admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 11:06:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-10-08 15:00:59 +00:00
parent b808983466
commit e5b722dfa8
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
16 changed files with 291 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2021/22xxx/CVE-2021-22147.json
View File

@ -53,6 +53,11 @@
"url": "https://discuss.elastic.co/t/elastic-stack-7-14-0-security-update/280344",
"refsource": "MISC",
"name": "https://discuss.elastic.co/t/elastic-stack-7-14-0-security-update/280344"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20211008-0002/",
"url": "https://security.netapp.com/advisory/ntap-20211008-0002/"
}
]
},

5
2021/25xxx/CVE-2021-25741.json
View File

@ -101,6 +101,11 @@
"refsource": "MISC",
"url": "https://github.com/kubernetes/kubernetes/issues/104980",
"name": "https://github.com/kubernetes/kubernetes/issues/104980"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20211008-0006/",
"url": "https://security.netapp.com/advisory/ntap-20211008-0006/"
}
]
},

5
2021/34xxx/CVE-2021-34798.json
View File

@ -108,6 +108,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20211002 [SECURITY] [DLA 2776-1] apache2 security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20211008-0004/",
"url": "https://security.netapp.com/advisory/ntap-20211008-0004/"
}
]
},

5
2021/35xxx/CVE-2021-35491.json
View File

@ -61,6 +61,11 @@
"refsource": "MISC",
"name": "https://www.wowza.com/docs/wowza-streaming-engine-4-8-14-release-notes",
"url": "https://www.wowza.com/docs/wowza-streaming-engine-4-8-14-release-notes"
},
{
"refsource": "MISC",
"name": "https://n4nj0.github.io/advisories/wowza-streaming-engine-i/",
"url": "https://n4nj0.github.io/advisories/wowza-streaming-engine-i/"
}
]
}

56
2021/35xxx/CVE-2021-35977.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-35977",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-35977",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in Digi RealPort for Windows through 4.8.488.0. A buffer overflow exists in the handling of ADDP discovery response messages. This could result in arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://raw.githubusercontent.com/reidmefirst/vuln-disclosure/main/2021-02.txt",
"url": "https://raw.githubusercontent.com/reidmefirst/vuln-disclosure/main/2021-02.txt"
}
]
}

56
2021/35xxx/CVE-2021-35979.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-35979",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-35979",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in Digi RealPort through 4.8.488.0. The 'encrypted' mode is vulnerable to man-in-the-middle attacks and does not perform authentication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://raw.githubusercontent.com/reidmefirst/vuln-disclosure/main/2021-02.txt",
"url": "https://raw.githubusercontent.com/reidmefirst/vuln-disclosure/main/2021-02.txt"
}
]
}

5
2021/36xxx/CVE-2021-36160.json
View File

@ -138,6 +138,11 @@
"refsource": "MLIST",
"name": "[httpd-bugs] 20211006 [Bug 65616] CVE-2021-36160 regression",
"url": "https://lists.apache.org/thread.html/r7f2746e916ed370239bc1a1025e5ebbf345f79df9ea0ea39e44acfbb@%3Cbugs.httpd.apache.org%3E"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20211008-0004/",
"url": "https://security.netapp.com/advisory/ntap-20211008-0004/"
}
]
},

56
2021/36xxx/CVE-2021-36767.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-36767",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-36767",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In Digi RealPort through 4.8.488.0, authentication relies on a challenge-response mechanism that gives access to the server password, making the protection ineffective. An attacker may send an unauthenticated request to the server. The server will reply with a weakly-hashed version of the server's access password. The attacker may then crack this hash offline in order to successfully login to the server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://raw.githubusercontent.com/reidmefirst/vuln-disclosure/main/2021-02.txt",
"url": "https://raw.githubusercontent.com/reidmefirst/vuln-disclosure/main/2021-02.txt"
}
]
}

5
2021/38xxx/CVE-2021-38300.json
View File

@ -56,6 +56,11 @@
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2021/09/15/5",
"url": "http://www.openwall.com/lists/oss-security/2021/09/15/5"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20211008-0003/",
"url": "https://security.netapp.com/advisory/ntap-20211008-0003/"
}
]
}

5
2021/39xxx/CVE-2021-39275.json
View File

@ -108,6 +108,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20211002 [SECURITY] [DLA 2776-1] apache2 security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20211008-0004/",
"url": "https://security.netapp.com/advisory/ntap-20211008-0004/"
}
]
},

61
2021/3xxx/CVE-2021-3312.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3312",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-3312",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An XML external entity (XXE) vulnerability in Alkacon OpenCms 11.0, 11.0.1 and 11.0.2 allows remote authenticated users with edit privileges to exfiltrate files from the server's file system by uploading a crafted SVG document."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/alkacon/opencms-core/releases",
"refsource": "MISC",
"name": "https://github.com/alkacon/opencms-core/releases"
},
{
"refsource": "MISC",
"name": "https://github.com/alkacon/opencms-core/issues/725",
"url": "https://github.com/alkacon/opencms-core/issues/725"
}
]
}

18
2021/3xxx/CVE-2021-3870.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3870",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/3xxx/CVE-2021-3871.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3871",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

5
2021/40xxx/CVE-2021-40438.json
View File

@ -108,6 +108,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20211002 [SECURITY] [DLA 2776-1] apache2 security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20211008-0004/",
"url": "https://security.netapp.com/advisory/ntap-20211008-0004/"
}
]
},

5
2021/40xxx/CVE-2021-40839.json
View File

@ -71,6 +71,11 @@
"url": "https://pypi.org/project/rencode/#history",
"refsource": "MISC",
"name": "https://pypi.org/project/rencode/#history"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20211008-0001/",
"url": "https://security.netapp.com/advisory/ntap-20211008-0001/"
}
]
}

5
2021/41xxx/CVE-2021-41079.json
View File

@ -88,6 +88,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210922 [SECURITY] [DLA 2764-1] tomcat8 security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00012.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20211008-0005/",
"url": "https://security.netapp.com/advisory/ntap-20211008-0005/"
}
]
},