.2, 3.2.1, 3.2.0, 3.1.2, 3.1.0" - } - ] - } - } - ] - } - } - ] - } - }, - "impact": { - "cvss": { - "attackComplexity": "Low", - "attackVector": "Local", - "availabilityImpact": "High", - "baseScore": 7.5, - "baseSeverity": "High", - "confidentialityImpact": "High", - "integrityImpact": "High", - "privilegesRequired": "Low", - "scope": "Unchanged", - "userInteraction": "None", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:X/RL:O/RC:C", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Execute unauthorized code or commands" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "CONFIRM", - "name": "https://fortiguard.com/advisory/FG-IR-21-176", - "url": "https://fortiguard.com/advisory/FG-IR-21-176" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A improper privilege management in Fortinet FortiSIEM Windows Agent version 4.1.4 and below allows attacker to execute privileged code or commands via powershell scripts" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/41xxx/CVE-2021-41023.json b/2021/41xxx/CVE-2021-41023.json index d9b07bc50f5..d3586113e47 100644 --- a/2021/41xxx/CVE-2021-41023.json +++ b/2021/41xxx/CVE-2021-41023.json @@ -4,74 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-41023", - "ASSIGNER": "psirt@fortinet.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Fortinet", - "product": { - "product_data": [ - { - "product_name": "Fortinet FortiSIEMWindowsAgent", - "version": { - "version_data": [ - { - "version_value": "FortiSIEMWindowsAgent 4.1.4, 4.1.3, 4.1.2, 4.1.1, 4.1.0, 4.0.0, 3.3.0, 3.2.2, 3.2.1, 3.2.0, 3.1.2, 3.1.0" - } - ] - } - } - ] - } - } - ] - } - }, - "impact": { - "cvss": { - "attackComplexity": "Low", - "attackVector": "Local", - "availabilityImpact": "None", - "baseScore": 5.3, - "baseSeverity": "Medium", - "confidentialityImpact": "High", - "integrityImpact": "None", - "privilegesRequired": "Low", - "scope": "Unchanged", - "userInteraction": "None", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:X/RL:O/RC:C", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Information disclosure" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "CONFIRM", - "name": "https://fortiguard.com/advisory/FG-IR-21-175", - "url": "https://fortiguard.com/advisory/FG-IR-21-175" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A unprotected storage of credentials in Fortinet FortiSIEM Windows Agent version 4.1.4 and below allows an authenticated user to disclosure agent password due to plaintext credential storage in log files" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/41xxx/CVE-2021-41036.json b/2021/41xxx/CVE-2021-41036.json index b1f0a7a7890..e0219ac357d 100644 --- a/2021/41xxx/CVE-2021-41036.json +++ b/2021/41xxx/CVE-2021-41036.json @@ -4,60 +4,15 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-41036", - "ASSIGNER": "security@eclipse.org", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "The Eclipse Foundation", - "product": { - "product_data": [ - { - "product_name": "Eclipse Paho MQTT C Client", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_value": "1.1.0" - } - ] - } - } - ] - } - } - ] - } + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "In versions prior to 1.1 of the Eclipse Paho MQTT C Client, the client does not check rem_len size in readpacket." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-787: Out-of-bounds Write" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/eclipse/paho.mqtt.embedded-c/issues/96", - "refsource": "CONFIRM", - "url": "https://github.com/eclipse/paho.mqtt.embedded-c/issues/96" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } -} +} \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41089.json b/2021/41xxx/CVE-2021-41089.json index 8e3dd221883..d25468bb44e 100644 --- a/2021/41xxx/CVE-2021-41089.json +++ b/2021/41xxx/CVE-2021-41089.json @@ -83,11 +83,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-df975338d4", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-b5a9a481a2", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB/" } ] }, diff --git a/2021/41xxx/CVE-2021-41091.json b/2021/41xxx/CVE-2021-41091.json index 23cf8221c5b..cb284383ef4 100644 --- a/2021/41xxx/CVE-2021-41091.json +++ b/2021/41xxx/CVE-2021-41091.json @@ -83,11 +83,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-df975338d4", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-b5a9a481a2", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB/" } ] }, diff --git a/2021/41xxx/CVE-2021-41092.json b/2021/41xxx/CVE-2021-41092.json index 3528357553b..b4f2b33754d 100644 --- a/2021/41xxx/CVE-2021-41092.json +++ b/2021/41xxx/CVE-2021-41092.json @@ -83,11 +83,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-df975338d4", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-b5a9a481a2", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB/" } ] }, diff --git a/2021/41xxx/CVE-2021-41099.json b/2021/41xxx/CVE-2021-41099.json index d0a4a7cd7b3..6fbf500e158 100644 --- a/2021/41xxx/CVE-2021-41099.json +++ b/2021/41xxx/CVE-2021-41099.json @@ -102,21 +102,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-61c487f241", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-aa94492a09", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/" - }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20211104-0003/", - "url": "https://security.netapp.com/advisory/ntap-20211104-0003/" - }, - { - "refsource": "DEBIAN", - "name": "DSA-5001", - "url": "https://www.debian.org/security/2021/dsa-5001" } ] }, diff --git a/2021/41xxx/CVE-2021-41103.json b/2021/41xxx/CVE-2021-41103.json index fd97bb39d3b..fec77032935 100644 --- a/2021/41xxx/CVE-2021-41103.json +++ b/2021/41xxx/CVE-2021-41103.json @@ -86,16 +86,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-df975338d4", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-b5a9a481a2", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB/" - }, - { - "refsource": "DEBIAN", - "name": "DSA-5002", - "url": "https://www.debian.org/security/2021/dsa-5002" } ] }, diff --git a/2021/41xxx/CVE-2021-41134.json b/2021/41xxx/CVE-2021-41134.json index d0293c32248..6342f29465c 100644 --- a/2021/41xxx/CVE-2021-41134.json +++ b/2021/41xxx/CVE-2021-41134.json @@ -1,106 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41134", - "STATE": "PUBLIC", - "TITLE": "Stored XSS in Jupyter nbdime" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "nbdime", - "version": { - "version_data": [ - { - "version_value": "< 1.1.1 - nbdime (pip)" - }, - { - "version_value": ">= 2.0.0 , < 2.1.1 - nbdime (pip)" - }, - { - "version_value": ">= 3.0.0, < 3.1.1 - nbdime (pip)" - }, - { - "version_value": "< 5.0.2 - nbdime (npm)" - }, - { - "version_value": ">= 6.0.0, < 6.1.2 - nbdime (npm)" - }, - { - "version_value": "< 1.0.1 - nbdime-jupyterlab (npm)" - }, - { - "version_value": ">= 2.0.0, < 2.1.1 - nbdime-jupyterlab (npm)" - } - ] - } - } - ] - }, - "vendor_name": "jupyter" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41134", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "nbdime provides tools for diffing and merging of Jupyter Notebooks. In affected versions a stored cross-site scripting (XSS) issue exists within the Jupyter-owned nbdime project. It appears that when reading the file name and path from disk, the extension does not sanitize the string it constructs before returning it to be displayed. The diffNotebookCheckpoint function within nbdime causes this issue. When attempting to display the name of the local notebook (diffNotebookCheckpoint), nbdime appears to simply append .ipynb to the name of the input file. The NbdimeWidget is then created, and the base string is passed through to the request API function. From there, the frontend simply renders the HTML tag and anything along with it. Users are advised to patch to the most recent version of the affected product." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 8.7, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "LOW", - "scope": "CHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/jupyter/nbdime/security/advisories/GHSA-p6rw-44q7-3fw4", - "refsource": "CONFIRM", - "url": "https://github.com/jupyter/nbdime/security/advisories/GHSA-p6rw-44q7-3fw4" - }, - { - "name": "https://github.com/jupyter/nbdime/commit/e44a5cc7677f24b45ebafc756db49058c2f750ea", - "refsource": "MISC", - "url": "https://github.com/jupyter/nbdime/commit/e44a5cc7677f24b45ebafc756db49058c2f750ea" - } - ] - }, - "source": { - "advisory": "GHSA-p6rw-44q7-3fw4", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41170.json b/2021/41xxx/CVE-2021-41170.json index 5af28e7e122..3efee38a573 100644 --- a/2021/41xxx/CVE-2021-41170.json +++ b/2021/41xxx/CVE-2021-41170.json @@ -1,93 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41170", - "STATE": "PUBLIC", - "TITLE": "Evaluation of closures can lead to execution of methods & functions in current program scope" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "neoan3-template", - "version": { - "version_data": [ - { - "version_value": "< 1.1.1" - } - ] - } - } - ] - }, - "vendor_name": "sroehrl" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41170", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "### Impact Versions prior 1.1.1 have allowed for passing in closures directly into the template engine. As a result values that are callable are executed by the template engine. The issue arises if a value has the same name as a method or function in scope and can therefore be executed either by mistake or maliciously. In theory all users of the package are affected as long as they either deal with direct user input or database values. A multi-step attack on is therefore plausible. ### Patches Version 1.1.1 has addressed this vulnerability. ```php $params = [ 'reverse' => fn($input) => strrev($input), // <-- no longer possible with version ~1.1.1 'value' => 'My website' ] TemplateFunctions::registerClosure('reverse', fn($input) => strrev($input)); // <-- still possible (and nicely isolated) Template::embrace('

{{reverse(value)}}

', $params); ``` ### Workarounds Unfortunately only working with hardcoded values is safe in prior versions. As this likely defeats the purpose of a template engine, please upgrade. ### References As a possible exploit is relatively easy to achieve, I will not share steps to reproduce the issue for now. ### For more information If you have any questions or comments about this advisory: * Open an issue in [our repo](https://github.com/sroehrl/neoan3-template)" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 7.5, - "baseSeverity": "HIGH", - "confidentialityImpact": "NONE", - "integrityImpact": "HIGH", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-277: Insecure Inherited Permissions" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/sroehrl/neoan3-template/security/advisories/GHSA-3v56-q6r6-4gcw", - "refsource": "CONFIRM", - "url": "https://github.com/sroehrl/neoan3-template/security/advisories/GHSA-3v56-q6r6-4gcw" - }, - { - "name": "https://github.com/sroehrl/neoan3-template/issues/8", - "refsource": "MISC", - "url": "https://github.com/sroehrl/neoan3-template/issues/8" - }, - { - "name": "https://github.com/sroehrl/neoan3-template/commit/4a2c9570f071d3c8f4ac790007599cba20e16934", - "refsource": "MISC", - "url": "https://github.com/sroehrl/neoan3-template/commit/4a2c9570f071d3c8f4ac790007599cba20e16934" - } - ] - }, - "source": { - "advisory": "GHSA-3v56-q6r6-4gcw", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41174.json b/2021/41xxx/CVE-2021-41174.json index a84c9346b2b..8714df638e1 100644 --- a/2021/41xxx/CVE-2021-41174.json +++ b/2021/41xxx/CVE-2021-41174.json @@ -1,98 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41174", - "STATE": "PUBLIC", - "TITLE": "XSS vulnerability allowing arbitrary JavaScript execution" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "grafana", - "version": { - "version_data": [ - { - "version_value": ">= 8.0.0, < 8.2.3" - } - ] - } - } - ] - }, - "vendor_name": "grafana" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41174", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Grafana is an open-source platform for monitoring and observability. In affected versions if an attacker is able to convince a victim to visit a URL referencing a vulnerable page, arbitrary JavaScript content may be executed within the context of the victim's browser. The user visiting the malicious link must be unauthenticated and the link must be for a page that contains the login button in the menu bar. The url has to be crafted to exploit AngularJS rendering and contain the interpolation binding for AngularJS expressions. AngularJS uses double curly braces for interpolation binding: {{ }} ex: {{constructor.constructor(‘alert(1)’)()}}. When the user follows the link and the page renders, the login button will contain the original link with a query parameter to force a redirect to the login page. The URL is not validated and the AngularJS rendering engine will execute the JavaScript expression contained in the URL. Users are advised to upgrade as soon as possible. If for some reason you cannot upgrade, you can use a reverse proxy or similar to block access to block the literal string {{ in the path." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "HIGH", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 6.9, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "LOW", - "integrityImpact": "HIGH", - "privilegesRequired": "NONE", - "scope": "CHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:N", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/grafana/grafana/security/advisories/GHSA-3j9m-hcv9-rpj8", - "refsource": "CONFIRM", - "url": "https://github.com/grafana/grafana/security/advisories/GHSA-3j9m-hcv9-rpj8" - }, - { - "name": "https://github.com/grafana/grafana/commit/31b78d51c693d828720a5b285107a50e6024c912", - "refsource": "MISC", - "url": "https://github.com/grafana/grafana/commit/31b78d51c693d828720a5b285107a50e6024c912" - }, - { - "name": "https://github.com/grafana/grafana/commit/3cb5214fa45eb5a571fd70d6c6edf0d729983f82", - "refsource": "MISC", - "url": "https://github.com/grafana/grafana/commit/3cb5214fa45eb5a571fd70d6c6edf0d729983f82" - }, - { - "name": "https://github.com/grafana/grafana/commit/fb85ed691290d211a5baa44d9a641ab137f0de88", - "refsource": "MISC", - "url": "https://github.com/grafana/grafana/commit/fb85ed691290d211a5baa44d9a641ab137f0de88" - } - ] - }, - "source": { - "advisory": "GHSA-3j9m-hcv9-rpj8", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41187.json b/2021/41xxx/CVE-2021-41187.json index 6858d4c645a..2d1b11f2aa7 100644 --- a/2021/41xxx/CVE-2021-41187.json +++ b/2021/41xxx/CVE-2021-41187.json @@ -1,95 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41187", - "STATE": "PUBLIC", - "TITLE": "SQL Injection in DHIS2 Tracker API" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "dhis2-core", - "version": { - "version_data": [ - { - "version_value": ">= 2.32.0, < 2.32-EOS" - }, - { - "version_value": ">= 2.33.0, < 2.33-EOS" - }, - { - "version_value": ">= 2.34.0, < 2.34.7" - }, - { - "version_value": ">= 2.35.0, < 2.35.8" - }, - { - "version_value": ">= 2.36.0, < 2.36.4" - } - ] - } - } - ] - }, - "vendor_name": "dhis2" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41187", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "DHIS 2 is an information system for data capture, management, validation, analytics and visualization. A SQL injection security vulnerability has been found in specific versions of DHIS2. This vulnerability affects the API endpoints for /api/trackedEntityInstances and api/events in DHIS2. The system is vulnerable to attack only from users that are logged in to DHIS2, and there is no known way of exploiting the vulnerability without first being logged in as a DHIS2 user. A successful exploit of this vulnerability could allow the malicious user to read, edit and delete data in the DHIS2 instance. There are no known exploits of the security vulnerabilities addressed by these patch releases. However, we strongly recommend that all DHIS2 implementations using versions 2.32, 2.33, 2.34, 2.35 and 2.36 install these patches as soon as possible. There is no straightforward known workaround for DHIS2 instances using the Tracker functionality other than upgrading the affected DHIS2 server to one of the patches in which this vulnerability has been fixed. For implementations which do NOT use Tracker functionality, it may be possible to block all network access to POST to the /api/trackedEntityInstance and /api/events endpoints as a temporary workaround while waiting to upgrade." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 8.1, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/dhis2/dhis2-core/security/advisories/GHSA-fvm5-gp3j-c7c6", - "refsource": "CONFIRM", - "url": "https://github.com/dhis2/dhis2-core/security/advisories/GHSA-fvm5-gp3j-c7c6" - } - ] - }, - "source": { - "advisory": "GHSA-fvm5-gp3j-c7c6", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41195.json b/2021/41xxx/CVE-2021-41195.json index e92f78f1ee3..28674e94845 100644 --- a/2021/41xxx/CVE-2021-41195.json +++ b/2021/41xxx/CVE-2021-41195.json @@ -1,104 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41195", - "STATE": "PUBLIC", - "TITLE": "Crash in `tf.math.segment_*` operations" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "tensorflow", - "version": { - "version_data": [ - { - "version_value": ">= 2.6.0, < 2.6.1" - }, - { - "version_value": ">= 2.5.0, < 2.5.2" - }, - { - "version_value": "< 2.4.4" - } - ] - } - } - ] - }, - "vendor_name": "tensorflow" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41195", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "TensorFlow is an open source platform for machine learning. In affected versions the implementation of `tf.math.segment_*` operations results in a `CHECK`-fail related abort (and denial of service) if a segment id in `segment_ids` is large. This is similar to CVE-2021-29584 (and similar other reported vulnerabilities in TensorFlow, localized to specific APIs): the implementation (both on CPU and GPU) computes the output shape using `AddDim`. However, if the number of elements in the tensor overflows an `int64_t` value, `AddDim` results in a `CHECK` failure which provokes a `std::abort`. Instead, code should use `AddDimWithStatus`. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 5.5, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-190: Integer Overflow or Wraparound" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cq76-mxrc-vchh", - "refsource": "CONFIRM", - "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cq76-mxrc-vchh" - }, - { - "name": "https://github.com/tensorflow/tensorflow/issues/46888", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/issues/46888" - }, - { - "name": "https://github.com/tensorflow/tensorflow/pull/51733", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/pull/51733" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/e9c81c1e1a9cd8dd31f4e83676cab61b60658429", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/e9c81c1e1a9cd8dd31f4e83676cab61b60658429" - } - ] - }, - "source": { - "advisory": "GHSA-cq76-mxrc-vchh", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41196.json b/2021/41xxx/CVE-2021-41196.json index 1a95356814a..78c18b5f0a8 100644 --- a/2021/41xxx/CVE-2021-41196.json +++ b/2021/41xxx/CVE-2021-41196.json @@ -1,99 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41196", - "STATE": "PUBLIC", - "TITLE": "Crash in `max_pool3d` when size argument is 0 or negative" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "tensorflow", - "version": { - "version_data": [ - { - "version_value": ">= 2.6.0, < 2.6.1" - }, - { - "version_value": ">= 2.5.0, < 2.5.2" - }, - { - "version_value": "< 2.4.4" - } - ] - } - } - ] - }, - "vendor_name": "tensorflow" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41196", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "TensorFlow is an open source platform for machine learning. In affected versions the Keras pooling layers can trigger a segfault if the size of the pool is 0 or if a dimension is negative. This is due to the TensorFlow's implementation of pooling operations where the values in the sliding window are not checked to be strictly positive. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 5.5, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-191: Integer Underflow (Wrap or Wraparound)" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-m539-j985-hcr8", - "refsource": "CONFIRM", - "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-m539-j985-hcr8" - }, - { - "name": "https://github.com/tensorflow/tensorflow/issues/51936", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/issues/51936" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/12b1ff82b3f26ff8de17e58703231d5a02ef1b8b", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/12b1ff82b3f26ff8de17e58703231d5a02ef1b8b" - } - ] - }, - "source": { - "advisory": "GHSA-m539-j985-hcr8", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41197.json b/2021/41xxx/CVE-2021-41197.json index d7e5aa3ce04..c0cb5f1bda2 100644 --- a/2021/41xxx/CVE-2021-41197.json +++ b/2021/41xxx/CVE-2021-41197.json @@ -1,114 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41197", - "STATE": "PUBLIC", - "TITLE": "Crashes due to overflow and `CHECK`-fail in ops with large tensor shapes" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "tensorflow", - "version": { - "version_data": [ - { - "version_value": ">= 2.6.0, < 2.6.1" - }, - { - "version_value": ">= 2.5.0, < 2.5.2" - }, - { - "version_value": "< 2.4.4" - } - ] - } - } - ] - }, - "vendor_name": "tensorflow" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41197", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "TensorFlow is an open source platform for machine learning. In affected versions TensorFlow allows tensor to have a large number of dimensions and each dimension can be as large as desired. However, the total number of elements in a tensor must fit within an `int64_t`. If an overflow occurs, `MultiplyWithoutOverflow` would return a negative result. In the majority of TensorFlow codebase this then results in a `CHECK`-failure. Newer constructs exist which return a `Status` instead of crashing the binary. This is similar to CVE-2021-29584. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 5.5, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-190: Integer Overflow or Wraparound" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-prcg-wp5q-rv7p", - "refsource": "CONFIRM", - "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-prcg-wp5q-rv7p" - }, - { - "name": "https://github.com/tensorflow/tensorflow/issues/46890", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/issues/46890" - }, - { - "name": "https://github.com/tensorflow/tensorflow/issues/51908", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/issues/51908" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/7c1692bd417eb4f9b33ead749a41166d6080af85", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/7c1692bd417eb4f9b33ead749a41166d6080af85" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/a871989d7b6c18cdebf2fb4f0e5c5b62fbc19edf", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/a871989d7b6c18cdebf2fb4f0e5c5b62fbc19edf" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/d81b1351da3e8c884ff836b64458d94e4a157c15", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/d81b1351da3e8c884ff836b64458d94e4a157c15" - } - ] - }, - "source": { - "advisory": "GHSA-prcg-wp5q-rv7p", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41198.json b/2021/41xxx/CVE-2021-41198.json index fa197f8d57c..4cdbaa19614 100644 --- a/2021/41xxx/CVE-2021-41198.json +++ b/2021/41xxx/CVE-2021-41198.json @@ -1,99 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41198", - "STATE": "PUBLIC", - "TITLE": "Overflow/crash in `tf.tile` when tiling tensor is large" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "tensorflow", - "version": { - "version_data": [ - { - "version_value": ">= 2.6.0, < 2.6.1" - }, - { - "version_value": ">= 2.5.0, < 2.5.2" - }, - { - "version_value": "< 2.4.4" - } - ] - } - } - ] - }, - "vendor_name": "tensorflow" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41198", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "TensorFlow is an open source platform for machine learning. In affected versions if `tf.tile` is called with a large input argument then the TensorFlow process will crash due to a `CHECK`-failure caused by an overflow. The number of elements in the output tensor is too much for the `int64_t` type and the overflow is detected via a `CHECK` statement. This aborts the process. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 5.5, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-190: Integer Overflow or Wraparound" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-2p25-55c9-h58q", - "refsource": "CONFIRM", - "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-2p25-55c9-h58q" - }, - { - "name": "https://github.com/tensorflow/tensorflow/issues/46911", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/issues/46911" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/9294094df6fea79271778eb7e7ae1bad8b5ef98f", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/9294094df6fea79271778eb7e7ae1bad8b5ef98f" - } - ] - }, - "source": { - "advisory": "GHSA-2p25-55c9-h58q", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41199.json b/2021/41xxx/CVE-2021-41199.json index e86f15f0f69..9f34ef291ee 100644 --- a/2021/41xxx/CVE-2021-41199.json +++ b/2021/41xxx/CVE-2021-41199.json @@ -1,99 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41199", - "STATE": "PUBLIC", - "TITLE": "Overflow/crash in `tf.image.resize` when size is large" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "tensorflow", - "version": { - "version_data": [ - { - "version_value": ">= 2.6.0, < 2.6.1" - }, - { - "version_value": ">= 2.5.0, < 2.5.2" - }, - { - "version_value": "< 2.4.4" - } - ] - } - } - ] - }, - "vendor_name": "tensorflow" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41199", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "TensorFlow is an open source platform for machine learning. In affected versions if `tf.image.resize` is called with a large input argument then the TensorFlow process will crash due to a `CHECK`-failure caused by an overflow. The number of elements in the output tensor is too much for the `int64_t` type and the overflow is detected via a `CHECK` statement. This aborts the process. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 5.5, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-190: Integer Overflow or Wraparound" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5hx2-qx8j-qjqm", - "refsource": "CONFIRM", - "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5hx2-qx8j-qjqm" - }, - { - "name": "https://github.com/tensorflow/tensorflow/issues/46914", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/issues/46914" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/e5272d4204ff5b46136a1ef1204fc00597e21837", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/e5272d4204ff5b46136a1ef1204fc00597e21837" - } - ] - }, - "source": { - "advisory": "GHSA-5hx2-qx8j-qjqm", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41200.json b/2021/41xxx/CVE-2021-41200.json index 2b92f54aac8..548d6c199e3 100644 --- a/2021/41xxx/CVE-2021-41200.json +++ b/2021/41xxx/CVE-2021-41200.json @@ -1,99 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41200", - "STATE": "PUBLIC", - "TITLE": "Incomplete validation in `tf.summary.create_file_writer`" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "tensorflow", - "version": { - "version_data": [ - { - "version_value": ">= 2.6.0, < 2.6.1" - }, - { - "version_value": ">= 2.5.0, < 2.5.2" - }, - { - "version_value": "< 2.4.4" - } - ] - } - } - ] - }, - "vendor_name": "tensorflow" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41200", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "TensorFlow is an open source platform for machine learning. In affected versions if `tf.summary.create_file_writer` is called with non-scalar arguments code crashes due to a `CHECK`-fail. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 5.5, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-617: Reachable Assertion" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gh8h-7j2j-qv4f", - "refsource": "CONFIRM", - "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gh8h-7j2j-qv4f" - }, - { - "name": "https://github.com/tensorflow/tensorflow/issues/46909", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/issues/46909" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/874bda09e6702cd50bac90b453b50bcc65b2769e", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/874bda09e6702cd50bac90b453b50bcc65b2769e" - } - ] - }, - "source": { - "advisory": "GHSA-gh8h-7j2j-qv4f", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41201.json b/2021/41xxx/CVE-2021-41201.json index 1303d512b7b..b405cb26bb0 100644 --- a/2021/41xxx/CVE-2021-41201.json +++ b/2021/41xxx/CVE-2021-41201.json @@ -1,94 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41201", - "STATE": "PUBLIC", - "TITLE": "Unitialized access in `EinsumHelper::ParseEquation`" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "tensorflow", - "version": { - "version_data": [ - { - "version_value": ">= 2.6.0, < 2.6.1" - }, - { - "version_value": ">= 2.5.0, < 2.5.2" - }, - { - "version_value": "< 2.4.4" - } - ] - } - } - ] - }, - "vendor_name": "tensorflow" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41201", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "TensorFlow is an open source platform for machine learning. In affeced versions during execution, `EinsumHelper::ParseEquation()` is supposed to set the flags in `input_has_ellipsis` vector and `*output_has_ellipsis` boolean to indicate whether there is ellipsis in the corresponding inputs and output. However, the code only changes these flags to `true` and never assigns `false`. This results in unitialized variable access if callers assume that `EinsumHelper::ParseEquation()` always sets these flags. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-824: Access of Uninitialized Pointer" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-j86v-p27c-73fm", - "refsource": "CONFIRM", - "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-j86v-p27c-73fm" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/f09caa532b6e1ac8d2aa61b7832c78c5b79300c6", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/f09caa532b6e1ac8d2aa61b7832c78c5b79300c6" - } - ] - }, - "source": { - "advisory": "GHSA-j86v-p27c-73fm", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41202.json b/2021/41xxx/CVE-2021-41202.json index 67260d92c87..3676dba5b22 100644 --- a/2021/41xxx/CVE-2021-41202.json +++ b/2021/41xxx/CVE-2021-41202.json @@ -1,109 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41202", - "STATE": "PUBLIC", - "TITLE": "Overflow/crash in `tf.range`" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "tensorflow", - "version": { - "version_data": [ - { - "version_value": ">= 2.6.0, < 2.6.1" - }, - { - "version_value": ">= 2.5.0, < 2.5.2" - }, - { - "version_value": "< 2.4.4" - } - ] - } - } - ] - }, - "vendor_name": "tensorflow" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41202", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "TensorFlow is an open source platform for machine learning. In affected versions while calculating the size of the output within the `tf.range` kernel, there is a conditional statement of type `int64 = condition ? int64 : double`. Due to C++ implicit conversion rules, both branches of the condition will be cast to `double` and the result would be truncated before the assignment. This result in overflows. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 5.5, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-681: Incorrect Conversion between Numeric Types" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xrqm-fpgr-6hhx", - "refsource": "CONFIRM", - "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xrqm-fpgr-6hhx" - }, - { - "name": "https://github.com/tensorflow/tensorflow/issues/46889", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/issues/46889" - }, - { - "name": "https://github.com/tensorflow/tensorflow/issues/46912", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/issues/46912" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/1b0e0ec27e7895b9985076eab32445026ae5ca94", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/1b0e0ec27e7895b9985076eab32445026ae5ca94" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/6d94002a09711d297dbba90390d5482b76113899", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/6d94002a09711d297dbba90390d5482b76113899" - } - ] - }, - "source": { - "advisory": "GHSA-xrqm-fpgr-6hhx", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41203.json b/2021/41xxx/CVE-2021-41203.json index 102d48cc1ee..9ad0f3fb78d 100644 --- a/2021/41xxx/CVE-2021-41203.json +++ b/2021/41xxx/CVE-2021-41203.json @@ -1,109 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41203", - "STATE": "PUBLIC", - "TITLE": "Missing validation during checkpoint loading" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "tensorflow", - "version": { - "version_data": [ - { - "version_value": ">= 2.6.0, < 2.6.1" - }, - { - "version_value": ">= 2.5.0, < 2.5.2" - }, - { - "version_value": "< 2.4.4" - } - ] - } - } - ] - }, - "vendor_name": "tensorflow" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41203", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "TensorFlow is an open source platform for machine learning. In affected versions an attacker can trigger undefined behavior, integer overflows, segfaults and `CHECK`-fail crashes if they can change saved checkpoints from outside of TensorFlow. This is because the checkpoints loading infrastructure is missing validation for invalid file formats. The fixes will be included in TensorFlow 2.7.0. We will also cherrypick these commits on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-345: Insufficient Verification of Data Authenticity" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7pxj-m4jf-r6h2", - "refsource": "CONFIRM", - "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7pxj-m4jf-r6h2" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/368af875869a204b4ac552b9ddda59f6a46a56ec", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/368af875869a204b4ac552b9ddda59f6a46a56ec" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/abcced051cb1bd8fb05046ac3b6023a7ebcc4578", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/abcced051cb1bd8fb05046ac3b6023a7ebcc4578" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/b619c6f865715ca3b15ef1842b5b95edbaa710ad", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/b619c6f865715ca3b15ef1842b5b95edbaa710ad" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/e8dc63704c88007ee4713076605c90188d66f3d2", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/e8dc63704c88007ee4713076605c90188d66f3d2" - } - ] - }, - "source": { - "advisory": "GHSA-7pxj-m4jf-r6h2", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41204.json b/2021/41xxx/CVE-2021-41204.json index 571c0e1bc2d..eb4f6f61fda 100644 --- a/2021/41xxx/CVE-2021-41204.json +++ b/2021/41xxx/CVE-2021-41204.json @@ -1,94 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41204", - "STATE": "PUBLIC", - "TITLE": "Segfault while copying constant resource tensor" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "tensorflow", - "version": { - "version_data": [ - { - "version_value": ">= 2.6.0, < 2.6.1" - }, - { - "version_value": ">= 2.5.0, < 2.5.1" - }, - { - "version_value": "< 2.4.4" - } - ] - } - } - ] - }, - "vendor_name": "tensorflow" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41204", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "TensorFlow is an open source platform for machine learning. In affected versions during TensorFlow's Grappler optimizer phase, constant folding might attempt to deep copy a resource tensor. This results in a segfault, as these tensors are supposed to not change. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 5.5, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-824: Access of Uninitialized Pointer" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-786j-5qwq-r36x", - "refsource": "CONFIRM", - "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-786j-5qwq-r36x" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/7731e8dfbe4a56773be5dc94d631611211156659", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/7731e8dfbe4a56773be5dc94d631611211156659" - } - ] - }, - "source": { - "advisory": "GHSA-786j-5qwq-r36x", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41205.json b/2021/41xxx/CVE-2021-41205.json index c0f10ab88ee..a557e3dfdac 100644 --- a/2021/41xxx/CVE-2021-41205.json +++ b/2021/41xxx/CVE-2021-41205.json @@ -1,94 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41205", - "STATE": "PUBLIC", - "TITLE": "Heap OOB read in all `tf.raw_ops.QuantizeAndDequantizeV*` ops" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "tensorflow", - "version": { - "version_data": [ - { - "version_value": ">= 2.6.0, < 2.6.1" - }, - { - "version_value": ">= 2.5.0, < 2.5.2" - }, - { - "version_value": "< 2.4.4" - } - ] - } - } - ] - }, - "vendor_name": "tensorflow" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41205", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "TensorFlow is an open source platform for machine learning. In affected versions the shape inference functions for the `QuantizeAndDequantizeV*` operations can trigger a read outside of bounds of heap allocated array. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 7.1, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-125: Out-of-bounds Read" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-49rx-x2rw-pc6f", - "refsource": "CONFIRM", - "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-49rx-x2rw-pc6f" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/7cf73a2274732c9d82af51c2bc2cf90d13cd7e6d", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/7cf73a2274732c9d82af51c2bc2cf90d13cd7e6d" - } - ] - }, - "source": { - "advisory": "GHSA-49rx-x2rw-pc6f", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41206.json b/2021/41xxx/CVE-2021-41206.json index 3d54d810d0e..b18886a5cc6 100644 --- a/2021/41xxx/CVE-2021-41206.json +++ b/2021/41xxx/CVE-2021-41206.json @@ -1,119 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41206", - "STATE": "PUBLIC", - "TITLE": "Incomplete validation of shapes in multiple TF ops" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "tensorflow", - "version": { - "version_data": [ - { - "version_value": ">= 2.6.0, < 2.6.1" - }, - { - "version_value": ">= 2.5.0, < 2.5.2" - }, - { - "version_value": "< 2.4.4" - } - ] - } - } - ] - }, - "vendor_name": "tensorflow" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41206", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "TensorFlow is an open source platform for machine learning. In affected versions several TensorFlow operations are missing validation for the shapes of the tensor arguments involved in the call. Depending on the API, this can result in undefined behavior and segfault or `CHECK`-fail related crashes but in some scenarios writes and reads from heap populated arrays are also possible. We have discovered these issues internally via tooling while working on improving/testing GPU op determinism. As such, we don't have reproducers and there will be multiple fixes for these issues. These fixes will be included in TensorFlow 2.7.0. We will also cherrypick these commits on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "HIGH", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 7.0, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-354: Improper Validation of Integrity Check Value" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pgcq-h79j-2f69", - "refsource": "CONFIRM", - "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pgcq-h79j-2f69" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/4d74d8a00b07441cba090a02e0dd9ed385145bf4", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/4d74d8a00b07441cba090a02e0dd9ed385145bf4" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/4dddb2fd0b01cdd196101afbba6518658a2c9e07", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/4dddb2fd0b01cdd196101afbba6518658a2c9e07" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/579261dcd446385831fe4f7457d802a59685121d", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/579261dcd446385831fe4f7457d802a59685121d" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/68422b215e618df5ad375bcdc6d2052e9fd3080a", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/68422b215e618df5ad375bcdc6d2052e9fd3080a" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/da4aad5946be30e5f049920fa076e1f7ef021261", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/da4aad5946be30e5f049920fa076e1f7ef021261" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/e7f497570abb6b4ae5af4970620cd880e4c0c904", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/e7f497570abb6b4ae5af4970620cd880e4c0c904" - } - ] - }, - "source": { - "advisory": "GHSA-pgcq-h79j-2f69", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41207.json b/2021/41xxx/CVE-2021-41207.json index fa1051c54a5..10c318c9eca 100644 --- a/2021/41xxx/CVE-2021-41207.json +++ b/2021/41xxx/CVE-2021-41207.json @@ -1,94 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41207", - "STATE": "PUBLIC", - "TITLE": "Division by zero in `ParallelConcat`" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "tensorflow", - "version": { - "version_data": [ - { - "version_value": ">= 2.6.0, < 2.6.1" - }, - { - "version_value": ">= 2.5.0, < 2.5.2" - }, - { - "version_value": "< 2.4.4" - } - ] - } - } - ] - }, - "vendor_name": "tensorflow" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41207", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "TensorFlow is an open source platform for machine learning. In affected versions the implementation of `ParallelConcat` misses some input validation and can produce a division by 0. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 5.5, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-369: Divide By Zero" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/tensorflow/tensorflow/commit/f2c3931113eaafe9ef558faaddd48e00a6606235", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/f2c3931113eaafe9ef558faaddd48e00a6606235" - }, - { - "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7v94-64hj-m82h", - "refsource": "CONFIRM", - "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7v94-64hj-m82h" - } - ] - }, - "source": { - "advisory": "GHSA-7v94-64hj-m82h", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41208.json b/2021/41xxx/CVE-2021-41208.json index 4f252abee49..79187ae8398 100644 --- a/2021/41xxx/CVE-2021-41208.json +++ b/2021/41xxx/CVE-2021-41208.json @@ -1,102 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41208", - "STATE": "PUBLIC", - "TITLE": "Incomplete validation in boosted trees code" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "tensorflow", - "version": { - "version_data": [ - { - "version_value": ">= 2.6.0, < 2.6.1" - }, - { - "version_value": ">= 2.5.0, < 2.5.2" - }, - { - "version_value": "< 2.4.4" - } - ] - } - } - ] - }, - "vendor_name": "tensorflow" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41208", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "TensorFlow is an open source platform for machine learning. In affected versions the code for boosted trees in TensorFlow is still missing validation. As a result, attackers can trigger denial of service (via dereferencing `nullptr`s or via `CHECK`-failures) as well as abuse undefined behavior (binding references to `nullptr`s). An attacker can also read and write from heap buffers, depending on the API that gets used and the arguments that are passed to the call. Given that the boosted trees implementation in TensorFlow is unmaintained, it is recommend to no longer use these APIs. We will deprecate TensorFlow's boosted trees APIs in subsequent releases. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "LOW", - "scope": "CHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-476: NULL Pointer Dereference" - } - ] - }, - { - "description": [ - { - "lang": "eng", - "value": "CWE-824: Access of Uninitialized Pointer" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-57wx-m983-2f88", - "refsource": "CONFIRM", - "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-57wx-m983-2f88" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/5c8c9a8bfe750f9743d0c859bae112060b216f5c", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/5c8c9a8bfe750f9743d0c859bae112060b216f5c" - } - ] - }, - "source": { - "advisory": "GHSA-57wx-m983-2f88", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41209.json b/2021/41xxx/CVE-2021-41209.json index b43d692231c..0a5e2ef0dd0 100644 --- a/2021/41xxx/CVE-2021-41209.json +++ b/2021/41xxx/CVE-2021-41209.json @@ -1,94 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41209", - "STATE": "PUBLIC", - "TITLE": "FPE in convolutions with zero size filters" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "tensorflow", - "version": { - "version_data": [ - { - "version_value": ">= 2.6.0, < 2.6.1" - }, - { - "version_value": ">= 2.5.0, < 2.5.2" - }, - { - "version_value": "< 2.4.4" - } - ] - } - } - ] - }, - "vendor_name": "tensorflow" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41209", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "TensorFlow is an open source platform for machine learning. In affected versions the implementations for convolution operators trigger a division by 0 if passed empty filter tensor arguments. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 5.5, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-369: Divide By Zero" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6hpv-v2rx-c5g6", - "refsource": "CONFIRM", - "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6hpv-v2rx-c5g6" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/f2c3931113eaafe9ef558faaddd48e00a6606235", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/f2c3931113eaafe9ef558faaddd48e00a6606235" - } - ] - }, - "source": { - "advisory": "GHSA-6hpv-v2rx-c5g6", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41210.json b/2021/41xxx/CVE-2021-41210.json index c0298e2202c..9d681594b6c 100644 --- a/2021/41xxx/CVE-2021-41210.json +++ b/2021/41xxx/CVE-2021-41210.json @@ -1,94 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41210", - "STATE": "PUBLIC", - "TITLE": "Heap OOB read in `tf.raw_ops.SparseCountSparseOutput`" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "tensorflow", - "version": { - "version_data": [ - { - "version_value": ">= 2.6.0, < 2.6.1" - }, - { - "version_value": ">= 2.5.0, < 2.5.2" - }, - { - "version_value": "< 2.4.4" - } - ] - } - } - ] - }, - "vendor_name": "tensorflow" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41210", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "TensorFlow is an open source platform for machine learning. In affected versions the shape inference functions for `SparseCountSparseOutput` can trigger a read outside of bounds of heap allocated array. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 7.1, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-125: Out-of-bounds Read" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-m342-ff57-4jcc", - "refsource": "CONFIRM", - "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-m342-ff57-4jcc" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/701cfaca222a82afbeeb17496bd718baa65a67d2", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/701cfaca222a82afbeeb17496bd718baa65a67d2" - } - ] - }, - "source": { - "advisory": "GHSA-m342-ff57-4jcc", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41211.json b/2021/41xxx/CVE-2021-41211.json index 3570ae9b84c..29c5c215ce9 100644 --- a/2021/41xxx/CVE-2021-41211.json +++ b/2021/41xxx/CVE-2021-41211.json @@ -1,88 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41211", - "STATE": "PUBLIC", - "TITLE": "Heap OOB read in shape inference for `QuantizeV2`" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "tensorflow", - "version": { - "version_data": [ - { - "version_value": ">= 2.6.0, < 2.6.1" - } - ] - } - } - ] - }, - "vendor_name": "tensorflow" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41211", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `QuantizeV2` can trigger a read outside of bounds of heap allocated array. This occurs whenever `axis` is a negative value less than `-1`. In this case, we are accessing data before the start of a heap buffer. The code allows `axis` to be an optional argument (`s` would contain an `error::NOT_FOUND` error code). Otherwise, it assumes that `axis` is a valid index into the dimensions of the `input` tensor. If `axis` is less than `-1` then this results in a heap OOB read. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, as this version is the only one that is also affected." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 7.1, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-125: Out-of-bounds Read" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cvgx-3v3q-m36c", - "refsource": "CONFIRM", - "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cvgx-3v3q-m36c" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/a0d64445116c43cf46a5666bd4eee28e7a82f244", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/a0d64445116c43cf46a5666bd4eee28e7a82f244" - } - ] - }, - "source": { - "advisory": "GHSA-cvgx-3v3q-m36c", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41212.json b/2021/41xxx/CVE-2021-41212.json index 860bf94c111..f21d20558f1 100644 --- a/2021/41xxx/CVE-2021-41212.json +++ b/2021/41xxx/CVE-2021-41212.json @@ -1,94 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41212", - "STATE": "PUBLIC", - "TITLE": "Heap OOB read in `tf.ragged.cross`" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "tensorflow", - "version": { - "version_data": [ - { - "version_value": ">= 2.6.0, < 2.6.1" - }, - { - "version_value": ">= 2.5.0, < 2.5.2" - }, - { - "version_value": "< 2.4.4" - } - ] - } - } - ] - }, - "vendor_name": "tensorflow" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41212", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `tf.ragged.cross` can trigger a read outside of bounds of heap allocated array. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 7.1, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-125: Out-of-bounds Read" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fr77-rrx3-cp7g", - "refsource": "CONFIRM", - "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fr77-rrx3-cp7g" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/fa6b7782fbb14aa08d767bc799c531f5e1fb3bb8", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/fa6b7782fbb14aa08d767bc799c531f5e1fb3bb8" - } - ] - }, - "source": { - "advisory": "GHSA-fr77-rrx3-cp7g", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41213.json b/2021/41xxx/CVE-2021-41213.json index f34bf7f8d42..426c397b914 100644 --- a/2021/41xxx/CVE-2021-41213.json +++ b/2021/41xxx/CVE-2021-41213.json @@ -1,94 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41213", - "STATE": "PUBLIC", - "TITLE": "Deadlock in mutually recursive `tf.function` objects" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "tensorflow", - "version": { - "version_data": [ - { - "version_value": ">= 2.6.0, < 2.6.1" - }, - { - "version_value": ">= 2.5.0, < 2.5.2" - }, - { - "version_value": "< 2.4.4" - } - ] - } - } - ] - }, - "vendor_name": "tensorflow" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41213", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "TensorFlow is an open source platform for machine learning. In affected versions the code behind `tf.function` API can be made to deadlock when two `tf.function` decorated Python functions are mutually recursive. This occurs due to using a non-reentrant `Lock` Python object. Loading any model which contains mutually recursive functions is vulnerable. An attacker can cause denial of service by causing users to load such models and calling a recursive `tf.function`, although this is not a frequent scenario. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 5.5, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-667: Improper Locking" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-h67m-xg8f-fxcf", - "refsource": "CONFIRM", - "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-h67m-xg8f-fxcf" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/afac8158d43691661ad083f6dd9e56f327c1dcb7", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/afac8158d43691661ad083f6dd9e56f327c1dcb7" - } - ] - }, - "source": { - "advisory": "GHSA-h67m-xg8f-fxcf", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41214.json b/2021/41xxx/CVE-2021-41214.json index d1709a96071..2f299d757f9 100644 --- a/2021/41xxx/CVE-2021-41214.json +++ b/2021/41xxx/CVE-2021-41214.json @@ -1,94 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41214", - "STATE": "PUBLIC", - "TITLE": "Reference binding to `nullptr` in `tf.ragged.cross`" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "tensorflow", - "version": { - "version_data": [ - { - "version_value": ">= 2.6.0, < 2.6.1" - }, - { - "version_value": ">= 2.5.0, < 2.5.2" - }, - { - "version_value": "< 2.4.4" - } - ] - } - } - ] - }, - "vendor_name": "tensorflow" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41214", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `tf.ragged.cross` has an undefined behavior due to binding a reference to `nullptr`. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-824: Access of Uninitialized Pointer" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/tensorflow/tensorflow/commit/fa6b7782fbb14aa08d767bc799c531f5e1fb3bb8", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/fa6b7782fbb14aa08d767bc799c531f5e1fb3bb8" - }, - { - "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vwhq-49r4-gj9v", - "refsource": "CONFIRM", - "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vwhq-49r4-gj9v" - } - ] - }, - "source": { - "advisory": "GHSA-vwhq-49r4-gj9v", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41215.json b/2021/41xxx/CVE-2021-41215.json index 0057873c0f5..cf1b9e51772 100644 --- a/2021/41xxx/CVE-2021-41215.json +++ b/2021/41xxx/CVE-2021-41215.json @@ -1,94 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41215", - "STATE": "PUBLIC", - "TITLE": "Null pointer exception in `DeserializeSparse`" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "tensorflow", - "version": { - "version_data": [ - { - "version_value": ">= 2.6.0, < 2.6.1" - }, - { - "version_value": ">= 2.5.0, < 2.5.2" - }, - { - "version_value": "< 2.4.4" - } - ] - } - } - ] - }, - "vendor_name": "tensorflow" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41215", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `DeserializeSparse` can trigger a null pointer dereference. This is because the shape inference function assumes that the `serialize_sparse` tensor is a tensor with positive rank (and having `3` as the last dimension). The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 5.5, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-476: NULL Pointer Dereference" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-x3v8-c8qx-3j3r", - "refsource": "CONFIRM", - "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-x3v8-c8qx-3j3r" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/d3738dd70f1c9ceb547258cbb82d853da8771850", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/d3738dd70f1c9ceb547258cbb82d853da8771850" - } - ] - }, - "source": { - "advisory": "GHSA-x3v8-c8qx-3j3r", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41216.json b/2021/41xxx/CVE-2021-41216.json index 9371bcec59f..d2ab11b20b3 100644 --- a/2021/41xxx/CVE-2021-41216.json +++ b/2021/41xxx/CVE-2021-41216.json @@ -1,94 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41216", - "STATE": "PUBLIC", - "TITLE": "Heap buffer overflow in `Transpose`" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "tensorflow", - "version": { - "version_data": [ - { - "version_value": ">= 2.6.0, < 2.6.1" - }, - { - "version_value": ">= 2.5.0, < 2.5.2" - }, - { - "version_value": "< 2.4.4" - } - ] - } - } - ] - }, - "vendor_name": "tensorflow" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41216", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "TensorFlow is an open source platform for machine learning. In affected versions the shape inference function for `Transpose` is vulnerable to a heap buffer overflow. This occurs whenever `perm` contains negative elements. The shape inference function does not validate that the indices in `perm` are all valid. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 5.5, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-3ff2-r28g-w7h9", - "refsource": "CONFIRM", - "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-3ff2-r28g-w7h9" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/c79ba87153ee343401dbe9d1954d7f79e521eb14", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/c79ba87153ee343401dbe9d1954d7f79e521eb14" - } - ] - }, - "source": { - "advisory": "GHSA-3ff2-r28g-w7h9", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41217.json b/2021/41xxx/CVE-2021-41217.json index 56b688e85d3..3436c058740 100644 --- a/2021/41xxx/CVE-2021-41217.json +++ b/2021/41xxx/CVE-2021-41217.json @@ -1,94 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41217", - "STATE": "PUBLIC", - "TITLE": "Null pointer exception when `Exit` node is not preceded by `Enter` op" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "tensorflow", - "version": { - "version_data": [ - { - "version_value": ">= 2.6.0, < 2.6.1" - }, - { - "version_value": ">= 2.5.0, < 2.5.2" - }, - { - "version_value": "< 2.4.4" - } - ] - } - } - ] - }, - "vendor_name": "tensorflow" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41217", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "TensorFlow is an open source platform for machine learning. In affected versions the process of building the control flow graph for a TensorFlow model is vulnerable to a null pointer exception when nodes that should be paired are not. This occurs because the code assumes that the first node in the pairing (e.g., an `Enter` node) always exists when encountering the second node (e.g., an `Exit` node). When this is not the case, `parent` is `nullptr` so dereferencing it causes a crash. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 5.5, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-476: NULL Pointer Dereference" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5crj-c72x-m7gq", - "refsource": "CONFIRM", - "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5crj-c72x-m7gq" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/05cbebd3c6bb8f517a158b0155debb8df79017ff", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/05cbebd3c6bb8f517a158b0155debb8df79017ff" - } - ] - }, - "source": { - "advisory": "GHSA-5crj-c72x-m7gq", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41218.json b/2021/41xxx/CVE-2021-41218.json index aa9d42c74cb..9bdb26cc26a 100644 --- a/2021/41xxx/CVE-2021-41218.json +++ b/2021/41xxx/CVE-2021-41218.json @@ -1,94 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41218", - "STATE": "PUBLIC", - "TITLE": "Integer division by 0 in `tf.raw_ops.AllToAll`" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "tensorflow", - "version": { - "version_data": [ - { - "version_value": ">= 2.6.0, < 2.6.1" - }, - { - "version_value": ">= 2.5.0, < 2.5.2" - }, - { - "version_value": "< 2.4.4" - } - ] - } - } - ] - }, - "vendor_name": "tensorflow" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41218", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `AllToAll` can be made to execute a division by 0. This occurs whenever the `split_count` argument is 0. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 5.5, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-369: Divide By Zero" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9crf-c6qr-r273", - "refsource": "CONFIRM", - "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9crf-c6qr-r273" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/a8ad3e5e79c75f36edb81e0ba3f3c0c5442aeddc", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/a8ad3e5e79c75f36edb81e0ba3f3c0c5442aeddc" - } - ] - }, - "source": { - "advisory": "GHSA-9crf-c6qr-r273", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41219.json b/2021/41xxx/CVE-2021-41219.json index 7d7729c55b0..68d15e9d9f9 100644 --- a/2021/41xxx/CVE-2021-41219.json +++ b/2021/41xxx/CVE-2021-41219.json @@ -1,94 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41219", - "STATE": "PUBLIC", - "TITLE": "Undefined behavior via `nullptr` reference binding in sparse matrix multiplication" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "tensorflow", - "version": { - "version_data": [ - { - "version_value": ">= 2.6.0, < 2.6.1" - }, - { - "version_value": ">= 2.5.0, < 2.5.2" - }, - { - "version_value": "< 2.4.4" - } - ] - } - } - ] - }, - "vendor_name": "tensorflow" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41219", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "TensorFlow is an open source platform for machine learning. In affected versions the code for sparse matrix multiplication is vulnerable to undefined behavior via binding a reference to `nullptr`. This occurs whenever the dimensions of `a` or `b` are 0 or less. In the case on one of these is 0, an empty output tensor should be allocated (to conserve the invariant that output tensors are always allocated when the operation is successful) but nothing should be written to it (that is, we should return early from the kernel implementation). Otherwise, attempts to write to this empty tensor would result in heap OOB access. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-824: Access of Uninitialized Pointer" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4f99-p9c2-3j8x", - "refsource": "CONFIRM", - "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4f99-p9c2-3j8x" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/e6cf28c72ba2eb949ca950d834dd6d66bb01cfae", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/e6cf28c72ba2eb949ca950d834dd6d66bb01cfae" - } - ] - }, - "source": { - "advisory": "GHSA-4f99-p9c2-3j8x", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41220.json b/2021/41xxx/CVE-2021-41220.json index 173b397e148..e367f97503f 100644 --- a/2021/41xxx/CVE-2021-41220.json +++ b/2021/41xxx/CVE-2021-41220.json @@ -1,88 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41220", - "STATE": "PUBLIC", - "TITLE": "Use after free in `CollectiveReduceV2`" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "tensorflow", - "version": { - "version_data": [ - { - "version_value": ">= 2.6.0, < 2.6.1" - } - ] - } - } - ] - }, - "vendor_name": "tensorflow" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41220", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "TensorFlow is an open source platform for machine learning. In affected versions the async implementation of `CollectiveReduceV2` suffers from a memory leak and a use after free. This occurs due to the asynchronous computation and the fact that objects that have been `std::move()`d from are still accessed. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, as this version is the only one that is also affected." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-416: Use After Free" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gpfh-jvf9-7wg5", - "refsource": "CONFIRM", - "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gpfh-jvf9-7wg5" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/ca38dab9d3ee66c5de06f11af9a4b1200da5ef75", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/ca38dab9d3ee66c5de06f11af9a4b1200da5ef75" - } - ] - }, - "source": { - "advisory": "GHSA-gpfh-jvf9-7wg5", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41221.json b/2021/41xxx/CVE-2021-41221.json index f187e9cd068..ec6cad6b105 100644 --- a/2021/41xxx/CVE-2021-41221.json +++ b/2021/41xxx/CVE-2021-41221.json @@ -1,94 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41221", - "STATE": "PUBLIC", - "TITLE": "Access to invalid memory during shape inference in `Cudnn*` ops" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "tensorflow", - "version": { - "version_data": [ - { - "version_value": ">= 2.6.0, < 2.6.1" - }, - { - "version_value": ">= 2.5.0, < 2.5.2" - }, - { - "version_value": "< 2.4.4" - } - ] - } - } - ] - }, - "vendor_name": "tensorflow" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41221", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for the `Cudnn*` operations in TensorFlow can be tricked into accessing invalid memory, via a heap buffer overflow. This occurs because the ranks of the `input`, `input_h` and `input_c` parameters are not validated, but code assumes they have certain values. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cqv6-3phm-hcwx", - "refsource": "CONFIRM", - "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cqv6-3phm-hcwx" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/af5fcebb37c8b5d71c237f4e59c6477015c78ce6", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/af5fcebb37c8b5d71c237f4e59c6477015c78ce6" - } - ] - }, - "source": { - "advisory": "GHSA-cqv6-3phm-hcwx", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41222.json b/2021/41xxx/CVE-2021-41222.json index e955ef931fe..8e2c179e9a9 100644 --- a/2021/41xxx/CVE-2021-41222.json +++ b/2021/41xxx/CVE-2021-41222.json @@ -1,94 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41222", - "STATE": "PUBLIC", - "TITLE": "Segfault due to negative splits in `SplitV`" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "tensorflow", - "version": { - "version_data": [ - { - "version_value": ">= 2.6.0, < 2.6.1" - }, - { - "version_value": ">= 2.5.0, < 2.5.2" - }, - { - "version_value": "< 2.4.4" - } - ] - } - } - ] - }, - "vendor_name": "tensorflow" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41222", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "TensorFlow is an open source platform for machine learning. In affected versions the implementation of `SplitV` can trigger a segfault is an attacker supplies negative arguments. This occurs whenever `size_splits` contains more than one value and at least one value is negative. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 5.5, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-682: Incorrect Calculation" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cpf4-wx82-gxp6", - "refsource": "CONFIRM", - "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cpf4-wx82-gxp6" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/25d622ffc432acc736b14ca3904177579e733cc6", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/25d622ffc432acc736b14ca3904177579e733cc6" - } - ] - }, - "source": { - "advisory": "GHSA-cpf4-wx82-gxp6", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41223.json b/2021/41xxx/CVE-2021-41223.json index 5c5e6aaf5a8..3a768809ce7 100644 --- a/2021/41xxx/CVE-2021-41223.json +++ b/2021/41xxx/CVE-2021-41223.json @@ -1,94 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41223", - "STATE": "PUBLIC", - "TITLE": "Heap OOB read in `FusedBatchNorm` kernels" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "tensorflow", - "version": { - "version_data": [ - { - "version_value": ">= 2.6.0, < 2.6.1" - }, - { - "version_value": ">= 2.5.0, < 2.5.2" - }, - { - "version_value": "< 2.4.4" - } - ] - } - } - ] - }, - "vendor_name": "tensorflow" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41223", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "TensorFlow is an open source platform for machine learning. In affected versions the implementation of `FusedBatchNorm` kernels is vulnerable to a heap OOB access. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 7.1, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-125: Out-of-bounds Read" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f54p-f6jp-4rhr", - "refsource": "CONFIRM", - "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f54p-f6jp-4rhr" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/aab9998916c2ffbd8f0592059fad352622f89cda", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/aab9998916c2ffbd8f0592059fad352622f89cda" - } - ] - }, - "source": { - "advisory": "GHSA-f54p-f6jp-4rhr", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41224.json b/2021/41xxx/CVE-2021-41224.json index cae73389316..3f8475b2b79 100644 --- a/2021/41xxx/CVE-2021-41224.json +++ b/2021/41xxx/CVE-2021-41224.json @@ -1,94 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41224", - "STATE": "PUBLIC", - "TITLE": "`SparseFillEmptyRows` heap OOB read" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "tensorflow", - "version": { - "version_data": [ - { - "version_value": ">= 2.6.0, < 2.6.1" - }, - { - "version_value": ">= 2.5.0, < 2.5.2" - }, - { - "version_value": "< 2.4.4" - } - ] - } - } - ] - }, - "vendor_name": "tensorflow" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41224", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "TensorFlow is an open source platform for machine learning. In affected versions the implementation of `SparseFillEmptyRows` can be made to trigger a heap OOB access. This occurs whenever the size of `indices` does not match the size of `values`. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 7.1, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-125: Out-of-bounds Read" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rg3m-hqc5-344v", - "refsource": "CONFIRM", - "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rg3m-hqc5-344v" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/67bfd9feeecfb3c61d80f0e46d89c170fbee682b", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/67bfd9feeecfb3c61d80f0e46d89c170fbee682b" - } - ] - }, - "source": { - "advisory": "GHSA-rg3m-hqc5-344v", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41225.json b/2021/41xxx/CVE-2021-41225.json index 0c755722793..79c58139823 100644 --- a/2021/41xxx/CVE-2021-41225.json +++ b/2021/41xxx/CVE-2021-41225.json @@ -1,94 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41225", - "STATE": "PUBLIC", - "TITLE": "A use of uninitialized value vulnerability in Tensorflow" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "tensorflow", - "version": { - "version_data": [ - { - "version_value": ">= 2.6.0, < 2.6.1" - }, - { - "version_value": ">= 2.5.0, < 2.5.2" - }, - { - "version_value": "< 2.4.4" - } - ] - } - } - ] - }, - "vendor_name": "tensorflow" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41225", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "TensorFlow is an open source platform for machine learning. In affected versions TensorFlow's Grappler optimizer has a use of unitialized variable. If the `train_nodes` vector (obtained from the saved model that gets optimized) does not contain a `Dequeue` node, then `dequeue_node` is left unitialized. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 5.5, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-908: Use of Uninitialized Resource" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7r94-xv9v-63jw", - "refsource": "CONFIRM", - "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7r94-xv9v-63jw" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/68867bf01239d9e1048f98cbad185bf4761bedd3", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/68867bf01239d9e1048f98cbad185bf4761bedd3" - } - ] - }, - "source": { - "advisory": "GHSA-7r94-xv9v-63jw", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41226.json b/2021/41xxx/CVE-2021-41226.json index 3a08efb5369..8ef450dee42 100644 --- a/2021/41xxx/CVE-2021-41226.json +++ b/2021/41xxx/CVE-2021-41226.json @@ -1,94 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41226", - "STATE": "PUBLIC", - "TITLE": "Heap OOB read in `SparseBinCount`" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "tensorflow", - "version": { - "version_data": [ - { - "version_value": ">= 2.6.0, < 2.6.1" - }, - { - "version_value": ">= 2.5.0, < 2.5.2" - }, - { - "version_value": "< 2.4.4" - } - ] - } - } - ] - }, - "vendor_name": "tensorflow" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41226", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "TensorFlow is an open source platform for machine learning. In affected versions the implementation of `SparseBinCount` is vulnerable to a heap OOB access. This is because of missing validation between the elements of the `values` argument and the shape of the sparse output. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 7.1, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-125: Out-of-bounds Read" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-374m-jm66-3vj8", - "refsource": "CONFIRM", - "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-374m-jm66-3vj8" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/f410212e373eb2aec4c9e60bf3702eba99a38aba", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/f410212e373eb2aec4c9e60bf3702eba99a38aba" - } - ] - }, - "source": { - "advisory": "GHSA-374m-jm66-3vj8", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41227.json b/2021/41xxx/CVE-2021-41227.json index 3566a9b05b4..c1c88447307 100644 --- a/2021/41xxx/CVE-2021-41227.json +++ b/2021/41xxx/CVE-2021-41227.json @@ -1,99 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41227", - "STATE": "PUBLIC", - "TITLE": "Arbitrary memory read in `ImmutableConst`" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "tensorflow", - "version": { - "version_data": [ - { - "version_value": ">= 2.6.0, < 2.6.1" - }, - { - "version_value": ">= 2.5.0, < 2.5.2" - }, - { - "version_value": "< 2.4.4" - } - ] - } - } - ] - }, - "vendor_name": "tensorflow" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41227", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "TensorFlow is an open source platform for machine learning. In affected versions the `ImmutableConst` operation in TensorFlow can be tricked into reading arbitrary memory contents. This is because the `tstring` TensorFlow string class has a special case for memory mapped strings but the operation itself does not offer any support for this datatype. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "LOW", - "baseScore": 6.6, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "HIGH", - "integrityImpact": "LOW", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-125: Out-of-bounds Read" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-j8c8-67vp-6mx7", - "refsource": "CONFIRM", - "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-j8c8-67vp-6mx7" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/1cb6bb6c2a6019417c9adaf9e6843ba75ee2580b", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/1cb6bb6c2a6019417c9adaf9e6843ba75ee2580b" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/3712a2d3455e6ccb924daa5724a3652a86f6b585", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/3712a2d3455e6ccb924daa5724a3652a86f6b585" - } - ] - }, - "source": { - "advisory": "GHSA-j8c8-67vp-6mx7", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41228.json b/2021/41xxx/CVE-2021-41228.json index 8a7dfd9a7d0..f41e4389b6b 100644 --- a/2021/41xxx/CVE-2021-41228.json +++ b/2021/41xxx/CVE-2021-41228.json @@ -1,94 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41228", - "STATE": "PUBLIC", - "TITLE": "Code injection in `saved_model_cli`" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "tensorflow", - "version": { - "version_data": [ - { - "version_value": ">= 2.6.0, < 2.6.1" - }, - { - "version_value": ">= 2.5.0, < 2.5.2" - }, - { - "version_value": "< 2.4.4" - } - ] - } - } - ] - }, - "vendor_name": "tensorflow" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41228", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "TensorFlow is an open source platform for machine learning. In affected versions TensorFlow's `saved_model_cli` tool is vulnerable to a code injection as it calls `eval` on user supplied strings. This can be used by attackers to run arbitrary code on the plaform where the CLI tool runs. However, given that the tool is always run manually, the impact of this is not severe. We have patched this by adding a `safe` flag which defaults to `True` and an explicit warning for users. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "HIGH", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 7.5, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "HIGH", - "scope": "CHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-3rcw-9p9x-582v", - "refsource": "CONFIRM", - "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-3rcw-9p9x-582v" - }, - { - "name": "https://github.com/tensorflow/tensorflow/commit/8b202f08d52e8206af2bdb2112a62fafbc546ec7", - "refsource": "MISC", - "url": "https://github.com/tensorflow/tensorflow/commit/8b202f08d52e8206af2bdb2112a62fafbc546ec7" - } - ] - }, - "source": { - "advisory": "GHSA-3rcw-9p9x-582v", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41230.json b/2021/41xxx/CVE-2021-41230.json index a5738505f62..cb2efa716c4 100644 --- a/2021/41xxx/CVE-2021-41230.json +++ b/2021/41xxx/CVE-2021-41230.json @@ -1,88 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41230", - "STATE": "PUBLIC", - "TITLE": "OIDC claims not updated from Identity Provider in Pomerium" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "pomerium", - "version": { - "version_data": [ - { - "version_value": ">= 0.14.0, < 0.15.6" - } - ] - } - } - ] - }, - "vendor_name": "pomerium" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41230", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Pomerium is an open source identity-aware access proxy. In affected versions changes to the OIDC claims of a user after initial login are not reflected in policy evaluation when using `allowed_idp_claims` as part of policy. If using `allowed_idp_claims` and a user's claims are changed, Pomerium can make incorrect authorization decisions. This issue has been resolved in v0.15.6. For users unable to upgrade clear data on `databroker` service by clearing redis or restarting the in-memory databroker to force claims to be updated." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "HIGH", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 5.3, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-863: Incorrect Authorization" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/pomerium/pomerium/security/advisories/GHSA-j6wp-3859-vxfg", - "refsource": "CONFIRM", - "url": "https://github.com/pomerium/pomerium/security/advisories/GHSA-j6wp-3859-vxfg" - }, - { - "name": "https://github.com/pomerium/pomerium/pull/2724", - "refsource": "MISC", - "url": "https://github.com/pomerium/pomerium/pull/2724" - } - ] - }, - "source": { - "advisory": "GHSA-j6wp-3859-vxfg", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41232.json b/2021/41xxx/CVE-2021-41232.json index 03cbc34ec7c..ff18e16ca70 100644 --- a/2021/41xxx/CVE-2021-41232.json +++ b/2021/41xxx/CVE-2021-41232.json @@ -1,101 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41232", - "STATE": "PUBLIC", - "TITLE": "Improper Neutralization of Special Elements used in an LDAP Query" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "thunderdome-planning-poker", - "version": { - "version_data": [ - { - "version_value": "< 2.0.0" - } - ] - } - } - ] - }, - "vendor_name": "StevenWeathers" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41232", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Thunderdome is an open source agile planning poker tool in the theme of Battling for points. In affected versions there is an LDAP injection vulnerability which affects instances with LDAP authentication enabled. The provided username is not properly escaped. This issue has been patched in version 1.16.3. If users are unable to update they should disable the LDAP feature if in use." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "HIGH", - "attackVector": "NETWORK", - "availabilityImpact": "LOW", - "baseScore": 8.1, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "LOW", - "privilegesRequired": "NONE", - "scope": "CHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:L", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-90: Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')" - } - ] - }, - { - "description": [ - { - "lang": "eng", - "value": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/StevenWeathers/thunderdome-planning-poker/security/advisories/GHSA-26cm-qrc6-mfgj", - "refsource": "CONFIRM", - "url": "https://github.com/StevenWeathers/thunderdome-planning-poker/security/advisories/GHSA-26cm-qrc6-mfgj" - }, - { - "name": "https://github.com/github/securitylab/issues/464#issuecomment-957094994", - "refsource": "MISC", - "url": "https://github.com/github/securitylab/issues/464#issuecomment-957094994" - }, - { - "name": "https://github.com/StevenWeathers/thunderdome-planning-poker/commit/f1524d01e8a0f2d6c3db5461c742456c692dd8c1", - "refsource": "MISC", - "url": "https://github.com/StevenWeathers/thunderdome-planning-poker/commit/f1524d01e8a0f2d6c3db5461c742456c692dd8c1" - } - ] - }, - "source": { - "advisory": "GHSA-26cm-qrc6-mfgj", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41238.json b/2021/41xxx/CVE-2021-41238.json index 4920dae376d..dafe3f78691 100644 --- a/2021/41xxx/CVE-2021-41238.json +++ b/2021/41xxx/CVE-2021-41238.json @@ -1,88 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41238", - "STATE": "PUBLIC", - "TITLE": "Missing Authorization with Default Settings in Dashboard UI" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Hangfire", - "version": { - "version_data": [ - { - "version_value": "= 1.7.25" - } - ] - } - } - ] - }, - "vendor_name": "HangfireIO" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41238", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Hangfire is an open source system to perform background job processing in a .NET or .NET Core applications. No Windows Service or separate process required. Dashboard UI in Hangfire.Core uses authorization filters to protect it from showing sensitive data to unauthorized users. By default when no custom authorization filters specified, `LocalRequestsOnlyAuthorizationFilter` filter is being used to allow only local requests and prohibit all the remote requests to provide sensible, protected by default settings. However due to the recent changes, in version 1.7.25 no authorization filters are used by default, allowing remote requests to succeed. If you are using `UseHangfireDashboard` method with default `DashboardOptions.Authorization` property value, then your installation is impacted. If any other authorization filter is specified in the `DashboardOptions.Authorization` property, the you are not impacted. Patched versions (1.7.26) are available both on Nuget.org and as a tagged release on the github repo. Default authorization rules now prohibit remote requests by default again by including the `LocalRequestsOnlyAuthorizationFilter` filter to the default settings. Please upgrade to the newest version in order to mitigate the issue. For users who are unable to upgrade it is possible to mitigate the issue by using the `LocalRequestsOnlyAuthorizationFilter` explicitly when configuring the Dashboard UI." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "LOW", - "baseScore": 8.6, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "LOW", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-862: Missing Authorization" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/HangfireIO/Hangfire/security/advisories/GHSA-7rq6-7gv8-c37h", - "refsource": "CONFIRM", - "url": "https://github.com/HangfireIO/Hangfire/security/advisories/GHSA-7rq6-7gv8-c37h" - }, - { - "name": "https://github.com/HangfireIO/Hangfire/issues/1958", - "refsource": "MISC", - "url": "https://github.com/HangfireIO/Hangfire/issues/1958" - } - ] - }, - "source": { - "advisory": "GHSA-7rq6-7gv8-c37h", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41247.json b/2021/41xxx/CVE-2021-41247.json index b322a5278ce..7f0bf2de148 100644 --- a/2021/41xxx/CVE-2021-41247.json +++ b/2021/41xxx/CVE-2021-41247.json @@ -1,91 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41247", - "STATE": "PUBLIC", - "TITLE": "incomplete logout in JupyterHub" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "jupyterhub", - "version": { - "version_data": [ - { - "version_value": ">= 1.0.0, < 1.5.0 - jupyterhub (pip)" - }, - { - "version_value": "< 1.2.0 - jupyterhub (helm) " - } - ] - } - } - ] - }, - "vendor_name": "jupyterhub" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41247", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "JupyterHub is an open source multi-user server for Jupyter notebooks. In affected versions users who have multiple JupyterLab tabs open in the same browser session, may see incomplete logout from the single-user server, as fresh credentials (for the single-user server only, not the Hub) reinstated after logout, if another active JupyterLab session is open while the logout takes place. Upgrade to JupyterHub 1.5. For distributed deployments, it is jupyterhub in the _user_ environment that needs patching. There are no patches necessary in the Hub environment. The only workaround is to make sure that only one JupyterLab tab is open when you log out." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 3.5, - "baseSeverity": "LOW", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-613: Insufficient Session Expiration" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/jupyterhub/jupyterhub/security/advisories/GHSA-cw7p-q79f-m2v7", - "refsource": "CONFIRM", - "url": "https://github.com/jupyterhub/jupyterhub/security/advisories/GHSA-cw7p-q79f-m2v7" - }, - { - "name": "https://github.com/jupyterhub/jupyterhub/commit/5ac9e7f73a6e1020ffddc40321fc53336829fe27", - "refsource": "MISC", - "url": "https://github.com/jupyterhub/jupyterhub/commit/5ac9e7f73a6e1020ffddc40321fc53336829fe27" - } - ] - }, - "source": { - "advisory": "GHSA-cw7p-q79f-m2v7", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41248.json b/2021/41xxx/CVE-2021-41248.json index daf5070904f..64e0b339fee 100644 --- a/2021/41xxx/CVE-2021-41248.json +++ b/2021/41xxx/CVE-2021-41248.json @@ -1,93 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41248", - "STATE": "PUBLIC", - "TITLE": "XSS vulnerability in GraphiQL" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "graphiql", - "version": { - "version_data": [ - { - "version_value": ">= 0.5.0, < 1.4.7" - } - ] - } - } - ] - }, - "vendor_name": "graphql" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41248", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "GraphiQL is the reference implementation of this monorepo, GraphQL IDE, an official project under the GraphQL Foundation. All versions of graphiql older than graphiql@1.4.7 are vulnerable to compromised HTTP schema introspection responses or schema prop values with malicious GraphQL type names, exposing a dynamic XSS attack surface that can allow code injection on operation autocomplete. In order for the attack to take place, the user must load a vulnerable schema in graphiql. There are a number of ways that can occur. By default, the schema URL is not attacker-controllable in graphiql or in its suggested implementations or examples, leaving only very complex attack vectors. If a custom implementation of graphiql's fetcher allows the schema URL to be set dynamically, such as a URL query parameter like ?endpoint= in graphql-playground, or a database provided value, then this custom graphiql implementation is vulnerable to phishing attacks, and thus much more readily available, low or no privelege level xss attacks. The URLs could look like any generic looking graphql schema URL. It should be noted that desktop clients such as Altair, Insomnia, Postwoman, do not appear to be impacted by this. This vulnerability does not impact codemirror-graphql, monaco-graphql or other dependents, as it exists in onHasCompletion.ts in graphiql. It does impact all forks of graphiql, and every released version of graphiql." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "HIGH", - "attackVector": "NETWORK", - "availabilityImpact": "LOW", - "baseScore": 7.1, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/graphql/graphiql/security/advisories/GHSA-x4r7-m2q9-69c8", - "refsource": "CONFIRM", - "url": "https://github.com/graphql/graphiql/security/advisories/GHSA-x4r7-m2q9-69c8" - }, - { - "name": "https://github.com/graphql/graphql-playground/security/advisories/GHSA-59r9-6jp6-jcm7", - "refsource": "MISC", - "url": "https://github.com/graphql/graphql-playground/security/advisories/GHSA-59r9-6jp6-jcm7" - }, - { - "name": "https://github.com/graphql/graphiql/commit/cb237eeeaf7333c4954c752122261db7520f7bf4", - "refsource": "MISC", - "url": "https://github.com/graphql/graphiql/commit/cb237eeeaf7333c4954c752122261db7520f7bf4" - } - ] - }, - "source": { - "advisory": "GHSA-x4r7-m2q9-69c8", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41249.json b/2021/41xxx/CVE-2021-41249.json index 94534b4e1cf..e3cbe60c2a0 100644 --- a/2021/41xxx/CVE-2021-41249.json +++ b/2021/41xxx/CVE-2021-41249.json @@ -1,93 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41249", - "STATE": "PUBLIC", - "TITLE": "XSS vulnerability in GraphQL Playground" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "graphql-playground", - "version": { - "version_data": [ - { - "version_value": "< 1.7.28" - } - ] - } - } - ] - }, - "vendor_name": "graphql" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41249", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "GraphQL Playground is a GraphQL IDE for development of graphQL focused applications. All versions of graphql-playground-react older than graphql-playground-react@1.7.28 are vulnerable to compromised HTTP schema introspection responses or schema prop values with malicious GraphQL type names, exposing a dynamic XSS attack surface that can allow code injection on operation autocomplete. In order for the attack to take place, the user must load a malicious schema in graphql-playground. There are several ways this can occur, including by specifying the URL to a malicious schema in the endpoint query parameter. If a user clicks on a link to a GraphQL Playground installation that specifies a malicious server, arbitrary JavaScript can run in the user's browser, which can be used to exfiltrate user credentials or other harmful goals. If you are using graphql-playground-react directly in your client app, upgrade to version 1.7.28 or later." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "HIGH", - "attackVector": "NETWORK", - "availabilityImpact": "LOW", - "baseScore": 7.1, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/graphql/graphql-playground/security/advisories/GHSA-59r9-6jp6-jcm7", - "refsource": "CONFIRM", - "url": "https://github.com/graphql/graphql-playground/security/advisories/GHSA-59r9-6jp6-jcm7" - }, - { - "name": "https://github.com/graphql/graphiql/security/advisories/GHSA-x4r7-m2q9-69c8", - "refsource": "MISC", - "url": "https://github.com/graphql/graphiql/security/advisories/GHSA-x4r7-m2q9-69c8" - }, - { - "name": "https://github.com/graphql/graphql-playground/commit/b8a956006835992f12c46b90384a79ab82bcadad", - "refsource": "MISC", - "url": "https://github.com/graphql/graphql-playground/commit/b8a956006835992f12c46b90384a79ab82bcadad" - } - ] - }, - "source": { - "advisory": "GHSA-59r9-6jp6-jcm7", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41250.json b/2021/41xxx/CVE-2021-41250.json index 2a073555792..c3a2e0790a2 100644 --- a/2021/41xxx/CVE-2021-41250.json +++ b/2021/41xxx/CVE-2021-41250.json @@ -1,88 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41250", - "STATE": "PUBLIC", - "TITLE": "Presence of non-blacklisted URL bypasses all other filters" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "bot", - "version": { - "version_data": [ - { - "version_value": "< 67390298852513d13e0213870e50fb3cff1424e0" - } - ] - } - } - ] - }, - "vendor_name": "python-discord" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41250", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Python discord bot is the community bot for the Python Discord community. In affected versions when a non-blacklisted URL and an otherwise triggering filter token is included in the same message the token filter does not trigger. This means that by including any non-blacklisted URL moderation filters can be bypassed. This issue has been resolved in commit 67390298852513d13e0213870e50fb3cff1424e0" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 4.3, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "NONE", - "integrityImpact": "LOW", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-20: Improper Input Validation" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/python-discord/bot/security/advisories/GHSA-j8c3-8x46-8pp6", - "refsource": "CONFIRM", - "url": "https://github.com/python-discord/bot/security/advisories/GHSA-j8c3-8x46-8pp6" - }, - { - "name": "https://github.com/python-discord/bot/commit/67390298852513d13e0213870e50fb3cff1424e0", - "refsource": "MISC", - "url": "https://github.com/python-discord/bot/commit/67390298852513d13e0213870e50fb3cff1424e0" - } - ] - }, - "source": { - "advisory": "GHSA-j8c3-8x46-8pp6", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41251.json b/2021/41xxx/CVE-2021-41251.json index fc1cc8187dc..474d4049baa 100644 --- a/2021/41xxx/CVE-2021-41251.json +++ b/2021/41xxx/CVE-2021-41251.json @@ -1,93 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41251", - "STATE": "PUBLIC", - "TITLE": "Possibility to elevate privileges or get unauthorized access to data" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "cloud-sdk-js", - "version": { - "version_data": [ - { - "version_value": "< 1.52.0" - } - ] - } - } - ] - }, - "vendor_name": "SAP" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41251", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "@sap-cloud-sdk/core contains the core functionality of the SAP Cloud SDK as well as the SAP Business Technology Platform abstractions. This affects applications on SAP Business Technology Platform that use the SAP Cloud SDK and enabled caching of destinations. In affected versions and in some cases, when user information was missing, destinations were cached without user information, allowing other users to retrieve the same destination with its permissions. By default, destination caching is disabled. The security for caching has been increased. The changes are released in version 1.52.0. Users unable to upgrade are advised to disable destination caching (it is disabled by default)." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "HIGH", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 5.9, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/SAP/cloud-sdk-js/security/advisories/GHSA-gp2f-254m-rh32", - "refsource": "CONFIRM", - "url": "https://github.com/SAP/cloud-sdk-js/security/advisories/GHSA-gp2f-254m-rh32" - }, - { - "name": "https://github.com/SAP/cloud-sdk-js/pull/1769", - "refsource": "MISC", - "url": "https://github.com/SAP/cloud-sdk-js/pull/1769" - }, - { - "name": "https://github.com/SAP/cloud-sdk-js/pull/1770", - "refsource": "MISC", - "url": "https://github.com/SAP/cloud-sdk-js/pull/1770" - } - ] - }, - "source": { - "advisory": "GHSA-gp2f-254m-rh32", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41253.json b/2021/41xxx/CVE-2021-41253.json index c2d8c08cc9c..240c9acd684 100644 --- a/2021/41xxx/CVE-2021-41253.json +++ b/2021/41xxx/CVE-2021-41253.json @@ -1,106 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2021-41253", - "STATE": "PUBLIC", - "TITLE": "Possible heap buffer overflow when using zycore string functions in formatter hooks" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "zydis", - "version": { - "version_data": [ - { - "version_value": "< 3.2.1" - } - ] - } - } - ] - }, - "vendor_name": "zyantific" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41253", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Zydis is an x86/x86-64 disassembler library. Users of Zydis versions v3.2.0 and older that use the string functions provided in `zycore` in order to append untrusted user data to the formatter buffer within their custom formatter hooks can run into heap buffer overflows. Older versions of Zydis failed to properly initialize the string object within the formatter buffer, forgetting to initialize a few fields, leaving their value to chance. This could then in turn cause zycore functions like `ZyanStringAppend` to make incorrect calculations for the new target size, resulting in heap memory corruption. This does not affect the regular uncustomized Zydis formatter, because Zydis internally doesn't use the string functions in zycore that act upon these fields. However, because the zycore string functions are the intended way to work with the formatter buffer for users of the library that wish to extend the formatter, we still consider this to be a vulnerability in Zydis. This bug is patched starting in version 3.2.1. As a workaround, users may refrain from using zycore string functions in their formatter hooks until updating to a patched version." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "impact": { - "cvss": { - "attackComplexity": "HIGH", - "attackVector": "NETWORK", - "availabilityImpact": "HIGH", - "baseScore": 5.9, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-122: Heap-based Buffer Overflow" - } - ] - }, - { - "description": [ - { - "lang": "eng", - "value": "CWE-457: Use of Uninitialized Variable" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/zyantific/zydis/security/advisories/GHSA-q42v-hv86-3m4g", - "refsource": "CONFIRM", - "url": "https://github.com/zyantific/zydis/security/advisories/GHSA-q42v-hv86-3m4g" - }, - { - "name": "https://github.com/zyantific/zydis/commit/55dd08c210722aed81b38132f5fd4a04ec1943b5", - "refsource": "MISC", - "url": "https://github.com/zyantific/zydis/commit/55dd08c210722aed81b38132f5fd4a04ec1943b5" - }, - { - "name": "https://huntr.dev/bounties/96b0a482-7041-45b1-9327-c6a4a8f32d3a", - "refsource": "MISC", - "url": "https://huntr.dev/bounties/96b0a482-7041-45b1-9327-c6a4a8f32d3a" - }, - { - "name": "https://huntr.dev/bounties/d2536d7d-36ce-4723-928c-98d1ee039784", - "refsource": "MISC", - "url": "https://huntr.dev/bounties/d2536d7d-36ce-4723-928c-98d1ee039784" - } - ] - }, - "source": { - "advisory": "GHSA-q42v-hv86-3m4g", - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41310.json b/2021/41xxx/CVE-2021-41310.json index d56428ba1b5..b7a7dd2d825 100644 --- a/2021/41xxx/CVE-2021-41310.json +++ b/2021/41xxx/CVE-2021-41310.json @@ -1,106 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "security@atlassian.com", - "DATE_PUBLIC": "2021-10-26T00:00:00", - "ID": "CVE-2021-41310", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Jira Server", - "version": { - "version_data": [ - { - "version_value": "8.5.19", - "version_affected": "<" - }, - { - "version_value": "8.6.0", - "version_affected": ">=" - }, - { - "version_value": "8.13.11", - "version_affected": "<" - }, - { - "version_value": "8.14.0", - "version_affected": ">=" - }, - { - "version_value": "8.19.1", - "version_affected": "<" - } - ] - } - }, - { - "product_name": "Jira Data Center", - "version": { - "version_data": [ - { - "version_value": "8.5.19", - "version_affected": "<" - }, - { - "version_value": "8.6.0", - "version_affected": ">=" - }, - { - "version_value": "8.13.11", - "version_affected": "<" - }, - { - "version_value": "8.14.0", - "version_affected": ">=" - }, - { - "version_value": "8.19.1", - "version_affected": "<" - } - ] - } - } - ] - }, - "vendor_name": "Atlassian" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41310", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the Associated Projects feature (/secure/admin/AssociatedProjectsForCustomField.jspa). The affected versions are before version 8.5.19, from version 8.6.0 before 8.13.11, and from version 8.14.0 before 8.19.1." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Stored Cross-Site Scripting (SXSS)" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://jira.atlassian.com/browse/JRASERVER-72800", - "refsource": "MISC", - "name": "https://jira.atlassian.com/browse/JRASERVER-72800" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/41xxx/CVE-2021-41312.json b/2021/41xxx/CVE-2021-41312.json index 1420f8d0f5b..22909e8731c 100644 --- a/2021/41xxx/CVE-2021-41312.json +++ b/2021/41xxx/CVE-2021-41312.json @@ -1,74 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "security@atlassian.com", - "DATE_PUBLIC": "2021-10-26T00:00:00", - "ID": "CVE-2021-41312", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Jira Server", - "version": { - "version_data": [ - { - "version_value": "8.19.1", - "version_affected": "<" - } - ] - } - }, - { - "product_name": "Jira Data Center", - "version": { - "version_data": [ - { - "version_value": "8.19.1", - "version_affected": "<" - } - ] - } - } - ] - }, - "vendor_name": "Atlassian" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41312", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Affected versions of Atlassian Jira Server and Data Center allow a remote attacker who has had their access revoked from Jira Service Management to enable and disable Issue Collectors on Jira Service Management projects via an Improper Authentication vulnerability in the /secure/ViewCollectors endpoint. The affected versions are before version 8.19.1." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Improper Authentication (CWE-287)" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://jira.atlassian.com/browse/JRASERVER-72801", - "refsource": "MISC", - "name": "https://jira.atlassian.com/browse/JRASERVER-72801" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/41xxx/CVE-2021-41313.json b/2021/41xxx/CVE-2021-41313.json index cc4df1d3929..bdb9f9feeec 100644 --- a/2021/41xxx/CVE-2021-41313.json +++ b/2021/41xxx/CVE-2021-41313.json @@ -1,74 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "security@atlassian.com", - "DATE_PUBLIC": "2021-10-26T00:00:00", - "ID": "CVE-2021-41313", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Jira Server", - "version": { - "version_data": [ - { - "version_value": "8.21.0", - "version_affected": "<" - } - ] - } - }, - { - "product_name": "Jira Data Center", - "version": { - "version_data": [ - { - "version_value": "8.21.0", - "version_affected": "<" - } - ] - } - } - ] - }, - "vendor_name": "Atlassian" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41313", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Affected versions of Atlassian Jira Server and Data Center allow authenticated but non-admin remote attackers to edit email batch configurations via an Improper Authorization vulnerability in the /secure/admin/ConfigureBatching!default.jspa endpoint. The affected versions are before version 8.21.0." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Improper Authorization (CWE-285)" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://jira.atlassian.com/browse/JRASERVER-72898", - "refsource": "MISC", - "name": "https://jira.atlassian.com/browse/JRASERVER-72898" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/41xxx/CVE-2021-41322.json b/2021/41xxx/CVE-2021-41322.json index 564d1b882d1..a940bf78292 100644 --- a/2021/41xxx/CVE-2021-41322.json +++ b/2021/41xxx/CVE-2021-41322.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "Poly VVX 400/410 5.3.1 allows low-privileged users to change the Admin password by modifying a POST parameter to 120 during the password reset process." + "value": "Polycom VVX 400/410 version 5.3.1 allows low-privileged users to change the Admin account password by modifying a POST parameter name during the password reset process." } ] }, diff --git a/2021/41xxx/CVE-2021-41349.json b/2021/41xxx/CVE-2021-41349.json index b6e99d88321..9a80bd5a847 100644 --- a/2021/41xxx/CVE-2021-41349.json +++ b/2021/41xxx/CVE-2021-41349.json @@ -1,18 +1,100 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-41349", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-41349", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft Exchange Server 2013", + "version": { + "version_data": [ + { + "version_value": "Cumulative Update 23" + } + ] + } + }, + { + "product_name": "Microsoft Exchange Server 2016 Cumulative Update 21", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Exchange Server 2019 Cumulative Update 10", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Exchange Server 2016 Cumulative Update 22", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Exchange Server 2019 Cumulative Update 11", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Exchange Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-42305." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Spoofing" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41349" + } + ] + } +} diff --git a/2021/41xxx/CVE-2021-41351.json b/2021/41xxx/CVE-2021-41351.json index 8e957f88187..09ab947e50d 100644 --- a/2021/41xxx/CVE-2021-41351.json +++ b/2021/41xxx/CVE-2021-41351.json @@ -1,18 +1,230 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-41351", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-41351", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft Edge (Chromium-based) in IE Mode on Windows 10 Version 1809 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Edge (Chromium-based) in IE Mode on Windows 10 Version 1809 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Edge (Chromium-based) in IE Mode on Windows 10 Version 1809 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Edge (Chromium-based) in IE Mode on Windows Server 2019", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Edge (Chromium-based) in IE Mode on Windows 10 Version 1909 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Edge (Chromium-based) in IE Mode on Windows 10 Version 1909 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Edge (Chromium-based) in IE Mode on Windows 10 Version 1909 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Edge (Chromium-based) in IE Mode on Windows 10 Version 2004 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Edge (Chromium-based) in IE Mode on Windows 10 Version 2004 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Edge (Chromium-based) in IE Mode on Windows 10 Version 2004 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Edge (Chromium-based) in IE Mode on Windows 10 Version 21H1 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Edge (Chromium-based) in IE Mode on Windows 10 Version 21H1 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Edge (Chromium-based) in IE Mode on Windows 11 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Edge (Chromium-based) in IE Mode on Windows 10 Version 20H2 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Edge (Chromium-based) in IE Mode on Windows 10 Version 21H1 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Edge (Chromium-based) in IE Mode on Windows 11 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Edge (Chromium-based) in IE Mode on Windows 10 Version 20H2 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Edge (Chromium-based) in IE Mode on Windows 10 Version 20H2 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Edge (Chrome based) Spoofing on IE Mode" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Spoofing" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41351" + } + ] + } +} diff --git a/2021/41xxx/CVE-2021-41356.json b/2021/41xxx/CVE-2021-41356.json index c288baf399f..25df7beb9d7 100644 --- a/2021/41xxx/CVE-2021-41356.json +++ b/2021/41xxx/CVE-2021-41356.json @@ -1,18 +1,277 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-41356", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-41356", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Windows", + "version": { + "version_data": [ + { + "version_value": "10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "10 Version 1809 for x64-based Systems" + }, + { + "version_value": "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value": "10 for 32-bit Systems" + }, + { + "version_value": "10 for x64-based Systems" + }, + { + "version_value": "10 Version 1607 for 32-bit Systems" + }, + { + "version_value": "10 Version 1607 for x64-based Systems" + } + ] + } + }, + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "2019" + }, + { + "version_value": "2019 (Core installation)" + }, + { + "version_value": "2016" + }, + { + "version_value": "2016 (Core installation)" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 2004 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 20H2 (Server Core Installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Windows Denial of Service Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41356" + } + ] + } +} diff --git a/2021/41xxx/CVE-2021-41366.json b/2021/41xxx/CVE-2021-41366.json index 74289198509..df036fb646b 100644 --- a/2021/41xxx/CVE-2021-41366.json +++ b/2021/41xxx/CVE-2021-41366.json @@ -1,18 +1,298 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-41366", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-41366", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Windows", + "version": { + "version_data": [ + { + "version_value": "10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "10 Version 1809 for x64-based Systems" + }, + { + "version_value": "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value": "10 for 32-bit Systems" + }, + { + "version_value": "10 for x64-based Systems" + }, + { + "version_value": "10 Version 1607 for 32-bit Systems" + }, + { + "version_value": "10 Version 1607 for x64-based Systems" + }, + { + "version_value": "8.1 for 32-bit systems" + }, + { + "version_value": "8.1 for x64-based systems" + }, + { + "version_value": "RT 8.1" + } + ] + } + }, + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "2019" + }, + { + "version_value": "2019 (Core installation)" + }, + { + "version_value": "2016" + }, + { + "version_value": "2016 (Core installation)" + }, + { + "version_value": "2012" + }, + { + "version_value": "2012 (Core installation)" + }, + { + "version_value": "2012 R2" + }, + { + "version_value": "2012 R2 (Core installation)" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 2004 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 20H2 (Server Core Installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41366" + } + ] + } +} diff --git a/2021/41xxx/CVE-2021-41367.json b/2021/41xxx/CVE-2021-41367.json index f05929edd0a..28885708019 100644 --- a/2021/41xxx/CVE-2021-41367.json +++ b/2021/41xxx/CVE-2021-41367.json @@ -1,18 +1,322 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-41367", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-41367", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Windows", + "version": { + "version_data": [ + { + "version_value": "10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "10 Version 1809 for x64-based Systems" + }, + { + "version_value": "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value": "10 for 32-bit Systems" + }, + { + "version_value": "10 for x64-based Systems" + }, + { + "version_value": "10 Version 1607 for 32-bit Systems" + }, + { + "version_value": "10 Version 1607 for x64-based Systems" + }, + { + "version_value": "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value": "7 for x64-based Systems Service Pack 1" + }, + { + "version_value": "8.1 for 32-bit systems" + }, + { + "version_value": "8.1 for x64-based systems" + }, + { + "version_value": "RT 8.1" + } + ] + } + }, + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "2019" + }, + { + "version_value": "2019 (Core installation)" + }, + { + "version_value": "2016" + }, + { + "version_value": "2016 (Core installation)" + }, + { + "version_value": "2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" + }, + { + "version_value": "2008 for x64-based Systems Service Pack 2" + }, + { + "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)" + }, + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value": "2012" + }, + { + "version_value": "2012 (Core installation)" + }, + { + "version_value": "2012 R2" + }, + { + "version_value": "2012 R2 (Core installation)" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 2004 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 20H2 (Server Core Installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "NTFS Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-41370, CVE-2021-42283." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41367" + } + ] + } +} diff --git a/2021/41xxx/CVE-2021-41368.json b/2021/41xxx/CVE-2021-41368.json index 882bcbc77ec..e0b5fba367a 100644 --- a/2021/41xxx/CVE-2021-41368.json +++ b/2021/41xxx/CVE-2021-41368.json @@ -1,18 +1,118 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-41368", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-41368", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft Office LTSC 2021 for 64-bit editions", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Office LTSC 2021 for 32-bit editions", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Office", + "version": { + "version_data": [ + { + "version_value": "2019 for 32-bit editions" + }, + { + "version_value": "2019 for 64-bit editions" + }, + { + "version_value": "2016 (32-bit edition)" + }, + { + "version_value": "2016 (64-bit edition)" + }, + { + "version_value": "2013 RT Service Pack 1" + }, + { + "version_value": "2013 Service Pack 1 (32-bit editions)" + }, + { + "version_value": "2013 Service Pack 1 (64-bit editions)" + } + ] + } + }, + { + "product_name": "Microsoft 365 Apps for Enterprise for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft 365 Apps for Enterprise for 64-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Access Remote Code Execution Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41368" + } + ] + } +} diff --git a/2021/41xxx/CVE-2021-41370.json b/2021/41xxx/CVE-2021-41370.json index dc209294550..a17573044be 100644 --- a/2021/41xxx/CVE-2021-41370.json +++ b/2021/41xxx/CVE-2021-41370.json @@ -1,18 +1,322 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-41370", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-41370", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Windows", + "version": { + "version_data": [ + { + "version_value": "10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "10 Version 1809 for x64-based Systems" + }, + { + "version_value": "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value": "10 for 32-bit Systems" + }, + { + "version_value": "10 for x64-based Systems" + }, + { + "version_value": "10 Version 1607 for 32-bit Systems" + }, + { + "version_value": "10 Version 1607 for x64-based Systems" + }, + { + "version_value": "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value": "7 for x64-based Systems Service Pack 1" + }, + { + "version_value": "8.1 for 32-bit systems" + }, + { + "version_value": "8.1 for x64-based systems" + }, + { + "version_value": "RT 8.1" + } + ] + } + }, + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "2019" + }, + { + "version_value": "2019 (Core installation)" + }, + { + "version_value": "2016" + }, + { + "version_value": "2016 (Core installation)" + }, + { + "version_value": "2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" + }, + { + "version_value": "2008 for x64-based Systems Service Pack 2" + }, + { + "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)" + }, + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value": "2012" + }, + { + "version_value": "2012 (Core installation)" + }, + { + "version_value": "2012 R2" + }, + { + "version_value": "2012 R2 (Core installation)" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 2004 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 20H2 (Server Core Installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "NTFS Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-41367, CVE-2021-42283." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41370" + } + ] + } +} diff --git a/2021/41xxx/CVE-2021-41371.json b/2021/41xxx/CVE-2021-41371.json index b3bb2d0c6a2..aaa085ca4c2 100644 --- a/2021/41xxx/CVE-2021-41371.json +++ b/2021/41xxx/CVE-2021-41371.json @@ -1,18 +1,322 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-41371", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-41371", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Windows", + "version": { + "version_data": [ + { + "version_value": "10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "10 Version 1809 for x64-based Systems" + }, + { + "version_value": "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value": "10 for 32-bit Systems" + }, + { + "version_value": "10 for x64-based Systems" + }, + { + "version_value": "10 Version 1607 for 32-bit Systems" + }, + { + "version_value": "10 Version 1607 for x64-based Systems" + }, + { + "version_value": "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value": "7 for x64-based Systems Service Pack 1" + }, + { + "version_value": "8.1 for 32-bit systems" + }, + { + "version_value": "8.1 for x64-based systems" + }, + { + "version_value": "RT 8.1" + } + ] + } + }, + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "2019" + }, + { + "version_value": "2019 (Core installation)" + }, + { + "version_value": "2016" + }, + { + "version_value": "2016 (Core installation)" + }, + { + "version_value": "2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" + }, + { + "version_value": "2008 for x64-based Systems Service Pack 2" + }, + { + "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)" + }, + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value": "2012" + }, + { + "version_value": "2012 (Core installation)" + }, + { + "version_value": "2012 R2" + }, + { + "version_value": "2012 R2 (Core installation)" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 2004 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 20H2 (Server Core Installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-38631." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41371" + } + ] + } +} diff --git a/2021/41xxx/CVE-2021-41372.json b/2021/41xxx/CVE-2021-41372.json index 73eb7b3839a..455bd218071 100644 --- a/2021/41xxx/CVE-2021-41372.json +++ b/2021/41xxx/CVE-2021-41372.json @@ -1,18 +1,60 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-41372", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-41372", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Power BI Report Server", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Power BI Report Server Spoofing Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Spoofing" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41372" + } + ] + } +} diff --git a/2021/41xxx/CVE-2021-41373.json b/2021/41xxx/CVE-2021-41373.json index e7cabaa6dc9..56b142c045b 100644 --- a/2021/41xxx/CVE-2021-41373.json +++ b/2021/41xxx/CVE-2021-41373.json @@ -1,18 +1,60 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-41373", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-41373", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "FSLogix", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "FSLogix Information Disclosure Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41373" + } + ] + } +} diff --git a/2021/41xxx/CVE-2021-41374.json b/2021/41xxx/CVE-2021-41374.json index 0f3326a3fa3..1aa0964e5ef 100644 --- a/2021/41xxx/CVE-2021-41374.json +++ b/2021/41xxx/CVE-2021-41374.json @@ -1,18 +1,60 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-41374", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-41374", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Azure Sphere", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Azure Sphere Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-41375, CVE-2021-41376." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41374" + } + ] + } +} diff --git a/2021/41xxx/CVE-2021-41375.json b/2021/41xxx/CVE-2021-41375.json index 95ac6d9b2af..58e8028abd5 100644 --- a/2021/41xxx/CVE-2021-41375.json +++ b/2021/41xxx/CVE-2021-41375.json @@ -1,18 +1,60 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-41375", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-41375", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Azure Sphere", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Azure Sphere Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-41374, CVE-2021-41376." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41375" + } + ] + } +} diff --git a/2021/41xxx/CVE-2021-41376.json b/2021/41xxx/CVE-2021-41376.json index f11a3284ae7..70f9b3a6217 100644 --- a/2021/41xxx/CVE-2021-41376.json +++ b/2021/41xxx/CVE-2021-41376.json @@ -1,18 +1,60 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-41376", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-41376", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Azure Sphere", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Azure Sphere Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-41374, CVE-2021-41375." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41376" + } + ] + } +} diff --git a/2021/41xxx/CVE-2021-41377.json b/2021/41xxx/CVE-2021-41377.json index dc40edbfb92..ee46da0c9ec 100644 --- a/2021/41xxx/CVE-2021-41377.json +++ b/2021/41xxx/CVE-2021-41377.json @@ -1,18 +1,322 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-41377", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-41377", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Windows", + "version": { + "version_data": [ + { + "version_value": "10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "10 Version 1809 for x64-based Systems" + }, + { + "version_value": "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value": "10 for 32-bit Systems" + }, + { + "version_value": "10 for x64-based Systems" + }, + { + "version_value": "10 Version 1607 for 32-bit Systems" + }, + { + "version_value": "10 Version 1607 for x64-based Systems" + }, + { + "version_value": "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value": "7 for x64-based Systems Service Pack 1" + }, + { + "version_value": "8.1 for 32-bit systems" + }, + { + "version_value": "8.1 for x64-based systems" + }, + { + "version_value": "RT 8.1" + } + ] + } + }, + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "2019" + }, + { + "version_value": "2019 (Core installation)" + }, + { + "version_value": "2016" + }, + { + "version_value": "2016 (Core installation)" + }, + { + "version_value": "2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" + }, + { + "version_value": "2008 for x64-based Systems Service Pack 2" + }, + { + "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)" + }, + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value": "2012" + }, + { + "version_value": "2012 (Core installation)" + }, + { + "version_value": "2012 R2" + }, + { + "version_value": "2012 R2 (Core installation)" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 2004 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 20H2 (Server Core Installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Windows Fast FAT File System Driver Elevation of Privilege Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41377" + } + ] + } +} diff --git a/2021/41xxx/CVE-2021-41378.json b/2021/41xxx/CVE-2021-41378.json index 2a00e45f161..9d18034bf56 100644 --- a/2021/41xxx/CVE-2021-41378.json +++ b/2021/41xxx/CVE-2021-41378.json @@ -1,18 +1,259 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-41378", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-41378", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Windows", + "version": { + "version_data": [ + { + "version_value": "10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "10 Version 1809 for x64-based Systems" + }, + { + "version_value": "10 Version 1809 for ARM64-based Systems" + } + ] + } + }, + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "2019" + }, + { + "version_value": "2019 (Core installation)" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 2004 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 20H2 (Server Core Installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Windows NTFS Remote Code Execution Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41378" + } + ] + } +} diff --git a/2021/41xxx/CVE-2021-41379.json b/2021/41xxx/CVE-2021-41379.json index 2595afcb437..f66e8685ea5 100644 --- a/2021/41xxx/CVE-2021-41379.json +++ b/2021/41xxx/CVE-2021-41379.json @@ -1,18 +1,322 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-41379", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-41379", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Windows", + "version": { + "version_data": [ + { + "version_value": "10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "10 Version 1809 for x64-based Systems" + }, + { + "version_value": "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value": "10 for 32-bit Systems" + }, + { + "version_value": "10 for x64-based Systems" + }, + { + "version_value": "10 Version 1607 for 32-bit Systems" + }, + { + "version_value": "10 Version 1607 for x64-based Systems" + }, + { + "version_value": "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value": "7 for x64-based Systems Service Pack 1" + }, + { + "version_value": "8.1 for 32-bit systems" + }, + { + "version_value": "8.1 for x64-based systems" + }, + { + "version_value": "RT 8.1" + } + ] + } + }, + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "2019" + }, + { + "version_value": "2019 (Core installation)" + }, + { + "version_value": "2016" + }, + { + "version_value": "2016 (Core installation)" + }, + { + "version_value": "2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" + }, + { + "version_value": "2008 for x64-based Systems Service Pack 2" + }, + { + "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)" + }, + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value": "2012" + }, + { + "version_value": "2012 (Core installation)" + }, + { + "version_value": "2012 R2" + }, + { + "version_value": "2012 R2 (Core installation)" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 2004 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 20H2 (Server Core Installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Windows Installer Elevation of Privilege Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41379" + } + ] + } +} diff --git a/2021/41xxx/CVE-2021-41492.json b/2021/41xxx/CVE-2021-41492.json index 25232e69d90..5d105128e5e 100644 --- a/2021/41xxx/CVE-2021-41492.json +++ b/2021/41xxx/CVE-2021-41492.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-41492", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41492", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Multiple SQL Injection vulnerabilities exist in Sourcecodester Simple Cashiering System (POS) 1.0 via the (1) Product Code in the pos page in cashiering. (2) id parameter in manage_products and the (3) t paramater in actions.php." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://3xpl017.blogspot.com/2021/09/multiple-sql-injections-in.html", - "refsource": "MISC", - "name": "https://3xpl017.blogspot.com/2021/09/multiple-sql-injections-in.html" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/41xxx/CVE-2021-41524.json b/2021/41xxx/CVE-2021-41524.json index 93eeb1a8206..a06d82f3081 100644 --- a/2021/41xxx/CVE-2021-41524.json +++ b/2021/41xxx/CVE-2021-41524.json @@ -92,11 +92,6 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20211029-0009/", "url": "https://security.netapp.com/advisory/ntap-20211029-0009/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-f94985afca", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EUVJVRJRBW5QVX4OY3NOHZDQ3B3YOTSG/" } ] }, diff --git a/2021/41xxx/CVE-2021-41533.json b/2021/41xxx/CVE-2021-41533.json index 78ee6865629..4e2c478e468 100644 --- a/2021/41xxx/CVE-2021-41533.json +++ b/2021/41xxx/CVE-2021-41533.json @@ -14,16 +14,6 @@ "vendor_name": "Siemens", "product": { "product_data": [ - { - "product_name": "NX 1980 Series", - "version": { - "version_data": [ - { - "version_value": "All versions < V1984" - } - ] - } - }, { "product_name": "Solid Edge SE2021", "version": { @@ -56,7 +46,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in NX 1980 Series (All versions < V1984), Solid Edge SE2021 (All versions < SE2021MP8). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing JT files. An attacker could leverage this vulnerability to leak information in the context of the current process (ZDI-CAN-13565)." + "value": "A vulnerability has been identified in Solid Edge SE2021 (All versions < SE2021MP8). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing JT files. An attacker could leverage this vulnerability to leak information in the context of the current process (ZDI-CAN-13565)." } ] }, @@ -71,11 +61,6 @@ "refsource": "MISC", "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1117/", "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1117/" - }, - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-740908.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-740908.pdf" } ] } diff --git a/2021/41xxx/CVE-2021-41534.json b/2021/41xxx/CVE-2021-41534.json index 13a270c67a8..8285b825dbd 100644 --- a/2021/41xxx/CVE-2021-41534.json +++ b/2021/41xxx/CVE-2021-41534.json @@ -14,16 +14,6 @@ "vendor_name": "Siemens", "product": { "product_data": [ - { - "product_name": "NX 1980 Series", - "version": { - "version_data": [ - { - "version_value": "All versions < V1984" - } - ] - } - }, { "product_name": "Solid Edge SE2021", "version": { @@ -56,7 +46,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in NX 1980 Series (All versions < V1984), Solid Edge SE2021 (All versions < SE2021MP8). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing JT files. An attacker could leverage this vulnerability to leak information in the context of the current process (ZDI-CAN-13703)." + "value": "A vulnerability has been identified in Solid Edge SE2021 (All versions < SE2021MP8). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing JT files. An attacker could leverage this vulnerability to leak information in the context of the current process (ZDI-CAN-13703)." } ] }, @@ -67,11 +57,6 @@ "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-728618.pdf", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-728618.pdf" }, - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-740908.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-740908.pdf" - }, { "refsource": "MISC", "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1118/", diff --git a/2021/41xxx/CVE-2021-41535.json b/2021/41xxx/CVE-2021-41535.json index 70362efaed9..c812cfa5aa3 100644 --- a/2021/41xxx/CVE-2021-41535.json +++ b/2021/41xxx/CVE-2021-41535.json @@ -14,26 +14,6 @@ "vendor_name": "Siemens", "product": { "product_data": [ - { - "product_name": "NX 1953 Series", - "version": { - "version_data": [ - { - "version_value": "All versions < V1973.3700" - } - ] - } - }, - { - "product_name": "NX 1980 Series", - "version": { - "version_data": [ - { - "version_value": "All versions < V1988" - } - ] - } - }, { "product_name": "Solid Edge SE2021", "version": { @@ -66,7 +46,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in NX 1953 Series (All versions < V1973.3700), NX 1980 Series (All versions < V1988), Solid Edge SE2021 (All versions < SE2021MP8). The affected application contains a use-after-free vulnerability while parsing OBJ files. An attacker could leverage this vulnerability to execute code in the context of the current process (ZDI-CAN-13771)." + "value": "A vulnerability has been identified in Solid Edge SE2021 (All versions < SE2021MP8). The affected application contains a use-after-free vulnerability while parsing OBJ files. An attacker could leverage this vulnerability to execute code in the context of the current process (ZDI-CAN-13771)." } ] }, @@ -81,11 +61,6 @@ "refsource": "MISC", "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1119/", "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1119/" - }, - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-328042.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-328042.pdf" } ] } diff --git a/2021/41xxx/CVE-2021-41538.json b/2021/41xxx/CVE-2021-41538.json index e2c43b95c87..66e0a6cd884 100644 --- a/2021/41xxx/CVE-2021-41538.json +++ b/2021/41xxx/CVE-2021-41538.json @@ -14,26 +14,6 @@ "vendor_name": "Siemens", "product": { "product_data": [ - { - "product_name": "NX 1953 Series", - "version": { - "version_data": [ - { - "version_value": "All versions < V1973.3700" - } - ] - } - }, - { - "product_name": "NX 1980 Series", - "version": { - "version_data": [ - { - "version_value": "All versions < V1988" - } - ] - } - }, { "product_name": "Solid Edge SE2021", "version": { @@ -66,7 +46,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in NX 1953 Series (All versions < V1973.3700), NX 1980 Series (All versions < V1988), Solid Edge SE2021 (All versions < SE2021MP8). The affected application is vulnerable to information disclosure by unexpected access to an uninitialized pointer while parsing user-supplied OBJ files. An attacker could leverage this vulnerability to leak information from unexpected memory locations (ZDI-CAN-13770)." + "value": "A vulnerability has been identified in Solid Edge SE2021 (All versions < SE2021MP8). The affected application is vulnerable to information disclosure by unexpected access to an uninitialized pointer while parsing user-supplied OBJ files. An attacker could leverage this vulnerability to leak information from unexpected memory locations (ZDI-CAN-13770)." } ] }, @@ -77,11 +57,6 @@ "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-728618.pdf", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-728618.pdf" }, - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-328042.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-328042.pdf" - }, { "refsource": "MISC", "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1122/", diff --git a/2021/41xxx/CVE-2021-41562.json b/2021/41xxx/CVE-2021-41562.json index 3e0a450e749..4318844eeb4 100644 --- a/2021/41xxx/CVE-2021-41562.json +++ b/2021/41xxx/CVE-2021-41562.json @@ -1,107 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security@snowsoftware.com", - "DATE_PUBLIC": "2021-11-03T14:00:00.000Z", - "ID": "CVE-2021-41562", - "STATE": "PUBLIC", - "TITLE": "Deletion of arbitrary files vulnerability in Snow Agent for Windows" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Snow Agent for Windows", - "version": { - "version_data": [ - { - "platform": "Windows", - "version_affected": "<=", - "version_name": "6.0.0", - "version_value": "6.7.1" - }, - { - "platform": "Windows", - "version_affected": "<=", - "version_name": "5.0.0", - "version_value": "5.4.1" - } - ] - } - } - ] - }, - "vendor_name": "Snow" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "vp40" - } - ], - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41562", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability in Snow Snow Agent for Windows allows a non-admin user to cause arbitrary deletion of files. This issue affects: Snow Snow Agent for Windows version 5.0.0 to 6.7.1 on Windows." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 6.1, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "NONE", - "integrityImpact": "LOW", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-64" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://community.snowsoftware.com/s/group/0F91r000000QUhPCAW/news-updates", - "name": "https://community.snowsoftware.com/s/group/0F91r000000QUhPCAW/news-updates" - } - ] - }, - "solution": [ - { - "lang": "eng", - "value": "Upgrade Snow Agent for Windows to 6.7.2" - } - ], - "source": { - "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41585.json b/2021/41xxx/CVE-2021-41585.json index e841aaeccc8..bccb48adb7f 100644 --- a/2021/41xxx/CVE-2021-41585.json +++ b/2021/41xxx/CVE-2021-41585.json @@ -1,78 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security@apache.org", - "ID": "CVE-2021-41585", - "STATE": "PUBLIC", - "TITLE": "ATS stops accepting connections on FreeBSD" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Apache Traffic Server", - "version": { - "version_data": [ - { - "version_value": "7.0.0 to 9.1.0" - } - ] - } - } - ] - }, - "vendor_name": "Apache Software Foundation" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "Apache Traffic Server would like to thank Asbjorn Bjornstad for finding this issue." - } - ], - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41585", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Improper Input Validation vulnerability in accepting socket connections in Apache Traffic Server allows an attacker to make the server stop accepting new connections. This issue affects Apache Traffic Server 5.0.0 to 9.1.0." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": [ - {} - ], - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "cwe" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://lists.apache.org/thread/k01797hyncx53659wr3o72s5cvkc3164", - "name": "https://lists.apache.org/thread/k01797hyncx53659wr3o72s5cvkc3164" - } - ] - }, - "source": { - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41611.json b/2021/41xxx/CVE-2021-41611.json index 644254bf492..8dcc41104b9 100644 --- a/2021/41xxx/CVE-2021-41611.json +++ b/2021/41xxx/CVE-2021-41611.json @@ -61,11 +61,6 @@ "refsource": "CONFIRM", "name": "https://github.com/squid-cache/squid/security/advisories/GHSA-47m4-g3mv-9q5r", "url": "https://github.com/squid-cache/squid/security/advisories/GHSA-47m4-g3mv-9q5r" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-15d2f70a07", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWQ2WKDWTSO47S3F6XJJ6HGG2ULWEAE4/" } ] } diff --git a/2021/41xxx/CVE-2021-41646.json b/2021/41xxx/CVE-2021-41646.json index 679bd06785f..ed22346e624 100644 --- a/2021/41xxx/CVE-2021-41646.json +++ b/2021/41xxx/CVE-2021-41646.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-41646", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41646", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Remote Code Execution (RCE) vulnerability exists in Sourcecodester Online Reviewer System 1.0 by uploading a maliciously crafted PHP file that bypasses the image upload filters.." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.exploit-db.com/exploits/50319", - "refsource": "MISC", - "name": "https://www.exploit-db.com/exploits/50319" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/41xxx/CVE-2021-41674.json b/2021/41xxx/CVE-2021-41674.json index 4de9304982f..04a90379ff8 100644 --- a/2021/41xxx/CVE-2021-41674.json +++ b/2021/41xxx/CVE-2021-41674.json @@ -56,16 +56,6 @@ "url": "https://github.com/janikwehrli1/0dayHunt/blob/main/E-Negosyo-System-SQLi.txt", "refsource": "MISC", "name": "https://github.com/janikwehrli1/0dayHunt/blob/main/E-Negosyo-System-SQLi.txt" - }, - { - "refsource": "MISC", - "name": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-41674", - "url": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-41674" - }, - { - "refsource": "MISC", - "name": "https://streamable.com/sm0uxf", - "url": "https://streamable.com/sm0uxf" } ] } diff --git a/2021/41xxx/CVE-2021-41676.json b/2021/41xxx/CVE-2021-41676.json index 223ebe390e2..8560503cd91 100644 --- a/2021/41xxx/CVE-2021-41676.json +++ b/2021/41xxx/CVE-2021-41676.json @@ -56,11 +56,6 @@ "url": "https://github.com/janikwehrli1/0dayHunt/blob/main/pharmacypossqli.txt", "refsource": "MISC", "name": "https://github.com/janikwehrli1/0dayHunt/blob/main/pharmacypossqli.txt" - }, - { - "refsource": "MISC", - "name": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-41676", - "url": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-41676" } ] } diff --git a/2021/41xxx/CVE-2021-41733.json b/2021/41xxx/CVE-2021-41733.json index 57b07b9748e..f0322fe1e2f 100644 --- a/2021/41xxx/CVE-2021-41733.json +++ b/2021/41xxx/CVE-2021-41733.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-41733", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41733", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Oppia 3.1.4 does not verify that certain URLs are valid before navigating to them." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/oppia/oppia/pull/13892", - "refsource": "MISC", - "name": "https://github.com/oppia/oppia/pull/13892" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/41xxx/CVE-2021-41746.json b/2021/41xxx/CVE-2021-41746.json index 8f1021f3c90..42d0ffc29b4 100644 --- a/2021/41xxx/CVE-2021-41746.json +++ b/2021/41xxx/CVE-2021-41746.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-41746", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41746", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "SQL Injection vulnerability exists in all versions of Yonyou TurboCRM.via the orgcode parameter in changepswd.php. Attackers can use the vulnerabilities to obtain sensitive database information." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/purple-WL/Yonyou-TurboCRM-SQL-injection/issues/1", - "refsource": "MISC", - "name": "https://github.com/purple-WL/Yonyou-TurboCRM-SQL-injection/issues/1" - }, - { - "url": "https://www.cnvd.org.cn/flaw/show/CNVD-2020-21956", - "refsource": "MISC", - "name": "https://www.cnvd.org.cn/flaw/show/CNVD-2020-21956" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/41xxx/CVE-2021-41748.json b/2021/41xxx/CVE-2021-41748.json index dd7f4837b87..7315783f6f3 100644 --- a/2021/41xxx/CVE-2021-41748.json +++ b/2021/41xxx/CVE-2021-41748.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-41748", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41748", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "An Incorrect Access Control issue exists in all versions of Portainer.via an unauthorized access vulnerability. The vulnerability is also CNVD-2021-49547" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-49547", - "refsource": "MISC", - "name": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-49547" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/41xxx/CVE-2021-41771.json b/2021/41xxx/CVE-2021-41771.json index 10b30d86e38..1d97604c41a 100644 --- a/2021/41xxx/CVE-2021-41771.json +++ b/2021/41xxx/CVE-2021-41771.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-41771", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41771", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "ImportedSymbols in debug/macho (for Open or OpenFat) in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://groups.google.com/g/golang-announce/c/0fM21h43arc", - "url": "https://groups.google.com/g/golang-announce/c/0fM21h43arc" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/41xxx/CVE-2021-41772.json b/2021/41xxx/CVE-2021-41772.json index 0dea7a151c3..27b12eef019 100644 --- a/2021/41xxx/CVE-2021-41772.json +++ b/2021/41xxx/CVE-2021-41772.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-41772", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41772", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Go before 1.16.10 and 1.17.x before 1.17.3 allows an archive/zip Reader.Open panic via a crafted ZIP archive containing an invalid name or an empty filename field." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://groups.google.com/g/golang-announce/c/0fM21h43arc", - "url": "https://groups.google.com/g/golang-announce/c/0fM21h43arc" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/41xxx/CVE-2021-41798.json b/2021/41xxx/CVE-2021-41798.json index 9f0c735ee56..c600e87b0dc 100644 --- a/2021/41xxx/CVE-2021-41798.json +++ b/2021/41xxx/CVE-2021-41798.json @@ -66,11 +66,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-56d8173b5e", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CJDYJQWT43GBD6GNQ4OW7JOZ6WQ6DZTN/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-3dd1b66cbf", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDBPECBWN6LWNSWIQMVXK6PP4YFEUYHA/" } ] } diff --git a/2021/41xxx/CVE-2021-41799.json b/2021/41xxx/CVE-2021-41799.json index f3fe4ad80c2..9ce51a3461e 100644 --- a/2021/41xxx/CVE-2021-41799.json +++ b/2021/41xxx/CVE-2021-41799.json @@ -71,11 +71,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-56d8173b5e", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CJDYJQWT43GBD6GNQ4OW7JOZ6WQ6DZTN/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-3dd1b66cbf", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDBPECBWN6LWNSWIQMVXK6PP4YFEUYHA/" } ] } diff --git a/2021/41xxx/CVE-2021-41800.json b/2021/41xxx/CVE-2021-41800.json index cc31d2ba42c..9d0b879bbc2 100644 --- a/2021/41xxx/CVE-2021-41800.json +++ b/2021/41xxx/CVE-2021-41800.json @@ -76,11 +76,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-56d8173b5e", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CJDYJQWT43GBD6GNQ4OW7JOZ6WQ6DZTN/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-3dd1b66cbf", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDBPECBWN6LWNSWIQMVXK6PP4YFEUYHA/" } ] } diff --git a/2021/41xxx/CVE-2021-41874.json b/2021/41xxx/CVE-2021-41874.json index c1f147a2321..1115793586e 100644 --- a/2021/41xxx/CVE-2021-41874.json +++ b/2021/41xxx/CVE-2021-41874.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-41874", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41874", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "An unauthorized access vulnerabiitly exists in all versions of Portainer, which could let a malicious user obtain sensitive information." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.cnvd.org.cn/flaw/show/3832981", - "refsource": "MISC", - "name": "https://www.cnvd.org.cn/flaw/show/3832981" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/41xxx/CVE-2021-41973.json b/2021/41xxx/CVE-2021-41973.json index 1464c072fdc..b4204242947 100644 --- a/2021/41xxx/CVE-2021-41973.json +++ b/2021/41xxx/CVE-2021-41973.json @@ -1,91 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security@apache.org", - "ID": "CVE-2021-41973", - "STATE": "PUBLIC", - "TITLE": "Apache MINA HTTP listener DOS" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Apache MINA", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "Apache MINA", - "version_value": "2.1.5" - }, - { - "version_affected": "<", - "version_name": "Apache MINA", - "version_value": "2.0.22" - } - ] - } - } - ] - }, - "vendor_name": "Apache Software Foundation" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-41973", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "In Apache MINA, a specifically crafted, malformed HTTP request may cause the HTTP Header decoder to loop indefinitely. The decoder assumed that the HTTP Header begins at the beginning of the buffer and loops if there is more data than expected. Please update MINA to 2.1.5 or greater." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": [ - { - "other": "critical" - } - ], - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://lists.apache.org/thread.html/r0b907da9340d5ff4e6c1a4798ef4e79700a668657f27cca8a39e9250%40%3Cdev.mina.apache.org%3E", - "name": "https://lists.apache.org/thread.html/r0b907da9340d5ff4e6c1a4798ef4e79700a668657f27cca8a39e9250%40%3Cdev.mina.apache.org%3E" - }, - { - "refsource": "MLIST", - "name": "[oss-security] 20211101 [ANNOUNCE] Apache MINA 2.0.22 & 2.1.5 released", - "url": "http://www.openwall.com/lists/oss-security/2021/11/01/2" - }, - { - "refsource": "MLIST", - "name": "[oss-security] 20211101 CVE-2021-41973: Apache MINA HTTP listener DOS", - "url": "http://www.openwall.com/lists/oss-security/2021/11/01/8" - } - ] - }, - "source": { - "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41990.json b/2021/41xxx/CVE-2021-41990.json index 852042f27f8..723eda6e7ff 100644 --- a/2021/41xxx/CVE-2021-41990.json +++ b/2021/41xxx/CVE-2021-41990.json @@ -76,11 +76,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-b3df83339e", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQSQ3BEC22NF4NCDZVCT4P3Q2ZIAJXGJ/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-95fab6a482", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3TQ32JLJOBJDB2EJKSX2PBPB5NFG2D4/" } ] } diff --git a/2021/41xxx/CVE-2021-41991.json b/2021/41xxx/CVE-2021-41991.json index 18827ab4585..ed589ea8cde 100644 --- a/2021/41xxx/CVE-2021-41991.json +++ b/2021/41xxx/CVE-2021-41991.json @@ -81,11 +81,6 @@ "refsource": "FEDORA", "name": "FEDORA-2021-b3df83339e", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQSQ3BEC22NF4NCDZVCT4P3Q2ZIAJXGJ/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-95fab6a482", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3TQ32JLJOBJDB2EJKSX2PBPB5NFG2D4/" } ] } diff --git a/2021/42xxx/CVE-2021-42008.json b/2021/42xxx/CVE-2021-42008.json index a836a1593a5..ceeefdb7e8e 100644 --- a/2021/42xxx/CVE-2021-42008.json +++ b/2021/42xxx/CVE-2021-42008.json @@ -66,11 +66,6 @@ "url": "https://www.youtube.com/watch?v=d5f9xLK8Vhw", "refsource": "MISC", "name": "https://www.youtube.com/watch?v=d5f9xLK8Vhw" - }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20211104-0002/", - "url": "https://security.netapp.com/advisory/ntap-20211104-0002/" } ] } diff --git a/2021/42xxx/CVE-2021-42015.json b/2021/42xxx/CVE-2021-42015.json index 6c291a7ee5f..8e0dcccffd2 100644 --- a/2021/42xxx/CVE-2021-42015.json +++ b/2021/42xxx/CVE-2021-42015.json @@ -1,81 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "productcert@siemens.com", - "ID": "CVE-2021-42015", - "STATE": "PUBLIC" - }, + "data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", - "data_type": "CVE", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Siemens", - "product": { - "product_data": [ - { - "product_name": "Mendix Applications using Mendix 7", - "version": { - "version_data": [ - { - "version_value": "All versions < V7.23.26" - } - ] - } - }, - { - "product_name": "Mendix Applications using Mendix 8", - "version": { - "version_data": [ - { - "version_value": "All versions < V8.18.12" - } - ] - } - }, - { - "product_name": "Mendix Applications using Mendix 9", - "version": { - "version_data": [ - { - "version_value": "All versions < V9.6.1" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-525: Use of Web Browser Cache Containing Sensitive Information" - } - ] - } - ] + "CVE_data_meta": { + "ID": "CVE-2021-42015", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.26), Mendix Applications using Mendix 8 (All versions < V8.18.12), Mendix Applications using Mendix 9 (All versions < V9.6.1). Applications built with affected versions of Mendix Studio Pro do not prevent file documents from being cached when files are opened or downloaded using a browser. This could allow a local attacker to read those documents by exploring the browser cache." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-338732.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-338732.pdf" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/42xxx/CVE-2021-42021.json b/2021/42xxx/CVE-2021-42021.json index 2e5d80c1a9a..5f071622b13 100644 --- a/2021/42xxx/CVE-2021-42021.json +++ b/2021/42xxx/CVE-2021-42021.json @@ -1,121 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "productcert@siemens.com", - "ID": "CVE-2021-42021", - "STATE": "PUBLIC" - }, + "data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", - "data_type": "CVE", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Siemens", - "product": { - "product_data": [ - { - "product_name": "Siveillance Video DLNA Server", - "version": { - "version_data": [ - { - "version_value": "2019 R1" - } - ] - } - }, - { - "product_name": "Siveillance Video DLNA Server", - "version": { - "version_data": [ - { - "version_value": "2019 R2" - } - ] - } - }, - { - "product_name": "Siveillance Video DLNA Server", - "version": { - "version_data": [ - { - "version_value": "2019 R3" - } - ] - } - }, - { - "product_name": "Siveillance Video DLNA Server", - "version": { - "version_data": [ - { - "version_value": "2020 R1" - } - ] - } - }, - { - "product_name": "Siveillance Video DLNA Server", - "version": { - "version_data": [ - { - "version_value": "2020 R2" - } - ] - } - }, - { - "product_name": "Siveillance Video DLNA Server", - "version": { - "version_data": [ - { - "version_value": "2020 R3" - } - ] - } - }, - { - "product_name": "Siveillance Video DLNA Server", - "version": { - "version_data": [ - { - "version_value": "2021 R1" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-26: Path Traversal: '/dir/../filename'" - } - ] - } - ] + "CVE_data_meta": { + "ID": "CVE-2021-42021", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in Siveillance Video DLNA Server (2019 R1), Siveillance Video DLNA Server (2019 R2), Siveillance Video DLNA Server (2019 R3), Siveillance Video DLNA Server (2020 R1), Siveillance Video DLNA Server (2020 R2), Siveillance Video DLNA Server (2020 R3), Siveillance Video DLNA Server (2021 R1). The affected application contains a path traversal vulnerability that could allow to read arbitrary files on the server that are outside the application\u2019s web document directory. An unauthenticated remote attacker could exploit this issue to access sensitive information for subsequent attacks." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-755517.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-755517.pdf" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/42xxx/CVE-2021-42025.json b/2021/42xxx/CVE-2021-42025.json index f66f28ae0fc..aeb854ee863 100644 --- a/2021/42xxx/CVE-2021-42025.json +++ b/2021/42xxx/CVE-2021-42025.json @@ -1,71 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "productcert@siemens.com", - "ID": "CVE-2021-42025", - "STATE": "PUBLIC" - }, + "data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", - "data_type": "CVE", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Siemens", - "product": { - "product_data": [ - { - "product_name": "Mendix Applications using Mendix 8", - "version": { - "version_data": [ - { - "version_value": "All versions < V8.18.13" - } - ] - } - }, - { - "product_name": "Mendix Applications using Mendix 9", - "version": { - "version_data": [ - { - "version_value": "All versions < V9.6.2" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-863: Incorrect Authorization" - } - ] - } - ] + "CVE_data_meta": { + "ID": "CVE-2021-42025", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in Mendix Applications using Mendix 8 (All versions < V8.18.13), Mendix Applications using Mendix 9 (All versions < V9.6.2). Applications built with affected versions of Mendix Studio Pro do not properly control write access for certain client actions. This could allow authenticated attackers to manipulate the content of System.FileDocument objects in some cases, regardless whether they have write access to it." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-779699.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-779699.pdf" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/42xxx/CVE-2021-42026.json b/2021/42xxx/CVE-2021-42026.json index 05dc3b99163..850f8963a18 100644 --- a/2021/42xxx/CVE-2021-42026.json +++ b/2021/42xxx/CVE-2021-42026.json @@ -1,71 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "productcert@siemens.com", - "ID": "CVE-2021-42026", - "STATE": "PUBLIC" - }, + "data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", - "data_type": "CVE", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Siemens", - "product": { - "product_data": [ - { - "product_name": "Mendix Applications using Mendix 8", - "version": { - "version_data": [ - { - "version_value": "All versions < V8.18.13" - } - ] - } - }, - { - "product_name": "Mendix Applications using Mendix 9", - "version": { - "version_data": [ - { - "version_value": "All versions < V9.6.2" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-863: Incorrect Authorization" - } - ] - } - ] + "CVE_data_meta": { + "ID": "CVE-2021-42026", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in Mendix Applications using Mendix 8 (All versions < V8.18.13), Mendix Applications using Mendix 9 (All versions < V9.6.2). Applications built with affected versions of Mendix Studio Pro do not properly control read access for certain client actions. This could allow authenticated attackers to retrieve the changedDate attribute of arbitrary objects, even when they don't have read access to them." - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-779699.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-779699.pdf" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/42xxx/CVE-2021-42057.json b/2021/42xxx/CVE-2021-42057.json index 64f212d0355..a4883e86056 100644 --- a/2021/42xxx/CVE-2021-42057.json +++ b/2021/42xxx/CVE-2021-42057.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-42057", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42057", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Obsidian Dataview through 0.4.12-hotfix1 allows eval injection. The evalInContext function in executes user input, which allows an attacker to craft malicious Markdown files that will execute arbitrary code once opened. NOTE: 0.4.13 provides a mitigation for some use cases." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://github.com/blacksmithgu/obsidian-dataview/issues/615", - "url": "https://github.com/blacksmithgu/obsidian-dataview/issues/615" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/42xxx/CVE-2021-42072.json b/2021/42xxx/CVE-2021-42072.json index d2b41eda34e..f608dfe5478 100644 --- a/2021/42xxx/CVE-2021-42072.json +++ b/2021/42xxx/CVE-2021-42072.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-42072", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42072", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "An issue was discovered in Barrier before 2.4.0. The barriers component (aka the server-side implementation of Barrier) does not sufficiently verify the identify of connecting clients. Clients can thus exploit weaknesses in the provided protocol to cause denial-of-service or stage further attacks that could lead to information leaks or integrity corruption." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MLIST", - "name": "[oss-security] 20211102 Barrier \"software KVM switch\" multiple remote security issues", - "url": "http://www.openwall.com/lists/oss-security/2021/11/02/4" - }, - { - "refsource": "MISC", - "name": "https://github.com/debauchee/barrier/releases/tag/v2.4.0", - "url": "https://github.com/debauchee/barrier/releases/tag/v2.4.0" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/42xxx/CVE-2021-42073.json b/2021/42xxx/CVE-2021-42073.json index f118805c9d6..f2799bade23 100644 --- a/2021/42xxx/CVE-2021-42073.json +++ b/2021/42xxx/CVE-2021-42073.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-42073", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42073", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "An issue was discovered in Barrier before 2.4.0. An attacker can enter an active session state with the barriers component (aka the server-side implementation of Barrier) simply by supplying a client label that identifies a valid client configuration. This label is \"Unnamed\" by default but could instead be guessed from hostnames or other publicly available information. In the active session state, an attacker can capture input device events from the server, and also modify the clipboard content on the server." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MLIST", - "name": "[oss-security] 20211102 Barrier \"software KVM switch\" multiple remote security issues", - "url": "http://www.openwall.com/lists/oss-security/2021/11/02/4" - }, - { - "refsource": "CONFIRM", - "name": "https://github.com/debauchee/barrier/releases/tag/v2.4.0", - "url": "https://github.com/debauchee/barrier/releases/tag/v2.4.0" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/42xxx/CVE-2021-42074.json b/2021/42xxx/CVE-2021-42074.json index d8aba0c9df1..4fc313e0a28 100644 --- a/2021/42xxx/CVE-2021-42074.json +++ b/2021/42xxx/CVE-2021-42074.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-42074", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42074", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "An issue was discovered in Barrier before 2.3.4. An unauthenticated attacker can cause a segmentation fault in the barriers component (aka the server-side implementation of Barrier) by quickly opening and closing TCP connections while sending a Hello message for each TCP session." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MLIST", - "name": "[oss-security] 20211102 Barrier \"software KVM switch\" multiple remote security issues", - "url": "http://www.openwall.com/lists/oss-security/2021/11/02/4" - }, - { - "refsource": "MISC", - "name": "https://github.com/debauchee/barrier/releases/tag/v2.3.4", - "url": "https://github.com/debauchee/barrier/releases/tag/v2.3.4" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/42xxx/CVE-2021-42075.json b/2021/42xxx/CVE-2021-42075.json index 66c5c1040d2..144926e83f8 100644 --- a/2021/42xxx/CVE-2021-42075.json +++ b/2021/42xxx/CVE-2021-42075.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-42075", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42075", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "An issue was discovered in Barrier before 2.3.4. The barriers component (aka the server-side implementation of Barrier) does not correctly close file descriptors for established TCP connections. An unauthenticated remote attacker can thus cause file descriptor exhaustion in the server process, leading to denial of service." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MLIST", - "name": "[oss-security] 20211102 Barrier \"software KVM switch\" multiple remote security issues", - "url": "http://www.openwall.com/lists/oss-security/2021/11/02/4" - }, - { - "refsource": "MISC", - "name": "https://github.com/debauchee/barrier/releases/tag/v2.3.4", - "url": "https://github.com/debauchee/barrier/releases/tag/v2.3.4" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/42xxx/CVE-2021-42076.json b/2021/42xxx/CVE-2021-42076.json index b36a141408f..ba6465e3da3 100644 --- a/2021/42xxx/CVE-2021-42076.json +++ b/2021/42xxx/CVE-2021-42076.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-42076", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42076", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "An issue was discovered in Barrier before 2.3.4. An attacker can cause memory exhaustion in the barriers component (aka the server-side implementation of Barrier) and barrierc by sending long TCP messages." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MLIST", - "name": "[oss-security] 20211102 Barrier \"software KVM switch\" multiple remote security issues", - "url": "http://www.openwall.com/lists/oss-security/2021/11/02/4" - }, - { - "refsource": "MISC", - "name": "https://github.com/debauchee/barrier/releases/tag/v2.3.4", - "url": "https://github.com/debauchee/barrier/releases/tag/v2.3.4" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/42xxx/CVE-2021-42077.json b/2021/42xxx/CVE-2021-42077.json index a73b165794d..15d8033084c 100644 --- a/2021/42xxx/CVE-2021-42077.json +++ b/2021/42xxx/CVE-2021-42077.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-42077", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42077", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "PHP Event Calendar before 2021-09-03 allows SQL injection, as demonstrated by the /server/ajax/user_manager.php username parameter. This can be used to execute SQL statements directly on the database, allowing an adversary in some cases to completely compromise the database system. It can also be used to bypass the login form." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "http://packetstormsecurity.com/files/164777/PHP-Event-Calendar-Lite-Edition-SQL-Injection.html", - "url": "http://packetstormsecurity.com/files/164777/PHP-Event-Calendar-Lite-Edition-SQL-Injection.html" - }, - { - "refsource": "MISC", - "name": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-048.txt", - "url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-048.txt" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/42xxx/CVE-2021-42078.json b/2021/42xxx/CVE-2021-42078.json index 897696a7ee4..531f90b269b 100644 --- a/2021/42xxx/CVE-2021-42078.json +++ b/2021/42xxx/CVE-2021-42078.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-42078", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42078", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "PHP Event Calendar through 2021-11-04 allows persistent cross-site scripting (XSS), as demonstrated by the /server/ajax/events_manager.php title parameter. This can be exploited by an adversary in multiple ways, e.g., to perform actions on the page in the context of other users, or to deface the site." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-049.txt", - "url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-049.txt" - }, - { - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2021/Nov/24", - "url": "http://seclists.org/fulldisclosure/2021/Nov/24" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/42xxx/CVE-2021-42237.json b/2021/42xxx/CVE-2021-42237.json index 1d618c7c306..b13fee57942 100644 --- a/2021/42xxx/CVE-2021-42237.json +++ b/2021/42xxx/CVE-2021-42237.json @@ -1,71 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-42237", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42237", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Sitecore XP 7.5 Initial Release to Sitecore XP 8.2 Update-7 is vulnerable to an insecure deserialization attack where it is possible to achieve remote command execution on the machine. No authentication or special configuration is required to exploit this vulnerability." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "http://sitecore.com", - "refsource": "MISC", - "name": "http://sitecore.com" - }, - { - "refsource": "MISC", - "name": "https://support.sitecore.com/kb?id=kb_article_view&sysparm_article=KB1000776", - "url": "https://support.sitecore.com/kb?id=kb_article_view&sysparm_article=KB1000776" - }, - { - "refsource": "MISC", - "name": "https://blog.assetnote.io/2021/11/02/sitecore-rce/", - "url": "https://blog.assetnote.io/2021/11/02/sitecore-rce/" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/42xxx/CVE-2021-42274.json b/2021/42xxx/CVE-2021-42274.json index 2be74178810..91dd5ed77b3 100644 --- a/2021/42xxx/CVE-2021-42274.json +++ b/2021/42xxx/CVE-2021-42274.json @@ -1,18 +1,162 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-42274", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-42274", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Windows", + "version": { + "version_data": [ + { + "version_value": "10 Version 1809 for x64-based Systems" + }, + { + "version_value": "10 Version 1607 for x64-based Systems" + } + ] + } + }, + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "2019" + }, + { + "version_value": "2019 (Core installation)" + }, + { + "version_value": "2016" + }, + { + "version_value": "2016 (Core installation)" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 2004 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 20H2 (Server Core Installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Windows Hyper-V Discrete Device Assignment (DDA) Denial of Service Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42274" + } + ] + } +} diff --git a/2021/42xxx/CVE-2021-42275.json b/2021/42xxx/CVE-2021-42275.json index 6e981452fc3..dc2e43e5177 100644 --- a/2021/42xxx/CVE-2021-42275.json +++ b/2021/42xxx/CVE-2021-42275.json @@ -1,18 +1,302 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-42275", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-42275", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Windows", + "version": { + "version_data": [ + { + "version_value": "10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "10 Version 1809 for x64-based Systems" + }, + { + "version_value": "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value": "10 for 32-bit Systems" + }, + { + "version_value": "10 for x64-based Systems" + }, + { + "version_value": "10 Version 1607 for 32-bit Systems" + }, + { + "version_value": "10 Version 1607 for x64-based Systems" + }, + { + "version_value": "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value": "7 for x64-based Systems Service Pack 1" + }, + { + "version_value": "8.1 for 32-bit systems" + }, + { + "version_value": "8.1 for x64-based systems" + }, + { + "version_value": "RT 8.1" + } + ] + } + }, + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "2019" + }, + { + "version_value": "2019 (Core installation)" + }, + { + "version_value": "2016" + }, + { + "version_value": "2016 (Core installation)" + }, + { + "version_value": "2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" + }, + { + "version_value": "2008 for x64-based Systems Service Pack 2" + }, + { + "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)" + }, + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value": "2012" + }, + { + "version_value": "2012 (Core installation)" + }, + { + "version_value": "2012 R2" + }, + { + "version_value": "2012 R2 (Core installation)" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 2004 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 20H2 (Server Core Installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft COM for Windows Remote Code Execution Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42275" + } + ] + } +} diff --git a/2021/42xxx/CVE-2021-42276.json b/2021/42xxx/CVE-2021-42276.json index 3cb92b595db..cd2b7ed5afb 100644 --- a/2021/42xxx/CVE-2021-42276.json +++ b/2021/42xxx/CVE-2021-42276.json @@ -1,18 +1,277 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-42276", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-42276", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Windows", + "version": { + "version_data": [ + { + "version_value": "10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "10 Version 1809 for x64-based Systems" + }, + { + "version_value": "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value": "10 for 32-bit Systems" + }, + { + "version_value": "10 for x64-based Systems" + }, + { + "version_value": "10 Version 1607 for 32-bit Systems" + }, + { + "version_value": "10 Version 1607 for x64-based Systems" + } + ] + } + }, + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "2019" + }, + { + "version_value": "2019 (Core installation)" + }, + { + "version_value": "2016" + }, + { + "version_value": "2016 (Core installation)" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 2004 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 20H2 (Server Core Installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Windows Media Foundation Remote Code Execution Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42276" + } + ] + } +} diff --git a/2021/42xxx/CVE-2021-42277.json b/2021/42xxx/CVE-2021-42277.json index 6b2abec24a4..e3e78c832d4 100644 --- a/2021/42xxx/CVE-2021-42277.json +++ b/2021/42xxx/CVE-2021-42277.json @@ -1,18 +1,327 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-42277", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-42277", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Windows", + "version": { + "version_data": [ + { + "version_value": "10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "10 Version 1809 for x64-based Systems" + }, + { + "version_value": "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value": "10 for 32-bit Systems" + }, + { + "version_value": "10 for x64-based Systems" + }, + { + "version_value": "10 Version 1607 for 32-bit Systems" + }, + { + "version_value": "10 Version 1607 for x64-based Systems" + } + ] + } + }, + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "2019" + }, + { + "version_value": "2019 (Core installation)" + }, + { + "version_value": "2016" + }, + { + "version_value": "2016 (Core installation)" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 2004 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 20H2 (Server Core Installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Visual Studio", + "version": { + "version_data": [ + { + "version_value": "2015 Update 3" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42277" + } + ] + } +} diff --git a/2021/42xxx/CVE-2021-42278.json b/2021/42xxx/CVE-2021-42278.json index 574f0705b37..fc9878ba456 100644 --- a/2021/42xxx/CVE-2021-42278.json +++ b/2021/42xxx/CVE-2021-42278.json @@ -1,18 +1,139 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-42278", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-42278", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "2019" + }, + { + "version_value": "2019 (Core installation)" + }, + { + "version_value": "2016" + }, + { + "version_value": "2016 (Core installation)" + }, + { + "version_value": "2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" + }, + { + "version_value": "2008 for x64-based Systems Service Pack 2" + }, + { + "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)" + }, + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value": "2012" + }, + { + "version_value": "2012 (Core installation)" + }, + { + "version_value": "2012 R2" + }, + { + "version_value": "2012 R2 (Core installation)" + } + ] + } + }, + { + "product_name": "Windows Server 2022", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 2004 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 20H2 (Server Core Installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Active Directory Domain Services Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42282, CVE-2021-42287, CVE-2021-42291." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42278" + } + ] + } +} diff --git a/2021/42xxx/CVE-2021-42279.json b/2021/42xxx/CVE-2021-42279.json index bd10767f2cc..15035615d63 100644 --- a/2021/42xxx/CVE-2021-42279.json +++ b/2021/42xxx/CVE-2021-42279.json @@ -1,18 +1,261 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-42279", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-42279", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Windows 10 Version 21H1 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 20H2 (Server Core Installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows", + "version": { + "version_data": [ + { + "version_value": "10 for 32-bit Systems" + }, + { + "version_value": "10 Version 1607 for 32-bit Systems" + }, + { + "version_value": "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value": "10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "10 Version 1809 for x64-based Systems" + }, + { + "version_value": "10 Version 1607 for x64-based Systems" + }, + { + "version_value": "10 for x64-based Systems" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 2004 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "2019" + }, + { + "version_value": "2016" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Chakra Scripting Engine Memory Corruption Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42279" + } + ] + } +} diff --git a/2021/42xxx/CVE-2021-42280.json b/2021/42xxx/CVE-2021-42280.json index f1a934a1d8e..59a9d13c8d7 100644 --- a/2021/42xxx/CVE-2021-42280.json +++ b/2021/42xxx/CVE-2021-42280.json @@ -1,18 +1,271 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-42280", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-42280", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Windows", + "version": { + "version_data": [ + { + "version_value": "10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "10 Version 1809 for x64-based Systems" + }, + { + "version_value": "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value": "10 Version 1607 for 32-bit Systems" + }, + { + "version_value": "10 Version 1607 for x64-based Systems" + } + ] + } + }, + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "2019" + }, + { + "version_value": "2019 (Core installation)" + }, + { + "version_value": "2016" + }, + { + "version_value": "2016 (Core installation)" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 2004 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 20H2 (Server Core Installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Windows Feedback Hub Elevation of Privilege Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42280" + } + ] + } +} diff --git a/2021/42xxx/CVE-2021-42282.json b/2021/42xxx/CVE-2021-42282.json index 7ca96b3396e..1e2e99bd295 100644 --- a/2021/42xxx/CVE-2021-42282.json +++ b/2021/42xxx/CVE-2021-42282.json @@ -1,18 +1,139 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-42282", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-42282", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "2019" + }, + { + "version_value": "2019 (Core installation)" + }, + { + "version_value": "2016" + }, + { + "version_value": "2016 (Core installation)" + }, + { + "version_value": "2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" + }, + { + "version_value": "2008 for x64-based Systems Service Pack 2" + }, + { + "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)" + }, + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value": "2012" + }, + { + "version_value": "2012 (Core installation)" + }, + { + "version_value": "2012 R2" + }, + { + "version_value": "2012 R2 (Core installation)" + } + ] + } + }, + { + "product_name": "Windows Server 2022", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 2004 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 20H2 (Server Core Installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Active Directory Domain Services Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42278, CVE-2021-42287, CVE-2021-42291." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42282" + } + ] + } +} diff --git a/2021/42xxx/CVE-2021-42283.json b/2021/42xxx/CVE-2021-42283.json index baab26827df..8a121bd3251 100644 --- a/2021/42xxx/CVE-2021-42283.json +++ b/2021/42xxx/CVE-2021-42283.json @@ -1,18 +1,322 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-42283", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-42283", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Windows", + "version": { + "version_data": [ + { + "version_value": "10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "10 Version 1809 for x64-based Systems" + }, + { + "version_value": "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value": "10 for 32-bit Systems" + }, + { + "version_value": "10 for x64-based Systems" + }, + { + "version_value": "10 Version 1607 for 32-bit Systems" + }, + { + "version_value": "10 Version 1607 for x64-based Systems" + }, + { + "version_value": "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value": "7 for x64-based Systems Service Pack 1" + }, + { + "version_value": "8.1 for 32-bit systems" + }, + { + "version_value": "8.1 for x64-based systems" + }, + { + "version_value": "RT 8.1" + } + ] + } + }, + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "2019" + }, + { + "version_value": "2019 (Core installation)" + }, + { + "version_value": "2016" + }, + { + "version_value": "2016 (Core installation)" + }, + { + "version_value": "2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" + }, + { + "version_value": "2008 for x64-based Systems Service Pack 2" + }, + { + "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)" + }, + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value": "2012" + }, + { + "version_value": "2012 (Core installation)" + }, + { + "version_value": "2012 R2" + }, + { + "version_value": "2012 R2 (Core installation)" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 2004 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 20H2 (Server Core Installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "NTFS Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-41367, CVE-2021-41370." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42283" + } + ] + } +} diff --git a/2021/42xxx/CVE-2021-42284.json b/2021/42xxx/CVE-2021-42284.json index 13788418249..c435c49d2d3 100644 --- a/2021/42xxx/CVE-2021-42284.json +++ b/2021/42xxx/CVE-2021-42284.json @@ -1,18 +1,184 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-42284", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-42284", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Windows", + "version": { + "version_data": [ + { + "version_value": "10 Version 1809 for x64-based Systems" + }, + { + "version_value": "10 for x64-based Systems" + }, + { + "version_value": "10 Version 1607 for x64-based Systems" + }, + { + "version_value": "8.1 for x64-based systems" + } + ] + } + }, + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "2019" + }, + { + "version_value": "2019 (Core installation)" + }, + { + "version_value": "2016" + }, + { + "version_value": "2016 (Core installation)" + }, + { + "version_value": "2012 R2" + }, + { + "version_value": "2012 R2 (Core installation)" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 2004 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 20H2 (Server Core Installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Windows Hyper-V Denial of Service Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42284" + } + ] + } +} diff --git a/2021/42xxx/CVE-2021-42285.json b/2021/42xxx/CVE-2021-42285.json index b4aceb339b8..e542110a68d 100644 --- a/2021/42xxx/CVE-2021-42285.json +++ b/2021/42xxx/CVE-2021-42285.json @@ -1,18 +1,310 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-42285", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-42285", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Windows", + "version": { + "version_data": [ + { + "version_value": "10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "10 Version 1809 for x64-based Systems" + }, + { + "version_value": "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value": "10 for 32-bit Systems" + }, + { + "version_value": "10 for x64-based Systems" + }, + { + "version_value": "10 Version 1607 for 32-bit Systems" + }, + { + "version_value": "10 Version 1607 for x64-based Systems" + }, + { + "version_value": "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value": "7 for x64-based Systems Service Pack 1" + }, + { + "version_value": "8.1 for 32-bit systems" + }, + { + "version_value": "8.1 for x64-based systems" + }, + { + "version_value": "RT 8.1" + } + ] + } + }, + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "2019" + }, + { + "version_value": "2019 (Core installation)" + }, + { + "version_value": "2016" + }, + { + "version_value": "2016 (Core installation)" + }, + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value": "2012" + }, + { + "version_value": "2012 (Core installation)" + }, + { + "version_value": "2012 R2" + }, + { + "version_value": "2012 R2 (Core installation)" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 2004 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 20H2 (Server Core Installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Windows Kernel Elevation of Privilege Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42285" + } + ] + } +} diff --git a/2021/42xxx/CVE-2021-42286.json b/2021/42xxx/CVE-2021-42286.json index b6b4dc0c92b..685762d3d3d 100644 --- a/2021/42xxx/CVE-2021-42286.json +++ b/2021/42xxx/CVE-2021-42286.json @@ -1,18 +1,160 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-42286", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-42286", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Windows 10 Version 21H1 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 2004 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 20H2 (Server Core Installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Windows Core Shell SI Host Extension Framework for Composable Shell Elevation of Privilege Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42286" + } + ] + } +} diff --git a/2021/42xxx/CVE-2021-42287.json b/2021/42xxx/CVE-2021-42287.json index 6637d6d77ce..7e4219ffd04 100644 --- a/2021/42xxx/CVE-2021-42287.json +++ b/2021/42xxx/CVE-2021-42287.json @@ -1,18 +1,139 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-42287", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-42287", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "2019" + }, + { + "version_value": "2019 (Core installation)" + }, + { + "version_value": "2016" + }, + { + "version_value": "2016 (Core installation)" + }, + { + "version_value": "2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" + }, + { + "version_value": "2008 for x64-based Systems Service Pack 2" + }, + { + "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)" + }, + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value": "2012" + }, + { + "version_value": "2012 (Core installation)" + }, + { + "version_value": "2012 R2" + }, + { + "version_value": "2012 R2 (Core installation)" + } + ] + } + }, + { + "product_name": "Windows Server 2022", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 2004 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 20H2 (Server Core Installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Active Directory Domain Services Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42278, CVE-2021-42282, CVE-2021-42291." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42287" + } + ] + } +} diff --git a/2021/42xxx/CVE-2021-42288.json b/2021/42xxx/CVE-2021-42288.json index 67510786126..59044ac5317 100644 --- a/2021/42xxx/CVE-2021-42288.json +++ b/2021/42xxx/CVE-2021-42288.json @@ -1,18 +1,219 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-42288", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-42288", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Windows", + "version": { + "version_data": [ + { + "version_value": "10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "10 Version 1809 for x64-based Systems" + }, + { + "version_value": "10 Version 1809 for ARM64-based Systems" + } + ] + } + }, + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "2019" + }, + { + "version_value": "2019 (Core installation)" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1909 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 2004 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 2004 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 20H2 (Server Core Installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Windows Hello Security Feature Bypass Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Security Feature Bypass" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42288" + } + ] + } +} diff --git a/2021/42xxx/CVE-2021-42291.json b/2021/42xxx/CVE-2021-42291.json index c00001db13d..ecb6ac0f0f0 100644 --- a/2021/42xxx/CVE-2021-42291.json +++ b/2021/42xxx/CVE-2021-42291.json @@ -1,18 +1,139 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-42291", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-42291", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "2019" + }, + { + "version_value": "2019 (Core installation)" + }, + { + "version_value": "2016" + }, + { + "version_value": "2016 (Core installation)" + }, + { + "version_value": "2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" + }, + { + "version_value": "2008 for x64-based Systems Service Pack 2" + }, + { + "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)" + }, + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value": "2012" + }, + { + "version_value": "2012 (Core installation)" + }, + { + "version_value": "2012 R2" + }, + { + "version_value": "2012 R2 (Core installation)" + } + ] + } + }, + { + "product_name": "Windows Server 2022", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 2004 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 20H2 (Server Core Installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Active Directory Domain Services Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42278, CVE-2021-42282, CVE-2021-42287." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42291" + } + ] + } +} diff --git a/2021/42xxx/CVE-2021-42292.json b/2021/42xxx/CVE-2021-42292.json index 72734df49f8..6c4a71e1683 100644 --- a/2021/42xxx/CVE-2021-42292.json +++ b/2021/42xxx/CVE-2021-42292.json @@ -1,18 +1,153 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-42292", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-42292", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft Office", + "version": { + "version_data": [ + { + "version_value": "2019 for 32-bit editions" + }, + { + "version_value": "2019 for 64-bit editions" + }, + { + "version_value": "2019 for Mac" + }, + { + "version_value": "2016 (32-bit edition)" + }, + { + "version_value": "2016 (64-bit edition)" + }, + { + "version_value": "2013 RT Service Pack 1" + }, + { + "version_value": "2013 Service Pack 1 (32-bit editions)" + }, + { + "version_value": "2013 Service Pack 1 (64-bit editions)" + } + ] + } + }, + { + "product_name": "Microsoft 365 Apps for Enterprise for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft 365 Apps for Enterprise for 64-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Office LTSC for Mac 2021", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Office LTSC 2021 for 64-bit editions", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Office LTSC 2021 for 32-bit editions", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Excel", + "version": { + "version_data": [ + { + "version_value": "2016 (32-bit edition)" + }, + { + "version_value": "2016 (64-bit edition)" + }, + { + "version_value": "2013 RT Service Pack 1" + }, + { + "version_value": "2013 Service Pack 1 (32-bit editions)" + }, + { + "version_value": "2013 Service Pack 1 (64-bit editions)" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Excel Security Feature Bypass Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Security Feature Bypass" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42292" + } + ] + } +} diff --git a/2021/42xxx/CVE-2021-42296.json b/2021/42xxx/CVE-2021-42296.json index 81c9c76c108..fe0389cbf4c 100644 --- a/2021/42xxx/CVE-2021-42296.json +++ b/2021/42xxx/CVE-2021-42296.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-42296", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-42296", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft 365 Apps for Enterprise for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft 365 Apps for Enterprise for 64-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Office LTSC 2021 for 64-bit editions", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Office LTSC 2021 for 32-bit editions", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Word Remote Code Execution Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42296" + } + ] + } +} diff --git a/2021/42xxx/CVE-2021-42298.json b/2021/42xxx/CVE-2021-42298.json index 59eda9cd6d9..25353387391 100644 --- a/2021/42xxx/CVE-2021-42298.json +++ b/2021/42xxx/CVE-2021-42298.json @@ -1,18 +1,60 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-42298", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-42298", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft Malware Protection Engine", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Defender Remote Code Execution Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42298" + } + ] + } +} diff --git a/2021/42xxx/CVE-2021-42300.json b/2021/42xxx/CVE-2021-42300.json index 8679f9c50ce..5b022dae236 100644 --- a/2021/42xxx/CVE-2021-42300.json +++ b/2021/42xxx/CVE-2021-42300.json @@ -1,18 +1,60 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-42300", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-42300", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Azure Sphere", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Azure Sphere Tampering Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Tampering" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42300" + } + ] + } +} diff --git a/2021/42xxx/CVE-2021-42301.json b/2021/42xxx/CVE-2021-42301.json index 5c562cf77ad..f855f83d908 100644 --- a/2021/42xxx/CVE-2021-42301.json +++ b/2021/42xxx/CVE-2021-42301.json @@ -1,18 +1,60 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-42301", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-42301", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Azure RTOS", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Azure RTOS Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-26444, CVE-2021-42323." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42301" + } + ] + } +} diff --git a/2021/42xxx/CVE-2021-42302.json b/2021/42xxx/CVE-2021-42302.json index 05b0b867c39..81a4444b28d 100644 --- a/2021/42xxx/CVE-2021-42302.json +++ b/2021/42xxx/CVE-2021-42302.json @@ -1,18 +1,60 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-42302", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-42302", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Azure RTOS", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Azure RTOS Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42303, CVE-2021-42304." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42302" + } + ] + } +} diff --git a/2021/42xxx/CVE-2021-42303.json b/2021/42xxx/CVE-2021-42303.json index 6d546abb9b9..463df6f0453 100644 --- a/2021/42xxx/CVE-2021-42303.json +++ b/2021/42xxx/CVE-2021-42303.json @@ -1,18 +1,60 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-42303", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-42303", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Azure RTOS", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Azure RTOS Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42302, CVE-2021-42304." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42303" + } + ] + } +} diff --git a/2021/42xxx/CVE-2021-42304.json b/2021/42xxx/CVE-2021-42304.json index e7743a3d8ac..27c344ef8db 100644 --- a/2021/42xxx/CVE-2021-42304.json +++ b/2021/42xxx/CVE-2021-42304.json @@ -1,18 +1,60 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-42304", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-42304", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Azure RTOS", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Azure RTOS Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42302, CVE-2021-42303." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42304" + } + ] + } +} diff --git a/2021/42xxx/CVE-2021-42305.json b/2021/42xxx/CVE-2021-42305.json index 1b5710c1135..885c4c1a413 100644 --- a/2021/42xxx/CVE-2021-42305.json +++ b/2021/42xxx/CVE-2021-42305.json @@ -1,18 +1,100 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-42305", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-42305", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft Exchange Server 2013", + "version": { + "version_data": [ + { + "version_value": "Cumulative Update 23" + } + ] + } + }, + { + "product_name": "Microsoft Exchange Server 2016 Cumulative Update 21", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Exchange Server 2019 Cumulative Update 10", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Exchange Server 2016 Cumulative Update 22", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Exchange Server 2019 Cumulative Update 11", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Exchange Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-41349." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Spoofing" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42305" + } + ] + } +} diff --git a/2021/42xxx/CVE-2021-42316.json b/2021/42xxx/CVE-2021-42316.json index 337ad09efb5..f11db3628c1 100644 --- a/2021/42xxx/CVE-2021-42316.json +++ b/2021/42xxx/CVE-2021-42316.json @@ -1,18 +1,70 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-42316", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-42316", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft Dynamics 365 (on-premises) version 9.1", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Dynamics 365 (on-premises)", + "version": { + "version_data": [ + { + "version_value": "9.0" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42316" + } + ] + } +} diff --git a/2021/42xxx/CVE-2021-42319.json b/2021/42xxx/CVE-2021-42319.json index 7a9227b8d41..6bf7bba2475 100644 --- a/2021/42xxx/CVE-2021-42319.json +++ b/2021/42xxx/CVE-2021-42319.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-42319", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-42319", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Visual Studio Elevation of Privilege Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42319" + } + ] + } +} diff --git a/2021/42xxx/CVE-2021-42321.json b/2021/42xxx/CVE-2021-42321.json index 7630557590e..346d472200d 100644 --- a/2021/42xxx/CVE-2021-42321.json +++ b/2021/42xxx/CVE-2021-42321.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-42321", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-42321", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft Exchange Server 2016 Cumulative Update 21", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Exchange Server 2019 Cumulative Update 10", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Exchange Server 2016 Cumulative Update 22", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Exchange Server 2019 Cumulative Update 11", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Exchange Server Remote Code Execution Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42321" + } + ] + } +} diff --git a/2021/42xxx/CVE-2021-42322.json b/2021/42xxx/CVE-2021-42322.json index 7dd7d449d8d..e6514367a3f 100644 --- a/2021/42xxx/CVE-2021-42322.json +++ b/2021/42xxx/CVE-2021-42322.json @@ -1,18 +1,60 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-42322", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-42322", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Visual Studio Code", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Visual Studio Code Elevation of Privilege Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42322" + } + ] + } +} diff --git a/2021/42xxx/CVE-2021-42323.json b/2021/42xxx/CVE-2021-42323.json index 7db1b7e8bf4..ba6a1dbd876 100644 --- a/2021/42xxx/CVE-2021-42323.json +++ b/2021/42xxx/CVE-2021-42323.json @@ -1,18 +1,60 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-42323", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-42323", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Azure RTOS", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Azure RTOS Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-26444, CVE-2021-42301." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42323" + } + ] + } +} diff --git a/2021/42xxx/CVE-2021-42325.json b/2021/42xxx/CVE-2021-42325.json index 980429e08d0..7bdf94acb3b 100644 --- a/2021/42xxx/CVE-2021-42325.json +++ b/2021/42xxx/CVE-2021-42325.json @@ -56,16 +56,6 @@ "url": "https://github.com/Froxlor/Froxlor/commit/eb592340b022298f62a0a3e8450dbfbe29585782", "refsource": "MISC", "name": "https://github.com/Froxlor/Froxlor/commit/eb592340b022298f62a0a3e8450dbfbe29585782" - }, - { - "refsource": "MISC", - "name": "http://packetstormsecurity.com/files/164800/Froxlor-0.10.29.1-SQL-Injection.html", - "url": "http://packetstormsecurity.com/files/164800/Froxlor-0.10.29.1-SQL-Injection.html" - }, - { - "refsource": "MISC", - "name": "https://www.exploit-db.com/exploits/50502", - "url": "https://www.exploit-db.com/exploits/50502" } ] } diff --git a/2021/42xxx/CVE-2021-42327.json b/2021/42xxx/CVE-2021-42327.json index dead0deeb58..67684941cc1 100644 --- a/2021/42xxx/CVE-2021-42327.json +++ b/2021/42xxx/CVE-2021-42327.json @@ -61,11 +61,6 @@ "refsource": "MISC", "name": "https://www.mail-archive.com/amd-gfx@lists.freedesktop.org/msg69080.html", "url": "https://www.mail-archive.com/amd-gfx@lists.freedesktop.org/msg69080.html" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-a093973910", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RDDEW4APTYKJK365HC2JZIVXYUV7ZRN7/" } ] } diff --git a/2021/42xxx/CVE-2021-42340.json b/2021/42xxx/CVE-2021-42340.json index cf82e673d75..01bb937b8e8 100644 --- a/2021/42xxx/CVE-2021-42340.json +++ b/2021/42xxx/CVE-2021-42340.json @@ -85,11 +85,6 @@ "refsource": "MLIST", "name": "[myfaces-commits] 20211021 [myfaces-tobago] branch tobago-5.x updated: build: workaround for CVE-2021-42340", "url": "https://lists.apache.org/thread.html/r8097a2d1550aa78e585fc77e602b9046e6d4099d8d132497c5387784@%3Ccommits.myfaces.apache.org%3E" - }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20211104-0001/", - "url": "https://security.netapp.com/advisory/ntap-20211104-0001/" } ] }, diff --git a/2021/42xxx/CVE-2021-42343.json b/2021/42xxx/CVE-2021-42343.json index 72de3e28d85..defb34d4bb9 100644 --- a/2021/42xxx/CVE-2021-42343.json +++ b/2021/42xxx/CVE-2021-42343.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "An issue was discovered in the Dask distributed package before 2021.10.0 for Python. Single machine Dask clusters started with dask.distributed.LocalCluster or dask.distributed.Client (which defaults to using LocalCluster) would mistakenly configure their respective Dask workers to listen on external interfaces (typically with a randomly selected high port) rather than only on localhost. A Dask cluster created using this method (when running on a machine that has an applicable port exposed) could be used by a sophisticated attacker to achieve remote code execution." + "value": "An issue was discovered in Dask (aka python-dask) through 2021.09.1. Single machine Dask clusters started with dask.distributed.LocalCluster or dask.distributed.Client (which defaults to using LocalCluster) would mistakenly configure their respective Dask workers to listen on external interfaces (typically with a randomly selected high port) rather than only on localhost. A Dask cluster created using this method (when running on a machine that has an applicable port exposed) could be used by a sophisticated attacker to achieve remote code execution." } ] }, @@ -56,16 +56,6 @@ "refsource": "MISC", "name": "https://docs.dask.org/en/latest/changelog.html", "url": "https://docs.dask.org/en/latest/changelog.html" - }, - { - "refsource": "MISC", - "name": "https://github.com/dask/dask/tags", - "url": "https://github.com/dask/dask/tags" - }, - { - "refsource": "CONFIRM", - "name": "https://github.com/dask/distributed/security/advisories/GHSA-hwqr-f3v9-hwxr", - "url": "https://github.com/dask/distributed/security/advisories/GHSA-hwqr-f3v9-hwxr" } ] } diff --git a/2021/42xxx/CVE-2021-42359.json b/2021/42xxx/CVE-2021-42359.json index a2bd6018bca..fc0b1389d59 100644 --- a/2021/42xxx/CVE-2021-42359.json +++ b/2021/42xxx/CVE-2021-42359.json @@ -1,94 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "security@wordfence.com", - "ID": "CVE-2021-42359", - "STATE": "PUBLIC", - "TITLE": "WP DSGVO Tools (GDPR) <= 3.1.23 Unauthenticated Arbitrary Post Deletion" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "WP DSGVO Tools (GDPR)", - "version": { - "version_data": [ - { - "platform": "WordPress", - "version_affected": "<=", - "version_name": "3.1.23", - "version_value": "3.1.23" - } - ] - } - } - ] - }, - "vendor_name": "legalweb" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "Ramuel Gall, Wordfence" - } - ], - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42359", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "WP DSGVO Tools (GDPR) <= 3.1.23 had an AJAX action, \u2018admin-dismiss-unsubscribe\u2018, which lacked a capability check and a nonce check and was available to unauthenticated users, and did not check the post type when deleting unsubscription requests. As such, it was possible for an attacker to permanently delete an arbitrary post or page on the site by sending an AJAX request with the \u201caction\u201d parameter set to \u201cadmin-dismiss-unsubscribe\u201d and the \u201cid\u201d parameter set to the post to be deleted. Sending such a request would move the post to the trash, and repeating the request would permanently delete the post in question." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "HIGH", - "baseScore": 7.5, - "baseSeverity": "HIGH", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-284 Improper Access Control" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://www.wordfence.com/blog/2021/11/vulnerability-in-wp-dsgvo-tools-gdpr-plugin-allows-unauthenticated-page-deletion/", - "name": "https://www.wordfence.com/blog/2021/11/vulnerability-in-wp-dsgvo-tools-gdpr-plugin-allows-unauthenticated-page-deletion/" - } - ] - }, - "source": { - "discovery": "INTERNAL" } } \ No newline at end of file diff --git a/2021/42xxx/CVE-2021-42370.json b/2021/42xxx/CVE-2021-42370.json index 496fe50fdc5..3e54846a51a 100644 --- a/2021/42xxx/CVE-2021-42370.json +++ b/2021/42xxx/CVE-2021-42370.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-42370", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42370", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A password mismanagement situation exists in XoruX LPAR2RRD and STOR2RRD before 7.30 because cleartext information is present in HTML password input fields in the device properties. (Viewing the passwords requires configuring a web browser to display HTML password input fields.)" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "CONFIRM", - "name": "https://stor2rrd.com/note730.php", - "url": "https://stor2rrd.com/note730.php" - }, - { - "refsource": "CONFIRM", - "name": "https://lpar2rrd.com/note730.php", - "url": "https://lpar2rrd.com/note730.php" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/42xxx/CVE-2021-42371.json b/2021/42xxx/CVE-2021-42371.json index 17746ca1503..5c3d7f57ef6 100644 --- a/2021/42xxx/CVE-2021-42371.json +++ b/2021/42xxx/CVE-2021-42371.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-42371", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42371", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "lpar2rrd is a hardcoded system account in XoruX LPAR2RRD and STOR2RRD before 7.30." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "CONFIRM", - "name": "https://stor2rrd.com/note730.php", - "url": "https://stor2rrd.com/note730.php" - }, - { - "refsource": "CONFIRM", - "name": "https://lpar2rrd.com/note730.php", - "url": "https://lpar2rrd.com/note730.php" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/42xxx/CVE-2021-42372.json b/2021/42xxx/CVE-2021-42372.json index 1eae1761fda..e671e3d1eb8 100644 --- a/2021/42xxx/CVE-2021-42372.json +++ b/2021/42xxx/CVE-2021-42372.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-42372", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42372", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A shell command injection in the HW Events SNMP community in XoruX LPAR2RRD and STOR2RRD before 7.30 allows authenticated remote attackers to execute arbitrary shell commands as the user running the service." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "CONFIRM", - "name": "https://stor2rrd.com/note730.php", - "url": "https://stor2rrd.com/note730.php" - }, - { - "refsource": "CONFIRM", - "name": "https://lpar2rrd.com/note730.php", - "url": "https://lpar2rrd.com/note730.php" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/42xxx/CVE-2021-42543.json b/2021/42xxx/CVE-2021-42543.json index 5d9deb3db69..700c699c9d8 100644 --- a/2021/42xxx/CVE-2021-42543.json +++ b/2021/42xxx/CVE-2021-42543.json @@ -1,93 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "ics-cert@hq.dhs.gov", - "ID": "CVE-2021-42543", - "STATE": "PUBLIC", - "TITLE": "AzeoTech DAQFactory" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "DAQFactory", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "All versions", - "version_value": "New version" - } - ] - } - } - ] - }, - "vendor_name": "AzeoTech" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42543", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "The affected application uses specific functions that could be abused through a crafted project file, which could lead to code execution, system reboot, and system shutdown." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-242 Use of Inherently Dangerous Function" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-308-02", - "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-308-02" - } - ] - }, - "source": { - "discovery": "UNKNOWN" - }, - "work_around": [ - { - "lang": "eng", - "value": "Users are discouraged from using documents from unknown/untrusted sources.\nUsers are encouraged to store .ctl files in a folder only writeable by admin-level users.\nUsers are encouraged to operate in \u201cSafe Mode\u201d when loading documents that have been out of their control.\nUsers are encouraged to apply a document editing password to their documents.\nUsers should avoid using the Real Time Web-Connect menu items and instead connect to DAQConnect using script." - } - ] + } } \ No newline at end of file diff --git a/2021/42xxx/CVE-2021-42557.json b/2021/42xxx/CVE-2021-42557.json index 1e667ea960c..0a24fd4c61a 100644 --- a/2021/42xxx/CVE-2021-42557.json +++ b/2021/42xxx/CVE-2021-42557.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-42557", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42557", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "In Jeedom through 4.1.19, a bug allows a remote attacker to bypass API access and retrieve users credentials." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/jeedom/core/releases", - "refsource": "MISC", - "name": "https://github.com/jeedom/core/releases" - }, - { - "refsource": "MISC", - "name": "https://www.synacktiv.com/sites/default/files/2021-10/advisory_Jeedom_Auth_Bypass_CVE-2021-42557.pdf", - "url": "https://www.synacktiv.com/sites/default/files/2021-10/advisory_Jeedom_Auth_Bypass_CVE-2021-42557.pdf" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/42xxx/CVE-2021-42568.json b/2021/42xxx/CVE-2021-42568.json index 89d83213c2d..b345ae9a9c6 100644 --- a/2021/42xxx/CVE-2021-42568.json +++ b/2021/42xxx/CVE-2021-42568.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-42568", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42568", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Sonatype Nexus Repository Manager 3.x through 3.35.0 allows attackers to access the SSL Certificates Loading function via a low-privileged account." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://support.sonatype.com", - "refsource": "MISC", - "name": "https://support.sonatype.com" - }, - { - "refsource": "MISC", - "name": "https://support.sonatype.com/hc/en-us/articles/4408801690515-CVE-2021-42568-Nexus-Repository-Manager-3-Incorrect-Access-Control-October-27-2021", - "url": "https://support.sonatype.com/hc/en-us/articles/4408801690515-CVE-2021-42568-Nexus-Repository-Manager-3-Incorrect-Access-Control-October-27-2021" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/42xxx/CVE-2021-42574.json b/2021/42xxx/CVE-2021-42574.json index ad3aed1ad2d..9820fd93814 100644 --- a/2021/42xxx/CVE-2021-42574.json +++ b/2021/42xxx/CVE-2021-42574.json @@ -1,106 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-42574", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42574", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control sequences, which can be used to craft source code that renders different logic than the logical ordering of tokens ingested by compilers and interpreters. Adversaries can leverage this to encode source code for compilers accepting Unicode such that targeted vulnerabilities are introduced invisibly to human reviewers." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "http://www.unicode.org/versions/Unicode14.0.0/", - "refsource": "MISC", - "name": "http://www.unicode.org/versions/Unicode14.0.0/" - }, - { - "refsource": "MISC", - "name": "https://trojansource.codes", - "url": "https://trojansource.codes" - }, - { - "refsource": "MLIST", - "name": "[oss-security] 20211101 CVE-2021-42574: rustc 1.56.0 and bidirectional-override codepoints in source code", - "url": "http://www.openwall.com/lists/oss-security/2021/11/01/1" - }, - { - "refsource": "MLIST", - "name": "[oss-security] 20211101 Re: CVE-2021-42574: rustc 1.56.0 and bidirectional-override codepoints in source code", - "url": "http://www.openwall.com/lists/oss-security/2021/11/01/4" - }, - { - "refsource": "MLIST", - "name": "[oss-security] 20211101 Trojan Source Attacks", - "url": "http://www.openwall.com/lists/oss-security/2021/11/01/6" - }, - { - "refsource": "MLIST", - "name": "[oss-security] 20211102 Re: CVE-2021-42574: rustc 1.56.0 and bidirectional-override codepoints in source code", - "url": "http://www.openwall.com/lists/oss-security/2021/11/01/5" - }, - { - "refsource": "MLIST", - "name": "[oss-security] 20211102 Re: Trojan Source Attacks", - "url": "http://www.openwall.com/lists/oss-security/2021/11/02/10" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-0578e23912", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QUPA37D57VPTDLSXOOGF4UXUEADOC4PQ/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-7ad3a01f6a", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LQNTFF24ROHLVPLUOEISBN3F7QM27L4U/" - }, - { - "refsource": "CERT-VN", - "name": "VU#999008", - "url": "https://www.kb.cert.org/vuls/id/999008" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/42xxx/CVE-2021-42624.json b/2021/42xxx/CVE-2021-42624.json index 50b3c81b938..5198e6cf270 100644 --- a/2021/42xxx/CVE-2021-42624.json +++ b/2021/42xxx/CVE-2021-42624.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-42624", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42624", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A local buffer overflow vulnerability exists in the latest version of Miniftpd in ftpproto.c through the tmp variable, where a crafted payload can be sent to the affected function." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/Gabe-commiter/Miniftpd/issues/4", - "refsource": "MISC", - "name": "https://github.com/Gabe-commiter/Miniftpd/issues/4" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/42xxx/CVE-2021-42662.json b/2021/42xxx/CVE-2021-42662.json index 83c897e2ce5..253a6309e8a 100644 --- a/2021/42xxx/CVE-2021-42662.json +++ b/2021/42xxx/CVE-2021-42662.json @@ -1,71 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-42662", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42662", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Online Event Booking and Reservation System in PHP/MySQL via the Holiday reason parameter. An attacker can leverage this vulnerability in order to run javascript commands on the web server surfers behalf, which can lead to cookie stealing and more." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.sourcecodester.com/php/14241/online-event-booking-and-reservation-system-phpmysql.html", - "refsource": "MISC", - "name": "https://www.sourcecodester.com/php/14241/online-event-booking-and-reservation-system-phpmysql.html" - }, - { - "refsource": "MISC", - "name": "https://github.com/TheHackingRabbi/CVE-2021-42662", - "url": "https://github.com/TheHackingRabbi/CVE-2021-42662" - }, - { - "refsource": "MISC", - "name": "https://www.exploit-db.com/exploits/50450", - "url": "https://www.exploit-db.com/exploits/50450" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/42xxx/CVE-2021-42663.json b/2021/42xxx/CVE-2021-42663.json index 738104f9c04..9e21d061a7c 100644 --- a/2021/42xxx/CVE-2021-42663.json +++ b/2021/42xxx/CVE-2021-42663.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-42663", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42663", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "An HTML injection vulnerability exists in Sourcecodester Online Event Booking and Reservation System in PHP/MySQL via the msg parameter to /event-management/index.php. An attacker can leverage this vulnerability in order to change the visibility of the website. Once the target user clicks on a given link he will display the content of the HTML code of the attacker's choice." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.sourcecodester.com/php/14241/online-event-booking-and-reservation-system-phpmysql.html", - "refsource": "MISC", - "name": "https://www.sourcecodester.com/php/14241/online-event-booking-and-reservation-system-phpmysql.html" - }, - { - "refsource": "MISC", - "name": "https://github.com/TheHackingRabbi/CVE-2021-42663", - "url": "https://github.com/TheHackingRabbi/CVE-2021-42663" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/42xxx/CVE-2021-42664.json b/2021/42xxx/CVE-2021-42664.json index c76b0acd716..830472da535 100644 --- a/2021/42xxx/CVE-2021-42664.json +++ b/2021/42xxx/CVE-2021-42664.json @@ -1,71 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-42664", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42664", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A Stored Cross Site Scripting (XSS) Vulneraibiilty exists in Sourcecodester Engineers Online Portal in PHP via the (1) Quiz title and (2) quiz description parameters to add_quiz.php. An attacker can leverage this vulnerability in order to run javascript commands on the web server surfers behalf, which can lead to cookie stealing and more." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.sourcecodester.com/php/13115/engineers-online-portal-php.html", - "refsource": "MISC", - "name": "https://www.sourcecodester.com/php/13115/engineers-online-portal-php.html" - }, - { - "refsource": "MISC", - "name": "https://github.com/TheHackingRabbi/CVE-2021-42664", - "url": "https://github.com/TheHackingRabbi/CVE-2021-42664" - }, - { - "refsource": "MISC", - "name": "https://www.exploit-db.com/exploits/50451", - "url": "https://www.exploit-db.com/exploits/50451" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/42xxx/CVE-2021-42665.json b/2021/42xxx/CVE-2021-42665.json index 1b27b2bec6d..6ff25c544ac 100644 --- a/2021/42xxx/CVE-2021-42665.json +++ b/2021/42xxx/CVE-2021-42665.json @@ -1,71 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-42665", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42665", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "An SQL Injection vulnerability exists in Sourcecodester Engineers Online Portal in PHP via the login form inside of index.php, which can allow an attacker to bypass authentication." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.sourcecodester.com/php/13115/engineers-online-portal-php.html", - "refsource": "MISC", - "name": "https://www.sourcecodester.com/php/13115/engineers-online-portal-php.html" - }, - { - "refsource": "MISC", - "name": "https://github.com/TheHackingRabbi/CVE-2021-42665", - "url": "https://github.com/TheHackingRabbi/CVE-2021-42665" - }, - { - "refsource": "MISC", - "name": "https://www.exploit-db.com/exploits/50452", - "url": "https://www.exploit-db.com/exploits/50452" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/42xxx/CVE-2021-42666.json b/2021/42xxx/CVE-2021-42666.json index 69c276bdaf4..33a5d9bd9e7 100644 --- a/2021/42xxx/CVE-2021-42666.json +++ b/2021/42xxx/CVE-2021-42666.json @@ -1,71 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-42666", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42666", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A SQL Injection vulnerability exists in Sourcecodester Engineers Online Portal in PHP via the id parameter to quiz_question.php, which could let a malicious user extract sensitive data from the web server and in some cases use this vulnerability in order to get a remote code execution on the remote web server." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.sourcecodester.com/php/13115/engineers-online-portal-php.html", - "refsource": "MISC", - "name": "https://www.sourcecodester.com/php/13115/engineers-online-portal-php.html" - }, - { - "refsource": "MISC", - "name": "https://github.com/TheHackingRabbi/CVE-2021-42666", - "url": "https://github.com/TheHackingRabbi/CVE-2021-42666" - }, - { - "refsource": "MISC", - "name": "https://www.exploit-db.com/exploits/50453", - "url": "https://www.exploit-db.com/exploits/50453" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/42xxx/CVE-2021-42667.json b/2021/42xxx/CVE-2021-42667.json index 1916923c05e..46e03d6d02e 100644 --- a/2021/42xxx/CVE-2021-42667.json +++ b/2021/42xxx/CVE-2021-42667.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-42667", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42667", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A SQL Injection vulnerability exists in Sourcecodester Online Event Booking and Reservation System in PHP in event-management/views. An attacker can leverage this vulnerability in order to manipulate the sql query performed. As a result he can extract sensitive data from the web server and in some cases he can use this vulnerability in order to get a remote code execution on the remote web server." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.sourcecodester.com/php/14241/online-event-booking-and-reservation-system-phpmysql.html", - "refsource": "MISC", - "name": "https://www.sourcecodester.com/php/14241/online-event-booking-and-reservation-system-phpmysql.html" - }, - { - "refsource": "MISC", - "name": "https://github.com/TheHackingRabbi/CVE-2021-42667", - "url": "https://github.com/TheHackingRabbi/CVE-2021-42667" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/42xxx/CVE-2021-42668.json b/2021/42xxx/CVE-2021-42668.json index 4b2390b858e..0808489235e 100644 --- a/2021/42xxx/CVE-2021-42668.json +++ b/2021/42xxx/CVE-2021-42668.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-42668", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42668", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A SQL Injection vulnerability exists in Sourcecodester Engineers Online Portal in PHP via the id parameter in the my_classmates.php web page.. As a result, an attacker can extract sensitive data from the web server and in some cases can use this vulnerability in order to get a remote code execution on the remote web server." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.sourcecodester.com/php/13115/engineers-online-portal-php.html", - "refsource": "MISC", - "name": "https://www.sourcecodester.com/php/13115/engineers-online-portal-php.html" - }, - { - "refsource": "MISC", - "name": "https://github.com/TheHackingRabbi/CVE-2021-42668", - "url": "https://github.com/TheHackingRabbi/CVE-2021-42668" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/42xxx/CVE-2021-42669.json b/2021/42xxx/CVE-2021-42669.json index a12ca4bc735..b70d130bc50 100644 --- a/2021/42xxx/CVE-2021-42669.json +++ b/2021/42xxx/CVE-2021-42669.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-42669", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42669", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A file upload vulnerability exists in Sourcecodester Engineers Online Portal in PHP via dashboard_teacher.php, which allows changing the avatar through teacher_avatar.php. Once an avatar gets uploaded it is getting uploaded to the /admin/uploads/ directory, and is accessible by all users. By uploading a php webshell containing \"\" the attacker can execute commands on the web server with - /admin/uploads/php-webshell?cmd=id." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.sourcecodester.com/php/13115/engineers-online-portal-php.html", - "refsource": "MISC", - "name": "https://www.sourcecodester.com/php/13115/engineers-online-portal-php.html" - }, - { - "refsource": "MISC", - "name": "https://github.com/TheHackingRabbi/CVE-2021-42669", - "url": "https://github.com/TheHackingRabbi/CVE-2021-42669" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/42xxx/CVE-2021-42670.json b/2021/42xxx/CVE-2021-42670.json index dc35acd61c1..e22a0d78554 100644 --- a/2021/42xxx/CVE-2021-42670.json +++ b/2021/42xxx/CVE-2021-42670.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-42670", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42670", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A SQL injection vulnerability exists in Sourcecodester Engineers Online Portal in PHP via the id parameter to the announcements_student.php web page. As a result a malicious user can extract sensitive data from the web server and in some cases use this vulnerability in order to get a remote code execution on the remote web server." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.sourcecodester.com/php/13115/engineers-online-portal-php.html", - "refsource": "MISC", - "name": "https://www.sourcecodester.com/php/13115/engineers-online-portal-php.html" - }, - { - "refsource": "MISC", - "name": "https://github.com/TheHackingRabbi/CVE-2021-42670", - "url": "https://github.com/TheHackingRabbi/CVE-2021-42670" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/42xxx/CVE-2021-42671.json b/2021/42xxx/CVE-2021-42671.json index d151aa82581..b584e38d71a 100644 --- a/2021/42xxx/CVE-2021-42671.json +++ b/2021/42xxx/CVE-2021-42671.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-42671", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42671", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "An incorrect access control vulnerability exists in Sourcecodester Engineers Online Portal in PHP in nia_munoz_monitoring_system/admin/uploads. An attacker can leverage this vulnerability in order to bypass access controls and access all the files uploaded to the web server without the need of authentication or authorization." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.sourcecodester.com/php/13115/engineers-online-portal-php.html", - "refsource": "MISC", - "name": "https://www.sourcecodester.com/php/13115/engineers-online-portal-php.html" - }, - { - "refsource": "MISC", - "name": "https://github.com/TheHackingRabbi/CVE-2021-42671", - "url": "https://github.com/TheHackingRabbi/CVE-2021-42671" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/42xxx/CVE-2021-42694.json b/2021/42xxx/CVE-2021-42694.json index 88abc1e8c73..14fc90a262d 100644 --- a/2021/42xxx/CVE-2021-42694.json +++ b/2021/42xxx/CVE-2021-42694.json @@ -1,81 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-42694", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42694", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "An issue was discovered in the character definitions of the Unicode Specification through 14.0. The specification allows an adversary to produce source code identifiers such as function names using homoglyphs that render visually identical to a target identifier. Adversaries can leverage this to inject code via adversarial identifier definitions in upstream software dependencies invoked deceptively in downstream software." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "http://www.unicode.org/versions/Unicode14.0.0/", - "refsource": "MISC", - "name": "http://www.unicode.org/versions/Unicode14.0.0/" - }, - { - "refsource": "MISC", - "name": "https://trojansource.codes", - "url": "https://trojansource.codes" - }, - { - "refsource": "MLIST", - "name": "[oss-security] 20211101 CVE-2021-42574: rustc 1.56.0 and bidirectional-override codepoints in source code", - "url": "http://www.openwall.com/lists/oss-security/2021/11/01/1" - }, - { - "refsource": "MLIST", - "name": "[oss-security] 20211101 Trojan Source Attacks", - "url": "http://www.openwall.com/lists/oss-security/2021/11/01/6" - }, - { - "refsource": "CERT-VN", - "name": "VU#999008", - "url": "https://www.kb.cert.org/vuls/id/999008" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/42xxx/CVE-2021-42697.json b/2021/42xxx/CVE-2021-42697.json index 77e89332b4c..a30f2f24ab2 100644 --- a/2021/42xxx/CVE-2021-42697.json +++ b/2021/42xxx/CVE-2021-42697.json @@ -1,71 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-42697", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42697", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Akka HTTP 10.1.x and 10.2.x before 10.2.7 can encounter stack exhaustion while parsing HTTP headers, which allows a remote attacker to conduct a Denial of Service attack by sending a User-Agent header with deeply nested comments." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://akka.io/blog/", - "refsource": "MISC", - "name": "https://akka.io/blog/" - }, - { - "refsource": "MISC", - "name": "https://doc.akka.io/docs/akka-http/current/security/2021-CVE-2021-42697-stack-overflow-parsing-user-agent.html", - "url": "https://doc.akka.io/docs/akka-http/current/security/2021-CVE-2021-42697-stack-overflow-parsing-user-agent.html" - }, - { - "refsource": "MISC", - "name": "https://akka.io/blog/news/2021/11/02/akka-http-10.2.7-released", - "url": "https://akka.io/blog/news/2021/11/02/akka-http-10.2.7-released" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/42xxx/CVE-2021-42698.json b/2021/42xxx/CVE-2021-42698.json index 0978d31ef5c..64fff5d8e39 100644 --- a/2021/42xxx/CVE-2021-42698.json +++ b/2021/42xxx/CVE-2021-42698.json @@ -1,93 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "ics-cert@hq.dhs.gov", - "ID": "CVE-2021-42698", - "STATE": "PUBLIC", - "TITLE": "AzeoTech DAQFactory" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "DAQFactory", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "All versions", - "version_value": "New version" - } - ] - } - } - ] - }, - "vendor_name": "AzeoTech" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42698", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Project files are stored memory objects in the form of binary serialized data that can later be read and deserialized again to instantiate the original objects in memory. Malicious manipulation of these files may allow an attacker to corrupt memory." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-502 Deserialization of Untrusted Data" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-308-02", - "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-308-02" - } - ] - }, - "source": { - "discovery": "UNKNOWN" - }, - "work_around": [ - { - "lang": "eng", - "value": "Users are discouraged from using documents from unknown/untrusted sources.\nUsers are encouraged to store .ctl files in a folder only writeable by admin-level users.\nUsers are encouraged to operate in \u201cSafe Mode\u201d when loading documents that have been out of their control.\nUsers are encouraged to apply a document editing password to their documents.\nUsers should avoid using the Real Time Web-Connect menu items and instead connect to DAQConnect using script." - } - ] + } } \ No newline at end of file diff --git a/2021/42xxx/CVE-2021-42699.json b/2021/42xxx/CVE-2021-42699.json index a817c854bd2..208c126a634 100644 --- a/2021/42xxx/CVE-2021-42699.json +++ b/2021/42xxx/CVE-2021-42699.json @@ -1,93 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "ics-cert@hq.dhs.gov", - "ID": "CVE-2021-42699", - "STATE": "PUBLIC", - "TITLE": "AzeoTech DAQFactory" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "DAQFactory", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "All versions", - "version_value": "New version" - } - ] - } - } - ] - }, - "vendor_name": "AzeoTech" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42699", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "The affected product is vulnerable to cookie information being transmitted as cleartext over HTTP. An attacker can capture network traffic, obtain the user\u2019s cookie and take over the account." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 5.7, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-319 Cleartext Transmission of Sensitive Information" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-308-02", - "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-308-02" - } - ] - }, - "source": { - "discovery": "UNKNOWN" - }, - "work_around": [ - { - "lang": "eng", - "value": "Users are discouraged from using documents from unknown/untrusted sources.\nUsers are encouraged to store .ctl files in a folder only writeable by admin-level users.\nUsers are encouraged to operate in \u201cSafe Mode\u201d when loading documents that have been out of their control.\nUsers are encouraged to apply a document editing password to their documents.\nUsers should avoid using the Real Time Web-Connect menu items and instead connect to DAQConnect using script." - } - ] + } } \ No newline at end of file diff --git a/2021/42xxx/CVE-2021-42701.json b/2021/42xxx/CVE-2021-42701.json index c6844ec60d0..5cf22defc87 100644 --- a/2021/42xxx/CVE-2021-42701.json +++ b/2021/42xxx/CVE-2021-42701.json @@ -1,93 +1,18 @@ { - "CVE_data_meta": { - "ASSIGNER": "ics-cert@hq.dhs.gov", - "ID": "CVE-2021-42701", - "STATE": "PUBLIC", - "TITLE": "AzeoTech DAQFactory" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "DAQFactory", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "All versions", - "version_value": "New version" - } - ] - } - } - ] - }, - "vendor_name": "AzeoTech" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42701", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "An attacker could prepare a specially crafted project file that, if opened, would attempt to connect to the cloud and trigger a man in the middle (MiTM) attack. This could allow an attacker to obtain credentials and take over the user\u2019s cloud account." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "NONE", - "baseScore": 5, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "NONE", - "integrityImpact": "HIGH", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-471 Modification of Assumed-Immutable Data (MAID)" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-308-02", - "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-308-02" - } - ] - }, - "source": { - "discovery": "UNKNOWN" - }, - "work_around": [ - { - "lang": "eng", - "value": "Users are discouraged from using documents from unknown/untrusted sources.\nUsers are encouraged to store .ctl files in a folder only writeable by admin-level users.\nUsers are encouraged to operate in \u201cSafe Mode\u201d when loading documents that have been out of their control.\nUsers are encouraged to apply a document editing password to their documents.\nUsers should avoid using the Real Time Web-Connect menu items and instead connect to DAQConnect using script." - } - ] + } } \ No newline at end of file diff --git a/2021/42xxx/CVE-2021-42715.json b/2021/42xxx/CVE-2021-42715.json index 9bb32b420c4..fca8d3ecb80 100644 --- a/2021/42xxx/CVE-2021-42715.json +++ b/2021/42xxx/CVE-2021-42715.json @@ -61,46 +61,6 @@ "url": "https://github.com/nothings/stb/pull/1223", "refsource": "MISC", "name": "https://github.com/nothings/stb/pull/1223" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-001f25d986", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G2M5CRSGPRF7G3YB5CLU4FXW7ANNHAYT/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-d1446cd1ac", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ID6II3RIKAMVGVMC6ZAQIXXYYDMTVC4N/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-f8ba4a690e", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BEGXBDEMTFGINETMJENBZ6SCHVEJQJSY/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-0511a38484", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CI23LXPEV2GCDQTJSKO6CIILBDTI3R42/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-082bea5b34", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTZXHFZD36BGE5P6JF252NZZLKMGCY4T/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-3fc69d203c", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VP2YEXEAJWI76FPM7D7VXHWD3WESQEYC/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-8ea648186c", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3TDGZFLBOP27LZKLH45WQLSNPSPP7S7Z/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-16d848834d", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AF2CNP4FVC6LDKNOO4WDCGNDYIP3MPK6/" } ] } diff --git a/2021/42xxx/CVE-2021-42716.json b/2021/42xxx/CVE-2021-42716.json index c22e5da831e..ea9b62abadc 100644 --- a/2021/42xxx/CVE-2021-42716.json +++ b/2021/42xxx/CVE-2021-42716.json @@ -66,46 +66,6 @@ "url": "https://github.com/nothings/stb/issues/1225", "refsource": "MISC", "name": "https://github.com/nothings/stb/issues/1225" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-001f25d986", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G2M5CRSGPRF7G3YB5CLU4FXW7ANNHAYT/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-d1446cd1ac", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ID6II3RIKAMVGVMC6ZAQIXXYYDMTVC4N/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-f8ba4a690e", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BEGXBDEMTFGINETMJENBZ6SCHVEJQJSY/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-0511a38484", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CI23LXPEV2GCDQTJSKO6CIILBDTI3R42/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-082bea5b34", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTZXHFZD36BGE5P6JF252NZZLKMGCY4T/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-3fc69d203c", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VP2YEXEAJWI76FPM7D7VXHWD3WESQEYC/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-8ea648186c", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3TDGZFLBOP27LZKLH45WQLSNPSPP7S7Z/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-16d848834d", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AF2CNP4FVC6LDKNOO4WDCGNDYIP3MPK6/" } ] } diff --git a/2021/42xxx/CVE-2021-42743.json b/2021/42xxx/CVE-2021-42743.json deleted file mode 100644 index c1f941200a3..00000000000 --- a/2021/42xxx/CVE-2021-42743.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-42743", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/42xxx/CVE-2021-42754.json b/2021/42xxx/CVE-2021-42754.json index fc04cb4cf86..55b79c2f44a 100644 --- a/2021/42xxx/CVE-2021-42754.json +++ b/2021/42xxx/CVE-2021-42754.json @@ -4,74 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-42754", - "ASSIGNER": "psirt@fortinet.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Fortinet", - "product": { - "product_data": [ - { - "product_name": "Fortinet FortiClientMac", - "version": { - "version_data": [ - { - "version_value": "FortiClientMac 7.0.0, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0" - } - ] - } - } - ] - } - } - ] - } - }, - "impact": { - "cvss": { - "attackComplexity": "Low", - "attackVector": "Local", - "availabilityImpact": "None", - "baseScore": 3.2, - "baseSeverity": "Low", - "confidentialityImpact": "Low", - "integrityImpact": "None", - "privilegesRequired": "Low", - "scope": "Changed", - "userInteraction": "Required", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N/E:F/RL:X/RC:C", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Execute unauthorized code or commands" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "CONFIRM", - "name": "https://fortiguard.com/advisory/FG-IR-21-079", - "url": "https://fortiguard.com/advisory/FG-IR-21-079" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "An improper control of generation of code vulnerability [CWE-94] in FortiClientMacOS versions 7.0.0 and below and 6.4.5 and below may allow an authenticated attacker to hijack the MacOS camera without the user permission via the malicious dylib file." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/42xxx/CVE-2021-42762.json b/2021/42xxx/CVE-2021-42762.json index ddd672132fd..501e19b65aa 100644 --- a/2021/42xxx/CVE-2021-42762.json +++ b/2021/42xxx/CVE-2021-42762.json @@ -81,31 +81,6 @@ "refsource": "MLIST", "name": "[oss-security] 20211027 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006", "url": "http://www.openwall.com/lists/oss-security/2021/10/27/4" - }, - { - "refsource": "DEBIAN", - "name": "DSA-4995", - "url": "https://www.debian.org/security/2021/dsa-4995" - }, - { - "refsource": "DEBIAN", - "name": "DSA-4996", - "url": "https://www.debian.org/security/2021/dsa-4996" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-db6ebb2d68", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M5J2LZQTDX53DNSKSGU7TQYCO2HKSTY4/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-131360fa9a", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ON5SDVVPVPCAGFPW2GHYATZVZYLPW2L4/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-483d896d1d", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H6MGXCX7P5AHWOQ6IRT477UKT7IS4DAD/" } ] } diff --git a/2021/42xxx/CVE-2021-42763.json b/2021/42xxx/CVE-2021-42763.json index fdb0f85d290..73742cfd690 100644 --- a/2021/42xxx/CVE-2021-42763.json +++ b/2021/42xxx/CVE-2021-42763.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-42763", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42763", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Couchbase Server before 6.6.3 and 7.x before 7.0.2 stores Sensitive Information in Cleartext. The issue occurs when the cluster manager forwards a HTTP request from the pluggable UI (query workbench etc) to the specific service. In the backtrace, the Basic Auth Header included in the HTTP request, has the \"@\" user credentials of the node processing the UI request." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://docs.couchbase.com/server/current/release-notes/relnotes.html", - "refsource": "MISC", - "name": "https://docs.couchbase.com/server/current/release-notes/relnotes.html" - }, - { - "refsource": "MISC", - "name": "https://www.couchbase.com/alerts", - "url": "https://www.couchbase.com/alerts" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/42xxx/CVE-2021-42770.json b/2021/42xxx/CVE-2021-42770.json index 9fa1b4e7ebe..3518ef60aef 100644 --- a/2021/42xxx/CVE-2021-42770.json +++ b/2021/42xxx/CVE-2021-42770.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-42770", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42770", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A Cross-site scripting (XSS) vulnerability was discovered in OPNsense before 21.7.4 via the LDAP attribute return in the authentication tester." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://cert.orange.com", - "refsource": "MISC", - "name": "https://cert.orange.com" - }, - { - "refsource": "CONFIRM", - "name": "https://opnsense.org/opnsense-21-7-4-released/", - "url": "https://opnsense.org/opnsense-21-7-4-released/" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/42xxx/CVE-2021-42772.json b/2021/42xxx/CVE-2021-42772.json index 0fd321d3033..8b48b7123ca 100644 --- a/2021/42xxx/CVE-2021-42772.json +++ b/2021/42xxx/CVE-2021-42772.json @@ -5,13 +5,13 @@ "CVE_data_meta": { "ID": "CVE-2021-42772", "ASSIGNER": "cve@mitre.org", - "STATE": "REJECT" + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/42xxx/CVE-2021-42837.json b/2021/42xxx/CVE-2021-42837.json index bae5c9caa47..5131c76aec9 100644 --- a/2021/42xxx/CVE-2021-42837.json +++ b/2021/42xxx/CVE-2021-42837.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-42837", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42837", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "An issue was discovered in Talend Data Catalog before 7.3-20210930. After setting up SAML/OAuth, authentication is not correctly enforced on the native login page. Any valid user from the SAML/OAuth provider can be used as the username with an arbitrary password, and login will succeed." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.talend.com/resources/", - "refsource": "MISC", - "name": "https://www.talend.com/resources/" - }, - { - "refsource": "CONFIRM", - "name": "https://jira.talendforge.org/browse/TAPACHE-180", - "url": "https://jira.talendforge.org/browse/TAPACHE-180" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/42xxx/CVE-2021-42917.json b/2021/42xxx/CVE-2021-42917.json index 35736f7ca18..7900b08d89f 100644 --- a/2021/42xxx/CVE-2021-42917.json +++ b/2021/42xxx/CVE-2021-42917.json @@ -1,76 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-42917", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42917", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Buffer overflow vulnerability in Kodi xbmc up to 19.0, allows attackers to cause a denial of service due to improper length of values passed to istream." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/xbmc/xbmc/issues/20305", - "refsource": "MISC", - "name": "https://github.com/xbmc/xbmc/issues/20305" - }, - { - "url": "https://github.com/xbmc/xbmc/pull/20306", - "refsource": "MISC", - "name": "https://github.com/xbmc/xbmc/pull/20306" - }, - { - "url": "https://github.com/fuzzard/xbmc/commit/80c8138c09598e88b4ddb6dbb279fa193bbb3237", - "refsource": "MISC", - "name": "https://github.com/fuzzard/xbmc/commit/80c8138c09598e88b4ddb6dbb279fa193bbb3237" - }, - { - "url": "https://github.com/xbmc/xbmc/commit/48730b64494798705d46dfccc4029bd36d072df3", - "refsource": "MISC", - "name": "https://github.com/xbmc/xbmc/commit/48730b64494798705d46dfccc4029bd36d072df3" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/43xxx/CVE-2021-43032.json b/2021/43xxx/CVE-2021-43032.json index be8ef964cfc..9820f016dd5 100644 --- a/2021/43xxx/CVE-2021-43032.json +++ b/2021/43xxx/CVE-2021-43032.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43032", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-43032", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "In XenForo through 2.2.7, a threat actor with access to the admin panel can create a new Advertisement via the Advertising function, and save an XSS payload in the body of the HTML document. This payload will execute globally on the client side." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://xenforo.com/community/forums/announcements/", - "refsource": "MISC", - "name": "https://xenforo.com/community/forums/announcements/" - }, - { - "refsource": "MISC", - "name": "https://github.com/SakuraSamuraii/CVE-2021-43032", - "url": "https://github.com/SakuraSamuraii/CVE-2021-43032" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/43xxx/CVE-2021-43056.json b/2021/43xxx/CVE-2021-43056.json index d5cf6c68b65..30bc0b47624 100644 --- a/2021/43xxx/CVE-2021-43056.json +++ b/2021/43xxx/CVE-2021-43056.json @@ -71,21 +71,6 @@ "refsource": "MLIST", "name": "[oss-security] 20211028 Re: Linux kernel: powerpc: KVM guest can trigger host crash on Power8", "url": "http://www.openwall.com/lists/oss-security/2021/10/28/1" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-4320606094", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BBM4FP3IT3JZ2O7EBS7TEOG657N4ZGRE/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-ed8c2e1098", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RRAIS3PG4EV5WFLYESR6FXWM4BJJGWVA/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-4fed2b55c4", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AA7EAPPKWG4LMTQQLNNSKATY6ST2KQFE/" } ] } diff --git a/2021/43xxx/CVE-2021-43058.json b/2021/43xxx/CVE-2021-43058.json index 46652a9a2ff..ea0366d22c7 100644 --- a/2021/43xxx/CVE-2021-43058.json +++ b/2021/43xxx/CVE-2021-43058.json @@ -4,58 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-43058", - "ASSIGNER": "security@replicated.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "REPLICATED CLASSIC", - "version": { - "version_data": [ - { - "version_value": "All versions prior to 2.53.1" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "URL redirection to untrusted site (\u201cOpen Redirect\u201d)." - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://www.replicated.com/security/advisories/CVE-2021-43058", - "url": "https://www.replicated.com/security/advisories/CVE-2021-43058" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "An open redirect vulnerability exists in Replicated Classic versions prior to 2.53.1 that could lead to spoofing. To exploit this vulnerability, an attacker could send a link that has a specially crafted URL and convince the user to click the link, redirecting the user to an untrusted site." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2021/43xxx/CVE-2021-43082.json b/2021/43xxx/CVE-2021-43082.json deleted file mode 100644 index 72544f5085c..00000000000 --- a/2021/43xxx/CVE-2021-43082.json +++ /dev/null @@ -1,78 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "security@apache.org", - "ID": "CVE-2021-43082", - "STATE": "PUBLIC", - "TITLE": "heap-buffer-overflow with stats-over-http plugin" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Apache Traffic Server", - "version": { - "version_data": [ - { - "version_value": "9.1.0" - } - ] - } - } - ] - }, - "vendor_name": "Apache Software Foundation" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "Apache Traffic Server would like to thank Masori Koshiba for finding this issue." - } - ], - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in the stats-over-http plugin of Apache Traffic Server allows an attacker to overwrite memory. This issue affects Apache Traffic Server 9.1.0." - } - ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": [ - {} - ], - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://lists.apache.org/thread/k01797hyncx53659wr3o72s5cvkc3164", - "name": "https://lists.apache.org/thread/k01797hyncx53659wr3o72s5cvkc3164" - } - ] - }, - "source": { - "discovery": "UNKNOWN" - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43083.json b/2021/43xxx/CVE-2021-43083.json deleted file mode 100644 index 130b46f32ab..00000000000 --- a/2021/43xxx/CVE-2021-43083.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43083", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43084.json b/2021/43xxx/CVE-2021-43084.json deleted file mode 100644 index 0792d5942ca..00000000000 --- a/2021/43xxx/CVE-2021-43084.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43084", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43085.json b/2021/43xxx/CVE-2021-43085.json deleted file mode 100644 index cd0b650e139..00000000000 --- a/2021/43xxx/CVE-2021-43085.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43085", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43086.json b/2021/43xxx/CVE-2021-43086.json deleted file mode 100644 index 45cfefb4061..00000000000 --- a/2021/43xxx/CVE-2021-43086.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43086", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43087.json b/2021/43xxx/CVE-2021-43087.json deleted file mode 100644 index 3dd7d23ae80..00000000000 --- a/2021/43xxx/CVE-2021-43087.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43087", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43088.json b/2021/43xxx/CVE-2021-43088.json deleted file mode 100644 index e76a03fd1cb..00000000000 --- a/2021/43xxx/CVE-2021-43088.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43088", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43089.json b/2021/43xxx/CVE-2021-43089.json deleted file mode 100644 index 48596cd49e7..00000000000 --- a/2021/43xxx/CVE-2021-43089.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43089", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43090.json b/2021/43xxx/CVE-2021-43090.json deleted file mode 100644 index 7b936b0ca33..00000000000 --- a/2021/43xxx/CVE-2021-43090.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43090", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43091.json b/2021/43xxx/CVE-2021-43091.json deleted file mode 100644 index f3e125ef5bd..00000000000 --- a/2021/43xxx/CVE-2021-43091.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43091", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43092.json b/2021/43xxx/CVE-2021-43092.json deleted file mode 100644 index e3488d237d7..00000000000 --- a/2021/43xxx/CVE-2021-43092.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43092", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43093.json b/2021/43xxx/CVE-2021-43093.json deleted file mode 100644 index 11ddcda87ae..00000000000 --- a/2021/43xxx/CVE-2021-43093.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43093", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43094.json b/2021/43xxx/CVE-2021-43094.json deleted file mode 100644 index 4569b8a760e..00000000000 --- a/2021/43xxx/CVE-2021-43094.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43094", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43095.json b/2021/43xxx/CVE-2021-43095.json deleted file mode 100644 index 8f6699b1fe8..00000000000 --- a/2021/43xxx/CVE-2021-43095.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43095", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43096.json b/2021/43xxx/CVE-2021-43096.json deleted file mode 100644 index e2780a041d5..00000000000 --- a/2021/43xxx/CVE-2021-43096.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43096", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43097.json b/2021/43xxx/CVE-2021-43097.json deleted file mode 100644 index be89fd78dae..00000000000 --- a/2021/43xxx/CVE-2021-43097.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43097", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43098.json b/2021/43xxx/CVE-2021-43098.json deleted file mode 100644 index 878adcc39f7..00000000000 --- a/2021/43xxx/CVE-2021-43098.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43098", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43099.json b/2021/43xxx/CVE-2021-43099.json deleted file mode 100644 index 2341359ce42..00000000000 --- a/2021/43xxx/CVE-2021-43099.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43099", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43100.json b/2021/43xxx/CVE-2021-43100.json deleted file mode 100644 index 4532d7590a3..00000000000 --- a/2021/43xxx/CVE-2021-43100.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43100", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43101.json b/2021/43xxx/CVE-2021-43101.json deleted file mode 100644 index 999d53063df..00000000000 --- a/2021/43xxx/CVE-2021-43101.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43101", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43102.json b/2021/43xxx/CVE-2021-43102.json deleted file mode 100644 index 2d3243d8529..00000000000 --- a/2021/43xxx/CVE-2021-43102.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43102", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43103.json b/2021/43xxx/CVE-2021-43103.json deleted file mode 100644 index 79ad79083ea..00000000000 --- a/2021/43xxx/CVE-2021-43103.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43103", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43104.json b/2021/43xxx/CVE-2021-43104.json deleted file mode 100644 index 9c7224204d0..00000000000 --- a/2021/43xxx/CVE-2021-43104.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43104", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43105.json b/2021/43xxx/CVE-2021-43105.json deleted file mode 100644 index dc99ffb8095..00000000000 --- a/2021/43xxx/CVE-2021-43105.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43105", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43106.json b/2021/43xxx/CVE-2021-43106.json deleted file mode 100644 index 8c430c25598..00000000000 --- a/2021/43xxx/CVE-2021-43106.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43106", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43107.json b/2021/43xxx/CVE-2021-43107.json deleted file mode 100644 index 61c9d048b1c..00000000000 --- a/2021/43xxx/CVE-2021-43107.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43107", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43108.json b/2021/43xxx/CVE-2021-43108.json deleted file mode 100644 index f07eb518ce5..00000000000 --- a/2021/43xxx/CVE-2021-43108.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43108", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43109.json b/2021/43xxx/CVE-2021-43109.json deleted file mode 100644 index ed060b2f939..00000000000 --- a/2021/43xxx/CVE-2021-43109.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43109", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43110.json b/2021/43xxx/CVE-2021-43110.json deleted file mode 100644 index dcc7cefa864..00000000000 --- a/2021/43xxx/CVE-2021-43110.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43110", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43111.json b/2021/43xxx/CVE-2021-43111.json deleted file mode 100644 index 358127a6b34..00000000000 --- a/2021/43xxx/CVE-2021-43111.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43111", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43112.json b/2021/43xxx/CVE-2021-43112.json deleted file mode 100644 index 25dcdc75a8c..00000000000 --- a/2021/43xxx/CVE-2021-43112.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43112", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43113.json b/2021/43xxx/CVE-2021-43113.json deleted file mode 100644 index df7868a96e6..00000000000 --- a/2021/43xxx/CVE-2021-43113.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43113", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43114.json b/2021/43xxx/CVE-2021-43114.json deleted file mode 100644 index 7ee8d730268..00000000000 --- a/2021/43xxx/CVE-2021-43114.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43114", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "FORT Validator versions prior to 1.5.2 will crash if an RPKI CA publishes an X.509 EE certificate. This will lead to RTR clients such as BGP routers to lose access to the RPKI VRP data set, effectively disabling Route Origin Validation." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/NICMx/FORT-validator/releases/tag/1.5.2", - "refsource": "MISC", - "name": "https://github.com/NICMx/FORT-validator/releases/tag/1.5.2" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43115.json b/2021/43xxx/CVE-2021-43115.json deleted file mode 100644 index 7181a93c541..00000000000 --- a/2021/43xxx/CVE-2021-43115.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43115", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43116.json b/2021/43xxx/CVE-2021-43116.json deleted file mode 100644 index 21d2361a25c..00000000000 --- a/2021/43xxx/CVE-2021-43116.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43116", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43117.json b/2021/43xxx/CVE-2021-43117.json deleted file mode 100644 index a8dc5f1b714..00000000000 --- a/2021/43xxx/CVE-2021-43117.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43117", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43118.json b/2021/43xxx/CVE-2021-43118.json deleted file mode 100644 index 9794e2377d5..00000000000 --- a/2021/43xxx/CVE-2021-43118.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43118", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43119.json b/2021/43xxx/CVE-2021-43119.json deleted file mode 100644 index df1a284a5a4..00000000000 --- a/2021/43xxx/CVE-2021-43119.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43119", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43120.json b/2021/43xxx/CVE-2021-43120.json deleted file mode 100644 index 5d35e8d2a80..00000000000 --- a/2021/43xxx/CVE-2021-43120.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43120", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43121.json b/2021/43xxx/CVE-2021-43121.json deleted file mode 100644 index d8fce452642..00000000000 --- a/2021/43xxx/CVE-2021-43121.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43121", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43122.json b/2021/43xxx/CVE-2021-43122.json deleted file mode 100644 index 71f5551ac7c..00000000000 --- a/2021/43xxx/CVE-2021-43122.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43122", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43123.json b/2021/43xxx/CVE-2021-43123.json deleted file mode 100644 index 7744b31309d..00000000000 --- a/2021/43xxx/CVE-2021-43123.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43123", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43124.json b/2021/43xxx/CVE-2021-43124.json deleted file mode 100644 index b77f5bb7044..00000000000 --- a/2021/43xxx/CVE-2021-43124.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43124", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43125.json b/2021/43xxx/CVE-2021-43125.json deleted file mode 100644 index 5052c8bbcb0..00000000000 --- a/2021/43xxx/CVE-2021-43125.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43125", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43126.json b/2021/43xxx/CVE-2021-43126.json deleted file mode 100644 index 808349f9e4e..00000000000 --- a/2021/43xxx/CVE-2021-43126.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43126", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43127.json b/2021/43xxx/CVE-2021-43127.json deleted file mode 100644 index f00d8e8c1b6..00000000000 --- a/2021/43xxx/CVE-2021-43127.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43127", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43128.json b/2021/43xxx/CVE-2021-43128.json deleted file mode 100644 index 7d177441e4f..00000000000 --- a/2021/43xxx/CVE-2021-43128.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43128", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43129.json b/2021/43xxx/CVE-2021-43129.json deleted file mode 100644 index bafbbdf042d..00000000000 --- a/2021/43xxx/CVE-2021-43129.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43129", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43130.json b/2021/43xxx/CVE-2021-43130.json deleted file mode 100644 index f4965893475..00000000000 --- a/2021/43xxx/CVE-2021-43130.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43130", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An SQL Injection vulnerability exists in Sourcecodester Customer Relationship Management System (CRM) 1.0 via the username parameter in customer/login.php." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.exploit-db.com/exploits/50158", - "refsource": "MISC", - "name": "https://www.exploit-db.com/exploits/50158" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43131.json b/2021/43xxx/CVE-2021-43131.json deleted file mode 100644 index fc073ffba5b..00000000000 --- a/2021/43xxx/CVE-2021-43131.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43131", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43132.json b/2021/43xxx/CVE-2021-43132.json deleted file mode 100644 index bbd1a97e4f2..00000000000 --- a/2021/43xxx/CVE-2021-43132.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43132", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43133.json b/2021/43xxx/CVE-2021-43133.json deleted file mode 100644 index ffe2c933ca8..00000000000 --- a/2021/43xxx/CVE-2021-43133.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43133", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43134.json b/2021/43xxx/CVE-2021-43134.json deleted file mode 100644 index 1a13d24b9d4..00000000000 --- a/2021/43xxx/CVE-2021-43134.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43134", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43135.json b/2021/43xxx/CVE-2021-43135.json deleted file mode 100644 index 64b4246e0ca..00000000000 --- a/2021/43xxx/CVE-2021-43135.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43135", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43136.json b/2021/43xxx/CVE-2021-43136.json deleted file mode 100644 index 98eb8c885e5..00000000000 --- a/2021/43xxx/CVE-2021-43136.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43136", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43137.json b/2021/43xxx/CVE-2021-43137.json deleted file mode 100644 index 669d7e43de8..00000000000 --- a/2021/43xxx/CVE-2021-43137.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43137", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43138.json b/2021/43xxx/CVE-2021-43138.json deleted file mode 100644 index 4535f5a5a29..00000000000 --- a/2021/43xxx/CVE-2021-43138.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43138", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43139.json b/2021/43xxx/CVE-2021-43139.json deleted file mode 100644 index ff3f712d2dc..00000000000 --- a/2021/43xxx/CVE-2021-43139.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43139", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43140.json b/2021/43xxx/CVE-2021-43140.json deleted file mode 100644 index 03f4999e8eb..00000000000 --- a/2021/43xxx/CVE-2021-43140.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43140", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "SQL Injection vulnerability exists in Sourcecodester. Simple Subscription Website 1.0. via the login." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://github.com/Dir0x/CVE-2021-43140", - "url": "https://github.com/Dir0x/CVE-2021-43140" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43141.json b/2021/43xxx/CVE-2021-43141.json deleted file mode 100644 index 05152b4b24c..00000000000 --- a/2021/43xxx/CVE-2021-43141.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43141", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Simple Subscription Website 1.0 via the id parameter in plan_application." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://github.com/Dir0x/CVE-2021-43141", - "url": "https://github.com/Dir0x/CVE-2021-43141" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43142.json b/2021/43xxx/CVE-2021-43142.json deleted file mode 100644 index b7507262130..00000000000 --- a/2021/43xxx/CVE-2021-43142.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43142", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43143.json b/2021/43xxx/CVE-2021-43143.json deleted file mode 100644 index 1bb64387e27..00000000000 --- a/2021/43xxx/CVE-2021-43143.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43143", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43144.json b/2021/43xxx/CVE-2021-43144.json deleted file mode 100644 index e74bbab046b..00000000000 --- a/2021/43xxx/CVE-2021-43144.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43144", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43145.json b/2021/43xxx/CVE-2021-43145.json deleted file mode 100644 index 564bea97333..00000000000 --- a/2021/43xxx/CVE-2021-43145.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43145", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43146.json b/2021/43xxx/CVE-2021-43146.json deleted file mode 100644 index be579d12174..00000000000 --- a/2021/43xxx/CVE-2021-43146.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43146", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43147.json b/2021/43xxx/CVE-2021-43147.json deleted file mode 100644 index 0e19852a9b5..00000000000 --- a/2021/43xxx/CVE-2021-43147.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43147", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43148.json b/2021/43xxx/CVE-2021-43148.json deleted file mode 100644 index fae667e3a16..00000000000 --- a/2021/43xxx/CVE-2021-43148.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43148", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43149.json b/2021/43xxx/CVE-2021-43149.json deleted file mode 100644 index ba4a37b97a6..00000000000 --- a/2021/43xxx/CVE-2021-43149.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43149", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43150.json b/2021/43xxx/CVE-2021-43150.json deleted file mode 100644 index b125fd4a804..00000000000 --- a/2021/43xxx/CVE-2021-43150.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43150", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43151.json b/2021/43xxx/CVE-2021-43151.json deleted file mode 100644 index 1ce42726649..00000000000 --- a/2021/43xxx/CVE-2021-43151.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43151", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43152.json b/2021/43xxx/CVE-2021-43152.json deleted file mode 100644 index 62fa9b2056c..00000000000 --- a/2021/43xxx/CVE-2021-43152.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43152", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43153.json b/2021/43xxx/CVE-2021-43153.json deleted file mode 100644 index 7ec9c7a386c..00000000000 --- a/2021/43xxx/CVE-2021-43153.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43153", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43154.json b/2021/43xxx/CVE-2021-43154.json deleted file mode 100644 index 5187ec903a5..00000000000 --- a/2021/43xxx/CVE-2021-43154.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43154", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43155.json b/2021/43xxx/CVE-2021-43155.json deleted file mode 100644 index b787c4f02c1..00000000000 --- a/2021/43xxx/CVE-2021-43155.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43155", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43156.json b/2021/43xxx/CVE-2021-43156.json deleted file mode 100644 index f9bb6bd57df..00000000000 --- a/2021/43xxx/CVE-2021-43156.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43156", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43157.json b/2021/43xxx/CVE-2021-43157.json deleted file mode 100644 index 7c019a45b1d..00000000000 --- a/2021/43xxx/CVE-2021-43157.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43157", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43158.json b/2021/43xxx/CVE-2021-43158.json deleted file mode 100644 index cd4737aa217..00000000000 --- a/2021/43xxx/CVE-2021-43158.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43158", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43159.json b/2021/43xxx/CVE-2021-43159.json deleted file mode 100644 index f7c9495840c..00000000000 --- a/2021/43xxx/CVE-2021-43159.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43159", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43160.json b/2021/43xxx/CVE-2021-43160.json deleted file mode 100644 index 281d8c18ab6..00000000000 --- a/2021/43xxx/CVE-2021-43160.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43160", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43161.json b/2021/43xxx/CVE-2021-43161.json deleted file mode 100644 index 641b5745e51..00000000000 --- a/2021/43xxx/CVE-2021-43161.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43161", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43162.json b/2021/43xxx/CVE-2021-43162.json deleted file mode 100644 index 3a23909a25b..00000000000 --- a/2021/43xxx/CVE-2021-43162.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43162", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43163.json b/2021/43xxx/CVE-2021-43163.json deleted file mode 100644 index 48151565683..00000000000 --- a/2021/43xxx/CVE-2021-43163.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43163", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43164.json b/2021/43xxx/CVE-2021-43164.json deleted file mode 100644 index 9c3bc0c9f47..00000000000 --- a/2021/43xxx/CVE-2021-43164.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43164", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43165.json b/2021/43xxx/CVE-2021-43165.json deleted file mode 100644 index 30993e6f32f..00000000000 --- a/2021/43xxx/CVE-2021-43165.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43165", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43166.json b/2021/43xxx/CVE-2021-43166.json deleted file mode 100644 index b5bcfd56f63..00000000000 --- a/2021/43xxx/CVE-2021-43166.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43166", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43167.json b/2021/43xxx/CVE-2021-43167.json deleted file mode 100644 index 20f00cbdea0..00000000000 --- a/2021/43xxx/CVE-2021-43167.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43167", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43168.json b/2021/43xxx/CVE-2021-43168.json deleted file mode 100644 index 023c1185455..00000000000 --- a/2021/43xxx/CVE-2021-43168.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43168", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43169.json b/2021/43xxx/CVE-2021-43169.json deleted file mode 100644 index 31d8fea6685..00000000000 --- a/2021/43xxx/CVE-2021-43169.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43169", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43170.json b/2021/43xxx/CVE-2021-43170.json deleted file mode 100644 index 7d0667c8146..00000000000 --- a/2021/43xxx/CVE-2021-43170.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43170", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43171.json b/2021/43xxx/CVE-2021-43171.json deleted file mode 100644 index 89e3d6ef6c0..00000000000 --- a/2021/43xxx/CVE-2021-43171.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43171", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43172.json b/2021/43xxx/CVE-2021-43172.json deleted file mode 100644 index af4bb477cbb..00000000000 --- a/2021/43xxx/CVE-2021-43172.json +++ /dev/null @@ -1,71 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "sep@nlnetlabs.nl", - "DATE_PUBLIC": "2021-11-09T14:00:00.000Z", - "ID": "CVE-2021-43172", - "STATE": "PUBLIC", - "TITLE": "Infinite length chain of RRDP repositories" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Routinator", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_value": "0.10.1" - } - ] - } - } - ] - }, - "vendor_name": "NLnet Labs" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "We would like to thank Koen van Hove for the discovery." - } - ], - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "NLnet Labs Routinator prior to 0.10.2 happily processes a chain of RRDP repositories of infinite length causing it to never finish a validation run. In RPKI, a CA can choose the RRDP repository it wishes to publish its data in. By continuously generating a new child CA that only consists of another CA using a different RRDP repository, a malicious CA can create a chain of CAs of de-facto infinite length. Routinator prior to version 0.10.2 did not contain a limit on the length of such a chain and will therefore continue to process this chain forever. As a result, the validation run will never finish, leading to Routinator continuing to serve the old data set or, if in the initial validation run directly after starting, never serve any data at all." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-674: Uncontrolled Recursion" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://www.nlnetlabs.nl/downloads/routinator/CVE-2021-43172_CVE-2021-43173_CVE-2021-43174.txt", - "name": "https://www.nlnetlabs.nl/downloads/routinator/CVE-2021-43172_CVE-2021-43173_CVE-2021-43174.txt" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43173.json b/2021/43xxx/CVE-2021-43173.json deleted file mode 100644 index 28906e138f0..00000000000 --- a/2021/43xxx/CVE-2021-43173.json +++ /dev/null @@ -1,71 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "sep@nlnetlabs.nl", - "DATE_PUBLIC": "2021-11-09T14:00:00.000Z", - "ID": "CVE-2021-43173", - "STATE": "PUBLIC", - "TITLE": "Hanging RRDP request" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Routinator", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_value": "0.10.1" - } - ] - } - } - ] - }, - "vendor_name": "NLnet Labs" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "We would like to thank Koen van Hove for the discovery." - } - ], - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "In NLnet Labs Routinator prior to 0.10.2, a validation run can be delayed significantly by an RRDP repository by not answering but slowly drip-feeding bytes to keep the connection alive. This can be used to effectively stall validation. While Routinator has a configurable time-out value for RRDP connections, this time-out was only applied to individual read or write operations rather than the complete request. Thus, if an RRDP repository sends a little bit of data before that time-out expired, it can continuously extend the time it takes for the request to finish. Since validation will only continue once the update of an RRDP repository has concluded, this delay will cause validation to stall, leading to Routinator continuing to serve the old data set or, if in the initial validation run directly after starting, never serve any data at all." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-755: Improper Handling of Exceptional Conditions" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://www.nlnetlabs.nl/downloads/routinator/CVE-2021-43172_CVE-2021-43173_CVE-2021-43174.txt", - "name": "https://www.nlnetlabs.nl/downloads/routinator/CVE-2021-43172_CVE-2021-43173_CVE-2021-43174.txt" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43174.json b/2021/43xxx/CVE-2021-43174.json deleted file mode 100644 index 80a55f6c0a6..00000000000 --- a/2021/43xxx/CVE-2021-43174.json +++ /dev/null @@ -1,72 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "sep@nlnetlabs.nl", - "DATE_PUBLIC": "2021-11-09T14:00:00.000Z", - "ID": "CVE-2021-43174", - "STATE": "PUBLIC", - "TITLE": "gzip transfer encoding caused out-of-memory crash" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Routinator", - "version": { - "version_data": [ - { - "version_number": "0.9.0", - "version_affected": "<=", - "version_value": "0.10.1" - } - ] - } - } - ] - }, - "vendor_name": "NLnet Labs" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "We would like to thank Koen van Hove for the discovery." - } - ], - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "NLnet Labs Routinator versions 0.9.0 up to and including 0.10.1, support the gzip transfer encoding when querying RRDP repositories. This encoding can be used by an RRDP repository to cause an out-of-memory crash in these versions of Routinator. RRDP uses XML which allows arbitrary amounts of white space in the encoded data. The gzip scheme compresses such white space extremely well, leading to very small compressed files that become huge when being decompressed for further processing, big enough that Routinator runs out of memory when parsing input data waiting for the next XML element." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-1325: Improperly Controlled Sequential Memory Allocation" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://www.nlnetlabs.nl/downloads/routinator/CVE-2021-43172_CVE-2021-43173_CVE-2021-43174.txt", - "name": "https://www.nlnetlabs.nl/downloads/routinator/CVE-2021-43172_CVE-2021-43173_CVE-2021-43174.txt" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43175.json b/2021/43xxx/CVE-2021-43175.json deleted file mode 100644 index 9a98d540c61..00000000000 --- a/2021/43xxx/CVE-2021-43175.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43175", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43176.json b/2021/43xxx/CVE-2021-43176.json deleted file mode 100644 index 1759f6b41dc..00000000000 --- a/2021/43xxx/CVE-2021-43176.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43176", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43177.json b/2021/43xxx/CVE-2021-43177.json deleted file mode 100644 index 6620fa689a4..00000000000 --- a/2021/43xxx/CVE-2021-43177.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43177", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43178.json b/2021/43xxx/CVE-2021-43178.json deleted file mode 100644 index 029e7244b66..00000000000 --- a/2021/43xxx/CVE-2021-43178.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43178", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43179.json b/2021/43xxx/CVE-2021-43179.json deleted file mode 100644 index 20517b502f8..00000000000 --- a/2021/43xxx/CVE-2021-43179.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43179", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43180.json b/2021/43xxx/CVE-2021-43180.json deleted file mode 100644 index 7df1c083ea6..00000000000 --- a/2021/43xxx/CVE-2021-43180.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43180", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "In JetBrains Hub before 2021.1.13690, information disclosure via avatar metadata is possible." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/", - "url": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43181.json b/2021/43xxx/CVE-2021-43181.json deleted file mode 100644 index c6bc6ae7251..00000000000 --- a/2021/43xxx/CVE-2021-43181.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43181", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "In JetBrains Hub before 2021.1.13690, stored XSS is possible." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/", - "url": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43182.json b/2021/43xxx/CVE-2021-43182.json deleted file mode 100644 index 5b8e88442ff..00000000000 --- a/2021/43xxx/CVE-2021-43182.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43182", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "In JetBrains Hub before 2021.1.13415, a DoS via user information is possible." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/", - "url": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43183.json b/2021/43xxx/CVE-2021-43183.json deleted file mode 100644 index 263229bbfb3..00000000000 --- a/2021/43xxx/CVE-2021-43183.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43183", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "In JetBrains Hub before 2021.1.13690, the authentication throttling mechanism could be bypassed." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/", - "url": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43184.json b/2021/43xxx/CVE-2021-43184.json deleted file mode 100644 index e604b7deeb9..00000000000 --- a/2021/43xxx/CVE-2021-43184.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43184", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "In JetBrains YouTrack before 2021.3.21051, stored XSS is possible." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/", - "url": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43185.json b/2021/43xxx/CVE-2021-43185.json deleted file mode 100644 index b4d0a26951f..00000000000 --- a/2021/43xxx/CVE-2021-43185.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43185", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "JetBrains YouTrack before 2021.3.23639 is vulnerable to Host header injection." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/", - "url": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43186.json b/2021/43xxx/CVE-2021-43186.json deleted file mode 100644 index 4f1e579eb5e..00000000000 --- a/2021/43xxx/CVE-2021-43186.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43186", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "JetBrains YouTrack before 2021.3.24402 is vulnerable to stored XSS." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/", - "url": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43187.json b/2021/43xxx/CVE-2021-43187.json deleted file mode 100644 index 10f5ad1bc41..00000000000 --- a/2021/43xxx/CVE-2021-43187.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43187", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "In JetBrains YouTrack Mobile before 2021.2, the client-side cache on iOS could contain sensitive information." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/", - "url": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43188.json b/2021/43xxx/CVE-2021-43188.json deleted file mode 100644 index db2d30e6098..00000000000 --- a/2021/43xxx/CVE-2021-43188.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43188", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "In JetBrains YouTrack Mobile before 2021.2, access token protection on iOS is incomplete." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/", - "url": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43189.json b/2021/43xxx/CVE-2021-43189.json deleted file mode 100644 index 8b3a9cd090e..00000000000 --- a/2021/43xxx/CVE-2021-43189.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43189", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "In JetBrains YouTrack Mobile before 2021.2, access token protection on Android is incomplete." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/", - "url": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43190.json b/2021/43xxx/CVE-2021-43190.json deleted file mode 100644 index 673d7daaf32..00000000000 --- a/2021/43xxx/CVE-2021-43190.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43190", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "In JetBrains YouTrack Mobile before 2021.2, task hijacking on Android is possible." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/", - "url": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43191.json b/2021/43xxx/CVE-2021-43191.json deleted file mode 100644 index 318e30edc0c..00000000000 --- a/2021/43xxx/CVE-2021-43191.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43191", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "JetBrains YouTrack Mobile before 2021.2, is missing the security screen on Android and iOS." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/", - "url": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43192.json b/2021/43xxx/CVE-2021-43192.json deleted file mode 100644 index bde7e14280f..00000000000 --- a/2021/43xxx/CVE-2021-43192.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43192", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "In JetBrains YouTrack Mobile before 2021.2, iOS URL scheme hijacking is possible." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/", - "url": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43193.json b/2021/43xxx/CVE-2021-43193.json deleted file mode 100644 index 8e815051e3b..00000000000 --- a/2021/43xxx/CVE-2021-43193.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43193", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "In JetBrains TeamCity before 2021.1.2, remote code execution via the agent push functionality is possible." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/", - "url": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43194.json b/2021/43xxx/CVE-2021-43194.json deleted file mode 100644 index dd738f47afe..00000000000 --- a/2021/43xxx/CVE-2021-43194.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43194", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "In JetBrains TeamCity before 2021.1.2, user enumeration was possible." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/", - "url": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43195.json b/2021/43xxx/CVE-2021-43195.json deleted file mode 100644 index af715bb624c..00000000000 --- a/2021/43xxx/CVE-2021-43195.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43195", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "In JetBrains TeamCity before 2021.1.2, some HTTP security headers were missing." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/", - "url": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43196.json b/2021/43xxx/CVE-2021-43196.json deleted file mode 100644 index 9395cbc29dc..00000000000 --- a/2021/43xxx/CVE-2021-43196.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43196", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "In JetBrains TeamCity before 2021.1, information disclosure via the Docker Registry connection dialog is possible." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/", - "url": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43197.json b/2021/43xxx/CVE-2021-43197.json deleted file mode 100644 index 382db7dacaf..00000000000 --- a/2021/43xxx/CVE-2021-43197.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43197", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "In JetBrains TeamCity before 2021.1.2, email notifications could include unescaped HTML for XSS." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/", - "url": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43198.json b/2021/43xxx/CVE-2021-43198.json deleted file mode 100644 index 26f5709201b..00000000000 --- a/2021/43xxx/CVE-2021-43198.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43198", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "In JetBrains TeamCity before 2021.1.2, stored XSS is possible." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/", - "url": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43199.json b/2021/43xxx/CVE-2021-43199.json deleted file mode 100644 index 647cffe0dbd..00000000000 --- a/2021/43xxx/CVE-2021-43199.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43199", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "In JetBrains TeamCity before 2021.1.2, permission checks in the Create Patch functionality are insufficient." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/", - "url": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43200.json b/2021/43xxx/CVE-2021-43200.json deleted file mode 100644 index 47e087006a3..00000000000 --- a/2021/43xxx/CVE-2021-43200.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43200", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "In JetBrains TeamCity before 2021.1.2, permission checks in the Agent Push functionality were insufficient." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/", - "url": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43201.json b/2021/43xxx/CVE-2021-43201.json deleted file mode 100644 index 371a96d7b07..00000000000 --- a/2021/43xxx/CVE-2021-43201.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43201", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "In JetBrains TeamCity before 2021.1.3, a newly created project could take settings from an already deleted project." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/", - "url": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43202.json b/2021/43xxx/CVE-2021-43202.json deleted file mode 100644 index cc139bb5838..00000000000 --- a/2021/43xxx/CVE-2021-43202.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43202", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43203.json b/2021/43xxx/CVE-2021-43203.json deleted file mode 100644 index f7c425ddad7..00000000000 --- a/2021/43xxx/CVE-2021-43203.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43203", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "In JetBrains Ktor before 1.6.4, nonce verification during the OAuth2 authentication process is implemented improperly." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/", - "url": "https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43204.json b/2021/43xxx/CVE-2021-43204.json deleted file mode 100644 index 6ece2625bf6..00000000000 --- a/2021/43xxx/CVE-2021-43204.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43204", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43205.json b/2021/43xxx/CVE-2021-43205.json deleted file mode 100644 index 0d7b6fe0c6d..00000000000 --- a/2021/43xxx/CVE-2021-43205.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43205", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43206.json b/2021/43xxx/CVE-2021-43206.json deleted file mode 100644 index 4b2663d1001..00000000000 --- a/2021/43xxx/CVE-2021-43206.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43206", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43207.json b/2021/43xxx/CVE-2021-43207.json deleted file mode 100644 index d6630273296..00000000000 --- a/2021/43xxx/CVE-2021-43207.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43207", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43208.json b/2021/43xxx/CVE-2021-43208.json index 98128afe130..90cffffe8aa 100644 --- a/2021/43xxx/CVE-2021-43208.json +++ b/2021/43xxx/CVE-2021-43208.json @@ -1,18 +1,60 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43208", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-43208", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "3D Viewer", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "3D Viewer Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-43209." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43208" + } + ] + } +} diff --git a/2021/43xxx/CVE-2021-43209.json b/2021/43xxx/CVE-2021-43209.json index d0d442f726d..b9161806d14 100644 --- a/2021/43xxx/CVE-2021-43209.json +++ b/2021/43xxx/CVE-2021-43209.json @@ -1,18 +1,60 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43209", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2021-43209", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "3D Viewer", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "3D Viewer Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-43208." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43209" + } + ] + } +} diff --git a/2021/43xxx/CVE-2021-43210.json b/2021/43xxx/CVE-2021-43210.json deleted file mode 100644 index f313ef19d2a..00000000000 --- a/2021/43xxx/CVE-2021-43210.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43210", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43211.json b/2021/43xxx/CVE-2021-43211.json deleted file mode 100644 index ab96abb9fae..00000000000 --- a/2021/43xxx/CVE-2021-43211.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43211", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43212.json b/2021/43xxx/CVE-2021-43212.json deleted file mode 100644 index cdce7b2ad44..00000000000 --- a/2021/43xxx/CVE-2021-43212.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43212", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43213.json b/2021/43xxx/CVE-2021-43213.json deleted file mode 100644 index a9e6f3f6469..00000000000 --- a/2021/43xxx/CVE-2021-43213.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43213", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43214.json b/2021/43xxx/CVE-2021-43214.json deleted file mode 100644 index 7e003efab60..00000000000 --- a/2021/43xxx/CVE-2021-43214.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43214", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43215.json b/2021/43xxx/CVE-2021-43215.json deleted file mode 100644 index 1afd3194161..00000000000 --- a/2021/43xxx/CVE-2021-43215.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43215", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43216.json b/2021/43xxx/CVE-2021-43216.json deleted file mode 100644 index c3c51a91338..00000000000 --- a/2021/43xxx/CVE-2021-43216.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43216", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43217.json b/2021/43xxx/CVE-2021-43217.json deleted file mode 100644 index c19c2dca221..00000000000 --- a/2021/43xxx/CVE-2021-43217.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43217", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43218.json b/2021/43xxx/CVE-2021-43218.json deleted file mode 100644 index c83b4b383aa..00000000000 --- a/2021/43xxx/CVE-2021-43218.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43218", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43219.json b/2021/43xxx/CVE-2021-43219.json deleted file mode 100644 index 86e7584b728..00000000000 --- a/2021/43xxx/CVE-2021-43219.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43219", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43220.json b/2021/43xxx/CVE-2021-43220.json deleted file mode 100644 index f7a8e063b02..00000000000 --- a/2021/43xxx/CVE-2021-43220.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43220", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43221.json b/2021/43xxx/CVE-2021-43221.json deleted file mode 100644 index 1f006a74080..00000000000 --- a/2021/43xxx/CVE-2021-43221.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43221", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43222.json b/2021/43xxx/CVE-2021-43222.json deleted file mode 100644 index a7ca46e4d51..00000000000 --- a/2021/43xxx/CVE-2021-43222.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43222", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43223.json b/2021/43xxx/CVE-2021-43223.json deleted file mode 100644 index 89fbff9479e..00000000000 --- a/2021/43xxx/CVE-2021-43223.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43223", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43224.json b/2021/43xxx/CVE-2021-43224.json deleted file mode 100644 index 072d2660b32..00000000000 --- a/2021/43xxx/CVE-2021-43224.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43224", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43225.json b/2021/43xxx/CVE-2021-43225.json deleted file mode 100644 index 8345de2ee48..00000000000 --- a/2021/43xxx/CVE-2021-43225.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43225", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43226.json b/2021/43xxx/CVE-2021-43226.json deleted file mode 100644 index cf1cfee7af8..00000000000 --- a/2021/43xxx/CVE-2021-43226.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43226", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43227.json b/2021/43xxx/CVE-2021-43227.json deleted file mode 100644 index bb2617fb8ef..00000000000 --- a/2021/43xxx/CVE-2021-43227.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43227", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43228.json b/2021/43xxx/CVE-2021-43228.json deleted file mode 100644 index 92dd66eaa9c..00000000000 --- a/2021/43xxx/CVE-2021-43228.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43228", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43229.json b/2021/43xxx/CVE-2021-43229.json deleted file mode 100644 index bd92c428cb1..00000000000 --- a/2021/43xxx/CVE-2021-43229.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43229", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43230.json b/2021/43xxx/CVE-2021-43230.json deleted file mode 100644 index 71fa534b175..00000000000 --- a/2021/43xxx/CVE-2021-43230.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43230", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43231.json b/2021/43xxx/CVE-2021-43231.json deleted file mode 100644 index 3a9f63977d4..00000000000 --- a/2021/43xxx/CVE-2021-43231.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43231", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43232.json b/2021/43xxx/CVE-2021-43232.json deleted file mode 100644 index 584c11dde2b..00000000000 --- a/2021/43xxx/CVE-2021-43232.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43232", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43233.json b/2021/43xxx/CVE-2021-43233.json deleted file mode 100644 index c7e4b1db132..00000000000 --- a/2021/43xxx/CVE-2021-43233.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43233", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43234.json b/2021/43xxx/CVE-2021-43234.json deleted file mode 100644 index 74ec566d5c8..00000000000 --- a/2021/43xxx/CVE-2021-43234.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43234", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43235.json b/2021/43xxx/CVE-2021-43235.json deleted file mode 100644 index 588758b3750..00000000000 --- a/2021/43xxx/CVE-2021-43235.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43235", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43236.json b/2021/43xxx/CVE-2021-43236.json deleted file mode 100644 index 7a2b240357b..00000000000 --- a/2021/43xxx/CVE-2021-43236.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43236", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43237.json b/2021/43xxx/CVE-2021-43237.json deleted file mode 100644 index 98f5cc8967a..00000000000 --- a/2021/43xxx/CVE-2021-43237.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43237", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43238.json b/2021/43xxx/CVE-2021-43238.json deleted file mode 100644 index 06268972667..00000000000 --- a/2021/43xxx/CVE-2021-43238.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43238", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43239.json b/2021/43xxx/CVE-2021-43239.json deleted file mode 100644 index 4a1c87f7e94..00000000000 --- a/2021/43xxx/CVE-2021-43239.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43239", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43240.json b/2021/43xxx/CVE-2021-43240.json deleted file mode 100644 index 4fc7dd34f8c..00000000000 --- a/2021/43xxx/CVE-2021-43240.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43240", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43241.json b/2021/43xxx/CVE-2021-43241.json deleted file mode 100644 index 05bfcbefa46..00000000000 --- a/2021/43xxx/CVE-2021-43241.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43241", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43242.json b/2021/43xxx/CVE-2021-43242.json deleted file mode 100644 index 0c8fbcfcb08..00000000000 --- a/2021/43xxx/CVE-2021-43242.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43242", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43243.json b/2021/43xxx/CVE-2021-43243.json deleted file mode 100644 index 6204f422350..00000000000 --- a/2021/43xxx/CVE-2021-43243.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43243", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43244.json b/2021/43xxx/CVE-2021-43244.json deleted file mode 100644 index d136a82e567..00000000000 --- a/2021/43xxx/CVE-2021-43244.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43244", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43245.json b/2021/43xxx/CVE-2021-43245.json deleted file mode 100644 index 84434afc777..00000000000 --- a/2021/43xxx/CVE-2021-43245.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43245", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43246.json b/2021/43xxx/CVE-2021-43246.json deleted file mode 100644 index b3eb588b0fa..00000000000 --- a/2021/43xxx/CVE-2021-43246.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43246", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43247.json b/2021/43xxx/CVE-2021-43247.json deleted file mode 100644 index d626f456f91..00000000000 --- a/2021/43xxx/CVE-2021-43247.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43247", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43248.json b/2021/43xxx/CVE-2021-43248.json deleted file mode 100644 index dbd5819ed65..00000000000 --- a/2021/43xxx/CVE-2021-43248.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43248", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43249.json b/2021/43xxx/CVE-2021-43249.json deleted file mode 100644 index 8d9029096dc..00000000000 --- a/2021/43xxx/CVE-2021-43249.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43249", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43250.json b/2021/43xxx/CVE-2021-43250.json deleted file mode 100644 index cf53c3723c8..00000000000 --- a/2021/43xxx/CVE-2021-43250.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43250", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43251.json b/2021/43xxx/CVE-2021-43251.json deleted file mode 100644 index 115dd01fbb6..00000000000 --- a/2021/43xxx/CVE-2021-43251.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43251", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43252.json b/2021/43xxx/CVE-2021-43252.json deleted file mode 100644 index 9aba3a84c90..00000000000 --- a/2021/43xxx/CVE-2021-43252.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43252", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43253.json b/2021/43xxx/CVE-2021-43253.json deleted file mode 100644 index 203dc061793..00000000000 --- a/2021/43xxx/CVE-2021-43253.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43253", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43254.json b/2021/43xxx/CVE-2021-43254.json deleted file mode 100644 index 50bbbf9b184..00000000000 --- a/2021/43xxx/CVE-2021-43254.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43254", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43255.json b/2021/43xxx/CVE-2021-43255.json deleted file mode 100644 index fac04b395ff..00000000000 --- a/2021/43xxx/CVE-2021-43255.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43255", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43256.json b/2021/43xxx/CVE-2021-43256.json deleted file mode 100644 index 2b583ec8824..00000000000 --- a/2021/43xxx/CVE-2021-43256.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43256", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43257.json b/2021/43xxx/CVE-2021-43257.json deleted file mode 100644 index a5ac84ce6cb..00000000000 --- a/2021/43xxx/CVE-2021-43257.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43257", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43258.json b/2021/43xxx/CVE-2021-43258.json deleted file mode 100644 index be29c514384..00000000000 --- a/2021/43xxx/CVE-2021-43258.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43258", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43259.json b/2021/43xxx/CVE-2021-43259.json deleted file mode 100644 index df8fabf4e75..00000000000 --- a/2021/43xxx/CVE-2021-43259.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43259", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43260.json b/2021/43xxx/CVE-2021-43260.json deleted file mode 100644 index ca5ba42414d..00000000000 --- a/2021/43xxx/CVE-2021-43260.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43260", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43261.json b/2021/43xxx/CVE-2021-43261.json deleted file mode 100644 index 4ce568dc916..00000000000 --- a/2021/43xxx/CVE-2021-43261.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43261", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43262.json b/2021/43xxx/CVE-2021-43262.json deleted file mode 100644 index dece47f8280..00000000000 --- a/2021/43xxx/CVE-2021-43262.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43262", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43263.json b/2021/43xxx/CVE-2021-43263.json deleted file mode 100644 index 019b0eedcd2..00000000000 --- a/2021/43xxx/CVE-2021-43263.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43263", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43264.json b/2021/43xxx/CVE-2021-43264.json deleted file mode 100644 index 0902e6f1bc7..00000000000 --- a/2021/43xxx/CVE-2021-43264.json +++ /dev/null @@ -1,67 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43264", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, adjusting the path component for the page help file allows attackers to bypass the intended access control for HTML files via directory traversal. It replaces the - character with the / character." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://bugs.launchpad.net/mahara/+bug/1944979", - "refsource": "MISC", - "name": "https://bugs.launchpad.net/mahara/+bug/1944979" - }, - { - "refsource": "MISC", - "name": "https://mahara.org/interaction/forum/topic.php?id=8954", - "url": "https://mahara.org/interaction/forum/topic.php?id=8954" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43265.json b/2021/43xxx/CVE-2021-43265.json deleted file mode 100644 index e349b5e4cca..00000000000 --- a/2021/43xxx/CVE-2021-43265.json +++ /dev/null @@ -1,67 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43265", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, certain tag syntax could be used for XSS, such as via a SCRIPT element." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://bugs.launchpad.net/mahara/+bug/1944633", - "refsource": "MISC", - "name": "https://bugs.launchpad.net/mahara/+bug/1944633" - }, - { - "refsource": "MISC", - "name": "https://mahara.org/interaction/forum/topic.php?id=8953", - "url": "https://mahara.org/interaction/forum/topic.php?id=8953" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43266.json b/2021/43xxx/CVE-2021-43266.json deleted file mode 100644 index 5607c6bd27b..00000000000 --- a/2021/43xxx/CVE-2021-43266.json +++ /dev/null @@ -1,67 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43266", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, exporting collections via PDF export could lead to code execution via shell metacharacters in a collection name." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://bugs.launchpad.net/mahara/+bug/1942903", - "refsource": "MISC", - "name": "https://bugs.launchpad.net/mahara/+bug/1942903" - }, - { - "refsource": "MISC", - "name": "https://mahara.org/interaction/forum/topic.php?id=8952", - "url": "https://mahara.org/interaction/forum/topic.php?id=8952" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43267.json b/2021/43xxx/CVE-2021-43267.json deleted file mode 100644 index a774e1da8b5..00000000000 --- a/2021/43xxx/CVE-2021-43267.json +++ /dev/null @@ -1,77 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43267", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/torvalds/linux/commit/fa40d9734a57bcbfa79a280189799f76c88f7bb0", - "refsource": "MISC", - "name": "https://github.com/torvalds/linux/commit/fa40d9734a57bcbfa79a280189799f76c88f7bb0" - }, - { - "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.16", - "refsource": "MISC", - "name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.16" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-a093973910", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RDDEW4APTYKJK365HC2JZIVXYUV7ZRN7/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-bdd146e463", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CVWL7HZV5T5OEKJPO2D67RMFMKBBXGGB/" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43268.json b/2021/43xxx/CVE-2021-43268.json deleted file mode 100644 index c9959e73bab..00000000000 --- a/2021/43xxx/CVE-2021-43268.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43268", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43269.json b/2021/43xxx/CVE-2021-43269.json deleted file mode 100644 index 1dd723710ba..00000000000 --- a/2021/43xxx/CVE-2021-43269.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43269", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43270.json b/2021/43xxx/CVE-2021-43270.json deleted file mode 100644 index 3191e2b7ac8..00000000000 --- a/2021/43xxx/CVE-2021-43270.json +++ /dev/null @@ -1,65 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43270", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Datalust Seq.App.EmailPlus (aka seq-app-htmlemail) 3.1.0-dev-00148, 3.1.0-dev-00170, and 3.1.0-dev-00176 can use cleartext SMTP on port 25 in some cases where encryption on port 465 was intended." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/datalust/seq-app-htmlemail/pull/93", - "refsource": "MISC", - "name": "https://github.com/datalust/seq-app-htmlemail/pull/93" - } - ] - }, - "source": { - "discovery": "INTERNAL" - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43271.json b/2021/43xxx/CVE-2021-43271.json deleted file mode 100644 index f6a6507cd9f..00000000000 --- a/2021/43xxx/CVE-2021-43271.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43271", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43272.json b/2021/43xxx/CVE-2021-43272.json deleted file mode 100644 index 6bb51d0abd9..00000000000 --- a/2021/43xxx/CVE-2021-43272.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43272", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43273.json b/2021/43xxx/CVE-2021-43273.json deleted file mode 100644 index a9b3f2abe8d..00000000000 --- a/2021/43xxx/CVE-2021-43273.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43273", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43274.json b/2021/43xxx/CVE-2021-43274.json deleted file mode 100644 index 503a8c8b4d1..00000000000 --- a/2021/43xxx/CVE-2021-43274.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43274", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43275.json b/2021/43xxx/CVE-2021-43275.json deleted file mode 100644 index 97dd53b1fab..00000000000 --- a/2021/43xxx/CVE-2021-43275.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43275", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43276.json b/2021/43xxx/CVE-2021-43276.json deleted file mode 100644 index 97dfe726818..00000000000 --- a/2021/43xxx/CVE-2021-43276.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43276", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43277.json b/2021/43xxx/CVE-2021-43277.json deleted file mode 100644 index e9c7f7cbc23..00000000000 --- a/2021/43xxx/CVE-2021-43277.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43277", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43278.json b/2021/43xxx/CVE-2021-43278.json deleted file mode 100644 index dc9ac26b2ae..00000000000 --- a/2021/43xxx/CVE-2021-43278.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43278", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43279.json b/2021/43xxx/CVE-2021-43279.json deleted file mode 100644 index 86dafd22185..00000000000 --- a/2021/43xxx/CVE-2021-43279.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43279", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43280.json b/2021/43xxx/CVE-2021-43280.json deleted file mode 100644 index 716d350e225..00000000000 --- a/2021/43xxx/CVE-2021-43280.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43280", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43281.json b/2021/43xxx/CVE-2021-43281.json deleted file mode 100644 index 26ec3e03c25..00000000000 --- a/2021/43xxx/CVE-2021-43281.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43281", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "MyBB before 1.8.29 allows Remote Code Injection by an admin with the \"Can manage settings?\" permission. The Admin CP's Settings management module does not validate setting types correctly on insertion and update, making it possible to add settings of supported type \"php\" with PHP code, executed on Change Settings pages." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "CONFIRM", - "name": "https://github.com/mybb/mybb/security/advisories/GHSA-8gxx-vmr9-h39p", - "url": "https://github.com/mybb/mybb/security/advisories/GHSA-8gxx-vmr9-h39p" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43282.json b/2021/43xxx/CVE-2021-43282.json deleted file mode 100644 index cf4d319f5a1..00000000000 --- a/2021/43xxx/CVE-2021-43282.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43282", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43283.json b/2021/43xxx/CVE-2021-43283.json deleted file mode 100644 index 623bc3578e9..00000000000 --- a/2021/43xxx/CVE-2021-43283.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43283", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43284.json b/2021/43xxx/CVE-2021-43284.json deleted file mode 100644 index 1a9d1679464..00000000000 --- a/2021/43xxx/CVE-2021-43284.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43284", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43285.json b/2021/43xxx/CVE-2021-43285.json deleted file mode 100644 index 33570ad39bd..00000000000 --- a/2021/43xxx/CVE-2021-43285.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43285", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43286.json b/2021/43xxx/CVE-2021-43286.json deleted file mode 100644 index a105a7a50e4..00000000000 --- a/2021/43xxx/CVE-2021-43286.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43286", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43287.json b/2021/43xxx/CVE-2021-43287.json deleted file mode 100644 index 1ad41934d4a..00000000000 --- a/2021/43xxx/CVE-2021-43287.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43287", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43288.json b/2021/43xxx/CVE-2021-43288.json deleted file mode 100644 index aa89bd92195..00000000000 --- a/2021/43xxx/CVE-2021-43288.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43288", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43289.json b/2021/43xxx/CVE-2021-43289.json deleted file mode 100644 index 653e2aff810..00000000000 --- a/2021/43xxx/CVE-2021-43289.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43289", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43290.json b/2021/43xxx/CVE-2021-43290.json deleted file mode 100644 index 1e4061b5034..00000000000 --- a/2021/43xxx/CVE-2021-43290.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43290", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43291.json b/2021/43xxx/CVE-2021-43291.json deleted file mode 100644 index 62e171b0648..00000000000 --- a/2021/43xxx/CVE-2021-43291.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43291", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43292.json b/2021/43xxx/CVE-2021-43292.json deleted file mode 100644 index b4ced9dc49e..00000000000 --- a/2021/43xxx/CVE-2021-43292.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43292", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43293.json b/2021/43xxx/CVE-2021-43293.json deleted file mode 100644 index aa4ca2bc69f..00000000000 --- a/2021/43xxx/CVE-2021-43293.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43293", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Sonatype Nexus Repository Manager 3.x before 3.36.0 allows a remote authenticated attacker to potentially perform network enumeration via Server Side Request Forgery (SSRF)." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "CONFIRM", - "name": "https://support.sonatype.com/hc/en-us/articles/4409326330003", - "url": "https://support.sonatype.com/hc/en-us/articles/4409326330003" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43294.json b/2021/43xxx/CVE-2021-43294.json deleted file mode 100644 index 28bda25c15c..00000000000 --- a/2021/43xxx/CVE-2021-43294.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43294", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43295.json b/2021/43xxx/CVE-2021-43295.json deleted file mode 100644 index cdbbab0b0e4..00000000000 --- a/2021/43xxx/CVE-2021-43295.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43295", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43296.json b/2021/43xxx/CVE-2021-43296.json deleted file mode 100644 index f9c8c2efd6d..00000000000 --- a/2021/43xxx/CVE-2021-43296.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43296", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43297.json b/2021/43xxx/CVE-2021-43297.json deleted file mode 100644 index 567f30205b5..00000000000 --- a/2021/43xxx/CVE-2021-43297.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43297", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43298.json b/2021/43xxx/CVE-2021-43298.json deleted file mode 100644 index a9d4340f043..00000000000 --- a/2021/43xxx/CVE-2021-43298.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43298", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43299.json b/2021/43xxx/CVE-2021-43299.json deleted file mode 100644 index dc7eae9b71e..00000000000 --- a/2021/43xxx/CVE-2021-43299.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43299", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43300.json b/2021/43xxx/CVE-2021-43300.json deleted file mode 100644 index 1aaaf783b3b..00000000000 --- a/2021/43xxx/CVE-2021-43300.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43300", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43301.json b/2021/43xxx/CVE-2021-43301.json deleted file mode 100644 index 18207828f21..00000000000 --- a/2021/43xxx/CVE-2021-43301.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43301", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43302.json b/2021/43xxx/CVE-2021-43302.json deleted file mode 100644 index ba97174e1a6..00000000000 --- a/2021/43xxx/CVE-2021-43302.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43302", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43303.json b/2021/43xxx/CVE-2021-43303.json deleted file mode 100644 index 434bd312be9..00000000000 --- a/2021/43xxx/CVE-2021-43303.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43303", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43304.json b/2021/43xxx/CVE-2021-43304.json deleted file mode 100644 index 199b104563d..00000000000 --- a/2021/43xxx/CVE-2021-43304.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43304", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43305.json b/2021/43xxx/CVE-2021-43305.json deleted file mode 100644 index e18321082ae..00000000000 --- a/2021/43xxx/CVE-2021-43305.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43305", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43306.json b/2021/43xxx/CVE-2021-43306.json deleted file mode 100644 index 82069206b46..00000000000 --- a/2021/43xxx/CVE-2021-43306.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43306", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43307.json b/2021/43xxx/CVE-2021-43307.json deleted file mode 100644 index 600ef0b724f..00000000000 --- a/2021/43xxx/CVE-2021-43307.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43307", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43308.json b/2021/43xxx/CVE-2021-43308.json deleted file mode 100644 index f73f92383dc..00000000000 --- a/2021/43xxx/CVE-2021-43308.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43308", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43309.json b/2021/43xxx/CVE-2021-43309.json deleted file mode 100644 index e695bdd1e6b..00000000000 --- a/2021/43xxx/CVE-2021-43309.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43309", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43310.json b/2021/43xxx/CVE-2021-43310.json deleted file mode 100644 index aa793eeab79..00000000000 --- a/2021/43xxx/CVE-2021-43310.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43310", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43311.json b/2021/43xxx/CVE-2021-43311.json deleted file mode 100644 index 67547402601..00000000000 --- a/2021/43xxx/CVE-2021-43311.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43311", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43312.json b/2021/43xxx/CVE-2021-43312.json deleted file mode 100644 index a657de7d2fa..00000000000 --- a/2021/43xxx/CVE-2021-43312.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43312", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43313.json b/2021/43xxx/CVE-2021-43313.json deleted file mode 100644 index 965527dc3f5..00000000000 --- a/2021/43xxx/CVE-2021-43313.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43313", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43314.json b/2021/43xxx/CVE-2021-43314.json deleted file mode 100644 index 75855af6261..00000000000 --- a/2021/43xxx/CVE-2021-43314.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43314", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43315.json b/2021/43xxx/CVE-2021-43315.json deleted file mode 100644 index a2c04656712..00000000000 --- a/2021/43xxx/CVE-2021-43315.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43315", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43316.json b/2021/43xxx/CVE-2021-43316.json deleted file mode 100644 index 60c3a1e0a40..00000000000 --- a/2021/43xxx/CVE-2021-43316.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43316", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43317.json b/2021/43xxx/CVE-2021-43317.json deleted file mode 100644 index 740ea02a6ac..00000000000 --- a/2021/43xxx/CVE-2021-43317.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43317", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43318.json b/2021/43xxx/CVE-2021-43318.json deleted file mode 100644 index a56dd7e5b0d..00000000000 --- a/2021/43xxx/CVE-2021-43318.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43318", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43319.json b/2021/43xxx/CVE-2021-43319.json deleted file mode 100644 index a14a4d2ad4d..00000000000 --- a/2021/43xxx/CVE-2021-43319.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43319", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43320.json b/2021/43xxx/CVE-2021-43320.json deleted file mode 100644 index 337ff7734fe..00000000000 --- a/2021/43xxx/CVE-2021-43320.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43320", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43321.json b/2021/43xxx/CVE-2021-43321.json deleted file mode 100644 index c426d30fe98..00000000000 --- a/2021/43xxx/CVE-2021-43321.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43321", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43322.json b/2021/43xxx/CVE-2021-43322.json deleted file mode 100644 index 2906ddef671..00000000000 --- a/2021/43xxx/CVE-2021-43322.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43322", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43323.json b/2021/43xxx/CVE-2021-43323.json deleted file mode 100644 index addaf815960..00000000000 --- a/2021/43xxx/CVE-2021-43323.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43323", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43324.json b/2021/43xxx/CVE-2021-43324.json deleted file mode 100644 index fecdc3137f4..00000000000 --- a/2021/43xxx/CVE-2021-43324.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43324", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "LibreNMS through 21.10.2 allows XSS via a widget title." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/librenms/librenms/commit/99d2462b80435b91a35236639b909eebee432126", - "refsource": "MISC", - "name": "https://github.com/librenms/librenms/commit/99d2462b80435b91a35236639b909eebee432126" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43325.json b/2021/43xxx/CVE-2021-43325.json deleted file mode 100644 index 7c17064a356..00000000000 --- a/2021/43xxx/CVE-2021-43325.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43325", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43326.json b/2021/43xxx/CVE-2021-43326.json deleted file mode 100644 index 2cd12b96b18..00000000000 --- a/2021/43xxx/CVE-2021-43326.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43326", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43327.json b/2021/43xxx/CVE-2021-43327.json deleted file mode 100644 index 71ba1431aca..00000000000 --- a/2021/43xxx/CVE-2021-43327.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43327", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43328.json b/2021/43xxx/CVE-2021-43328.json deleted file mode 100644 index c7a4bfef01a..00000000000 --- a/2021/43xxx/CVE-2021-43328.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43328", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43329.json b/2021/43xxx/CVE-2021-43329.json deleted file mode 100644 index 4989ae211a2..00000000000 --- a/2021/43xxx/CVE-2021-43329.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43329", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43330.json b/2021/43xxx/CVE-2021-43330.json deleted file mode 100644 index 80c06954f49..00000000000 --- a/2021/43xxx/CVE-2021-43330.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43330", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43331.json b/2021/43xxx/CVE-2021-43331.json deleted file mode 100644 index e7a2df02db6..00000000000 --- a/2021/43xxx/CVE-2021-43331.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43331", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43332.json b/2021/43xxx/CVE-2021-43332.json deleted file mode 100644 index 121729c2651..00000000000 --- a/2021/43xxx/CVE-2021-43332.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43332", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43333.json b/2021/43xxx/CVE-2021-43333.json deleted file mode 100644 index e55b4066d64..00000000000 --- a/2021/43xxx/CVE-2021-43333.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43333", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43334.json b/2021/43xxx/CVE-2021-43334.json deleted file mode 100644 index 5cdf8ce17b3..00000000000 --- a/2021/43xxx/CVE-2021-43334.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43334", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43335.json b/2021/43xxx/CVE-2021-43335.json deleted file mode 100644 index e3e250ad5e8..00000000000 --- a/2021/43xxx/CVE-2021-43335.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43335", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43336.json b/2021/43xxx/CVE-2021-43336.json deleted file mode 100644 index e02ed7c667f..00000000000 --- a/2021/43xxx/CVE-2021-43336.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43336", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43337.json b/2021/43xxx/CVE-2021-43337.json deleted file mode 100644 index cb7a49995ac..00000000000 --- a/2021/43xxx/CVE-2021-43337.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43337", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43338.json b/2021/43xxx/CVE-2021-43338.json deleted file mode 100644 index 4fd58905a48..00000000000 --- a/2021/43xxx/CVE-2021-43338.json +++ /dev/null @@ -1,67 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43338", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "In Ericsson Network Location MPS GMPC21, it is possible to creates a new admin user with a SQL Query for file_name in the export functionality." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.exploit-db.com/exploits/50469", - "refsource": "MISC", - "name": "https://www.exploit-db.com/exploits/50469" - }, - { - "url": "https://pentest.com.tr/blog/RCE-via-Meow-Variant-along-with-an-Example-0day-PacketHackingVillage-Defcon29.html", - "refsource": "MISC", - "name": "https://pentest.com.tr/blog/RCE-via-Meow-Variant-along-with-an-Example-0day-PacketHackingVillage-Defcon29.html" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43339.json b/2021/43xxx/CVE-2021-43339.json deleted file mode 100644 index 6e22568da9a..00000000000 --- a/2021/43xxx/CVE-2021-43339.json +++ /dev/null @@ -1,67 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43339", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "In Ericsson Network Location MPS GMPC21, it is possible to inject commands via file_name in the export functionality." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://pentest.com.tr/blog/RCE-via-Meow-Variant-along-with-an-Example-0day-PacketHackingVillage-Defcon29.html", - "refsource": "MISC", - "name": "https://pentest.com.tr/blog/RCE-via-Meow-Variant-along-with-an-Example-0day-PacketHackingVillage-Defcon29.html" - }, - { - "url": "https://www.exploit-db.com/exploits/50468", - "refsource": "MISC", - "name": "https://www.exploit-db.com/exploits/50468" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43340.json b/2021/43xxx/CVE-2021-43340.json deleted file mode 100644 index ecf6fd52a27..00000000000 --- a/2021/43xxx/CVE-2021-43340.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43340", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43341.json b/2021/43xxx/CVE-2021-43341.json deleted file mode 100644 index 6d435073e49..00000000000 --- a/2021/43xxx/CVE-2021-43341.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43341", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43342.json b/2021/43xxx/CVE-2021-43342.json deleted file mode 100644 index 2523ef7a793..00000000000 --- a/2021/43xxx/CVE-2021-43342.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43342", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43343.json b/2021/43xxx/CVE-2021-43343.json deleted file mode 100644 index 326f413e5a7..00000000000 --- a/2021/43xxx/CVE-2021-43343.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43343", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43344.json b/2021/43xxx/CVE-2021-43344.json deleted file mode 100644 index 9dea787b739..00000000000 --- a/2021/43xxx/CVE-2021-43344.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43344", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43345.json b/2021/43xxx/CVE-2021-43345.json deleted file mode 100644 index acecf9f5d08..00000000000 --- a/2021/43xxx/CVE-2021-43345.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43345", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43346.json b/2021/43xxx/CVE-2021-43346.json deleted file mode 100644 index e41a6ef6bfa..00000000000 --- a/2021/43xxx/CVE-2021-43346.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43346", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43347.json b/2021/43xxx/CVE-2021-43347.json deleted file mode 100644 index 65fb49b8ca7..00000000000 --- a/2021/43xxx/CVE-2021-43347.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43347", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43348.json b/2021/43xxx/CVE-2021-43348.json deleted file mode 100644 index b5031b5fc7c..00000000000 --- a/2021/43xxx/CVE-2021-43348.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43348", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43349.json b/2021/43xxx/CVE-2021-43349.json deleted file mode 100644 index 983e5e352b2..00000000000 --- a/2021/43xxx/CVE-2021-43349.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43349", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43350.json b/2021/43xxx/CVE-2021-43350.json deleted file mode 100644 index b86bddb3651..00000000000 --- a/2021/43xxx/CVE-2021-43350.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43350", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43357.json b/2021/43xxx/CVE-2021-43357.json deleted file mode 100644 index c6b00939088..00000000000 --- a/2021/43xxx/CVE-2021-43357.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43357", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43358.json b/2021/43xxx/CVE-2021-43358.json deleted file mode 100644 index 0c2245fd4be..00000000000 --- a/2021/43xxx/CVE-2021-43358.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43358", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43359.json b/2021/43xxx/CVE-2021-43359.json deleted file mode 100644 index 5a4059af99f..00000000000 --- a/2021/43xxx/CVE-2021-43359.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43359", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43360.json b/2021/43xxx/CVE-2021-43360.json deleted file mode 100644 index 10adad42e07..00000000000 --- a/2021/43xxx/CVE-2021-43360.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43360", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43361.json b/2021/43xxx/CVE-2021-43361.json deleted file mode 100644 index ed035f0e3df..00000000000 --- a/2021/43xxx/CVE-2021-43361.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43361", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43362.json b/2021/43xxx/CVE-2021-43362.json deleted file mode 100644 index 4a6b3f91db4..00000000000 --- a/2021/43xxx/CVE-2021-43362.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43362", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43363.json b/2021/43xxx/CVE-2021-43363.json deleted file mode 100644 index 4886d32b94b..00000000000 --- a/2021/43xxx/CVE-2021-43363.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43363", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43364.json b/2021/43xxx/CVE-2021-43364.json deleted file mode 100644 index be17b23226e..00000000000 --- a/2021/43xxx/CVE-2021-43364.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43364", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43365.json b/2021/43xxx/CVE-2021-43365.json deleted file mode 100644 index 27802e712fc..00000000000 --- a/2021/43xxx/CVE-2021-43365.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43365", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43366.json b/2021/43xxx/CVE-2021-43366.json deleted file mode 100644 index 3ab7cc3cdb1..00000000000 --- a/2021/43xxx/CVE-2021-43366.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43366", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43367.json b/2021/43xxx/CVE-2021-43367.json deleted file mode 100644 index 3e95aead00d..00000000000 --- a/2021/43xxx/CVE-2021-43367.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43367", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43368.json b/2021/43xxx/CVE-2021-43368.json deleted file mode 100644 index 34bdd1eac46..00000000000 --- a/2021/43xxx/CVE-2021-43368.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43368", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43369.json b/2021/43xxx/CVE-2021-43369.json deleted file mode 100644 index 5362c041d3b..00000000000 --- a/2021/43xxx/CVE-2021-43369.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43369", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43370.json b/2021/43xxx/CVE-2021-43370.json deleted file mode 100644 index 35bc51ad978..00000000000 --- a/2021/43xxx/CVE-2021-43370.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43370", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43371.json b/2021/43xxx/CVE-2021-43371.json deleted file mode 100644 index fa7893a26a8..00000000000 --- a/2021/43xxx/CVE-2021-43371.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43371", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43372.json b/2021/43xxx/CVE-2021-43372.json deleted file mode 100644 index 35d8412e926..00000000000 --- a/2021/43xxx/CVE-2021-43372.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43372", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43373.json b/2021/43xxx/CVE-2021-43373.json deleted file mode 100644 index e0907d341f1..00000000000 --- a/2021/43xxx/CVE-2021-43373.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43373", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43374.json b/2021/43xxx/CVE-2021-43374.json deleted file mode 100644 index 54ed1958569..00000000000 --- a/2021/43xxx/CVE-2021-43374.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43374", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43375.json b/2021/43xxx/CVE-2021-43375.json deleted file mode 100644 index d1c12048004..00000000000 --- a/2021/43xxx/CVE-2021-43375.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43375", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43376.json b/2021/43xxx/CVE-2021-43376.json deleted file mode 100644 index 9de0d6392ef..00000000000 --- a/2021/43xxx/CVE-2021-43376.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43376", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43377.json b/2021/43xxx/CVE-2021-43377.json deleted file mode 100644 index 2bb3b616699..00000000000 --- a/2021/43xxx/CVE-2021-43377.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43377", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43378.json b/2021/43xxx/CVE-2021-43378.json deleted file mode 100644 index 6d6664d4351..00000000000 --- a/2021/43xxx/CVE-2021-43378.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43378", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43379.json b/2021/43xxx/CVE-2021-43379.json deleted file mode 100644 index 3b9995d13b0..00000000000 --- a/2021/43xxx/CVE-2021-43379.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43379", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43380.json b/2021/43xxx/CVE-2021-43380.json deleted file mode 100644 index e12b0bb7a3a..00000000000 --- a/2021/43xxx/CVE-2021-43380.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43380", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43381.json b/2021/43xxx/CVE-2021-43381.json deleted file mode 100644 index 894b28100b7..00000000000 --- a/2021/43xxx/CVE-2021-43381.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43381", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43382.json b/2021/43xxx/CVE-2021-43382.json deleted file mode 100644 index d7246a310e0..00000000000 --- a/2021/43xxx/CVE-2021-43382.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43382", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43383.json b/2021/43xxx/CVE-2021-43383.json deleted file mode 100644 index 3efcc0c80bd..00000000000 --- a/2021/43xxx/CVE-2021-43383.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43383", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43384.json b/2021/43xxx/CVE-2021-43384.json deleted file mode 100644 index 2316ff5b2e5..00000000000 --- a/2021/43xxx/CVE-2021-43384.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43384", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43385.json b/2021/43xxx/CVE-2021-43385.json deleted file mode 100644 index 5b1792d3c4e..00000000000 --- a/2021/43xxx/CVE-2021-43385.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43385", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43386.json b/2021/43xxx/CVE-2021-43386.json deleted file mode 100644 index 58e27e02e9c..00000000000 --- a/2021/43xxx/CVE-2021-43386.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43386", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43387.json b/2021/43xxx/CVE-2021-43387.json deleted file mode 100644 index 0c260a598d3..00000000000 --- a/2021/43xxx/CVE-2021-43387.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43387", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43388.json b/2021/43xxx/CVE-2021-43388.json deleted file mode 100644 index 289ad7fc7f8..00000000000 --- a/2021/43xxx/CVE-2021-43388.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43388", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43389.json b/2021/43xxx/CVE-2021-43389.json deleted file mode 100644 index c277bacf500..00000000000 --- a/2021/43xxx/CVE-2021-43389.json +++ /dev/null @@ -1,87 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43389", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.15", - "refsource": "MISC", - "name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.15" - }, - { - "url": "https://seclists.org/oss-sec/2021/q4/39", - "refsource": "MISC", - "name": "https://seclists.org/oss-sec/2021/q4/39" - }, - { - "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1f3e2e97c003f80c4b087092b225c8787ff91e4d", - "refsource": "MISC", - "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1f3e2e97c003f80c4b087092b225c8787ff91e4d" - }, - { - "url": "https://lore.kernel.org/netdev/CAFcO6XOvGQrRTaTkaJ0p3zR7y7nrAWD79r48=L_BbOyrK9X-vA@mail.gmail.com/", - "refsource": "MISC", - "name": "https://lore.kernel.org/netdev/CAFcO6XOvGQrRTaTkaJ0p3zR7y7nrAWD79r48=L_BbOyrK9X-vA@mail.gmail.com/" - }, - { - "refsource": "CONFIRM", - "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2013180", - "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013180" - }, - { - "refsource": "MLIST", - "name": "[oss-security] 20211105 Re: Linux kernel: isdn: cpai: array-index-out-of-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c", - "url": "http://www.openwall.com/lists/oss-security/2021/11/05/1" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43390.json b/2021/43xxx/CVE-2021-43390.json deleted file mode 100644 index d0925188c90..00000000000 --- a/2021/43xxx/CVE-2021-43390.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43390", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43391.json b/2021/43xxx/CVE-2021-43391.json deleted file mode 100644 index f930f34e0bc..00000000000 --- a/2021/43xxx/CVE-2021-43391.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43391", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43392.json b/2021/43xxx/CVE-2021-43392.json deleted file mode 100644 index 8b5f8fa3504..00000000000 --- a/2021/43xxx/CVE-2021-43392.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43392", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43393.json b/2021/43xxx/CVE-2021-43393.json deleted file mode 100644 index 3ad88366b86..00000000000 --- a/2021/43xxx/CVE-2021-43393.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43393", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43394.json b/2021/43xxx/CVE-2021-43394.json deleted file mode 100644 index 4fa9966d350..00000000000 --- a/2021/43xxx/CVE-2021-43394.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43394", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43395.json b/2021/43xxx/CVE-2021-43395.json deleted file mode 100644 index 4440ac0a912..00000000000 --- a/2021/43xxx/CVE-2021-43395.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43395", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43396.json b/2021/43xxx/CVE-2021-43396.json deleted file mode 100644 index 7e30e4d3322..00000000000 --- a/2021/43xxx/CVE-2021-43396.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43396", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** DISPUTED ** In iconvdata/iso-2022-jp-3.c in the GNU C Library (aka glibc) 2.34, remote attackers can force iconv() to emit a spurious '\\0' character via crafted ISO-2022-JP-3 data that is accompanied by an internal state reset. This may affect data integrity in certain iconv() use cases. NOTE: the vendor states \"the bug cannot be invoked through user input and requires iconv to be invoked with a NULL inbuf, which ought to require a separate application bug to do so unintentionally. Hence there's no security impact to the bug.\"" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28524", - "refsource": "MISC", - "name": "https://sourceware.org/bugzilla/show_bug.cgi?id=28524" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43397.json b/2021/43xxx/CVE-2021-43397.json deleted file mode 100644 index 9411c058e22..00000000000 --- a/2021/43xxx/CVE-2021-43397.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43397", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43398.json b/2021/43xxx/CVE-2021-43398.json deleted file mode 100644 index a6cc0711809..00000000000 --- a/2021/43xxx/CVE-2021-43398.json +++ /dev/null @@ -1,67 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43398", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Crypto++ (aka Cryptopp) 8.6.0 and earlier contains a timing leakage in MakePublicKey(). There is a clear correlation between execution time and private key length, which may cause disclosure of the length information of the private key. This might allow attackers to conduct timing attacks." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/weidai11/cryptopp/issues/1080", - "refsource": "MISC", - "name": "https://github.com/weidai11/cryptopp/issues/1080" - }, - { - "url": "https://cryptopp.com", - "refsource": "MISC", - "name": "https://cryptopp.com" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43399.json b/2021/43xxx/CVE-2021-43399.json deleted file mode 100644 index 293d462f800..00000000000 --- a/2021/43xxx/CVE-2021-43399.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43399", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43400.json b/2021/43xxx/CVE-2021-43400.json deleted file mode 100644 index 4178b4b072f..00000000000 --- a/2021/43xxx/CVE-2021-43400.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43400", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An issue was discovered in gatt-database.c in BlueZ 5.61. A use-after-free can occur when a client disconnects during D-Bus processing of a WriteValue call." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=838c0dc7641e1c991c0f3027bf94bee4606012f8", - "refsource": "MISC", - "name": "https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=838c0dc7641e1c991c0f3027bf94bee4606012f8" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43401.json b/2021/43xxx/CVE-2021-43401.json deleted file mode 100644 index 7888cd2d0c2..00000000000 --- a/2021/43xxx/CVE-2021-43401.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43401", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43402.json b/2021/43xxx/CVE-2021-43402.json deleted file mode 100644 index 3561fef4cc2..00000000000 --- a/2021/43xxx/CVE-2021-43402.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43402", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43403.json b/2021/43xxx/CVE-2021-43403.json deleted file mode 100644 index 24763e29d75..00000000000 --- a/2021/43xxx/CVE-2021-43403.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43403", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43404.json b/2021/43xxx/CVE-2021-43404.json deleted file mode 100644 index 9a4f89445b1..00000000000 --- a/2021/43xxx/CVE-2021-43404.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43404", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An issue was discovered in FusionPBX before 4.5.30. The FAX file name may have risky characters." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/fusionpbx/fusionpbx/commit/487afc371e5c0dfbbc07cd002333c5bcd949d0f4", - "refsource": "MISC", - "name": "https://github.com/fusionpbx/fusionpbx/commit/487afc371e5c0dfbbc07cd002333c5bcd949d0f4" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43405.json b/2021/43xxx/CVE-2021-43405.json deleted file mode 100644 index 1afaeb1e95f..00000000000 --- a/2021/43xxx/CVE-2021-43405.json +++ /dev/null @@ -1,67 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43405", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An issue was discovered in FusionPBX before 4.5.30. The fax_extension may have risky characters (it is not constrained to be numeric)." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/fusionpbx/fusionpbx/commit/2d2869c1a1e874c46a8c3c5475614ce769bbbd59", - "refsource": "MISC", - "name": "https://github.com/fusionpbx/fusionpbx/commit/2d2869c1a1e874c46a8c3c5475614ce769bbbd59" - }, - { - "refsource": "MISC", - "name": "http://packetstormsecurity.com/files/164795/FusionPBX-4.5.29-Remote-Code-Execution.html", - "url": "http://packetstormsecurity.com/files/164795/FusionPBX-4.5.29-Remote-Code-Execution.html" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43406.json b/2021/43xxx/CVE-2021-43406.json deleted file mode 100644 index 02cb3904443..00000000000 --- a/2021/43xxx/CVE-2021-43406.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43406", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An issue was discovered in FusionPBX before 4.5.30. The fax_post_size may have risky characters (it is not constrained to preset values)." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/fusionpbx/fusionpbx/commit/0377b2152c0e59c8f35297f9a9b6ee335a62d963", - "refsource": "MISC", - "name": "https://github.com/fusionpbx/fusionpbx/commit/0377b2152c0e59c8f35297f9a9b6ee335a62d963" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43407.json b/2021/43xxx/CVE-2021-43407.json deleted file mode 100644 index 720aa071b53..00000000000 --- a/2021/43xxx/CVE-2021-43407.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43407", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43408.json b/2021/43xxx/CVE-2021-43408.json deleted file mode 100644 index b9b3d48f402..00000000000 --- a/2021/43xxx/CVE-2021-43408.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43408", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43409.json b/2021/43xxx/CVE-2021-43409.json deleted file mode 100644 index 98a0dfa606c..00000000000 --- a/2021/43xxx/CVE-2021-43409.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43409", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43410.json b/2021/43xxx/CVE-2021-43410.json deleted file mode 100644 index 64f2ef8980c..00000000000 --- a/2021/43xxx/CVE-2021-43410.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43410", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43411.json b/2021/43xxx/CVE-2021-43411.json deleted file mode 100644 index a8c705912e2..00000000000 --- a/2021/43xxx/CVE-2021-43411.json +++ /dev/null @@ -1,72 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43411", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An issue was discovered in GNU Hurd before 0.9 20210404-9. When trying to exec a setuid executable, there's a window of time when the process already has the new privileges, but still refers to the old task and is accessible through the old process port. This can be exploited to get full root access." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://lists.gnu.org/archive/html/bug-hurd/2021-05/msg00079.html", - "refsource": "MISC", - "name": "https://lists.gnu.org/archive/html/bug-hurd/2021-05/msg00079.html" - }, - { - "url": "https://www.mail-archive.com/bug-hurd@gnu.org/msg32112.html", - "refsource": "MISC", - "name": "https://www.mail-archive.com/bug-hurd@gnu.org/msg32112.html" - }, - { - "url": "https://salsa.debian.org/hurd-team/hurd/-/blob/4d1b079411e2f40576e7b58f9b5b78f733a2beda/debian/patches/0034-proc-Use-UIDs-for-evaluating-permissions.patch", - "refsource": "MISC", - "name": "https://salsa.debian.org/hurd-team/hurd/-/blob/4d1b079411e2f40576e7b58f9b5b78f733a2beda/debian/patches/0034-proc-Use-UIDs-for-evaluating-permissions.patch" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43412.json b/2021/43xxx/CVE-2021-43412.json deleted file mode 100644 index fa798bcaf94..00000000000 --- a/2021/43xxx/CVE-2021-43412.json +++ /dev/null @@ -1,67 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43412", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An issue was discovered in GNU Hurd before 0.9 20210404-9. libports accepts fake notification messages from any client on any port, which can lead to port use-after-free. This can be exploited for local privilege escalation to get full root access." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://lists.gnu.org/archive/html/bug-hurd/2021-05/msg00079.html", - "refsource": "MISC", - "name": "https://lists.gnu.org/archive/html/bug-hurd/2021-05/msg00079.html" - }, - { - "url": "https://www.mail-archive.com/bug-hurd@gnu.org/msg32116.html", - "refsource": "MISC", - "name": "https://www.mail-archive.com/bug-hurd@gnu.org/msg32116.html" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43413.json b/2021/43xxx/CVE-2021-43413.json deleted file mode 100644 index 10b013d13ad..00000000000 --- a/2021/43xxx/CVE-2021-43413.json +++ /dev/null @@ -1,77 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43413", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An issue was discovered in GNU Hurd before 0.9 20210404-9. A single pager port is shared among everyone who mmaps a file, allowing anyone to modify any files that they can read. This can be trivially exploited to get full root access." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://lists.gnu.org/archive/html/bug-hurd/2021-05/msg00079.html", - "refsource": "MISC", - "name": "https://lists.gnu.org/archive/html/bug-hurd/2021-05/msg00079.html" - }, - { - "url": "https://www.mail-archive.com/bug-hurd@gnu.org/msg32113.html", - "refsource": "MISC", - "name": "https://www.mail-archive.com/bug-hurd@gnu.org/msg32113.html" - }, - { - "url": "https://lists.gnu.org/archive/html/bug-hurd/2002-11/msg00263.html", - "refsource": "MISC", - "name": "https://lists.gnu.org/archive/html/bug-hurd/2002-11/msg00263.html" - }, - { - "url": "https://lists.gnu.org/archive/html/bug-hurd/2005-06/msg00191.html", - "refsource": "MISC", - "name": "https://lists.gnu.org/archive/html/bug-hurd/2005-06/msg00191.html" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43414.json b/2021/43xxx/CVE-2021-43414.json deleted file mode 100644 index 5375fc6e05f..00000000000 --- a/2021/43xxx/CVE-2021-43414.json +++ /dev/null @@ -1,67 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43414", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An issue was discovered in GNU Hurd before 0.9 20210404-9. The use of an authentication protocol in the proc server is vulnerable to man-in-the-middle attacks, which can be exploited for local privilege escalation to get full root access." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://lists.gnu.org/archive/html/bug-hurd/2021-05/msg00079.html", - "refsource": "MISC", - "name": "https://lists.gnu.org/archive/html/bug-hurd/2021-05/msg00079.html" - }, - { - "url": "https://www.mail-archive.com/bug-hurd@gnu.org/msg32114.html", - "refsource": "MISC", - "name": "https://www.mail-archive.com/bug-hurd@gnu.org/msg32114.html" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43415.json b/2021/43xxx/CVE-2021-43415.json deleted file mode 100644 index 5ec78801ac2..00000000000 --- a/2021/43xxx/CVE-2021-43415.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43415", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43416.json b/2021/43xxx/CVE-2021-43416.json deleted file mode 100644 index 6dbae4fff3e..00000000000 --- a/2021/43xxx/CVE-2021-43416.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43416", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43417.json b/2021/43xxx/CVE-2021-43417.json deleted file mode 100644 index b4dce6c4c7c..00000000000 --- a/2021/43xxx/CVE-2021-43417.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43417", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43418.json b/2021/43xxx/CVE-2021-43418.json deleted file mode 100644 index e932571f5a1..00000000000 --- a/2021/43xxx/CVE-2021-43418.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43418", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43419.json b/2021/43xxx/CVE-2021-43419.json deleted file mode 100644 index 2889d2a0755..00000000000 --- a/2021/43xxx/CVE-2021-43419.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43419", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43420.json b/2021/43xxx/CVE-2021-43420.json deleted file mode 100644 index 650895337d2..00000000000 --- a/2021/43xxx/CVE-2021-43420.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43420", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43421.json b/2021/43xxx/CVE-2021-43421.json deleted file mode 100644 index edc1d74b448..00000000000 --- a/2021/43xxx/CVE-2021-43421.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43421", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43422.json b/2021/43xxx/CVE-2021-43422.json deleted file mode 100644 index 10188d07c2a..00000000000 --- a/2021/43xxx/CVE-2021-43422.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43422", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43423.json b/2021/43xxx/CVE-2021-43423.json deleted file mode 100644 index 384a108ddcf..00000000000 --- a/2021/43xxx/CVE-2021-43423.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43423", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43424.json b/2021/43xxx/CVE-2021-43424.json deleted file mode 100644 index 520af420508..00000000000 --- a/2021/43xxx/CVE-2021-43424.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43424", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43425.json b/2021/43xxx/CVE-2021-43425.json deleted file mode 100644 index 1c89c9505ce..00000000000 --- a/2021/43xxx/CVE-2021-43425.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43425", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43426.json b/2021/43xxx/CVE-2021-43426.json deleted file mode 100644 index 1f63df8e2dd..00000000000 --- a/2021/43xxx/CVE-2021-43426.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43426", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43427.json b/2021/43xxx/CVE-2021-43427.json deleted file mode 100644 index 0a8d064efef..00000000000 --- a/2021/43xxx/CVE-2021-43427.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43427", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43428.json b/2021/43xxx/CVE-2021-43428.json deleted file mode 100644 index 804c8ec4c03..00000000000 --- a/2021/43xxx/CVE-2021-43428.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43428", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43429.json b/2021/43xxx/CVE-2021-43429.json deleted file mode 100644 index cafe1672d7b..00000000000 --- a/2021/43xxx/CVE-2021-43429.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43429", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43430.json b/2021/43xxx/CVE-2021-43430.json deleted file mode 100644 index c61519bce34..00000000000 --- a/2021/43xxx/CVE-2021-43430.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43430", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43431.json b/2021/43xxx/CVE-2021-43431.json deleted file mode 100644 index 229c2e13243..00000000000 --- a/2021/43xxx/CVE-2021-43431.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43431", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43432.json b/2021/43xxx/CVE-2021-43432.json deleted file mode 100644 index e61584ecd36..00000000000 --- a/2021/43xxx/CVE-2021-43432.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43432", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43433.json b/2021/43xxx/CVE-2021-43433.json deleted file mode 100644 index b26b984ca9a..00000000000 --- a/2021/43xxx/CVE-2021-43433.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43433", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43434.json b/2021/43xxx/CVE-2021-43434.json deleted file mode 100644 index 4d1a48d8cd6..00000000000 --- a/2021/43xxx/CVE-2021-43434.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43434", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43435.json b/2021/43xxx/CVE-2021-43435.json deleted file mode 100644 index a398a6219fe..00000000000 --- a/2021/43xxx/CVE-2021-43435.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43435", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43436.json b/2021/43xxx/CVE-2021-43436.json deleted file mode 100644 index ec59301c563..00000000000 --- a/2021/43xxx/CVE-2021-43436.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43436", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43437.json b/2021/43xxx/CVE-2021-43437.json deleted file mode 100644 index 5139f3a9cd9..00000000000 --- a/2021/43xxx/CVE-2021-43437.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43437", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43438.json b/2021/43xxx/CVE-2021-43438.json deleted file mode 100644 index c948b5a5ffd..00000000000 --- a/2021/43xxx/CVE-2021-43438.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43438", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43439.json b/2021/43xxx/CVE-2021-43439.json deleted file mode 100644 index 2a396473855..00000000000 --- a/2021/43xxx/CVE-2021-43439.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43439", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43440.json b/2021/43xxx/CVE-2021-43440.json deleted file mode 100644 index 9efd22b246b..00000000000 --- a/2021/43xxx/CVE-2021-43440.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43440", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43441.json b/2021/43xxx/CVE-2021-43441.json deleted file mode 100644 index cf09e5455ef..00000000000 --- a/2021/43xxx/CVE-2021-43441.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43441", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43442.json b/2021/43xxx/CVE-2021-43442.json deleted file mode 100644 index 03e7d02c12f..00000000000 --- a/2021/43xxx/CVE-2021-43442.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43442", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43443.json b/2021/43xxx/CVE-2021-43443.json deleted file mode 100644 index 2f65b2461f0..00000000000 --- a/2021/43xxx/CVE-2021-43443.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43443", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43444.json b/2021/43xxx/CVE-2021-43444.json deleted file mode 100644 index 94cd6b3e6ae..00000000000 --- a/2021/43xxx/CVE-2021-43444.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43444", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43445.json b/2021/43xxx/CVE-2021-43445.json deleted file mode 100644 index 65d083c4582..00000000000 --- a/2021/43xxx/CVE-2021-43445.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43445", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43446.json b/2021/43xxx/CVE-2021-43446.json deleted file mode 100644 index e47aec0a722..00000000000 --- a/2021/43xxx/CVE-2021-43446.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43446", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43447.json b/2021/43xxx/CVE-2021-43447.json deleted file mode 100644 index 14ec0f82c7d..00000000000 --- a/2021/43xxx/CVE-2021-43447.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43447", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43448.json b/2021/43xxx/CVE-2021-43448.json deleted file mode 100644 index 0124d4d3cd3..00000000000 --- a/2021/43xxx/CVE-2021-43448.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43448", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43449.json b/2021/43xxx/CVE-2021-43449.json deleted file mode 100644 index 81ca8a427e8..00000000000 --- a/2021/43xxx/CVE-2021-43449.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43449", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43450.json b/2021/43xxx/CVE-2021-43450.json deleted file mode 100644 index a9d5c71ebb8..00000000000 --- a/2021/43xxx/CVE-2021-43450.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43450", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43451.json b/2021/43xxx/CVE-2021-43451.json deleted file mode 100644 index 4c9c2139326..00000000000 --- a/2021/43xxx/CVE-2021-43451.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43451", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43452.json b/2021/43xxx/CVE-2021-43452.json deleted file mode 100644 index ca0341387aa..00000000000 --- a/2021/43xxx/CVE-2021-43452.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43452", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43453.json b/2021/43xxx/CVE-2021-43453.json deleted file mode 100644 index b52b8df85d3..00000000000 --- a/2021/43xxx/CVE-2021-43453.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43453", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43454.json b/2021/43xxx/CVE-2021-43454.json deleted file mode 100644 index f793ba94d0b..00000000000 --- a/2021/43xxx/CVE-2021-43454.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43454", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43455.json b/2021/43xxx/CVE-2021-43455.json deleted file mode 100644 index 1635ed2da89..00000000000 --- a/2021/43xxx/CVE-2021-43455.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43455", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43456.json b/2021/43xxx/CVE-2021-43456.json deleted file mode 100644 index 143000f0372..00000000000 --- a/2021/43xxx/CVE-2021-43456.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43456", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43457.json b/2021/43xxx/CVE-2021-43457.json deleted file mode 100644 index 719cccacc4f..00000000000 --- a/2021/43xxx/CVE-2021-43457.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43457", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43458.json b/2021/43xxx/CVE-2021-43458.json deleted file mode 100644 index d20e69380f4..00000000000 --- a/2021/43xxx/CVE-2021-43458.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43458", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43459.json b/2021/43xxx/CVE-2021-43459.json deleted file mode 100644 index 46b71f6406f..00000000000 --- a/2021/43xxx/CVE-2021-43459.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43459", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43460.json b/2021/43xxx/CVE-2021-43460.json deleted file mode 100644 index 0a6f2c0f5ec..00000000000 --- a/2021/43xxx/CVE-2021-43460.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43460", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43461.json b/2021/43xxx/CVE-2021-43461.json deleted file mode 100644 index 29fb9f00d09..00000000000 --- a/2021/43xxx/CVE-2021-43461.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43461", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43462.json b/2021/43xxx/CVE-2021-43462.json deleted file mode 100644 index 25d1f83c9cc..00000000000 --- a/2021/43xxx/CVE-2021-43462.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43462", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43463.json b/2021/43xxx/CVE-2021-43463.json deleted file mode 100644 index 09abba83f66..00000000000 --- a/2021/43xxx/CVE-2021-43463.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43463", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43464.json b/2021/43xxx/CVE-2021-43464.json deleted file mode 100644 index 90b43c9f3b5..00000000000 --- a/2021/43xxx/CVE-2021-43464.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43464", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43465.json b/2021/43xxx/CVE-2021-43465.json deleted file mode 100644 index 897750fe582..00000000000 --- a/2021/43xxx/CVE-2021-43465.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43465", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43466.json b/2021/43xxx/CVE-2021-43466.json deleted file mode 100644 index 3321c88bbcb..00000000000 --- a/2021/43xxx/CVE-2021-43466.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43466", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "In the thymeleaf-spring5:3.0.12 component, thymeleaf combined with specific scenarios in template injection may lead to remote code execution." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://gitee.com/wayne_wwang/wayne_wwang/blob/master/2021/10/31/ruoyi+thymeleaf-rce/index.html", - "refsource": "MISC", - "name": "https://gitee.com/wayne_wwang/wayne_wwang/blob/master/2021/10/31/ruoyi+thymeleaf-rce/index.html" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43467.json b/2021/43xxx/CVE-2021-43467.json deleted file mode 100644 index f63a2805bbb..00000000000 --- a/2021/43xxx/CVE-2021-43467.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43467", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43468.json b/2021/43xxx/CVE-2021-43468.json deleted file mode 100644 index 80d8973f0f5..00000000000 --- a/2021/43xxx/CVE-2021-43468.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43468", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43469.json b/2021/43xxx/CVE-2021-43469.json deleted file mode 100644 index 35bf5afe3a2..00000000000 --- a/2021/43xxx/CVE-2021-43469.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43469", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43470.json b/2021/43xxx/CVE-2021-43470.json deleted file mode 100644 index 81c80fc603a..00000000000 --- a/2021/43xxx/CVE-2021-43470.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43470", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43471.json b/2021/43xxx/CVE-2021-43471.json deleted file mode 100644 index 6f5a38aef60..00000000000 --- a/2021/43xxx/CVE-2021-43471.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43471", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43472.json b/2021/43xxx/CVE-2021-43472.json deleted file mode 100644 index 4814cb1db2b..00000000000 --- a/2021/43xxx/CVE-2021-43472.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43472", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43473.json b/2021/43xxx/CVE-2021-43473.json deleted file mode 100644 index 4964fae1644..00000000000 --- a/2021/43xxx/CVE-2021-43473.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43473", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43474.json b/2021/43xxx/CVE-2021-43474.json deleted file mode 100644 index cd11e92b65a..00000000000 --- a/2021/43xxx/CVE-2021-43474.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43474", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43475.json b/2021/43xxx/CVE-2021-43475.json deleted file mode 100644 index b1eaac3c03c..00000000000 --- a/2021/43xxx/CVE-2021-43475.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43475", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43476.json b/2021/43xxx/CVE-2021-43476.json deleted file mode 100644 index ed294fa5c8b..00000000000 --- a/2021/43xxx/CVE-2021-43476.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43476", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43477.json b/2021/43xxx/CVE-2021-43477.json deleted file mode 100644 index 17033dabbc3..00000000000 --- a/2021/43xxx/CVE-2021-43477.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43477", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43478.json b/2021/43xxx/CVE-2021-43478.json deleted file mode 100644 index 43fb9c7ff7b..00000000000 --- a/2021/43xxx/CVE-2021-43478.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43478", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43479.json b/2021/43xxx/CVE-2021-43479.json deleted file mode 100644 index 05c2c2f31d7..00000000000 --- a/2021/43xxx/CVE-2021-43479.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43479", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43480.json b/2021/43xxx/CVE-2021-43480.json deleted file mode 100644 index e49f7ddf94c..00000000000 --- a/2021/43xxx/CVE-2021-43480.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43480", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43481.json b/2021/43xxx/CVE-2021-43481.json deleted file mode 100644 index eccaeed38de..00000000000 --- a/2021/43xxx/CVE-2021-43481.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43481", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43482.json b/2021/43xxx/CVE-2021-43482.json deleted file mode 100644 index 9b872964fd5..00000000000 --- a/2021/43xxx/CVE-2021-43482.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43482", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43483.json b/2021/43xxx/CVE-2021-43483.json deleted file mode 100644 index 1e7cbb69882..00000000000 --- a/2021/43xxx/CVE-2021-43483.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43483", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43484.json b/2021/43xxx/CVE-2021-43484.json deleted file mode 100644 index 423e5d6c1d4..00000000000 --- a/2021/43xxx/CVE-2021-43484.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43484", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43485.json b/2021/43xxx/CVE-2021-43485.json deleted file mode 100644 index 68c8321f0ed..00000000000 --- a/2021/43xxx/CVE-2021-43485.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43485", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43486.json b/2021/43xxx/CVE-2021-43486.json deleted file mode 100644 index a4e49dc8ee8..00000000000 --- a/2021/43xxx/CVE-2021-43486.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43486", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43487.json b/2021/43xxx/CVE-2021-43487.json deleted file mode 100644 index 9d64ea208a0..00000000000 --- a/2021/43xxx/CVE-2021-43487.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43487", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43488.json b/2021/43xxx/CVE-2021-43488.json deleted file mode 100644 index c6114e863f5..00000000000 --- a/2021/43xxx/CVE-2021-43488.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43488", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43489.json b/2021/43xxx/CVE-2021-43489.json deleted file mode 100644 index e4e3cd2bb72..00000000000 --- a/2021/43xxx/CVE-2021-43489.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43489", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43490.json b/2021/43xxx/CVE-2021-43490.json deleted file mode 100644 index 2ad1d8e72c7..00000000000 --- a/2021/43xxx/CVE-2021-43490.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43490", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43491.json b/2021/43xxx/CVE-2021-43491.json deleted file mode 100644 index 5626cda19e1..00000000000 --- a/2021/43xxx/CVE-2021-43491.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43491", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43492.json b/2021/43xxx/CVE-2021-43492.json deleted file mode 100644 index 6b00ac2bce0..00000000000 --- a/2021/43xxx/CVE-2021-43492.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43492", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43493.json b/2021/43xxx/CVE-2021-43493.json deleted file mode 100644 index 9f587dbff3c..00000000000 --- a/2021/43xxx/CVE-2021-43493.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43493", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43494.json b/2021/43xxx/CVE-2021-43494.json deleted file mode 100644 index c66a8ab2346..00000000000 --- a/2021/43xxx/CVE-2021-43494.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43494", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43495.json b/2021/43xxx/CVE-2021-43495.json deleted file mode 100644 index ab55308334e..00000000000 --- a/2021/43xxx/CVE-2021-43495.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43495", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43496.json b/2021/43xxx/CVE-2021-43496.json deleted file mode 100644 index d5e3db632fa..00000000000 --- a/2021/43xxx/CVE-2021-43496.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43496", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43497.json b/2021/43xxx/CVE-2021-43497.json deleted file mode 100644 index 94bb5aa20b4..00000000000 --- a/2021/43xxx/CVE-2021-43497.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43497", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43498.json b/2021/43xxx/CVE-2021-43498.json deleted file mode 100644 index efd386205ea..00000000000 --- a/2021/43xxx/CVE-2021-43498.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43498", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43499.json b/2021/43xxx/CVE-2021-43499.json deleted file mode 100644 index 179380cc8ad..00000000000 --- a/2021/43xxx/CVE-2021-43499.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43499", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43500.json b/2021/43xxx/CVE-2021-43500.json deleted file mode 100644 index f6718e557f6..00000000000 --- a/2021/43xxx/CVE-2021-43500.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43500", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43501.json b/2021/43xxx/CVE-2021-43501.json deleted file mode 100644 index 3dea46368e6..00000000000 --- a/2021/43xxx/CVE-2021-43501.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43501", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43502.json b/2021/43xxx/CVE-2021-43502.json deleted file mode 100644 index ac5d1cad4c4..00000000000 --- a/2021/43xxx/CVE-2021-43502.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43502", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43503.json b/2021/43xxx/CVE-2021-43503.json deleted file mode 100644 index 2cc6e17228f..00000000000 --- a/2021/43xxx/CVE-2021-43503.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43503", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43504.json b/2021/43xxx/CVE-2021-43504.json deleted file mode 100644 index f5dfa0db0ed..00000000000 --- a/2021/43xxx/CVE-2021-43504.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43504", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43505.json b/2021/43xxx/CVE-2021-43505.json deleted file mode 100644 index 4362cff6eaa..00000000000 --- a/2021/43xxx/CVE-2021-43505.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43505", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43506.json b/2021/43xxx/CVE-2021-43506.json deleted file mode 100644 index 3eff05aea0b..00000000000 --- a/2021/43xxx/CVE-2021-43506.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43506", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43507.json b/2021/43xxx/CVE-2021-43507.json deleted file mode 100644 index 1d8cd1a4131..00000000000 --- a/2021/43xxx/CVE-2021-43507.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43507", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43508.json b/2021/43xxx/CVE-2021-43508.json deleted file mode 100644 index 6f2cb361550..00000000000 --- a/2021/43xxx/CVE-2021-43508.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43508", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43509.json b/2021/43xxx/CVE-2021-43509.json deleted file mode 100644 index ec94db0542c..00000000000 --- a/2021/43xxx/CVE-2021-43509.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43509", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43510.json b/2021/43xxx/CVE-2021-43510.json deleted file mode 100644 index 8d2d7a3d143..00000000000 --- a/2021/43xxx/CVE-2021-43510.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43510", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43511.json b/2021/43xxx/CVE-2021-43511.json deleted file mode 100644 index d27bf6b8d1c..00000000000 --- a/2021/43xxx/CVE-2021-43511.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43511", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43512.json b/2021/43xxx/CVE-2021-43512.json deleted file mode 100644 index 83aeab06530..00000000000 --- a/2021/43xxx/CVE-2021-43512.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43512", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43513.json b/2021/43xxx/CVE-2021-43513.json deleted file mode 100644 index f2079048106..00000000000 --- a/2021/43xxx/CVE-2021-43513.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43513", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43514.json b/2021/43xxx/CVE-2021-43514.json deleted file mode 100644 index 85e4f239e07..00000000000 --- a/2021/43xxx/CVE-2021-43514.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43514", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43515.json b/2021/43xxx/CVE-2021-43515.json deleted file mode 100644 index d6edc63bd99..00000000000 --- a/2021/43xxx/CVE-2021-43515.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43515", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43516.json b/2021/43xxx/CVE-2021-43516.json deleted file mode 100644 index 4d636b94d7f..00000000000 --- a/2021/43xxx/CVE-2021-43516.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43516", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43517.json b/2021/43xxx/CVE-2021-43517.json deleted file mode 100644 index 354b4ec2707..00000000000 --- a/2021/43xxx/CVE-2021-43517.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43517", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43518.json b/2021/43xxx/CVE-2021-43518.json deleted file mode 100644 index c0e645d5963..00000000000 --- a/2021/43xxx/CVE-2021-43518.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43518", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43519.json b/2021/43xxx/CVE-2021-43519.json deleted file mode 100644 index 3a831874166..00000000000 --- a/2021/43xxx/CVE-2021-43519.json +++ /dev/null @@ -1,67 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43519", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 allows attackers to perform a Denial of Service via a crafted script file." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "http://lua-users.org/lists/lua-l/2021-10/msg00123.html", - "refsource": "MISC", - "name": "http://lua-users.org/lists/lua-l/2021-10/msg00123.html" - }, - { - "url": "http://lua-users.org/lists/lua-l/2021-11/msg00015.html", - "refsource": "MISC", - "name": "http://lua-users.org/lists/lua-l/2021-11/msg00015.html" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43520.json b/2021/43xxx/CVE-2021-43520.json deleted file mode 100644 index 5fbe6fea987..00000000000 --- a/2021/43xxx/CVE-2021-43520.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43520", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43521.json b/2021/43xxx/CVE-2021-43521.json deleted file mode 100644 index a33ac477546..00000000000 --- a/2021/43xxx/CVE-2021-43521.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43521", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43522.json b/2021/43xxx/CVE-2021-43522.json deleted file mode 100644 index 9186abf624b..00000000000 --- a/2021/43xxx/CVE-2021-43522.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43522", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43523.json b/2021/43xxx/CVE-2021-43523.json deleted file mode 100644 index eca583a9107..00000000000 --- a/2021/43xxx/CVE-2021-43523.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43523", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43524.json b/2021/43xxx/CVE-2021-43524.json deleted file mode 100644 index 0a67f13a537..00000000000 --- a/2021/43xxx/CVE-2021-43524.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43524", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43525.json b/2021/43xxx/CVE-2021-43525.json deleted file mode 100644 index 5f4db7a4004..00000000000 --- a/2021/43xxx/CVE-2021-43525.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43525", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43526.json b/2021/43xxx/CVE-2021-43526.json deleted file mode 100644 index 468085f6d95..00000000000 --- a/2021/43xxx/CVE-2021-43526.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43526", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43527.json b/2021/43xxx/CVE-2021-43527.json deleted file mode 100644 index 154f96c7e2b..00000000000 --- a/2021/43xxx/CVE-2021-43527.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43527", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43528.json b/2021/43xxx/CVE-2021-43528.json deleted file mode 100644 index 4b6159a781a..00000000000 --- a/2021/43xxx/CVE-2021-43528.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43528", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43529.json b/2021/43xxx/CVE-2021-43529.json deleted file mode 100644 index dccec15ef19..00000000000 --- a/2021/43xxx/CVE-2021-43529.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43529", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43530.json b/2021/43xxx/CVE-2021-43530.json deleted file mode 100644 index 74921941978..00000000000 --- a/2021/43xxx/CVE-2021-43530.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43530", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43531.json b/2021/43xxx/CVE-2021-43531.json deleted file mode 100644 index 68b0c31bcbe..00000000000 --- a/2021/43xxx/CVE-2021-43531.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43531", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43532.json b/2021/43xxx/CVE-2021-43532.json deleted file mode 100644 index 4d70dbdf81e..00000000000 --- a/2021/43xxx/CVE-2021-43532.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43532", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43533.json b/2021/43xxx/CVE-2021-43533.json deleted file mode 100644 index 05ed443b51f..00000000000 --- a/2021/43xxx/CVE-2021-43533.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43533", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43534.json b/2021/43xxx/CVE-2021-43534.json deleted file mode 100644 index bcd68347757..00000000000 --- a/2021/43xxx/CVE-2021-43534.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43534", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43535.json b/2021/43xxx/CVE-2021-43535.json deleted file mode 100644 index f7890ed96c4..00000000000 --- a/2021/43xxx/CVE-2021-43535.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43535", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43536.json b/2021/43xxx/CVE-2021-43536.json deleted file mode 100644 index 80ba2b0ca7d..00000000000 --- a/2021/43xxx/CVE-2021-43536.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43536", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43537.json b/2021/43xxx/CVE-2021-43537.json deleted file mode 100644 index 4b491f8efc4..00000000000 --- a/2021/43xxx/CVE-2021-43537.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43537", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43538.json b/2021/43xxx/CVE-2021-43538.json deleted file mode 100644 index 49923580d9b..00000000000 --- a/2021/43xxx/CVE-2021-43538.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43538", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43539.json b/2021/43xxx/CVE-2021-43539.json deleted file mode 100644 index 4f50ba1b3f5..00000000000 --- a/2021/43xxx/CVE-2021-43539.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43539", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43540.json b/2021/43xxx/CVE-2021-43540.json deleted file mode 100644 index 4d0c308651e..00000000000 --- a/2021/43xxx/CVE-2021-43540.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43540", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43541.json b/2021/43xxx/CVE-2021-43541.json deleted file mode 100644 index 66a834ff111..00000000000 --- a/2021/43xxx/CVE-2021-43541.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43541", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43542.json b/2021/43xxx/CVE-2021-43542.json deleted file mode 100644 index 99c7ca0e7e8..00000000000 --- a/2021/43xxx/CVE-2021-43542.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43542", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43543.json b/2021/43xxx/CVE-2021-43543.json deleted file mode 100644 index a3dd0161de9..00000000000 --- a/2021/43xxx/CVE-2021-43543.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43543", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43544.json b/2021/43xxx/CVE-2021-43544.json deleted file mode 100644 index 37ab22d4921..00000000000 --- a/2021/43xxx/CVE-2021-43544.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43544", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43545.json b/2021/43xxx/CVE-2021-43545.json deleted file mode 100644 index be213341f0b..00000000000 --- a/2021/43xxx/CVE-2021-43545.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43545", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43546.json b/2021/43xxx/CVE-2021-43546.json deleted file mode 100644 index 6d0477a096e..00000000000 --- a/2021/43xxx/CVE-2021-43546.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43546", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43547.json b/2021/43xxx/CVE-2021-43547.json deleted file mode 100644 index e88bb7f9ec5..00000000000 --- a/2021/43xxx/CVE-2021-43547.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43547", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43548.json b/2021/43xxx/CVE-2021-43548.json deleted file mode 100644 index 0988c835670..00000000000 --- a/2021/43xxx/CVE-2021-43548.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43548", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43549.json b/2021/43xxx/CVE-2021-43549.json deleted file mode 100644 index 0d9db41bff6..00000000000 --- a/2021/43xxx/CVE-2021-43549.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43549", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43550.json b/2021/43xxx/CVE-2021-43550.json deleted file mode 100644 index 497eb35988b..00000000000 --- a/2021/43xxx/CVE-2021-43550.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43550", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43551.json b/2021/43xxx/CVE-2021-43551.json deleted file mode 100644 index 79a6369795c..00000000000 --- a/2021/43xxx/CVE-2021-43551.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43551", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43552.json b/2021/43xxx/CVE-2021-43552.json deleted file mode 100644 index 8b17f8f0fc0..00000000000 --- a/2021/43xxx/CVE-2021-43552.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43552", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43553.json b/2021/43xxx/CVE-2021-43553.json deleted file mode 100644 index fe49aa08e61..00000000000 --- a/2021/43xxx/CVE-2021-43553.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43553", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43554.json b/2021/43xxx/CVE-2021-43554.json deleted file mode 100644 index e9e9c0ff652..00000000000 --- a/2021/43xxx/CVE-2021-43554.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43554", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43555.json b/2021/43xxx/CVE-2021-43555.json deleted file mode 100644 index 37b80d33de9..00000000000 --- a/2021/43xxx/CVE-2021-43555.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43555", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43556.json b/2021/43xxx/CVE-2021-43556.json deleted file mode 100644 index 9618bd04d75..00000000000 --- a/2021/43xxx/CVE-2021-43556.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43556", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43557.json b/2021/43xxx/CVE-2021-43557.json deleted file mode 100644 index c0f345c2219..00000000000 --- a/2021/43xxx/CVE-2021-43557.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43557", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43558.json b/2021/43xxx/CVE-2021-43558.json deleted file mode 100644 index f941fb91bb0..00000000000 --- a/2021/43xxx/CVE-2021-43558.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43558", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43559.json b/2021/43xxx/CVE-2021-43559.json deleted file mode 100644 index c5f7afc58aa..00000000000 --- a/2021/43xxx/CVE-2021-43559.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43559", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43560.json b/2021/43xxx/CVE-2021-43560.json deleted file mode 100644 index f2627c3479b..00000000000 --- a/2021/43xxx/CVE-2021-43560.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43560", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43561.json b/2021/43xxx/CVE-2021-43561.json deleted file mode 100644 index 20fa38bb26a..00000000000 --- a/2021/43xxx/CVE-2021-43561.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43561", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43562.json b/2021/43xxx/CVE-2021-43562.json deleted file mode 100644 index 95b0264a44a..00000000000 --- a/2021/43xxx/CVE-2021-43562.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43562", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43563.json b/2021/43xxx/CVE-2021-43563.json deleted file mode 100644 index d02cb53a817..00000000000 --- a/2021/43xxx/CVE-2021-43563.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43563", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43564.json b/2021/43xxx/CVE-2021-43564.json deleted file mode 100644 index f5fa129782a..00000000000 --- a/2021/43xxx/CVE-2021-43564.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43564", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43565.json b/2021/43xxx/CVE-2021-43565.json deleted file mode 100644 index 1a7d2849a3f..00000000000 --- a/2021/43xxx/CVE-2021-43565.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43565", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43566.json b/2021/43xxx/CVE-2021-43566.json deleted file mode 100644 index 50100a961f9..00000000000 --- a/2021/43xxx/CVE-2021-43566.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43566", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43567.json b/2021/43xxx/CVE-2021-43567.json deleted file mode 100644 index 825a1280a58..00000000000 --- a/2021/43xxx/CVE-2021-43567.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43567", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43568.json b/2021/43xxx/CVE-2021-43568.json deleted file mode 100644 index 68bab1b9f7c..00000000000 --- a/2021/43xxx/CVE-2021-43568.json +++ /dev/null @@ -1,67 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43568", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The verify function in the Stark Bank Elixir ECDSA library (ecdsa-elixir) 1.0.0 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://research.nccgroup.com/2021/11/08/technical-advisory-arbitrary-signature-forgery-in-stark-bank-ecdsa-libraries/", - "refsource": "MISC", - "name": "https://research.nccgroup.com/2021/11/08/technical-advisory-arbitrary-signature-forgery-in-stark-bank-ecdsa-libraries/" - }, - { - "url": "https://github.com/starkbank/ecdsa-elixir/releases/tag/v1.0.1", - "refsource": "MISC", - "name": "https://github.com/starkbank/ecdsa-elixir/releases/tag/v1.0.1" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43569.json b/2021/43xxx/CVE-2021-43569.json deleted file mode 100644 index ad62253a480..00000000000 --- a/2021/43xxx/CVE-2021-43569.json +++ /dev/null @@ -1,67 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43569", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The verify function in the Stark Bank .NET ECDSA library (ecdsa-dotnet) 1.3.1 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://research.nccgroup.com/2021/11/08/technical-advisory-arbitrary-signature-forgery-in-stark-bank-ecdsa-libraries/", - "refsource": "MISC", - "name": "https://research.nccgroup.com/2021/11/08/technical-advisory-arbitrary-signature-forgery-in-stark-bank-ecdsa-libraries/" - }, - { - "url": "https://github.com/starkbank/ecdsa-dotnet/releases/tag/v1.3.2", - "refsource": "MISC", - "name": "https://github.com/starkbank/ecdsa-dotnet/releases/tag/v1.3.2" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43570.json b/2021/43xxx/CVE-2021-43570.json deleted file mode 100644 index b307784c5f0..00000000000 --- a/2021/43xxx/CVE-2021-43570.json +++ /dev/null @@ -1,67 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43570", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The verify function in the Stark Bank Java ECDSA library (ecdsa-java) 1.0.0 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://research.nccgroup.com/2021/11/08/technical-advisory-arbitrary-signature-forgery-in-stark-bank-ecdsa-libraries/", - "refsource": "MISC", - "name": "https://research.nccgroup.com/2021/11/08/technical-advisory-arbitrary-signature-forgery-in-stark-bank-ecdsa-libraries/" - }, - { - "url": "https://github.com/starkbank/ecdsa-java/releases/tag/v1.0.1", - "refsource": "MISC", - "name": "https://github.com/starkbank/ecdsa-java/releases/tag/v1.0.1" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43571.json b/2021/43xxx/CVE-2021-43571.json deleted file mode 100644 index 23a52648fab..00000000000 --- a/2021/43xxx/CVE-2021-43571.json +++ /dev/null @@ -1,67 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43571", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The verify function in the Stark Bank Node.js ECDSA library (ecdsa-node) 1.1.2 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://research.nccgroup.com/2021/11/08/technical-advisory-arbitrary-signature-forgery-in-stark-bank-ecdsa-libraries/", - "refsource": "MISC", - "name": "https://research.nccgroup.com/2021/11/08/technical-advisory-arbitrary-signature-forgery-in-stark-bank-ecdsa-libraries/" - }, - { - "url": "https://github.com/starkbank/ecdsa-node/releases/tag/v1.1.3", - "refsource": "MISC", - "name": "https://github.com/starkbank/ecdsa-node/releases/tag/v1.1.3" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43572.json b/2021/43xxx/CVE-2021-43572.json deleted file mode 100644 index a0f8dd874a8..00000000000 --- a/2021/43xxx/CVE-2021-43572.json +++ /dev/null @@ -1,67 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43572", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The verify function in the Stark Bank Python ECDSA library (ecdsa-python) 2.0.0 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://research.nccgroup.com/2021/11/08/technical-advisory-arbitrary-signature-forgery-in-stark-bank-ecdsa-libraries/", - "refsource": "MISC", - "name": "https://research.nccgroup.com/2021/11/08/technical-advisory-arbitrary-signature-forgery-in-stark-bank-ecdsa-libraries/" - }, - { - "url": "https://github.com/starkbank/ecdsa-python/releases/tag/v2.0.1", - "refsource": "MISC", - "name": "https://github.com/starkbank/ecdsa-python/releases/tag/v2.0.1" - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43573.json b/2021/43xxx/CVE-2021-43573.json deleted file mode 100644 index 1431256b3de..00000000000 --- a/2021/43xxx/CVE-2021-43573.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43573", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43574.json b/2021/43xxx/CVE-2021-43574.json deleted file mode 100644 index 4ca053219be..00000000000 --- a/2021/43xxx/CVE-2021-43574.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-43574", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43575.json b/2021/43xxx/CVE-2021-43575.json deleted file mode 100644 index 34387b40967..00000000000 --- a/2021/43xxx/CVE-2021-43575.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43575", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** DISPUTED ** KNX ETS6 through 6.0.0 uses the hard-coded password ETS5Password, with a salt value of Ivan Medvedev, allowing local users to read project information, a similar issue to CVE-2021-36799. NOTE: The vendor disputes this because it is not the responsibility of the ETS to securely store cryptographic key material when it is not being exported." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/robertguetzkow/ets5-password-recovery", - "refsource": "MISC", - "name": "https://github.com/robertguetzkow/ets5-password-recovery" - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20622.json b/2022/20xxx/CVE-2022-20622.json deleted file mode 100644 index ef8a013646c..00000000000 --- a/2022/20xxx/CVE-2022-20622.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20622", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20623.json b/2022/20xxx/CVE-2022-20623.json deleted file mode 100644 index 139392007e8..00000000000 --- a/2022/20xxx/CVE-2022-20623.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20623", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20624.json b/2022/20xxx/CVE-2022-20624.json deleted file mode 100644 index 60e288fa961..00000000000 --- a/2022/20xxx/CVE-2022-20624.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20624", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20625.json b/2022/20xxx/CVE-2022-20625.json deleted file mode 100644 index 90b69ddda6c..00000000000 --- a/2022/20xxx/CVE-2022-20625.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20625", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20626.json b/2022/20xxx/CVE-2022-20626.json deleted file mode 100644 index a6c6efe63ee..00000000000 --- a/2022/20xxx/CVE-2022-20626.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20626", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20627.json b/2022/20xxx/CVE-2022-20627.json deleted file mode 100644 index 8c7e9e54dba..00000000000 --- a/2022/20xxx/CVE-2022-20627.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20627", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20628.json b/2022/20xxx/CVE-2022-20628.json deleted file mode 100644 index 79936c095c0..00000000000 --- a/2022/20xxx/CVE-2022-20628.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20628", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20629.json b/2022/20xxx/CVE-2022-20629.json deleted file mode 100644 index ab4ca762ba3..00000000000 --- a/2022/20xxx/CVE-2022-20629.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20629", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20630.json b/2022/20xxx/CVE-2022-20630.json deleted file mode 100644 index 91c206bb021..00000000000 --- a/2022/20xxx/CVE-2022-20630.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20630", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20631.json b/2022/20xxx/CVE-2022-20631.json deleted file mode 100644 index 219076e0091..00000000000 --- a/2022/20xxx/CVE-2022-20631.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20631", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20632.json b/2022/20xxx/CVE-2022-20632.json deleted file mode 100644 index a1e310410dc..00000000000 --- a/2022/20xxx/CVE-2022-20632.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20632", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20633.json b/2022/20xxx/CVE-2022-20633.json deleted file mode 100644 index eaf6db79049..00000000000 --- a/2022/20xxx/CVE-2022-20633.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20633", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20634.json b/2022/20xxx/CVE-2022-20634.json deleted file mode 100644 index 9c84e5c47f0..00000000000 --- a/2022/20xxx/CVE-2022-20634.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20634", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20635.json b/2022/20xxx/CVE-2022-20635.json deleted file mode 100644 index 439249cbf7d..00000000000 --- a/2022/20xxx/CVE-2022-20635.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20635", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20636.json b/2022/20xxx/CVE-2022-20636.json deleted file mode 100644 index 96688d3ae3c..00000000000 --- a/2022/20xxx/CVE-2022-20636.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20636", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20637.json b/2022/20xxx/CVE-2022-20637.json deleted file mode 100644 index 75cb6aa28fb..00000000000 --- a/2022/20xxx/CVE-2022-20637.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20637", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20638.json b/2022/20xxx/CVE-2022-20638.json deleted file mode 100644 index 81b5706a8de..00000000000 --- a/2022/20xxx/CVE-2022-20638.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20638", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20639.json b/2022/20xxx/CVE-2022-20639.json deleted file mode 100644 index 72e03b23bd7..00000000000 --- a/2022/20xxx/CVE-2022-20639.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20639", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20640.json b/2022/20xxx/CVE-2022-20640.json deleted file mode 100644 index 12da6630b83..00000000000 --- a/2022/20xxx/CVE-2022-20640.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20640", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20641.json b/2022/20xxx/CVE-2022-20641.json deleted file mode 100644 index af58940a274..00000000000 --- a/2022/20xxx/CVE-2022-20641.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20641", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20642.json b/2022/20xxx/CVE-2022-20642.json deleted file mode 100644 index 56152c0a704..00000000000 --- a/2022/20xxx/CVE-2022-20642.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20642", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20643.json b/2022/20xxx/CVE-2022-20643.json deleted file mode 100644 index 4aff0b88fa6..00000000000 --- a/2022/20xxx/CVE-2022-20643.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20643", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20644.json b/2022/20xxx/CVE-2022-20644.json deleted file mode 100644 index d2b7720636b..00000000000 --- a/2022/20xxx/CVE-2022-20644.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20644", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20645.json b/2022/20xxx/CVE-2022-20645.json deleted file mode 100644 index 24be75ab2e8..00000000000 --- a/2022/20xxx/CVE-2022-20645.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20645", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20646.json b/2022/20xxx/CVE-2022-20646.json deleted file mode 100644 index 1d7501ab2ab..00000000000 --- a/2022/20xxx/CVE-2022-20646.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20646", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20647.json b/2022/20xxx/CVE-2022-20647.json deleted file mode 100644 index 207d017344d..00000000000 --- a/2022/20xxx/CVE-2022-20647.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20647", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20648.json b/2022/20xxx/CVE-2022-20648.json deleted file mode 100644 index add93530d19..00000000000 --- a/2022/20xxx/CVE-2022-20648.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20648", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20649.json b/2022/20xxx/CVE-2022-20649.json deleted file mode 100644 index 4195fcfbda3..00000000000 --- a/2022/20xxx/CVE-2022-20649.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20649", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20650.json b/2022/20xxx/CVE-2022-20650.json deleted file mode 100644 index d3275e4ebac..00000000000 --- a/2022/20xxx/CVE-2022-20650.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20650", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20651.json b/2022/20xxx/CVE-2022-20651.json deleted file mode 100644 index 31aaad193a5..00000000000 --- a/2022/20xxx/CVE-2022-20651.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20651", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20652.json b/2022/20xxx/CVE-2022-20652.json deleted file mode 100644 index 2e0c9b2e1fa..00000000000 --- a/2022/20xxx/CVE-2022-20652.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20652", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20653.json b/2022/20xxx/CVE-2022-20653.json deleted file mode 100644 index bdafbfec9a0..00000000000 --- a/2022/20xxx/CVE-2022-20653.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20653", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20654.json b/2022/20xxx/CVE-2022-20654.json deleted file mode 100644 index 83055cb5de0..00000000000 --- a/2022/20xxx/CVE-2022-20654.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20654", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20655.json b/2022/20xxx/CVE-2022-20655.json deleted file mode 100644 index 29632b1f7ee..00000000000 --- a/2022/20xxx/CVE-2022-20655.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20655", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20656.json b/2022/20xxx/CVE-2022-20656.json deleted file mode 100644 index f5601518793..00000000000 --- a/2022/20xxx/CVE-2022-20656.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20656", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20657.json b/2022/20xxx/CVE-2022-20657.json deleted file mode 100644 index fe1c6266ced..00000000000 --- a/2022/20xxx/CVE-2022-20657.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20657", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20658.json b/2022/20xxx/CVE-2022-20658.json deleted file mode 100644 index 973f9a1adc6..00000000000 --- a/2022/20xxx/CVE-2022-20658.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20658", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20659.json b/2022/20xxx/CVE-2022-20659.json deleted file mode 100644 index 3039832a21a..00000000000 --- a/2022/20xxx/CVE-2022-20659.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20659", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20660.json b/2022/20xxx/CVE-2022-20660.json deleted file mode 100644 index 18ed2cfd1c8..00000000000 --- a/2022/20xxx/CVE-2022-20660.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20660", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20661.json b/2022/20xxx/CVE-2022-20661.json deleted file mode 100644 index 3030c8c8d9e..00000000000 --- a/2022/20xxx/CVE-2022-20661.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20661", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20662.json b/2022/20xxx/CVE-2022-20662.json deleted file mode 100644 index 11834bb64a4..00000000000 --- a/2022/20xxx/CVE-2022-20662.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20662", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20663.json b/2022/20xxx/CVE-2022-20663.json deleted file mode 100644 index cab8576c6d9..00000000000 --- a/2022/20xxx/CVE-2022-20663.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20663", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20664.json b/2022/20xxx/CVE-2022-20664.json deleted file mode 100644 index 7d6dd64357d..00000000000 --- a/2022/20xxx/CVE-2022-20664.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20664", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20665.json b/2022/20xxx/CVE-2022-20665.json deleted file mode 100644 index 0cea2cd89bb..00000000000 --- a/2022/20xxx/CVE-2022-20665.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20665", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20666.json b/2022/20xxx/CVE-2022-20666.json deleted file mode 100644 index 0027d77e86e..00000000000 --- a/2022/20xxx/CVE-2022-20666.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20666", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20667.json b/2022/20xxx/CVE-2022-20667.json deleted file mode 100644 index cd5c04d99fd..00000000000 --- a/2022/20xxx/CVE-2022-20667.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20667", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20668.json b/2022/20xxx/CVE-2022-20668.json deleted file mode 100644 index 3d0a2c23eaf..00000000000 --- a/2022/20xxx/CVE-2022-20668.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20668", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20669.json b/2022/20xxx/CVE-2022-20669.json deleted file mode 100644 index d703dc02ca6..00000000000 --- a/2022/20xxx/CVE-2022-20669.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20669", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20670.json b/2022/20xxx/CVE-2022-20670.json deleted file mode 100644 index e420a09de2a..00000000000 --- a/2022/20xxx/CVE-2022-20670.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20670", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20671.json b/2022/20xxx/CVE-2022-20671.json deleted file mode 100644 index 54d706763cd..00000000000 --- a/2022/20xxx/CVE-2022-20671.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20671", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20672.json b/2022/20xxx/CVE-2022-20672.json deleted file mode 100644 index 1e774be249a..00000000000 --- a/2022/20xxx/CVE-2022-20672.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20672", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20673.json b/2022/20xxx/CVE-2022-20673.json deleted file mode 100644 index b26a6bd0a4c..00000000000 --- a/2022/20xxx/CVE-2022-20673.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20673", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20674.json b/2022/20xxx/CVE-2022-20674.json deleted file mode 100644 index 969576b2460..00000000000 --- a/2022/20xxx/CVE-2022-20674.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20674", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20675.json b/2022/20xxx/CVE-2022-20675.json deleted file mode 100644 index d4b90751e1b..00000000000 --- a/2022/20xxx/CVE-2022-20675.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20675", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20676.json b/2022/20xxx/CVE-2022-20676.json deleted file mode 100644 index c688b354600..00000000000 --- a/2022/20xxx/CVE-2022-20676.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20676", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20677.json b/2022/20xxx/CVE-2022-20677.json deleted file mode 100644 index a1871b59cd2..00000000000 --- a/2022/20xxx/CVE-2022-20677.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20677", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20678.json b/2022/20xxx/CVE-2022-20678.json deleted file mode 100644 index 4f1fe3b4791..00000000000 --- a/2022/20xxx/CVE-2022-20678.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20678", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20679.json b/2022/20xxx/CVE-2022-20679.json deleted file mode 100644 index be027903bce..00000000000 --- a/2022/20xxx/CVE-2022-20679.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20679", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20680.json b/2022/20xxx/CVE-2022-20680.json deleted file mode 100644 index c77e3820770..00000000000 --- a/2022/20xxx/CVE-2022-20680.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20680", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20681.json b/2022/20xxx/CVE-2022-20681.json deleted file mode 100644 index 136a5f10025..00000000000 --- a/2022/20xxx/CVE-2022-20681.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20681", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20682.json b/2022/20xxx/CVE-2022-20682.json deleted file mode 100644 index d94ad3fb369..00000000000 --- a/2022/20xxx/CVE-2022-20682.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20682", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20683.json b/2022/20xxx/CVE-2022-20683.json deleted file mode 100644 index 5158ad3e577..00000000000 --- a/2022/20xxx/CVE-2022-20683.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20683", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20684.json b/2022/20xxx/CVE-2022-20684.json deleted file mode 100644 index e2f9ae608d5..00000000000 --- a/2022/20xxx/CVE-2022-20684.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20684", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20685.json b/2022/20xxx/CVE-2022-20685.json deleted file mode 100644 index a73132d49ec..00000000000 --- a/2022/20xxx/CVE-2022-20685.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20685", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20686.json b/2022/20xxx/CVE-2022-20686.json deleted file mode 100644 index 2adc4e8ee62..00000000000 --- a/2022/20xxx/CVE-2022-20686.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20686", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20687.json b/2022/20xxx/CVE-2022-20687.json deleted file mode 100644 index 88e02514b6e..00000000000 --- a/2022/20xxx/CVE-2022-20687.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20687", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20688.json b/2022/20xxx/CVE-2022-20688.json deleted file mode 100644 index d52fb9d0b2a..00000000000 --- a/2022/20xxx/CVE-2022-20688.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20688", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20689.json b/2022/20xxx/CVE-2022-20689.json deleted file mode 100644 index f7a74ac1886..00000000000 --- a/2022/20xxx/CVE-2022-20689.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20689", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20690.json b/2022/20xxx/CVE-2022-20690.json deleted file mode 100644 index 6527ea26ee1..00000000000 --- a/2022/20xxx/CVE-2022-20690.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20690", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20691.json b/2022/20xxx/CVE-2022-20691.json deleted file mode 100644 index a6e4adb3325..00000000000 --- a/2022/20xxx/CVE-2022-20691.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20691", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20692.json b/2022/20xxx/CVE-2022-20692.json deleted file mode 100644 index 3557048d46d..00000000000 --- a/2022/20xxx/CVE-2022-20692.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20692", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20693.json b/2022/20xxx/CVE-2022-20693.json deleted file mode 100644 index 883b183d710..00000000000 --- a/2022/20xxx/CVE-2022-20693.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20693", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20694.json b/2022/20xxx/CVE-2022-20694.json deleted file mode 100644 index 4c94eab3c79..00000000000 --- a/2022/20xxx/CVE-2022-20694.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20694", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20695.json b/2022/20xxx/CVE-2022-20695.json deleted file mode 100644 index fa77837a6ed..00000000000 --- a/2022/20xxx/CVE-2022-20695.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20695", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20696.json b/2022/20xxx/CVE-2022-20696.json deleted file mode 100644 index 21c3dff5ebb..00000000000 --- a/2022/20xxx/CVE-2022-20696.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20696", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20697.json b/2022/20xxx/CVE-2022-20697.json deleted file mode 100644 index 620ccf025e1..00000000000 --- a/2022/20xxx/CVE-2022-20697.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20697", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20698.json b/2022/20xxx/CVE-2022-20698.json deleted file mode 100644 index a2eb71d5522..00000000000 --- a/2022/20xxx/CVE-2022-20698.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20698", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20699.json b/2022/20xxx/CVE-2022-20699.json deleted file mode 100644 index 9c1fbc17d52..00000000000 --- a/2022/20xxx/CVE-2022-20699.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20699", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20700.json b/2022/20xxx/CVE-2022-20700.json deleted file mode 100644 index deb9453c471..00000000000 --- a/2022/20xxx/CVE-2022-20700.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20700", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20701.json b/2022/20xxx/CVE-2022-20701.json deleted file mode 100644 index b3a1342c659..00000000000 --- a/2022/20xxx/CVE-2022-20701.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20701", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20702.json b/2022/20xxx/CVE-2022-20702.json deleted file mode 100644 index 3744c2a2ae6..00000000000 --- a/2022/20xxx/CVE-2022-20702.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20702", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20703.json b/2022/20xxx/CVE-2022-20703.json deleted file mode 100644 index 488deb28249..00000000000 --- a/2022/20xxx/CVE-2022-20703.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20703", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20704.json b/2022/20xxx/CVE-2022-20704.json deleted file mode 100644 index a7652f67bfd..00000000000 --- a/2022/20xxx/CVE-2022-20704.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20704", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20705.json b/2022/20xxx/CVE-2022-20705.json deleted file mode 100644 index 0388a833c8d..00000000000 --- a/2022/20xxx/CVE-2022-20705.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20705", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20706.json b/2022/20xxx/CVE-2022-20706.json deleted file mode 100644 index 7964ccd11af..00000000000 --- a/2022/20xxx/CVE-2022-20706.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20706", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20707.json b/2022/20xxx/CVE-2022-20707.json deleted file mode 100644 index ac8f7f1c0d8..00000000000 --- a/2022/20xxx/CVE-2022-20707.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20707", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20708.json b/2022/20xxx/CVE-2022-20708.json deleted file mode 100644 index 7dd5ddcfdf5..00000000000 --- a/2022/20xxx/CVE-2022-20708.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20708", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20709.json b/2022/20xxx/CVE-2022-20709.json deleted file mode 100644 index 95f63f38ddf..00000000000 --- a/2022/20xxx/CVE-2022-20709.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20709", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20710.json b/2022/20xxx/CVE-2022-20710.json deleted file mode 100644 index 5c0a9da80b7..00000000000 --- a/2022/20xxx/CVE-2022-20710.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20710", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20711.json b/2022/20xxx/CVE-2022-20711.json deleted file mode 100644 index 17c09840762..00000000000 --- a/2022/20xxx/CVE-2022-20711.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20711", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20712.json b/2022/20xxx/CVE-2022-20712.json deleted file mode 100644 index 2982ecfa668..00000000000 --- a/2022/20xxx/CVE-2022-20712.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20712", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20713.json b/2022/20xxx/CVE-2022-20713.json deleted file mode 100644 index f89806617ed..00000000000 --- a/2022/20xxx/CVE-2022-20713.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20713", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20714.json b/2022/20xxx/CVE-2022-20714.json deleted file mode 100644 index 22f9e504df0..00000000000 --- a/2022/20xxx/CVE-2022-20714.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20714", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20715.json b/2022/20xxx/CVE-2022-20715.json deleted file mode 100644 index 48997d63b9e..00000000000 --- a/2022/20xxx/CVE-2022-20715.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20715", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20716.json b/2022/20xxx/CVE-2022-20716.json deleted file mode 100644 index 7f7b3c53e87..00000000000 --- a/2022/20xxx/CVE-2022-20716.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20716", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20717.json b/2022/20xxx/CVE-2022-20717.json deleted file mode 100644 index 11733bd538d..00000000000 --- a/2022/20xxx/CVE-2022-20717.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20717", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20718.json b/2022/20xxx/CVE-2022-20718.json deleted file mode 100644 index a72610a3070..00000000000 --- a/2022/20xxx/CVE-2022-20718.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20718", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20719.json b/2022/20xxx/CVE-2022-20719.json deleted file mode 100644 index d9911087019..00000000000 --- a/2022/20xxx/CVE-2022-20719.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20719", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20720.json b/2022/20xxx/CVE-2022-20720.json deleted file mode 100644 index bcac0c334f0..00000000000 --- a/2022/20xxx/CVE-2022-20720.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20720", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20721.json b/2022/20xxx/CVE-2022-20721.json deleted file mode 100644 index edfe926a0f6..00000000000 --- a/2022/20xxx/CVE-2022-20721.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20721", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20722.json b/2022/20xxx/CVE-2022-20722.json deleted file mode 100644 index 5a6372b1e51..00000000000 --- a/2022/20xxx/CVE-2022-20722.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20722", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20723.json b/2022/20xxx/CVE-2022-20723.json deleted file mode 100644 index b0e224a3311..00000000000 --- a/2022/20xxx/CVE-2022-20723.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20723", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20724.json b/2022/20xxx/CVE-2022-20724.json deleted file mode 100644 index dba96bf9cb3..00000000000 --- a/2022/20xxx/CVE-2022-20724.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20724", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20725.json b/2022/20xxx/CVE-2022-20725.json deleted file mode 100644 index 6ccf5ee34c7..00000000000 --- a/2022/20xxx/CVE-2022-20725.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20725", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20726.json b/2022/20xxx/CVE-2022-20726.json deleted file mode 100644 index 566f6f7f3bc..00000000000 --- a/2022/20xxx/CVE-2022-20726.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20726", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20727.json b/2022/20xxx/CVE-2022-20727.json deleted file mode 100644 index b684a438835..00000000000 --- a/2022/20xxx/CVE-2022-20727.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20727", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20728.json b/2022/20xxx/CVE-2022-20728.json deleted file mode 100644 index 638839ee0c1..00000000000 --- a/2022/20xxx/CVE-2022-20728.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20728", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20729.json b/2022/20xxx/CVE-2022-20729.json deleted file mode 100644 index 6c8936818e2..00000000000 --- a/2022/20xxx/CVE-2022-20729.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20729", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20730.json b/2022/20xxx/CVE-2022-20730.json deleted file mode 100644 index 9fe9094a2cd..00000000000 --- a/2022/20xxx/CVE-2022-20730.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20730", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20731.json b/2022/20xxx/CVE-2022-20731.json deleted file mode 100644 index dbbbcf7f1c5..00000000000 --- a/2022/20xxx/CVE-2022-20731.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20731", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20732.json b/2022/20xxx/CVE-2022-20732.json deleted file mode 100644 index 1998df5fe7e..00000000000 --- a/2022/20xxx/CVE-2022-20732.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20732", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20733.json b/2022/20xxx/CVE-2022-20733.json deleted file mode 100644 index 8cb6e565bd1..00000000000 --- a/2022/20xxx/CVE-2022-20733.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20733", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20734.json b/2022/20xxx/CVE-2022-20734.json deleted file mode 100644 index 61ca88decce..00000000000 --- a/2022/20xxx/CVE-2022-20734.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20734", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20735.json b/2022/20xxx/CVE-2022-20735.json deleted file mode 100644 index 94398049a85..00000000000 --- a/2022/20xxx/CVE-2022-20735.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20735", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20736.json b/2022/20xxx/CVE-2022-20736.json deleted file mode 100644 index 4c3344d44d0..00000000000 --- a/2022/20xxx/CVE-2022-20736.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20736", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20737.json b/2022/20xxx/CVE-2022-20737.json deleted file mode 100644 index ee4712b8cd2..00000000000 --- a/2022/20xxx/CVE-2022-20737.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20737", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20738.json b/2022/20xxx/CVE-2022-20738.json deleted file mode 100644 index 59ce8785235..00000000000 --- a/2022/20xxx/CVE-2022-20738.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20738", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20739.json b/2022/20xxx/CVE-2022-20739.json deleted file mode 100644 index ed8a9f9f283..00000000000 --- a/2022/20xxx/CVE-2022-20739.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20739", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20740.json b/2022/20xxx/CVE-2022-20740.json deleted file mode 100644 index f00c564b9e0..00000000000 --- a/2022/20xxx/CVE-2022-20740.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20740", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20741.json b/2022/20xxx/CVE-2022-20741.json deleted file mode 100644 index 013915e8fc7..00000000000 --- a/2022/20xxx/CVE-2022-20741.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20741", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20742.json b/2022/20xxx/CVE-2022-20742.json deleted file mode 100644 index 8c127f906af..00000000000 --- a/2022/20xxx/CVE-2022-20742.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20742", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20743.json b/2022/20xxx/CVE-2022-20743.json deleted file mode 100644 index 3fb33340a20..00000000000 --- a/2022/20xxx/CVE-2022-20743.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20743", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20744.json b/2022/20xxx/CVE-2022-20744.json deleted file mode 100644 index 8b6cd7bdbf4..00000000000 --- a/2022/20xxx/CVE-2022-20744.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20744", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20745.json b/2022/20xxx/CVE-2022-20745.json deleted file mode 100644 index 6a761705b3a..00000000000 --- a/2022/20xxx/CVE-2022-20745.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20745", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20746.json b/2022/20xxx/CVE-2022-20746.json deleted file mode 100644 index 3357747ebeb..00000000000 --- a/2022/20xxx/CVE-2022-20746.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20746", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20747.json b/2022/20xxx/CVE-2022-20747.json deleted file mode 100644 index 598ee12b41b..00000000000 --- a/2022/20xxx/CVE-2022-20747.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20747", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20748.json b/2022/20xxx/CVE-2022-20748.json deleted file mode 100644 index 8a123a165d1..00000000000 --- a/2022/20xxx/CVE-2022-20748.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20748", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20749.json b/2022/20xxx/CVE-2022-20749.json deleted file mode 100644 index fd6eb251653..00000000000 --- a/2022/20xxx/CVE-2022-20749.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20749", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20750.json b/2022/20xxx/CVE-2022-20750.json deleted file mode 100644 index 603700f7924..00000000000 --- a/2022/20xxx/CVE-2022-20750.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20750", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20751.json b/2022/20xxx/CVE-2022-20751.json deleted file mode 100644 index 60cee0875bd..00000000000 --- a/2022/20xxx/CVE-2022-20751.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20751", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20752.json b/2022/20xxx/CVE-2022-20752.json deleted file mode 100644 index 8abed801a14..00000000000 --- a/2022/20xxx/CVE-2022-20752.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20752", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20753.json b/2022/20xxx/CVE-2022-20753.json deleted file mode 100644 index ead78be0c1e..00000000000 --- a/2022/20xxx/CVE-2022-20753.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20753", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20754.json b/2022/20xxx/CVE-2022-20754.json deleted file mode 100644 index ad35285bdfe..00000000000 --- a/2022/20xxx/CVE-2022-20754.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20754", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20755.json b/2022/20xxx/CVE-2022-20755.json deleted file mode 100644 index 06150409419..00000000000 --- a/2022/20xxx/CVE-2022-20755.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20755", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20756.json b/2022/20xxx/CVE-2022-20756.json deleted file mode 100644 index df800ccb1e4..00000000000 --- a/2022/20xxx/CVE-2022-20756.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20756", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20757.json b/2022/20xxx/CVE-2022-20757.json deleted file mode 100644 index 90b37811a00..00000000000 --- a/2022/20xxx/CVE-2022-20757.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20757", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20758.json b/2022/20xxx/CVE-2022-20758.json deleted file mode 100644 index 8ccb51eda2e..00000000000 --- a/2022/20xxx/CVE-2022-20758.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20758", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20759.json b/2022/20xxx/CVE-2022-20759.json deleted file mode 100644 index 0c8ae69d26f..00000000000 --- a/2022/20xxx/CVE-2022-20759.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20759", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20760.json b/2022/20xxx/CVE-2022-20760.json deleted file mode 100644 index eb340ff4985..00000000000 --- a/2022/20xxx/CVE-2022-20760.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20760", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20761.json b/2022/20xxx/CVE-2022-20761.json deleted file mode 100644 index 1d7603a150a..00000000000 --- a/2022/20xxx/CVE-2022-20761.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20761", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20762.json b/2022/20xxx/CVE-2022-20762.json deleted file mode 100644 index 8dec309df63..00000000000 --- a/2022/20xxx/CVE-2022-20762.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20762", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20763.json b/2022/20xxx/CVE-2022-20763.json deleted file mode 100644 index c56717c1a6b..00000000000 --- a/2022/20xxx/CVE-2022-20763.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20763", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20764.json b/2022/20xxx/CVE-2022-20764.json deleted file mode 100644 index 73b8d4915d5..00000000000 --- a/2022/20xxx/CVE-2022-20764.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20764", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20765.json b/2022/20xxx/CVE-2022-20765.json deleted file mode 100644 index b89fcf8d06f..00000000000 --- a/2022/20xxx/CVE-2022-20765.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20765", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20766.json b/2022/20xxx/CVE-2022-20766.json deleted file mode 100644 index de94fd457df..00000000000 --- a/2022/20xxx/CVE-2022-20766.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20766", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20767.json b/2022/20xxx/CVE-2022-20767.json deleted file mode 100644 index 65f5d12a46e..00000000000 --- a/2022/20xxx/CVE-2022-20767.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20767", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20768.json b/2022/20xxx/CVE-2022-20768.json deleted file mode 100644 index 76cfbc44451..00000000000 --- a/2022/20xxx/CVE-2022-20768.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20768", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20769.json b/2022/20xxx/CVE-2022-20769.json deleted file mode 100644 index d15903c80d0..00000000000 --- a/2022/20xxx/CVE-2022-20769.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20769", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20770.json b/2022/20xxx/CVE-2022-20770.json deleted file mode 100644 index 9bf65a972a4..00000000000 --- a/2022/20xxx/CVE-2022-20770.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20770", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20771.json b/2022/20xxx/CVE-2022-20771.json deleted file mode 100644 index 0578a24c63d..00000000000 --- a/2022/20xxx/CVE-2022-20771.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20771", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20772.json b/2022/20xxx/CVE-2022-20772.json deleted file mode 100644 index 9dd7d15cb25..00000000000 --- a/2022/20xxx/CVE-2022-20772.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20772", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20773.json b/2022/20xxx/CVE-2022-20773.json deleted file mode 100644 index eca3e5b6558..00000000000 --- a/2022/20xxx/CVE-2022-20773.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20773", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20774.json b/2022/20xxx/CVE-2022-20774.json deleted file mode 100644 index ebefe6646a1..00000000000 --- a/2022/20xxx/CVE-2022-20774.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20774", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20775.json b/2022/20xxx/CVE-2022-20775.json deleted file mode 100644 index 51261b41a94..00000000000 --- a/2022/20xxx/CVE-2022-20775.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20775", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20776.json b/2022/20xxx/CVE-2022-20776.json deleted file mode 100644 index 3ec3f4764fb..00000000000 --- a/2022/20xxx/CVE-2022-20776.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20776", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20777.json b/2022/20xxx/CVE-2022-20777.json deleted file mode 100644 index ef3195bf0c2..00000000000 --- a/2022/20xxx/CVE-2022-20777.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20777", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20778.json b/2022/20xxx/CVE-2022-20778.json deleted file mode 100644 index 5aa1736c7da..00000000000 --- a/2022/20xxx/CVE-2022-20778.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20778", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20779.json b/2022/20xxx/CVE-2022-20779.json deleted file mode 100644 index ccfed5a1f26..00000000000 --- a/2022/20xxx/CVE-2022-20779.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20779", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20780.json b/2022/20xxx/CVE-2022-20780.json deleted file mode 100644 index df4620f55e5..00000000000 --- a/2022/20xxx/CVE-2022-20780.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20780", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20781.json b/2022/20xxx/CVE-2022-20781.json deleted file mode 100644 index 17d90936f74..00000000000 --- a/2022/20xxx/CVE-2022-20781.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20781", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20782.json b/2022/20xxx/CVE-2022-20782.json deleted file mode 100644 index 2320aa46d1b..00000000000 --- a/2022/20xxx/CVE-2022-20782.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20782", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20783.json b/2022/20xxx/CVE-2022-20783.json deleted file mode 100644 index 859cb4a2fd2..00000000000 --- a/2022/20xxx/CVE-2022-20783.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20783", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20784.json b/2022/20xxx/CVE-2022-20784.json deleted file mode 100644 index 0628ca7cadf..00000000000 --- a/2022/20xxx/CVE-2022-20784.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20784", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20785.json b/2022/20xxx/CVE-2022-20785.json deleted file mode 100644 index b0b6c7659f2..00000000000 --- a/2022/20xxx/CVE-2022-20785.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20785", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20786.json b/2022/20xxx/CVE-2022-20786.json deleted file mode 100644 index 41d864320ad..00000000000 --- a/2022/20xxx/CVE-2022-20786.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20786", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20787.json b/2022/20xxx/CVE-2022-20787.json deleted file mode 100644 index 0ced4fe4ff7..00000000000 --- a/2022/20xxx/CVE-2022-20787.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20787", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20788.json b/2022/20xxx/CVE-2022-20788.json deleted file mode 100644 index ad76be98d3a..00000000000 --- a/2022/20xxx/CVE-2022-20788.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20788", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20789.json b/2022/20xxx/CVE-2022-20789.json deleted file mode 100644 index 1b4015c52b7..00000000000 --- a/2022/20xxx/CVE-2022-20789.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20789", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20790.json b/2022/20xxx/CVE-2022-20790.json deleted file mode 100644 index e92812a12b9..00000000000 --- a/2022/20xxx/CVE-2022-20790.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20790", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20791.json b/2022/20xxx/CVE-2022-20791.json deleted file mode 100644 index 266715c1e7d..00000000000 --- a/2022/20xxx/CVE-2022-20791.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20791", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20792.json b/2022/20xxx/CVE-2022-20792.json deleted file mode 100644 index 5180425251a..00000000000 --- a/2022/20xxx/CVE-2022-20792.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20792", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20793.json b/2022/20xxx/CVE-2022-20793.json deleted file mode 100644 index 3f5ef074375..00000000000 --- a/2022/20xxx/CVE-2022-20793.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20793", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20794.json b/2022/20xxx/CVE-2022-20794.json deleted file mode 100644 index d2cc9217f45..00000000000 --- a/2022/20xxx/CVE-2022-20794.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20794", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20795.json b/2022/20xxx/CVE-2022-20795.json deleted file mode 100644 index e828aff055f..00000000000 --- a/2022/20xxx/CVE-2022-20795.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20795", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20796.json b/2022/20xxx/CVE-2022-20796.json deleted file mode 100644 index 5b1cab96643..00000000000 --- a/2022/20xxx/CVE-2022-20796.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20796", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20797.json b/2022/20xxx/CVE-2022-20797.json deleted file mode 100644 index f57e56412da..00000000000 --- a/2022/20xxx/CVE-2022-20797.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20797", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20798.json b/2022/20xxx/CVE-2022-20798.json deleted file mode 100644 index db1c9e12d15..00000000000 --- a/2022/20xxx/CVE-2022-20798.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20798", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20799.json b/2022/20xxx/CVE-2022-20799.json deleted file mode 100644 index 46f0359b70e..00000000000 --- a/2022/20xxx/CVE-2022-20799.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20799", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20800.json b/2022/20xxx/CVE-2022-20800.json deleted file mode 100644 index 391755f5460..00000000000 --- a/2022/20xxx/CVE-2022-20800.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20800", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20801.json b/2022/20xxx/CVE-2022-20801.json deleted file mode 100644 index 6a4a4bc6129..00000000000 --- a/2022/20xxx/CVE-2022-20801.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20801", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20802.json b/2022/20xxx/CVE-2022-20802.json deleted file mode 100644 index a64bdb0d63b..00000000000 --- a/2022/20xxx/CVE-2022-20802.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20802", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20803.json b/2022/20xxx/CVE-2022-20803.json deleted file mode 100644 index 31710bfb950..00000000000 --- a/2022/20xxx/CVE-2022-20803.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20803", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20804.json b/2022/20xxx/CVE-2022-20804.json deleted file mode 100644 index 7c54f3c9c68..00000000000 --- a/2022/20xxx/CVE-2022-20804.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20804", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20805.json b/2022/20xxx/CVE-2022-20805.json deleted file mode 100644 index 78ab7ba84d0..00000000000 --- a/2022/20xxx/CVE-2022-20805.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20805", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20806.json b/2022/20xxx/CVE-2022-20806.json deleted file mode 100644 index b5245e345af..00000000000 --- a/2022/20xxx/CVE-2022-20806.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20806", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20807.json b/2022/20xxx/CVE-2022-20807.json deleted file mode 100644 index 4941e461644..00000000000 --- a/2022/20xxx/CVE-2022-20807.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20807", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20808.json b/2022/20xxx/CVE-2022-20808.json deleted file mode 100644 index b53c1843c7b..00000000000 --- a/2022/20xxx/CVE-2022-20808.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20808", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20809.json b/2022/20xxx/CVE-2022-20809.json deleted file mode 100644 index c29b21a8320..00000000000 --- a/2022/20xxx/CVE-2022-20809.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20809", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20810.json b/2022/20xxx/CVE-2022-20810.json deleted file mode 100644 index e5629b23b3f..00000000000 --- a/2022/20xxx/CVE-2022-20810.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20810", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20811.json b/2022/20xxx/CVE-2022-20811.json deleted file mode 100644 index 475a22076f3..00000000000 --- a/2022/20xxx/CVE-2022-20811.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20811", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20812.json b/2022/20xxx/CVE-2022-20812.json deleted file mode 100644 index b99639f5cf2..00000000000 --- a/2022/20xxx/CVE-2022-20812.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20812", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20813.json b/2022/20xxx/CVE-2022-20813.json deleted file mode 100644 index a8721929491..00000000000 --- a/2022/20xxx/CVE-2022-20813.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20813", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20814.json b/2022/20xxx/CVE-2022-20814.json deleted file mode 100644 index 03b66d74e27..00000000000 --- a/2022/20xxx/CVE-2022-20814.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20814", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20815.json b/2022/20xxx/CVE-2022-20815.json deleted file mode 100644 index 5071f5a813a..00000000000 --- a/2022/20xxx/CVE-2022-20815.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20815", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20816.json b/2022/20xxx/CVE-2022-20816.json deleted file mode 100644 index 1caae9b5ad8..00000000000 --- a/2022/20xxx/CVE-2022-20816.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20816", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20817.json b/2022/20xxx/CVE-2022-20817.json deleted file mode 100644 index f8b389fab42..00000000000 --- a/2022/20xxx/CVE-2022-20817.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20817", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20818.json b/2022/20xxx/CVE-2022-20818.json deleted file mode 100644 index 1816f8e4ce9..00000000000 --- a/2022/20xxx/CVE-2022-20818.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20818", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20819.json b/2022/20xxx/CVE-2022-20819.json deleted file mode 100644 index 276b1876e58..00000000000 --- a/2022/20xxx/CVE-2022-20819.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20819", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20820.json b/2022/20xxx/CVE-2022-20820.json deleted file mode 100644 index 963b0e366be..00000000000 --- a/2022/20xxx/CVE-2022-20820.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20820", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20821.json b/2022/20xxx/CVE-2022-20821.json deleted file mode 100644 index c096e3fc7ef..00000000000 --- a/2022/20xxx/CVE-2022-20821.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20821", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20822.json b/2022/20xxx/CVE-2022-20822.json deleted file mode 100644 index 68857219ed1..00000000000 --- a/2022/20xxx/CVE-2022-20822.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20822", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20823.json b/2022/20xxx/CVE-2022-20823.json deleted file mode 100644 index 5452131a14a..00000000000 --- a/2022/20xxx/CVE-2022-20823.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20823", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20824.json b/2022/20xxx/CVE-2022-20824.json deleted file mode 100644 index b2dad666c1a..00000000000 --- a/2022/20xxx/CVE-2022-20824.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20824", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20825.json b/2022/20xxx/CVE-2022-20825.json deleted file mode 100644 index 3646413972a..00000000000 --- a/2022/20xxx/CVE-2022-20825.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20825", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20826.json b/2022/20xxx/CVE-2022-20826.json deleted file mode 100644 index 662a2db8fbc..00000000000 --- a/2022/20xxx/CVE-2022-20826.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20826", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20827.json b/2022/20xxx/CVE-2022-20827.json deleted file mode 100644 index 5a746309208..00000000000 --- a/2022/20xxx/CVE-2022-20827.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20827", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20828.json b/2022/20xxx/CVE-2022-20828.json deleted file mode 100644 index fd97b9c9739..00000000000 --- a/2022/20xxx/CVE-2022-20828.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20828", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20829.json b/2022/20xxx/CVE-2022-20829.json deleted file mode 100644 index 9f105356dd5..00000000000 --- a/2022/20xxx/CVE-2022-20829.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20829", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20830.json b/2022/20xxx/CVE-2022-20830.json deleted file mode 100644 index e1573881fc9..00000000000 --- a/2022/20xxx/CVE-2022-20830.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20830", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20831.json b/2022/20xxx/CVE-2022-20831.json deleted file mode 100644 index 4c7b9c1c5d5..00000000000 --- a/2022/20xxx/CVE-2022-20831.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20831", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20832.json b/2022/20xxx/CVE-2022-20832.json deleted file mode 100644 index b8770447a49..00000000000 --- a/2022/20xxx/CVE-2022-20832.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20832", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20833.json b/2022/20xxx/CVE-2022-20833.json deleted file mode 100644 index 9926c5ad9b5..00000000000 --- a/2022/20xxx/CVE-2022-20833.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20833", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20834.json b/2022/20xxx/CVE-2022-20834.json deleted file mode 100644 index 90492b1ffbd..00000000000 --- a/2022/20xxx/CVE-2022-20834.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20834", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20835.json b/2022/20xxx/CVE-2022-20835.json deleted file mode 100644 index 07a61884505..00000000000 --- a/2022/20xxx/CVE-2022-20835.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20835", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20836.json b/2022/20xxx/CVE-2022-20836.json deleted file mode 100644 index 0c1bb4e0538..00000000000 --- a/2022/20xxx/CVE-2022-20836.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20836", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20837.json b/2022/20xxx/CVE-2022-20837.json deleted file mode 100644 index d37b64cba09..00000000000 --- a/2022/20xxx/CVE-2022-20837.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20837", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20838.json b/2022/20xxx/CVE-2022-20838.json deleted file mode 100644 index ba834fecd01..00000000000 --- a/2022/20xxx/CVE-2022-20838.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20838", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20839.json b/2022/20xxx/CVE-2022-20839.json deleted file mode 100644 index 1d2bf0fb734..00000000000 --- a/2022/20xxx/CVE-2022-20839.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20839", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20840.json b/2022/20xxx/CVE-2022-20840.json deleted file mode 100644 index b4239a68038..00000000000 --- a/2022/20xxx/CVE-2022-20840.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20840", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20841.json b/2022/20xxx/CVE-2022-20841.json deleted file mode 100644 index e8c6d7a4945..00000000000 --- a/2022/20xxx/CVE-2022-20841.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20841", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20842.json b/2022/20xxx/CVE-2022-20842.json deleted file mode 100644 index 34fc3d4613b..00000000000 --- a/2022/20xxx/CVE-2022-20842.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20842", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20843.json b/2022/20xxx/CVE-2022-20843.json deleted file mode 100644 index 1a6f2b8818a..00000000000 --- a/2022/20xxx/CVE-2022-20843.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20843", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20844.json b/2022/20xxx/CVE-2022-20844.json deleted file mode 100644 index c41180d0436..00000000000 --- a/2022/20xxx/CVE-2022-20844.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20844", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20845.json b/2022/20xxx/CVE-2022-20845.json deleted file mode 100644 index 0109ebd2a3f..00000000000 --- a/2022/20xxx/CVE-2022-20845.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20845", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20846.json b/2022/20xxx/CVE-2022-20846.json deleted file mode 100644 index c8ffdc244f7..00000000000 --- a/2022/20xxx/CVE-2022-20846.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20846", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20847.json b/2022/20xxx/CVE-2022-20847.json deleted file mode 100644 index 317e4c6e4f9..00000000000 --- a/2022/20xxx/CVE-2022-20847.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20847", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20848.json b/2022/20xxx/CVE-2022-20848.json deleted file mode 100644 index 08adbcc7885..00000000000 --- a/2022/20xxx/CVE-2022-20848.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20848", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20849.json b/2022/20xxx/CVE-2022-20849.json deleted file mode 100644 index e7bba8de327..00000000000 --- a/2022/20xxx/CVE-2022-20849.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20849", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20850.json b/2022/20xxx/CVE-2022-20850.json deleted file mode 100644 index 961c6f32ac7..00000000000 --- a/2022/20xxx/CVE-2022-20850.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20850", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20851.json b/2022/20xxx/CVE-2022-20851.json deleted file mode 100644 index 12714239745..00000000000 --- a/2022/20xxx/CVE-2022-20851.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20851", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20852.json b/2022/20xxx/CVE-2022-20852.json deleted file mode 100644 index 4906af7c867..00000000000 --- a/2022/20xxx/CVE-2022-20852.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20852", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20853.json b/2022/20xxx/CVE-2022-20853.json deleted file mode 100644 index 1f4b8864723..00000000000 --- a/2022/20xxx/CVE-2022-20853.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20853", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20854.json b/2022/20xxx/CVE-2022-20854.json deleted file mode 100644 index 2a4ab7e63a6..00000000000 --- a/2022/20xxx/CVE-2022-20854.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20854", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20855.json b/2022/20xxx/CVE-2022-20855.json deleted file mode 100644 index 2e77b183965..00000000000 --- a/2022/20xxx/CVE-2022-20855.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20855", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20856.json b/2022/20xxx/CVE-2022-20856.json deleted file mode 100644 index 307079b7d0a..00000000000 --- a/2022/20xxx/CVE-2022-20856.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20856", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20857.json b/2022/20xxx/CVE-2022-20857.json deleted file mode 100644 index e659b72ff6f..00000000000 --- a/2022/20xxx/CVE-2022-20857.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20857", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20858.json b/2022/20xxx/CVE-2022-20858.json deleted file mode 100644 index 879c721b76a..00000000000 --- a/2022/20xxx/CVE-2022-20858.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20858", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20859.json b/2022/20xxx/CVE-2022-20859.json deleted file mode 100644 index eed04708f71..00000000000 --- a/2022/20xxx/CVE-2022-20859.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20859", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20860.json b/2022/20xxx/CVE-2022-20860.json deleted file mode 100644 index 53a31c41445..00000000000 --- a/2022/20xxx/CVE-2022-20860.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20860", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20861.json b/2022/20xxx/CVE-2022-20861.json deleted file mode 100644 index 692e73a4d23..00000000000 --- a/2022/20xxx/CVE-2022-20861.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20861", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20862.json b/2022/20xxx/CVE-2022-20862.json deleted file mode 100644 index 9ea2613fd84..00000000000 --- a/2022/20xxx/CVE-2022-20862.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20862", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20863.json b/2022/20xxx/CVE-2022-20863.json deleted file mode 100644 index 8e3f833475e..00000000000 --- a/2022/20xxx/CVE-2022-20863.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20863", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20864.json b/2022/20xxx/CVE-2022-20864.json deleted file mode 100644 index 9ed4574a712..00000000000 --- a/2022/20xxx/CVE-2022-20864.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20864", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20865.json b/2022/20xxx/CVE-2022-20865.json deleted file mode 100644 index 475b87296ad..00000000000 --- a/2022/20xxx/CVE-2022-20865.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20865", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20866.json b/2022/20xxx/CVE-2022-20866.json deleted file mode 100644 index f332b61a6c4..00000000000 --- a/2022/20xxx/CVE-2022-20866.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20866", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20867.json b/2022/20xxx/CVE-2022-20867.json deleted file mode 100644 index 9ce3886ff3b..00000000000 --- a/2022/20xxx/CVE-2022-20867.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20867", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20868.json b/2022/20xxx/CVE-2022-20868.json deleted file mode 100644 index 2241591d586..00000000000 --- a/2022/20xxx/CVE-2022-20868.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20868", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20869.json b/2022/20xxx/CVE-2022-20869.json deleted file mode 100644 index d7d82b784d7..00000000000 --- a/2022/20xxx/CVE-2022-20869.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20869", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20870.json b/2022/20xxx/CVE-2022-20870.json deleted file mode 100644 index 9a28c238f3c..00000000000 --- a/2022/20xxx/CVE-2022-20870.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20870", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20871.json b/2022/20xxx/CVE-2022-20871.json deleted file mode 100644 index f6379bfe9ae..00000000000 --- a/2022/20xxx/CVE-2022-20871.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20871", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20872.json b/2022/20xxx/CVE-2022-20872.json deleted file mode 100644 index 5639cb57b81..00000000000 --- a/2022/20xxx/CVE-2022-20872.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20872", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20873.json b/2022/20xxx/CVE-2022-20873.json deleted file mode 100644 index 6160d079f8a..00000000000 --- a/2022/20xxx/CVE-2022-20873.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20873", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20874.json b/2022/20xxx/CVE-2022-20874.json deleted file mode 100644 index 74f20e0be1c..00000000000 --- a/2022/20xxx/CVE-2022-20874.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20874", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20875.json b/2022/20xxx/CVE-2022-20875.json deleted file mode 100644 index faf992f0bf3..00000000000 --- a/2022/20xxx/CVE-2022-20875.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20875", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20876.json b/2022/20xxx/CVE-2022-20876.json deleted file mode 100644 index c3f87ea5346..00000000000 --- a/2022/20xxx/CVE-2022-20876.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20876", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20877.json b/2022/20xxx/CVE-2022-20877.json deleted file mode 100644 index fa7756fcdbf..00000000000 --- a/2022/20xxx/CVE-2022-20877.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20877", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20878.json b/2022/20xxx/CVE-2022-20878.json deleted file mode 100644 index 441d4101de4..00000000000 --- a/2022/20xxx/CVE-2022-20878.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20878", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20879.json b/2022/20xxx/CVE-2022-20879.json deleted file mode 100644 index d87115517e6..00000000000 --- a/2022/20xxx/CVE-2022-20879.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20879", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20880.json b/2022/20xxx/CVE-2022-20880.json deleted file mode 100644 index c86c7197dbd..00000000000 --- a/2022/20xxx/CVE-2022-20880.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20880", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20881.json b/2022/20xxx/CVE-2022-20881.json deleted file mode 100644 index a655452716c..00000000000 --- a/2022/20xxx/CVE-2022-20881.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20881", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20882.json b/2022/20xxx/CVE-2022-20882.json deleted file mode 100644 index 81f28d4cd60..00000000000 --- a/2022/20xxx/CVE-2022-20882.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20882", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20883.json b/2022/20xxx/CVE-2022-20883.json deleted file mode 100644 index 8413bdfaae1..00000000000 --- a/2022/20xxx/CVE-2022-20883.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20883", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20884.json b/2022/20xxx/CVE-2022-20884.json deleted file mode 100644 index 7e008ef0cd1..00000000000 --- a/2022/20xxx/CVE-2022-20884.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20884", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20885.json b/2022/20xxx/CVE-2022-20885.json deleted file mode 100644 index 18ba2889b9e..00000000000 --- a/2022/20xxx/CVE-2022-20885.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20885", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20886.json b/2022/20xxx/CVE-2022-20886.json deleted file mode 100644 index e40fd3c8be4..00000000000 --- a/2022/20xxx/CVE-2022-20886.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20886", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20887.json b/2022/20xxx/CVE-2022-20887.json deleted file mode 100644 index 52f3e93c513..00000000000 --- a/2022/20xxx/CVE-2022-20887.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20887", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20888.json b/2022/20xxx/CVE-2022-20888.json deleted file mode 100644 index 0ed56506f5a..00000000000 --- a/2022/20xxx/CVE-2022-20888.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20888", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20889.json b/2022/20xxx/CVE-2022-20889.json deleted file mode 100644 index ae6c2f34ea7..00000000000 --- a/2022/20xxx/CVE-2022-20889.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20889", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20890.json b/2022/20xxx/CVE-2022-20890.json deleted file mode 100644 index 18ab8917a96..00000000000 --- a/2022/20xxx/CVE-2022-20890.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20890", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20891.json b/2022/20xxx/CVE-2022-20891.json deleted file mode 100644 index 3071e77a127..00000000000 --- a/2022/20xxx/CVE-2022-20891.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20891", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20892.json b/2022/20xxx/CVE-2022-20892.json deleted file mode 100644 index edc370c6d5b..00000000000 --- a/2022/20xxx/CVE-2022-20892.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20892", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20893.json b/2022/20xxx/CVE-2022-20893.json deleted file mode 100644 index 050c231eb4f..00000000000 --- a/2022/20xxx/CVE-2022-20893.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20893", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20894.json b/2022/20xxx/CVE-2022-20894.json deleted file mode 100644 index 98300cd276b..00000000000 --- a/2022/20xxx/CVE-2022-20894.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20894", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20895.json b/2022/20xxx/CVE-2022-20895.json deleted file mode 100644 index b47e2ca9ec7..00000000000 --- a/2022/20xxx/CVE-2022-20895.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20895", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20896.json b/2022/20xxx/CVE-2022-20896.json deleted file mode 100644 index 793d31b1c65..00000000000 --- a/2022/20xxx/CVE-2022-20896.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20896", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20897.json b/2022/20xxx/CVE-2022-20897.json deleted file mode 100644 index 57898baf3ca..00000000000 --- a/2022/20xxx/CVE-2022-20897.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20897", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20898.json b/2022/20xxx/CVE-2022-20898.json deleted file mode 100644 index 4e078b31fe2..00000000000 --- a/2022/20xxx/CVE-2022-20898.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20898", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20899.json b/2022/20xxx/CVE-2022-20899.json deleted file mode 100644 index 10fb47885e8..00000000000 --- a/2022/20xxx/CVE-2022-20899.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20899", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20900.json b/2022/20xxx/CVE-2022-20900.json deleted file mode 100644 index b3c5d987b00..00000000000 --- a/2022/20xxx/CVE-2022-20900.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20900", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20901.json b/2022/20xxx/CVE-2022-20901.json deleted file mode 100644 index b56a15ff211..00000000000 --- a/2022/20xxx/CVE-2022-20901.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20901", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20902.json b/2022/20xxx/CVE-2022-20902.json deleted file mode 100644 index 6b64cd046f9..00000000000 --- a/2022/20xxx/CVE-2022-20902.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20902", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20903.json b/2022/20xxx/CVE-2022-20903.json deleted file mode 100644 index 1933415dc01..00000000000 --- a/2022/20xxx/CVE-2022-20903.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20903", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20904.json b/2022/20xxx/CVE-2022-20904.json deleted file mode 100644 index d537ecc2d43..00000000000 --- a/2022/20xxx/CVE-2022-20904.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20904", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20905.json b/2022/20xxx/CVE-2022-20905.json deleted file mode 100644 index 0e19ccdf982..00000000000 --- a/2022/20xxx/CVE-2022-20905.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20905", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20906.json b/2022/20xxx/CVE-2022-20906.json deleted file mode 100644 index 117c60350d0..00000000000 --- a/2022/20xxx/CVE-2022-20906.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20906", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20907.json b/2022/20xxx/CVE-2022-20907.json deleted file mode 100644 index 74ab9573201..00000000000 --- a/2022/20xxx/CVE-2022-20907.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20907", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20908.json b/2022/20xxx/CVE-2022-20908.json deleted file mode 100644 index b03539fa93b..00000000000 --- a/2022/20xxx/CVE-2022-20908.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20908", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20909.json b/2022/20xxx/CVE-2022-20909.json deleted file mode 100644 index 3820c8f2f5e..00000000000 --- a/2022/20xxx/CVE-2022-20909.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20909", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20910.json b/2022/20xxx/CVE-2022-20910.json deleted file mode 100644 index 3d938365b85..00000000000 --- a/2022/20xxx/CVE-2022-20910.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20910", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20911.json b/2022/20xxx/CVE-2022-20911.json deleted file mode 100644 index 29911a5aed1..00000000000 --- a/2022/20xxx/CVE-2022-20911.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20911", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20912.json b/2022/20xxx/CVE-2022-20912.json deleted file mode 100644 index ea0364c8cf6..00000000000 --- a/2022/20xxx/CVE-2022-20912.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20912", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20913.json b/2022/20xxx/CVE-2022-20913.json deleted file mode 100644 index 753d08130b5..00000000000 --- a/2022/20xxx/CVE-2022-20913.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20913", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20914.json b/2022/20xxx/CVE-2022-20914.json deleted file mode 100644 index db6a7825ec0..00000000000 --- a/2022/20xxx/CVE-2022-20914.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20914", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20915.json b/2022/20xxx/CVE-2022-20915.json deleted file mode 100644 index 0884e00e620..00000000000 --- a/2022/20xxx/CVE-2022-20915.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20915", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20916.json b/2022/20xxx/CVE-2022-20916.json deleted file mode 100644 index c6086858728..00000000000 --- a/2022/20xxx/CVE-2022-20916.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20916", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20917.json b/2022/20xxx/CVE-2022-20917.json deleted file mode 100644 index e5b63812d0c..00000000000 --- a/2022/20xxx/CVE-2022-20917.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20917", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20918.json b/2022/20xxx/CVE-2022-20918.json deleted file mode 100644 index 39d83305129..00000000000 --- a/2022/20xxx/CVE-2022-20918.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20918", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20919.json b/2022/20xxx/CVE-2022-20919.json deleted file mode 100644 index 336fa1bd656..00000000000 --- a/2022/20xxx/CVE-2022-20919.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20919", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20920.json b/2022/20xxx/CVE-2022-20920.json deleted file mode 100644 index cf4e0b009bb..00000000000 --- a/2022/20xxx/CVE-2022-20920.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20920", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20921.json b/2022/20xxx/CVE-2022-20921.json deleted file mode 100644 index 1d62c82ee57..00000000000 --- a/2022/20xxx/CVE-2022-20921.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20921", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20922.json b/2022/20xxx/CVE-2022-20922.json deleted file mode 100644 index 9c19cdce5df..00000000000 --- a/2022/20xxx/CVE-2022-20922.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20922", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20923.json b/2022/20xxx/CVE-2022-20923.json deleted file mode 100644 index 4ceb368e53f..00000000000 --- a/2022/20xxx/CVE-2022-20923.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20923", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20924.json b/2022/20xxx/CVE-2022-20924.json deleted file mode 100644 index 600ac9edabe..00000000000 --- a/2022/20xxx/CVE-2022-20924.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20924", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20925.json b/2022/20xxx/CVE-2022-20925.json deleted file mode 100644 index 36b5c26733f..00000000000 --- a/2022/20xxx/CVE-2022-20925.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20925", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20926.json b/2022/20xxx/CVE-2022-20926.json deleted file mode 100644 index 1648bc85f12..00000000000 --- a/2022/20xxx/CVE-2022-20926.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20926", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20927.json b/2022/20xxx/CVE-2022-20927.json deleted file mode 100644 index 0782b8d65a5..00000000000 --- a/2022/20xxx/CVE-2022-20927.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20927", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20928.json b/2022/20xxx/CVE-2022-20928.json deleted file mode 100644 index 6c61e60683c..00000000000 --- a/2022/20xxx/CVE-2022-20928.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20928", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20929.json b/2022/20xxx/CVE-2022-20929.json deleted file mode 100644 index 29fffd520b0..00000000000 --- a/2022/20xxx/CVE-2022-20929.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20929", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20930.json b/2022/20xxx/CVE-2022-20930.json deleted file mode 100644 index 02e227baf9f..00000000000 --- a/2022/20xxx/CVE-2022-20930.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20930", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20931.json b/2022/20xxx/CVE-2022-20931.json deleted file mode 100644 index 2cbe78355ee..00000000000 --- a/2022/20xxx/CVE-2022-20931.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20931", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20932.json b/2022/20xxx/CVE-2022-20932.json deleted file mode 100644 index 061b98ac295..00000000000 --- a/2022/20xxx/CVE-2022-20932.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20932", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20933.json b/2022/20xxx/CVE-2022-20933.json deleted file mode 100644 index 1b5676da092..00000000000 --- a/2022/20xxx/CVE-2022-20933.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20933", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20934.json b/2022/20xxx/CVE-2022-20934.json deleted file mode 100644 index ec7ce27dea3..00000000000 --- a/2022/20xxx/CVE-2022-20934.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20934", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20935.json b/2022/20xxx/CVE-2022-20935.json deleted file mode 100644 index 015b7993b38..00000000000 --- a/2022/20xxx/CVE-2022-20935.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20935", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20936.json b/2022/20xxx/CVE-2022-20936.json deleted file mode 100644 index cfc18b21a5c..00000000000 --- a/2022/20xxx/CVE-2022-20936.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20936", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20937.json b/2022/20xxx/CVE-2022-20937.json deleted file mode 100644 index 0e61465f122..00000000000 --- a/2022/20xxx/CVE-2022-20937.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20937", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20938.json b/2022/20xxx/CVE-2022-20938.json deleted file mode 100644 index 979398b1022..00000000000 --- a/2022/20xxx/CVE-2022-20938.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20938", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20939.json b/2022/20xxx/CVE-2022-20939.json deleted file mode 100644 index 282eaf1443a..00000000000 --- a/2022/20xxx/CVE-2022-20939.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20939", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20940.json b/2022/20xxx/CVE-2022-20940.json deleted file mode 100644 index 39ea1dd30d8..00000000000 --- a/2022/20xxx/CVE-2022-20940.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20940", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20941.json b/2022/20xxx/CVE-2022-20941.json deleted file mode 100644 index c0b6f51bf77..00000000000 --- a/2022/20xxx/CVE-2022-20941.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20941", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20942.json b/2022/20xxx/CVE-2022-20942.json deleted file mode 100644 index 12d64b12e6d..00000000000 --- a/2022/20xxx/CVE-2022-20942.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20942", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20943.json b/2022/20xxx/CVE-2022-20943.json deleted file mode 100644 index 0ef3c1bdc67..00000000000 --- a/2022/20xxx/CVE-2022-20943.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20943", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20944.json b/2022/20xxx/CVE-2022-20944.json deleted file mode 100644 index 3cf91554e56..00000000000 --- a/2022/20xxx/CVE-2022-20944.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20944", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20945.json b/2022/20xxx/CVE-2022-20945.json deleted file mode 100644 index 69aa850c3e5..00000000000 --- a/2022/20xxx/CVE-2022-20945.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20945", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20946.json b/2022/20xxx/CVE-2022-20946.json deleted file mode 100644 index ea2a9707724..00000000000 --- a/2022/20xxx/CVE-2022-20946.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20946", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20947.json b/2022/20xxx/CVE-2022-20947.json deleted file mode 100644 index faa0c344e24..00000000000 --- a/2022/20xxx/CVE-2022-20947.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20947", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20948.json b/2022/20xxx/CVE-2022-20948.json deleted file mode 100644 index cc7492f867b..00000000000 --- a/2022/20xxx/CVE-2022-20948.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20948", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20949.json b/2022/20xxx/CVE-2022-20949.json deleted file mode 100644 index 334b2d4b3c6..00000000000 --- a/2022/20xxx/CVE-2022-20949.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20949", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20950.json b/2022/20xxx/CVE-2022-20950.json deleted file mode 100644 index 13bba06b84e..00000000000 --- a/2022/20xxx/CVE-2022-20950.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20950", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20951.json b/2022/20xxx/CVE-2022-20951.json deleted file mode 100644 index 93b330419ef..00000000000 --- a/2022/20xxx/CVE-2022-20951.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20951", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20952.json b/2022/20xxx/CVE-2022-20952.json deleted file mode 100644 index 8c76b7269a2..00000000000 --- a/2022/20xxx/CVE-2022-20952.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20952", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20953.json b/2022/20xxx/CVE-2022-20953.json deleted file mode 100644 index c31ac4876e9..00000000000 --- a/2022/20xxx/CVE-2022-20953.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20953", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20954.json b/2022/20xxx/CVE-2022-20954.json deleted file mode 100644 index 0efa5d62b5a..00000000000 --- a/2022/20xxx/CVE-2022-20954.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20954", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20955.json b/2022/20xxx/CVE-2022-20955.json deleted file mode 100644 index 2a039c26827..00000000000 --- a/2022/20xxx/CVE-2022-20955.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20955", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20956.json b/2022/20xxx/CVE-2022-20956.json deleted file mode 100644 index 31e92de0326..00000000000 --- a/2022/20xxx/CVE-2022-20956.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20956", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20957.json b/2022/20xxx/CVE-2022-20957.json deleted file mode 100644 index dfea7aed86a..00000000000 --- a/2022/20xxx/CVE-2022-20957.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20957", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20958.json b/2022/20xxx/CVE-2022-20958.json deleted file mode 100644 index e88e4073e30..00000000000 --- a/2022/20xxx/CVE-2022-20958.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20958", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20959.json b/2022/20xxx/CVE-2022-20959.json deleted file mode 100644 index 637fb1fb364..00000000000 --- a/2022/20xxx/CVE-2022-20959.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20959", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20960.json b/2022/20xxx/CVE-2022-20960.json deleted file mode 100644 index 38736c7b002..00000000000 --- a/2022/20xxx/CVE-2022-20960.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20960", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20961.json b/2022/20xxx/CVE-2022-20961.json deleted file mode 100644 index 146bff547d1..00000000000 --- a/2022/20xxx/CVE-2022-20961.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20961", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20962.json b/2022/20xxx/CVE-2022-20962.json deleted file mode 100644 index 7b08b0fce85..00000000000 --- a/2022/20xxx/CVE-2022-20962.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20962", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20963.json b/2022/20xxx/CVE-2022-20963.json deleted file mode 100644 index cb52e7b81c5..00000000000 --- a/2022/20xxx/CVE-2022-20963.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20963", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20964.json b/2022/20xxx/CVE-2022-20964.json deleted file mode 100644 index 2943826bd17..00000000000 --- a/2022/20xxx/CVE-2022-20964.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20964", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20965.json b/2022/20xxx/CVE-2022-20965.json deleted file mode 100644 index a14d500e8eb..00000000000 --- a/2022/20xxx/CVE-2022-20965.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20965", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20966.json b/2022/20xxx/CVE-2022-20966.json deleted file mode 100644 index 3d3d5e8e270..00000000000 --- a/2022/20xxx/CVE-2022-20966.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20966", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20967.json b/2022/20xxx/CVE-2022-20967.json deleted file mode 100644 index 3bb6d53f7b3..00000000000 --- a/2022/20xxx/CVE-2022-20967.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20967", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20968.json b/2022/20xxx/CVE-2022-20968.json deleted file mode 100644 index 05a28a73121..00000000000 --- a/2022/20xxx/CVE-2022-20968.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20968", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20969.json b/2022/20xxx/CVE-2022-20969.json deleted file mode 100644 index 20c8f662e7f..00000000000 --- a/2022/20xxx/CVE-2022-20969.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20969", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20970.json b/2022/20xxx/CVE-2022-20970.json deleted file mode 100644 index c8471cb367d..00000000000 --- a/2022/20xxx/CVE-2022-20970.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20970", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20971.json b/2022/20xxx/CVE-2022-20971.json deleted file mode 100644 index 140c00a8066..00000000000 --- a/2022/20xxx/CVE-2022-20971.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20971", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20972.json b/2022/20xxx/CVE-2022-20972.json deleted file mode 100644 index 533fe4b6281..00000000000 --- a/2022/20xxx/CVE-2022-20972.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20972", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20973.json b/2022/20xxx/CVE-2022-20973.json deleted file mode 100644 index 94a03619aa4..00000000000 --- a/2022/20xxx/CVE-2022-20973.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20973", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20974.json b/2022/20xxx/CVE-2022-20974.json deleted file mode 100644 index e859b00af54..00000000000 --- a/2022/20xxx/CVE-2022-20974.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20974", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20975.json b/2022/20xxx/CVE-2022-20975.json deleted file mode 100644 index 59e43d348f6..00000000000 --- a/2022/20xxx/CVE-2022-20975.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20975", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20976.json b/2022/20xxx/CVE-2022-20976.json deleted file mode 100644 index fb3f86ebd9c..00000000000 --- a/2022/20xxx/CVE-2022-20976.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20976", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20977.json b/2022/20xxx/CVE-2022-20977.json deleted file mode 100644 index 17b616a70a6..00000000000 --- a/2022/20xxx/CVE-2022-20977.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20977", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20978.json b/2022/20xxx/CVE-2022-20978.json deleted file mode 100644 index f7eed8057e5..00000000000 --- a/2022/20xxx/CVE-2022-20978.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20978", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20979.json b/2022/20xxx/CVE-2022-20979.json deleted file mode 100644 index ce85be6a67a..00000000000 --- a/2022/20xxx/CVE-2022-20979.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20979", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20980.json b/2022/20xxx/CVE-2022-20980.json deleted file mode 100644 index fe60ac2328a..00000000000 --- a/2022/20xxx/CVE-2022-20980.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20980", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20981.json b/2022/20xxx/CVE-2022-20981.json deleted file mode 100644 index 5467ed16068..00000000000 --- a/2022/20xxx/CVE-2022-20981.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20981", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20982.json b/2022/20xxx/CVE-2022-20982.json deleted file mode 100644 index 62f67d8a1fe..00000000000 --- a/2022/20xxx/CVE-2022-20982.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20982", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20983.json b/2022/20xxx/CVE-2022-20983.json deleted file mode 100644 index b920c86e760..00000000000 --- a/2022/20xxx/CVE-2022-20983.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20983", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20984.json b/2022/20xxx/CVE-2022-20984.json deleted file mode 100644 index 610c8352783..00000000000 --- a/2022/20xxx/CVE-2022-20984.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20984", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20985.json b/2022/20xxx/CVE-2022-20985.json deleted file mode 100644 index 71077b300db..00000000000 --- a/2022/20xxx/CVE-2022-20985.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20985", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20986.json b/2022/20xxx/CVE-2022-20986.json deleted file mode 100644 index f2e386febcb..00000000000 --- a/2022/20xxx/CVE-2022-20986.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20986", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20987.json b/2022/20xxx/CVE-2022-20987.json deleted file mode 100644 index c9713590573..00000000000 --- a/2022/20xxx/CVE-2022-20987.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20987", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20988.json b/2022/20xxx/CVE-2022-20988.json deleted file mode 100644 index 2c17b5818a8..00000000000 --- a/2022/20xxx/CVE-2022-20988.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20988", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20989.json b/2022/20xxx/CVE-2022-20989.json deleted file mode 100644 index 09570a0eada..00000000000 --- a/2022/20xxx/CVE-2022-20989.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20989", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20990.json b/2022/20xxx/CVE-2022-20990.json deleted file mode 100644 index 86a96a400e4..00000000000 --- a/2022/20xxx/CVE-2022-20990.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20990", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20991.json b/2022/20xxx/CVE-2022-20991.json deleted file mode 100644 index 9791534b566..00000000000 --- a/2022/20xxx/CVE-2022-20991.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20991", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20992.json b/2022/20xxx/CVE-2022-20992.json deleted file mode 100644 index 8c4a12ebfed..00000000000 --- a/2022/20xxx/CVE-2022-20992.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20992", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20993.json b/2022/20xxx/CVE-2022-20993.json deleted file mode 100644 index 0d0911942dc..00000000000 --- a/2022/20xxx/CVE-2022-20993.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20993", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20994.json b/2022/20xxx/CVE-2022-20994.json deleted file mode 100644 index d9dc51f954f..00000000000 --- a/2022/20xxx/CVE-2022-20994.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20994", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20995.json b/2022/20xxx/CVE-2022-20995.json deleted file mode 100644 index b91da734b08..00000000000 --- a/2022/20xxx/CVE-2022-20995.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20995", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20996.json b/2022/20xxx/CVE-2022-20996.json deleted file mode 100644 index 7da0feeaa15..00000000000 --- a/2022/20xxx/CVE-2022-20996.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20996", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20997.json b/2022/20xxx/CVE-2022-20997.json deleted file mode 100644 index 8b47db7e8fe..00000000000 --- a/2022/20xxx/CVE-2022-20997.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20997", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20998.json b/2022/20xxx/CVE-2022-20998.json deleted file mode 100644 index 047a9eb509c..00000000000 --- a/2022/20xxx/CVE-2022-20998.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20998", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/20xxx/CVE-2022-20999.json b/2022/20xxx/CVE-2022-20999.json deleted file mode 100644 index 199026b5878..00000000000 --- a/2022/20xxx/CVE-2022-20999.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-20999", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21000.json b/2022/21xxx/CVE-2022-21000.json deleted file mode 100644 index e178e70ee47..00000000000 --- a/2022/21xxx/CVE-2022-21000.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21000", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21001.json b/2022/21xxx/CVE-2022-21001.json deleted file mode 100644 index a7cce60aa5a..00000000000 --- a/2022/21xxx/CVE-2022-21001.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21001", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21002.json b/2022/21xxx/CVE-2022-21002.json deleted file mode 100644 index dc1d29c4bde..00000000000 --- a/2022/21xxx/CVE-2022-21002.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21002", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21003.json b/2022/21xxx/CVE-2022-21003.json deleted file mode 100644 index f09c2977f37..00000000000 --- a/2022/21xxx/CVE-2022-21003.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21003", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21004.json b/2022/21xxx/CVE-2022-21004.json deleted file mode 100644 index 029ba6d7640..00000000000 --- a/2022/21xxx/CVE-2022-21004.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21004", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21005.json b/2022/21xxx/CVE-2022-21005.json deleted file mode 100644 index 8e4b089ed2f..00000000000 --- a/2022/21xxx/CVE-2022-21005.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21005", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21006.json b/2022/21xxx/CVE-2022-21006.json deleted file mode 100644 index 3a3c63346df..00000000000 --- a/2022/21xxx/CVE-2022-21006.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21006", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21007.json b/2022/21xxx/CVE-2022-21007.json deleted file mode 100644 index 3fe165ddbc5..00000000000 --- a/2022/21xxx/CVE-2022-21007.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21007", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21008.json b/2022/21xxx/CVE-2022-21008.json deleted file mode 100644 index e8a53a9cf4f..00000000000 --- a/2022/21xxx/CVE-2022-21008.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21008", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21009.json b/2022/21xxx/CVE-2022-21009.json deleted file mode 100644 index 6306c007d4e..00000000000 --- a/2022/21xxx/CVE-2022-21009.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21009", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21010.json b/2022/21xxx/CVE-2022-21010.json deleted file mode 100644 index b420125024a..00000000000 --- a/2022/21xxx/CVE-2022-21010.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21010", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21011.json b/2022/21xxx/CVE-2022-21011.json deleted file mode 100644 index 87890443603..00000000000 --- a/2022/21xxx/CVE-2022-21011.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21011", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21012.json b/2022/21xxx/CVE-2022-21012.json deleted file mode 100644 index cc5fbfd83d4..00000000000 --- a/2022/21xxx/CVE-2022-21012.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21012", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21013.json b/2022/21xxx/CVE-2022-21013.json deleted file mode 100644 index 029903a86f7..00000000000 --- a/2022/21xxx/CVE-2022-21013.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21013", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21014.json b/2022/21xxx/CVE-2022-21014.json deleted file mode 100644 index 43776faeb11..00000000000 --- a/2022/21xxx/CVE-2022-21014.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21014", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21015.json b/2022/21xxx/CVE-2022-21015.json deleted file mode 100644 index 546ad1503de..00000000000 --- a/2022/21xxx/CVE-2022-21015.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21015", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21016.json b/2022/21xxx/CVE-2022-21016.json deleted file mode 100644 index b4ab6efea85..00000000000 --- a/2022/21xxx/CVE-2022-21016.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21016", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21017.json b/2022/21xxx/CVE-2022-21017.json deleted file mode 100644 index 41d96f01544..00000000000 --- a/2022/21xxx/CVE-2022-21017.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21017", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21018.json b/2022/21xxx/CVE-2022-21018.json deleted file mode 100644 index f3debf86959..00000000000 --- a/2022/21xxx/CVE-2022-21018.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21018", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21019.json b/2022/21xxx/CVE-2022-21019.json deleted file mode 100644 index 2b6f43031d2..00000000000 --- a/2022/21xxx/CVE-2022-21019.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21019", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21020.json b/2022/21xxx/CVE-2022-21020.json deleted file mode 100644 index 03191c71c3a..00000000000 --- a/2022/21xxx/CVE-2022-21020.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21020", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21021.json b/2022/21xxx/CVE-2022-21021.json deleted file mode 100644 index 0b607c58a1b..00000000000 --- a/2022/21xxx/CVE-2022-21021.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21021", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21022.json b/2022/21xxx/CVE-2022-21022.json deleted file mode 100644 index 5c5b97e5126..00000000000 --- a/2022/21xxx/CVE-2022-21022.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21022", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21023.json b/2022/21xxx/CVE-2022-21023.json deleted file mode 100644 index c82d4ebf60f..00000000000 --- a/2022/21xxx/CVE-2022-21023.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21023", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21024.json b/2022/21xxx/CVE-2022-21024.json deleted file mode 100644 index 5fbb7a37c58..00000000000 --- a/2022/21xxx/CVE-2022-21024.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21024", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21025.json b/2022/21xxx/CVE-2022-21025.json deleted file mode 100644 index a1655df661d..00000000000 --- a/2022/21xxx/CVE-2022-21025.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21025", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21026.json b/2022/21xxx/CVE-2022-21026.json deleted file mode 100644 index 0fdbb6c4ab9..00000000000 --- a/2022/21xxx/CVE-2022-21026.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21026", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21027.json b/2022/21xxx/CVE-2022-21027.json deleted file mode 100644 index d7f9eb0b179..00000000000 --- a/2022/21xxx/CVE-2022-21027.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21027", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21028.json b/2022/21xxx/CVE-2022-21028.json deleted file mode 100644 index 12796dd8281..00000000000 --- a/2022/21xxx/CVE-2022-21028.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21028", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21029.json b/2022/21xxx/CVE-2022-21029.json deleted file mode 100644 index 58d49942a35..00000000000 --- a/2022/21xxx/CVE-2022-21029.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21029", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21030.json b/2022/21xxx/CVE-2022-21030.json deleted file mode 100644 index 1dea9b1c580..00000000000 --- a/2022/21xxx/CVE-2022-21030.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21030", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21031.json b/2022/21xxx/CVE-2022-21031.json deleted file mode 100644 index f1699cd4385..00000000000 --- a/2022/21xxx/CVE-2022-21031.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21031", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21032.json b/2022/21xxx/CVE-2022-21032.json deleted file mode 100644 index 8bd49ddac75..00000000000 --- a/2022/21xxx/CVE-2022-21032.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21032", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21033.json b/2022/21xxx/CVE-2022-21033.json deleted file mode 100644 index 8907223851e..00000000000 --- a/2022/21xxx/CVE-2022-21033.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21033", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21034.json b/2022/21xxx/CVE-2022-21034.json deleted file mode 100644 index 0f14a3402c7..00000000000 --- a/2022/21xxx/CVE-2022-21034.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21034", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21035.json b/2022/21xxx/CVE-2022-21035.json deleted file mode 100644 index 251516b06a4..00000000000 --- a/2022/21xxx/CVE-2022-21035.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21035", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21036.json b/2022/21xxx/CVE-2022-21036.json deleted file mode 100644 index e951621e467..00000000000 --- a/2022/21xxx/CVE-2022-21036.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21036", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21037.json b/2022/21xxx/CVE-2022-21037.json deleted file mode 100644 index fafeea7e30d..00000000000 --- a/2022/21xxx/CVE-2022-21037.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21037", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21038.json b/2022/21xxx/CVE-2022-21038.json deleted file mode 100644 index ac316924461..00000000000 --- a/2022/21xxx/CVE-2022-21038.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21038", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21039.json b/2022/21xxx/CVE-2022-21039.json deleted file mode 100644 index 208c3860511..00000000000 --- a/2022/21xxx/CVE-2022-21039.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21039", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21040.json b/2022/21xxx/CVE-2022-21040.json deleted file mode 100644 index f0880fd9087..00000000000 --- a/2022/21xxx/CVE-2022-21040.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21040", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21041.json b/2022/21xxx/CVE-2022-21041.json deleted file mode 100644 index 9ed37115611..00000000000 --- a/2022/21xxx/CVE-2022-21041.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21041", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21042.json b/2022/21xxx/CVE-2022-21042.json deleted file mode 100644 index 1631989c968..00000000000 --- a/2022/21xxx/CVE-2022-21042.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21042", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21043.json b/2022/21xxx/CVE-2022-21043.json deleted file mode 100644 index 898bd773b27..00000000000 --- a/2022/21xxx/CVE-2022-21043.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21043", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21044.json b/2022/21xxx/CVE-2022-21044.json deleted file mode 100644 index b9cebed34dc..00000000000 --- a/2022/21xxx/CVE-2022-21044.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21044", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21045.json b/2022/21xxx/CVE-2022-21045.json deleted file mode 100644 index b604e03b4c2..00000000000 --- a/2022/21xxx/CVE-2022-21045.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21045", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21046.json b/2022/21xxx/CVE-2022-21046.json deleted file mode 100644 index 4b58c3efb71..00000000000 --- a/2022/21xxx/CVE-2022-21046.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21046", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21047.json b/2022/21xxx/CVE-2022-21047.json deleted file mode 100644 index 89729134d3d..00000000000 --- a/2022/21xxx/CVE-2022-21047.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21047", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21048.json b/2022/21xxx/CVE-2022-21048.json deleted file mode 100644 index 535f277e2ef..00000000000 --- a/2022/21xxx/CVE-2022-21048.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21048", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21049.json b/2022/21xxx/CVE-2022-21049.json deleted file mode 100644 index 5041bdd9cdb..00000000000 --- a/2022/21xxx/CVE-2022-21049.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21049", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21050.json b/2022/21xxx/CVE-2022-21050.json deleted file mode 100644 index 2c3fe3b670b..00000000000 --- a/2022/21xxx/CVE-2022-21050.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21050", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21051.json b/2022/21xxx/CVE-2022-21051.json deleted file mode 100644 index fb7fd1bb99d..00000000000 --- a/2022/21xxx/CVE-2022-21051.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21051", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21052.json b/2022/21xxx/CVE-2022-21052.json deleted file mode 100644 index 4a587c48528..00000000000 --- a/2022/21xxx/CVE-2022-21052.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21052", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21053.json b/2022/21xxx/CVE-2022-21053.json deleted file mode 100644 index 338276fe5a7..00000000000 --- a/2022/21xxx/CVE-2022-21053.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21053", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21054.json b/2022/21xxx/CVE-2022-21054.json deleted file mode 100644 index faf507c2955..00000000000 --- a/2022/21xxx/CVE-2022-21054.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21054", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21055.json b/2022/21xxx/CVE-2022-21055.json deleted file mode 100644 index b08fb4f4dbd..00000000000 --- a/2022/21xxx/CVE-2022-21055.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21055", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21056.json b/2022/21xxx/CVE-2022-21056.json deleted file mode 100644 index 5dc409aa40c..00000000000 --- a/2022/21xxx/CVE-2022-21056.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21056", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21057.json b/2022/21xxx/CVE-2022-21057.json deleted file mode 100644 index 7507ac1bd51..00000000000 --- a/2022/21xxx/CVE-2022-21057.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21057", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21058.json b/2022/21xxx/CVE-2022-21058.json deleted file mode 100644 index c4283cc25c5..00000000000 --- a/2022/21xxx/CVE-2022-21058.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21058", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21059.json b/2022/21xxx/CVE-2022-21059.json deleted file mode 100644 index df2b300769e..00000000000 --- a/2022/21xxx/CVE-2022-21059.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21059", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21060.json b/2022/21xxx/CVE-2022-21060.json deleted file mode 100644 index 68460005ac2..00000000000 --- a/2022/21xxx/CVE-2022-21060.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21060", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21061.json b/2022/21xxx/CVE-2022-21061.json deleted file mode 100644 index 41d4e253796..00000000000 --- a/2022/21xxx/CVE-2022-21061.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21061", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21062.json b/2022/21xxx/CVE-2022-21062.json deleted file mode 100644 index c6e211d70d6..00000000000 --- a/2022/21xxx/CVE-2022-21062.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21062", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21063.json b/2022/21xxx/CVE-2022-21063.json deleted file mode 100644 index f4c9a26d008..00000000000 --- a/2022/21xxx/CVE-2022-21063.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21063", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21064.json b/2022/21xxx/CVE-2022-21064.json deleted file mode 100644 index bb09a80df23..00000000000 --- a/2022/21xxx/CVE-2022-21064.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21064", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21065.json b/2022/21xxx/CVE-2022-21065.json deleted file mode 100644 index b1a58d6cfbe..00000000000 --- a/2022/21xxx/CVE-2022-21065.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21065", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21066.json b/2022/21xxx/CVE-2022-21066.json deleted file mode 100644 index cf48234a603..00000000000 --- a/2022/21xxx/CVE-2022-21066.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21066", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21067.json b/2022/21xxx/CVE-2022-21067.json deleted file mode 100644 index 1341dd2f55b..00000000000 --- a/2022/21xxx/CVE-2022-21067.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21067", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21068.json b/2022/21xxx/CVE-2022-21068.json deleted file mode 100644 index 6542edc8e53..00000000000 --- a/2022/21xxx/CVE-2022-21068.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21068", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21069.json b/2022/21xxx/CVE-2022-21069.json deleted file mode 100644 index 43b24674c34..00000000000 --- a/2022/21xxx/CVE-2022-21069.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21069", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21070.json b/2022/21xxx/CVE-2022-21070.json deleted file mode 100644 index 6696202cbaa..00000000000 --- a/2022/21xxx/CVE-2022-21070.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21070", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21071.json b/2022/21xxx/CVE-2022-21071.json deleted file mode 100644 index ed534e12ead..00000000000 --- a/2022/21xxx/CVE-2022-21071.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21071", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21072.json b/2022/21xxx/CVE-2022-21072.json deleted file mode 100644 index ec10fb5d713..00000000000 --- a/2022/21xxx/CVE-2022-21072.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21072", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21073.json b/2022/21xxx/CVE-2022-21073.json deleted file mode 100644 index bcdd5bc4169..00000000000 --- a/2022/21xxx/CVE-2022-21073.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21073", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21074.json b/2022/21xxx/CVE-2022-21074.json deleted file mode 100644 index 584ee0028b6..00000000000 --- a/2022/21xxx/CVE-2022-21074.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21074", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21075.json b/2022/21xxx/CVE-2022-21075.json deleted file mode 100644 index b060464c85e..00000000000 --- a/2022/21xxx/CVE-2022-21075.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21075", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21076.json b/2022/21xxx/CVE-2022-21076.json deleted file mode 100644 index 673fbd33844..00000000000 --- a/2022/21xxx/CVE-2022-21076.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21076", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21077.json b/2022/21xxx/CVE-2022-21077.json deleted file mode 100644 index 327a1804be8..00000000000 --- a/2022/21xxx/CVE-2022-21077.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21077", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21078.json b/2022/21xxx/CVE-2022-21078.json deleted file mode 100644 index 096a5d895da..00000000000 --- a/2022/21xxx/CVE-2022-21078.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21078", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21079.json b/2022/21xxx/CVE-2022-21079.json deleted file mode 100644 index c2c237f8202..00000000000 --- a/2022/21xxx/CVE-2022-21079.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21079", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21080.json b/2022/21xxx/CVE-2022-21080.json deleted file mode 100644 index 2a209c508f6..00000000000 --- a/2022/21xxx/CVE-2022-21080.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21080", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21081.json b/2022/21xxx/CVE-2022-21081.json deleted file mode 100644 index 68607446389..00000000000 --- a/2022/21xxx/CVE-2022-21081.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21081", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21082.json b/2022/21xxx/CVE-2022-21082.json deleted file mode 100644 index 7b6816e5af7..00000000000 --- a/2022/21xxx/CVE-2022-21082.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21082", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21083.json b/2022/21xxx/CVE-2022-21083.json deleted file mode 100644 index e8ea17b4124..00000000000 --- a/2022/21xxx/CVE-2022-21083.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21083", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21084.json b/2022/21xxx/CVE-2022-21084.json deleted file mode 100644 index c7286d5b475..00000000000 --- a/2022/21xxx/CVE-2022-21084.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21084", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21085.json b/2022/21xxx/CVE-2022-21085.json deleted file mode 100644 index e2423c138e1..00000000000 --- a/2022/21xxx/CVE-2022-21085.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21085", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21086.json b/2022/21xxx/CVE-2022-21086.json deleted file mode 100644 index 3543e50c4c7..00000000000 --- a/2022/21xxx/CVE-2022-21086.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21086", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21087.json b/2022/21xxx/CVE-2022-21087.json deleted file mode 100644 index 590737a7362..00000000000 --- a/2022/21xxx/CVE-2022-21087.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21087", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21088.json b/2022/21xxx/CVE-2022-21088.json deleted file mode 100644 index d88d6ad513e..00000000000 --- a/2022/21xxx/CVE-2022-21088.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21088", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21089.json b/2022/21xxx/CVE-2022-21089.json deleted file mode 100644 index 81fa45fef23..00000000000 --- a/2022/21xxx/CVE-2022-21089.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21089", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21090.json b/2022/21xxx/CVE-2022-21090.json deleted file mode 100644 index 3e9d5164ee1..00000000000 --- a/2022/21xxx/CVE-2022-21090.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21090", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21091.json b/2022/21xxx/CVE-2022-21091.json deleted file mode 100644 index 33aa935eeda..00000000000 --- a/2022/21xxx/CVE-2022-21091.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21091", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21092.json b/2022/21xxx/CVE-2022-21092.json deleted file mode 100644 index a80f68fa64c..00000000000 --- a/2022/21xxx/CVE-2022-21092.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21092", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21093.json b/2022/21xxx/CVE-2022-21093.json deleted file mode 100644 index 9bee60cf2db..00000000000 --- a/2022/21xxx/CVE-2022-21093.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21093", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21094.json b/2022/21xxx/CVE-2022-21094.json deleted file mode 100644 index 77b7effb8e0..00000000000 --- a/2022/21xxx/CVE-2022-21094.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21094", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21095.json b/2022/21xxx/CVE-2022-21095.json deleted file mode 100644 index 313a91bd607..00000000000 --- a/2022/21xxx/CVE-2022-21095.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21095", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21096.json b/2022/21xxx/CVE-2022-21096.json deleted file mode 100644 index a399c26e771..00000000000 --- a/2022/21xxx/CVE-2022-21096.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21096", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21097.json b/2022/21xxx/CVE-2022-21097.json deleted file mode 100644 index 71f01e6b80f..00000000000 --- a/2022/21xxx/CVE-2022-21097.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21097", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21098.json b/2022/21xxx/CVE-2022-21098.json deleted file mode 100644 index e3b569e1e65..00000000000 --- a/2022/21xxx/CVE-2022-21098.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21098", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21099.json b/2022/21xxx/CVE-2022-21099.json deleted file mode 100644 index b56213462f1..00000000000 --- a/2022/21xxx/CVE-2022-21099.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21099", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21100.json b/2022/21xxx/CVE-2022-21100.json deleted file mode 100644 index 9eef56cbdb8..00000000000 --- a/2022/21xxx/CVE-2022-21100.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21100", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21101.json b/2022/21xxx/CVE-2022-21101.json deleted file mode 100644 index 8175cfe19b0..00000000000 --- a/2022/21xxx/CVE-2022-21101.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21101", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21102.json b/2022/21xxx/CVE-2022-21102.json deleted file mode 100644 index f8b2d8e87e0..00000000000 --- a/2022/21xxx/CVE-2022-21102.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21102", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21103.json b/2022/21xxx/CVE-2022-21103.json deleted file mode 100644 index 8abf88a7200..00000000000 --- a/2022/21xxx/CVE-2022-21103.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21103", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21104.json b/2022/21xxx/CVE-2022-21104.json deleted file mode 100644 index 8bc516b4cdb..00000000000 --- a/2022/21xxx/CVE-2022-21104.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21104", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21105.json b/2022/21xxx/CVE-2022-21105.json deleted file mode 100644 index 59f170c368e..00000000000 --- a/2022/21xxx/CVE-2022-21105.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21105", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21106.json b/2022/21xxx/CVE-2022-21106.json deleted file mode 100644 index c76df22df0c..00000000000 --- a/2022/21xxx/CVE-2022-21106.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21106", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21107.json b/2022/21xxx/CVE-2022-21107.json deleted file mode 100644 index df3c96743d9..00000000000 --- a/2022/21xxx/CVE-2022-21107.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21107", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21108.json b/2022/21xxx/CVE-2022-21108.json deleted file mode 100644 index 673d8caafe5..00000000000 --- a/2022/21xxx/CVE-2022-21108.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21108", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21109.json b/2022/21xxx/CVE-2022-21109.json deleted file mode 100644 index 9100da02925..00000000000 --- a/2022/21xxx/CVE-2022-21109.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21109", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21110.json b/2022/21xxx/CVE-2022-21110.json deleted file mode 100644 index 2e69b0525a6..00000000000 --- a/2022/21xxx/CVE-2022-21110.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21110", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21111.json b/2022/21xxx/CVE-2022-21111.json deleted file mode 100644 index ec6f49aac36..00000000000 --- a/2022/21xxx/CVE-2022-21111.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21111", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21112.json b/2022/21xxx/CVE-2022-21112.json deleted file mode 100644 index 817f4227f78..00000000000 --- a/2022/21xxx/CVE-2022-21112.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21112", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21113.json b/2022/21xxx/CVE-2022-21113.json deleted file mode 100644 index 5a0f80fe2e9..00000000000 --- a/2022/21xxx/CVE-2022-21113.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21113", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21114.json b/2022/21xxx/CVE-2022-21114.json deleted file mode 100644 index 8d46fd771c1..00000000000 --- a/2022/21xxx/CVE-2022-21114.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21114", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21115.json b/2022/21xxx/CVE-2022-21115.json deleted file mode 100644 index 51034dde8ff..00000000000 --- a/2022/21xxx/CVE-2022-21115.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21115", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21116.json b/2022/21xxx/CVE-2022-21116.json deleted file mode 100644 index 8c139cb02fe..00000000000 --- a/2022/21xxx/CVE-2022-21116.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21116", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21117.json b/2022/21xxx/CVE-2022-21117.json deleted file mode 100644 index 4c7eaa7dcb6..00000000000 --- a/2022/21xxx/CVE-2022-21117.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21117", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21118.json b/2022/21xxx/CVE-2022-21118.json deleted file mode 100644 index ef0f4a0a850..00000000000 --- a/2022/21xxx/CVE-2022-21118.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21118", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21119.json b/2022/21xxx/CVE-2022-21119.json deleted file mode 100644 index 6b8cf2090a7..00000000000 --- a/2022/21xxx/CVE-2022-21119.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21119", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21120.json b/2022/21xxx/CVE-2022-21120.json deleted file mode 100644 index db021d21a24..00000000000 --- a/2022/21xxx/CVE-2022-21120.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21120", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21121.json b/2022/21xxx/CVE-2022-21121.json deleted file mode 100644 index 37baebac475..00000000000 --- a/2022/21xxx/CVE-2022-21121.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2022-21121", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file