diff --git a/2021/27xxx/CVE-2021-27229.json b/2021/27xxx/CVE-2021-27229.json new file mode 100644 index 00000000000..de6326346fd --- /dev/null +++ b/2021/27xxx/CVE-2021-27229.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2021-27229", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Mumble before 1.3.4 allows remote code execution if a victim navigates to a crafted URL on a server list and clicks on the Open Webpage text." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/mumble-voip/mumble/compare/1.3.3...1.3.4", + "refsource": "MISC", + "name": "https://github.com/mumble-voip/mumble/compare/1.3.3...1.3.4" + }, + { + "url": "https://github.com/mumble-voip/mumble/pull/4733", + "refsource": "MISC", + "name": "https://github.com/mumble-voip/mumble/pull/4733" + }, + { + "url": "https://github.com/mumble-voip/mumble/commit/e59ee87abe249f345908c7d568f6879d16bfd648", + "refsource": "MISC", + "name": "https://github.com/mumble-voip/mumble/commit/e59ee87abe249f345908c7d568f6879d16bfd648" + } + ] + } +} \ No newline at end of file diff --git a/2021/27xxx/CVE-2021-27230.json b/2021/27xxx/CVE-2021-27230.json new file mode 100644 index 00000000000..c334eed5329 --- /dev/null +++ b/2021/27xxx/CVE-2021-27230.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-27230", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/27xxx/CVE-2021-27231.json b/2021/27xxx/CVE-2021-27231.json new file mode 100644 index 00000000000..f2efa6530a2 --- /dev/null +++ b/2021/27xxx/CVE-2021-27231.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2021-27231", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Hestia Control Panel through 1.3.3, in a shared-hosting environment, sometimes allows remote authenticated users to create a subdomain for a different customer's domain name, leading to spoofing of services or email messages." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/hestiacp/hestiacp/issues/1622", + "refsource": "MISC", + "name": "https://github.com/hestiacp/hestiacp/issues/1622" + }, + { + "url": "https://www.hestiacp.com/", + "refsource": "MISC", + "name": "https://www.hestiacp.com/" + } + ] + } +} \ No newline at end of file diff --git a/2021/27xxx/CVE-2021-27232.json b/2021/27xxx/CVE-2021-27232.json new file mode 100644 index 00000000000..9508bdfbc00 --- /dev/null +++ b/2021/27xxx/CVE-2021-27232.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-27232", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/27xxx/CVE-2021-27233.json b/2021/27xxx/CVE-2021-27233.json new file mode 100644 index 00000000000..e93410e7be0 --- /dev/null +++ b/2021/27xxx/CVE-2021-27233.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2021-27233", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. On the admin portal of the web application, password information for external systems is visible in cleartext. The Settings.asp page is affected by this issue." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.mutare.com/security-adv-mutare-2021-004-mutare-voice/", + "refsource": "MISC", + "name": "https://www.mutare.com/security-adv-mutare-2021-004-mutare-voice/" + } + ] + } +} \ No newline at end of file diff --git a/2021/27xxx/CVE-2021-27234.json b/2021/27xxx/CVE-2021-27234.json new file mode 100644 index 00000000000..980d52943c2 --- /dev/null +++ b/2021/27xxx/CVE-2021-27234.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2021-27234", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. The web application suffers from SQL injection on Adminlog.asp, Archivemsgs.asp, Deletelog.asp, Eventlog.asp, and Evmlog.asp." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.mutare.com/security-adv-mutare-2021-002-mutare-voice/", + "refsource": "MISC", + "name": "https://www.mutare.com/security-adv-mutare-2021-002-mutare-voice/" + } + ] + } +} \ No newline at end of file diff --git a/2021/27xxx/CVE-2021-27235.json b/2021/27xxx/CVE-2021-27235.json new file mode 100644 index 00000000000..eda41d18a83 --- /dev/null +++ b/2021/27xxx/CVE-2021-27235.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2021-27235", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. On the admin portal of the web application, there is a functionality at diagzip.asp that allows anyone to export tables of a database." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.mutare.com/security-adv-mutare-2021-003-mutare-voice/", + "refsource": "MISC", + "name": "https://www.mutare.com/security-adv-mutare-2021-003-mutare-voice/" + } + ] + } +} \ No newline at end of file diff --git a/2021/27xxx/CVE-2021-27236.json b/2021/27xxx/CVE-2021-27236.json new file mode 100644 index 00000000000..919ea869913 --- /dev/null +++ b/2021/27xxx/CVE-2021-27236.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2021-27236", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. getfile.asp allows Unauthenticated Local File Inclusion, which can be leveraged to achieve Remote Code Execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.mutare.com/security-adv-mutare-2021-001-mutare-voice/", + "refsource": "MISC", + "name": "https://www.mutare.com/security-adv-mutare-2021-001-mutare-voice/" + } + ] + } +} \ No newline at end of file diff --git a/2021/27xxx/CVE-2021-27237.json b/2021/27xxx/CVE-2021-27237.json new file mode 100644 index 00000000000..327b22a78d0 --- /dev/null +++ b/2021/27xxx/CVE-2021-27237.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-27237", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/27xxx/CVE-2021-27238.json b/2021/27xxx/CVE-2021-27238.json new file mode 100644 index 00000000000..1f6260b3cdf --- /dev/null +++ b/2021/27xxx/CVE-2021-27238.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-27238", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file