admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 18:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-10-08 17:00:54 +00:00
parent 5480f7b408
commit e1d6a8c6de
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
16 changed files with 357 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
2021/20xxx/CVE-2021-20600.json
View File

@ -4,14 +4,68 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20600",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "MELSEC iQ-R series C Controller Module R12CCPU-V",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Uncontrolled Resource Consumption"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-015_en.pdf",
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-015_en.pdf"
},
{
"refsource": "MISC",
"name": "https://jvn.jp/vu/JVNVU94914666/index.html",
"url": "https://jvn.jp/vu/JVNVU94914666/index.html"
},
{
"refsource": "MISC",
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-280-04",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-280-04"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Uncontrolled resource consumption in MELSEC iQ-R series C Controller Module R12CCPU-V all versions allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition by sending a large number of packets in a short time while the module starting up."
}
]
}

55
2021/32xxx/CVE-2021-32029.json
View File

@ -4,14 +4,63 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-32029",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "postgresql",
"version": {
"version_data": [
{
"version_value": "postgresql 13.3, postgresql 12.7, postgresql 11.12"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1956883",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956883"
},
{
"refsource": "MISC",
"name": "https://www.postgresql.org/support/security/CVE-2021-32029/",
"url": "https://www.postgresql.org/support/security/CVE-2021-32029/"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A flaw was found in postgresql. Using an UPDATE ... RETURNING command on a purpose-crafted table, an authenticated database user could read arbitrary bytes of server memory. The highest threat from this vulnerability is to data confidentiality."
}
]
}

5
2021/35xxx/CVE-2021-35526.json
View File

@ -88,6 +88,11 @@
"name": "https://search.abb.com/library/Download.aspx?utm_campaign=&utm_content=2021.08_5051_Cybersecurity%20Advisory%3A&utm_medium=email&utm_source=Eloqua&DocumentID=9AKK107992A4700&LanguageCode=en&DocumentPartId=&Action=Launch&elqTrackId=ba79ef3d8aec4a4fad6c0cbe06d33d6c&elq=1bda419954724e908db108def16646a5&elqaid=3638&elqat=1&elqCampaignId=",
"refsource": "CONFIRM",
"url": "https://search.abb.com/library/Download.aspx?utm_campaign=&utm_content=2021.08_5051_Cybersecurity%20Advisory%3A&utm_medium=email&utm_source=Eloqua&DocumentID=9AKK107992A4700&LanguageCode=en&DocumentPartId=&Action=Launch&elqTrackId=ba79ef3d8aec4a4fad6c0cbe06d33d6c&elq=1bda419954724e908db108def16646a5&elqaid=3638&elqat=1&elqCampaignId="
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-250-02",
"refsource": "CONFIRM",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-250-02"
}
]
},

10
2021/35xxx/CVE-2021-35529.json
View File

@ -4,7 +4,7 @@
"DATE_PUBLIC": "2021-08-05T13:00:00.000Z",
"ID": "CVE-2021-35529",
"STATE": "PUBLIC",
"TITLE": "Password in Memory Vulnerability in Retail Operations Product and Counterparty Settlement Billing (CSB)"
"TITLE": "Password in Memory Vulnerability in Retail Operations Product and Counterparty Settlement and Billing (CSB)"
},
"affects": {
"vendor": {
@ -17,6 +17,7 @@
"version": {
"version_data": [
{
"platform": "prior to Build Nr. 1.2.14002.257",
"version_affected": "<=",
"version_name": "5.7.2",
"version_value": "5.7.2"
@ -25,7 +26,7 @@
}
},
{
"product_name": "Counterparty Settlement Billing (CSB)",
"product_name": "Counterparty Settlement and Billing (CSB)",
"version": {
"version_data": [
{
@ -96,6 +97,11 @@
"name": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107992A5821&LanguageCode=en&DocumentPartId=&Action=Launch",
"refsource": "CONFIRM",
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107992A5821&LanguageCode=en&DocumentPartId=&Action=Launch"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-236-02",
"refsource": "CONFIRM",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-236-02"
}
]
},

12
2021/40xxx/CVE-2021-40978.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "The mkdocs 1.2.2 built-in dev-server allows directory traversal using the port 8000, enabling remote exploitation to obtain :sensitive information."
"value": "** DISPUTED ** The mkdocs 1.2.2 built-in dev-server allows directory traversal using the port 8000, enabling remote exploitation to obtain :sensitive information. NOTE: the vendor has disputed this as described in https://github.com/mkdocs/mkdocs/issues/2601.] and https://github.com/nisdn/CVE-2021-40978/issues/1."
}
]
},
@ -61,6 +61,16 @@
"refsource": "MISC",
"name": "https://github.com/nisdn/CVE-2021-40978",
"url": "https://github.com/nisdn/CVE-2021-40978"
},
{
"refsource": "MISC",
"name": "https://github.com/mkdocs/mkdocs/issues/2601",
"url": "https://github.com/mkdocs/mkdocs/issues/2601"
},
{
"refsource": "MISC",
"name": "https://github.com/nisdn/CVE-2021-40978/issues/1",
"url": "https://github.com/nisdn/CVE-2021-40978/issues/1"
}
]
}

10
2021/41xxx/CVE-2021-41381.json
View File

@ -66,6 +66,16 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/164365/Payara-Micro-Community-5.2021.6-Directory-Traversal.html",
"url": "http://packetstormsecurity.com/files/164365/Payara-Micro-Community-5.2021.6-Directory-Traversal.html"
},
{
"refsource": "MISC",
"name": "https://github.com/Net-hunter121/CVE-2021-41381/blob/main/CVE:%202021-41381-POC",
"url": "https://github.com/Net-hunter121/CVE-2021-41381/blob/main/CVE:%202021-41381-POC"
},
{
"refsource": "MISC",
"name": "https://www.exploit-db.com/exploits/50371",
"url": "https://www.exploit-db.com/exploits/50371"
}
]
}

70
2021/41xxx/CVE-2021-41802.json
View File

@ -1,18 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-41802",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-41802",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "HashiCorp Vault and Vault Enterprise through 1.7.4 and 1.8.3 allowed a user with write permission to an entity alias ID sharing a mount accessor with another user to acquire this other user\u2019s policies by merging their identities. Fixed in Vault and Vault Enterprise 1.7.5 and 1.8.4."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://discuss.hashicorp.com/t/hcsec-2021-27-vault-merging-multiple-entity-aliases-for-the-same-mount-may-allow-privilege-escalation/",
"url": "https://discuss.hashicorp.com/t/hcsec-2021-27-vault-merging-multiple-entity-aliases-for-the-same-mount-may-allow-privilege-escalation/"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "NONE",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AC:L/AV:A/A:N/C:L/I:N/PR:H/S:C/UI:R",
"version": "3.1"
}
}
}

7
2021/41xxx/CVE-2021-41878.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "A reflected cross-site scripting (XSS) vulnerability exists in the i-Panel Administration System Version 2.0 that enables a remote attacker to execute arbitrary JavaScript code in the browser-based web console."
"value": "A reflected cross-site scripting (XSS) vulnerability exists in the i-Panel Administration System Version 2.0 that enables a remote attacker to execute arbitrary JavaScript code in the browser-based web console and it is possible to insert a vulnerable malicious button."
}
]
},
@ -56,6 +56,11 @@
"url": "https://cybergroot.com/cve_submission/2021-1/XSS_i-Panel_2.0.html",
"refsource": "MISC",
"name": "https://cybergroot.com/cve_submission/2021-1/XSS_i-Panel_2.0.html"
},
{
"refsource": "MISC",
"name": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-41878",
"url": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-41878"
}
]
}

18
2021/42xxx/CVE-2021-42101.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-42101",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/42xxx/CVE-2021-42102.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-42102",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/42xxx/CVE-2021-42103.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-42103",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/42xxx/CVE-2021-42104.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-42104",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/42xxx/CVE-2021-42105.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-42105",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/42xxx/CVE-2021-42106.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-42106",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/42xxx/CVE-2021-42107.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-42107",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/42xxx/CVE-2021-42108.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-42108",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}