admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 19:17:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-06-14 20:00:59 +00:00
parent 0268d7c1a8
commit dff021ebbc
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
7 changed files with 187 additions and 90 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
2021/0xxx/CVE-2021-0324.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-0324",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@android.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android SoC"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://source.android.com/security/bulletin/2021-05-01",
"url": "https://source.android.com/security/bulletin/2021-05-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Product: AndroidVersions: Android SoCAndroid ID: A-175402462"
}
]
}

50
2021/0xxx/CVE-2021-0467.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-0467",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@android.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android SoC"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://source.android.com/security/bulletin/2021-05-01",
"url": "https://source.android.com/security/bulletin/2021-05-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In Chromecast bootROM, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege in the bootloader, with physical USB access, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-174490700"
}
]
}

43
2021/21xxx/CVE-2021-21554.json
View File

@ -1,10 +1,10 @@
{
"CVE_data_meta": {
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2021-06-08",
"ID": "CVE-2021-21554",
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2021-06-08",
"ID": "CVE-2021-21554",
"STATE": "PUBLIC"
},
},
"affects": {
"vendor": {
"vendor_data": [
@ -12,59 +12,60 @@
"product": {
"product_data": [
{
"product_name": "PowerEdge BIOS Intel 15G",
"product_name": "PowerEdge BIOS Intel 15G",
"version": {
"version_data": [
{
"version_affected": "<",
"version_affected": "<",
"version_value": "2.9.4"
}
]
}
}
]
},
},
"vendor_name": "Dell"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"lang": "eng",
"value": "Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and, Dell Precision 7920 Rack Workstation BIOS contain a stack-based buffer overflow vulnerability in systems with Intel Optane DC Persistent Memory installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, arbitrary code execution, or information disclosure in UEFI or BIOS Preboot Environment."
}
]
},
},
"impact": {
"cvss": {
"baseScore": 6.1,
"baseSeverity": "Medium",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L",
"baseScore": 6.1,
"baseSeverity": "Medium",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L",
"version": "3.1"
}
},
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"lang": "eng",
"value": "CWE-122: Heap-based Buffer Overflow"
}
]
}
]
},
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.dell.com/support/kbdoc/000187958"
"refsource": "MISC",
"url": "https://www.dell.com/support/kbdoc/000187958",
"name": "https://www.dell.com/support/kbdoc/000187958"
}
]
}

43
2021/21xxx/CVE-2021-21555.json
View File

@ -1,10 +1,10 @@
{
"CVE_data_meta": {
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2021-06-08",
"ID": "CVE-2021-21555",
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2021-06-08",
"ID": "CVE-2021-21555",
"STATE": "PUBLIC"
},
},
"affects": {
"vendor": {
"vendor_data": [
@ -12,59 +12,60 @@
"product": {
"product_data": [
{
"product_name": "PowerEdge BIOS Intel 15G",
"product_name": "PowerEdge BIOS Intel 15G",
"version": {
"version_data": [
{
"version_affected": "<",
"version_affected": "<",
"version_value": "2.11.2"
}
]
}
}
]
},
},
"vendor_name": "Dell"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"lang": "eng",
"value": "Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and T640 Server BIOS contain a heap-based buffer overflow vulnerability in systems with NVDIMM-N installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, arbitrary code execution, or information disclosure in UEFI or BIOS Preboot Environment."
}
]
},
},
"impact": {
"cvss": {
"baseScore": 6.1,
"baseSeverity": "Medium",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L",
"baseScore": 6.1,
"baseSeverity": "Medium",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L",
"version": "3.1"
}
},
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"lang": "eng",
"value": "CWE-122: Heap-based Buffer Overflow"
}
]
}
]
},
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.dell.com/support/kbdoc/000187958"
"refsource": "MISC",
"url": "https://www.dell.com/support/kbdoc/000187958",
"name": "https://www.dell.com/support/kbdoc/000187958"
}
]
}

43
2021/21xxx/CVE-2021-21556.json
View File

@ -1,10 +1,10 @@
{
"CVE_data_meta": {
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2021-06-08",
"ID": "CVE-2021-21556",
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2021-06-08",
"ID": "CVE-2021-21556",
"STATE": "PUBLIC"
},
},
"affects": {
"vendor": {
"vendor_data": [
@ -12,59 +12,60 @@
"product": {
"product_data": [
{
"product_name": "PowerEdge BIOS Intel 15G",
"product_name": "PowerEdge BIOS Intel 15G",
"version": {
"version_data": [
{
"version_affected": "<",
"version_affected": "<",
"version_value": "2.11.2"
}
]
}
}
]
},
},
"vendor_name": "Dell"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"lang": "eng",
"value": "Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and T640 Server BIOS contain a stack-based buffer overflow vulnerability in systems with NVDIMM-N installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, arbitrary code execution, or information disclosure in UEFI or BIOS Preboot Environment."
}
]
},
},
"impact": {
"cvss": {
"baseScore": 6.1,
"baseSeverity": "Medium",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L",
"baseScore": 6.1,
"baseSeverity": "Medium",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L",
"version": "3.1"
}
},
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"lang": "eng",
"value": "CWE-121: Stack-based Buffer Overflow"
}
]
}
]
},
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.dell.com/support/kbdoc/000187958"
"refsource": "MISC",
"url": "https://www.dell.com/support/kbdoc/000187958",
"name": "https://www.dell.com/support/kbdoc/000187958"
}
]
}

43
2021/21xxx/CVE-2021-21557.json
View File

@ -1,10 +1,10 @@
{
"CVE_data_meta": {
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2021-06-08",
"ID": "CVE-2021-21557",
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2021-06-08",
"ID": "CVE-2021-21557",
"STATE": "PUBLIC"
},
},
"affects": {
"vendor": {
"vendor_data": [
@ -12,59 +12,60 @@
"product": {
"product_data": [
{
"product_name": "PowerEdge BIOS Intel 15G",
"product_name": "PowerEdge BIOS Intel 15G",
"version": {
"version_data": [
{
"version_affected": "<",
"version_affected": "<",
"version_value": "2.11.2"
}
]
}
}
]
},
},
"vendor_name": "Dell"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"lang": "eng",
"value": "Dell PowerEdge Server BIOS and select Dell Precision Rack BIOS contain an out-of-bounds array access vulnerability. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of service, arbitrary code execution, or information disclosure in System Management Mode."
}
]
},
},
"impact": {
"cvss": {
"baseScore": 8.1,
"baseSeverity": "High",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L",
"baseScore": 8.1,
"baseSeverity": "High",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
}
},
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"lang": "eng",
"value": "CWE-20: Improper Input Validation"
}
]
}
]
},
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.dell.com/support/kbdoc/000187958"
"refsource": "MISC",
"url": "https://www.dell.com/support/kbdoc/000187958",
"name": "https://www.dell.com/support/kbdoc/000187958"
}
]
}

5
2021/31xxx/CVE-2021-31946.json
View File

@ -61,6 +61,11 @@
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-671/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-671/"
},
{
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-684/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-684/"
}
]
}