From ebbeb9ffe94bcd23c45e2200a21219e74bbcaec0 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 18 Mar 2021 16:00:47 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2020/13xxx/CVE-2020-13949.json | 5 +++ 2020/17xxx/CVE-2020-17457.json | 5 +++ 2021/23xxx/CVE-2021-23337.json | 29 +++------------ 2021/24xxx/CVE-2021-24123.json | 5 ++- 2021/24xxx/CVE-2021-24124.json | 5 ++- 2021/24xxx/CVE-2021-24125.json | 5 ++- 2021/24xxx/CVE-2021-24126.json | 5 ++- 2021/24xxx/CVE-2021-24127.json | 5 ++- 2021/24xxx/CVE-2021-24128.json | 5 ++- 2021/24xxx/CVE-2021-24129.json | 5 ++- 2021/24xxx/CVE-2021-24130.json | 5 ++- 2021/24xxx/CVE-2021-24131.json | 5 ++- 2021/24xxx/CVE-2021-24132.json | 5 ++- 2021/24xxx/CVE-2021-24133.json | 5 ++- 2021/24xxx/CVE-2021-24134.json | 5 ++- 2021/24xxx/CVE-2021-24135.json | 5 ++- 2021/24xxx/CVE-2021-24136.json | 7 ++-- 2021/24xxx/CVE-2021-24137.json | 5 ++- 2021/24xxx/CVE-2021-24138.json | 5 ++- 2021/24xxx/CVE-2021-24139.json | 5 ++- 2021/24xxx/CVE-2021-24140.json | 5 ++- 2021/24xxx/CVE-2021-24141.json | 5 ++- 2021/24xxx/CVE-2021-24142.json | 5 ++- 2021/24xxx/CVE-2021-24143.json | 5 ++- 2021/24xxx/CVE-2021-24144.json | 5 ++- 2021/24xxx/CVE-2021-24145.json | 5 ++- 2021/24xxx/CVE-2021-24146.json | 5 ++- 2021/24xxx/CVE-2021-24147.json | 5 ++- 2021/24xxx/CVE-2021-24148.json | 5 ++- 2021/24xxx/CVE-2021-24149.json | 5 ++- 2021/26xxx/CVE-2021-26215.json | 61 ++++++++++++++++++++++++++++--- 2021/26xxx/CVE-2021-26216.json | 61 ++++++++++++++++++++++++++++--- 2021/26xxx/CVE-2021-26855.json | 5 +++ 2021/27xxx/CVE-2021-27292.json | 5 +++ 2021/28xxx/CVE-2021-28145.json | 61 ++++++++++++++++++++++++++++--- 2021/28xxx/CVE-2021-28788.json | 18 +++++++++ 2021/28xxx/CVE-2021-28789.json | 62 +++++++++++++++++++++++++++++++ 2021/28xxx/CVE-2021-28790.json | 62 +++++++++++++++++++++++++++++++ 2021/28xxx/CVE-2021-28791.json | 62 +++++++++++++++++++++++++++++++ 2021/28xxx/CVE-2021-28792.json | 62 +++++++++++++++++++++++++++++++ 2021/28xxx/CVE-2021-28793.json | 18 +++++++++ 2021/28xxx/CVE-2021-28794.json | 67 ++++++++++++++++++++++++++++++++++ 2021/28xxx/CVE-2021-28795.json | 18 +++++++++ 2021/28xxx/CVE-2021-28796.json | 62 +++++++++++++++++++++++++++++++ 2021/3xxx/CVE-2021-3111.json | 5 +++ 45 files changed, 708 insertions(+), 97 deletions(-) create mode 100644 2021/28xxx/CVE-2021-28788.json create mode 100644 2021/28xxx/CVE-2021-28789.json create mode 100644 2021/28xxx/CVE-2021-28790.json create mode 100644 2021/28xxx/CVE-2021-28791.json create mode 100644 2021/28xxx/CVE-2021-28792.json create mode 100644 2021/28xxx/CVE-2021-28793.json create mode 100644 2021/28xxx/CVE-2021-28794.json create mode 100644 2021/28xxx/CVE-2021-28795.json create mode 100644 2021/28xxx/CVE-2021-28796.json diff --git a/2020/13xxx/CVE-2020-13949.json b/2020/13xxx/CVE-2020-13949.json index b43eb9ba746..7de6154d60d 100644 --- a/2020/13xxx/CVE-2020-13949.json +++ b/2020/13xxx/CVE-2020-13949.json @@ -243,6 +243,11 @@ "refsource": "MLIST", "name": "[hbase-issues] 20210317 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "url": "https://lists.apache.org/thread.html/r02ba8db500d15a5949e9a7742815438002ba1cf1b361bdda52ed40ca@%3Cissues.hbase.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[hbase-issues] 20210318 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", + "url": "https://lists.apache.org/thread.html/r8dfbefcd606af6737b62461a45a9af9222040b62eab474ff2287cf75@%3Cissues.hbase.apache.org%3E" } ] }, diff --git a/2020/17xxx/CVE-2020-17457.json b/2020/17xxx/CVE-2020-17457.json index 2103eedfcb7..c8eac6fd72f 100644 --- a/2020/17xxx/CVE-2020-17457.json +++ b/2020/17xxx/CVE-2020-17457.json @@ -56,6 +56,11 @@ "refsource": "MISC", "name": "https://www.gruppotim.it/redteam", "url": "https://www.gruppotim.it/redteam" + }, + { + "refsource": "CONFIRM", + "name": "https://support.ts.fujitsu.com/IndexDownload.asp?Softwareguid=C67A44AE-B022-4150-8621-C4393C007ED9", + "url": "https://support.ts.fujitsu.com/IndexDownload.asp?Softwareguid=C67A44AE-B022-4150-8621-C4393C007ED9" } ] } diff --git a/2021/23xxx/CVE-2021-23337.json b/2021/23xxx/CVE-2021-23337.json index 0e314209086..4da1551888e 100644 --- a/2021/23xxx/CVE-2021-23337.json +++ b/2021/23xxx/CVE-2021-23337.json @@ -13,40 +13,21 @@ "vendor": { "vendor_data": [ { + "vendor_name": "n/a", "product": { "product_data": [ { - "product_name": "lodash", + "product_name": "Lodash", "version": { "version_data": [ { - "version_affected": ">=", - "version_value": "0" + "version_value": "prior to 4.17.21" } ] } } ] - }, - "vendor_name": "n/a" - }, - { - "product": { - "product_data": [ - { - "product_name": "org.fujion.webjars:lodash", - "version": { - "version_data": [ - { - "version_affected": ">=", - "version_value": "0" - } - ] - } - } - ] - }, - "vendor_name": "n/a" + } } ] } @@ -111,7 +92,7 @@ "description_data": [ { "lang": "eng", - "value": "All versions of package lodash; all versions of package org.fujion.webjars:lodash are vulnerable to Command Injection via template." + "value": "Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function." } ] }, diff --git a/2021/24xxx/CVE-2021-24123.json b/2021/24xxx/CVE-2021-24123.json index 47c6d238d92..d4b3b5e70e5 100644 --- a/2021/24xxx/CVE-2021-24123.json +++ b/2021/24xxx/CVE-2021-24123.json @@ -65,8 +65,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://wpscan.com/vulnerability/43aa30bf-eaf8-467a-93a1-78f9bdb37b36" + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/43aa30bf-eaf8-467a-93a1-78f9bdb37b36", + "name": "https://wpscan.com/vulnerability/43aa30bf-eaf8-467a-93a1-78f9bdb37b36" } ] }, diff --git a/2021/24xxx/CVE-2021-24124.json b/2021/24xxx/CVE-2021-24124.json index 21887955551..58409143151 100644 --- a/2021/24xxx/CVE-2021-24124.json +++ b/2021/24xxx/CVE-2021-24124.json @@ -65,8 +65,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://wpscan.com/vulnerability/8d0eb0b4-0cc0-44e5-b720-90b01df3a6ee" + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/8d0eb0b4-0cc0-44e5-b720-90b01df3a6ee", + "name": "https://wpscan.com/vulnerability/8d0eb0b4-0cc0-44e5-b720-90b01df3a6ee" } ] }, diff --git a/2021/24xxx/CVE-2021-24125.json b/2021/24xxx/CVE-2021-24125.json index e87dcb3c241..604d602cb38 100644 --- a/2021/24xxx/CVE-2021-24125.json +++ b/2021/24xxx/CVE-2021-24125.json @@ -65,8 +65,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://wpscan.com/vulnerability/8591b3c9-b041-4ff5-b8d9-6f9f81041178" + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/8591b3c9-b041-4ff5-b8d9-6f9f81041178", + "name": "https://wpscan.com/vulnerability/8591b3c9-b041-4ff5-b8d9-6f9f81041178" } ] }, diff --git a/2021/24xxx/CVE-2021-24126.json b/2021/24xxx/CVE-2021-24126.json index 60b214dc4ba..9535ce8a29a 100644 --- a/2021/24xxx/CVE-2021-24126.json +++ b/2021/24xxx/CVE-2021-24126.json @@ -65,8 +65,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://wpscan.com/vulnerability/f3952bd1-ac2f-4007-9e19-6c44a22465f3" + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/f3952bd1-ac2f-4007-9e19-6c44a22465f3", + "name": "https://wpscan.com/vulnerability/f3952bd1-ac2f-4007-9e19-6c44a22465f3" } ] }, diff --git a/2021/24xxx/CVE-2021-24127.json b/2021/24xxx/CVE-2021-24127.json index 2a734f032f7..a61148a7747 100644 --- a/2021/24xxx/CVE-2021-24127.json +++ b/2021/24xxx/CVE-2021-24127.json @@ -65,8 +65,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://wpscan.com/vulnerability/1fbd9f7a-6f99-45a2-9d57-01631a1f35d6" + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/1fbd9f7a-6f99-45a2-9d57-01631a1f35d6", + "name": "https://wpscan.com/vulnerability/1fbd9f7a-6f99-45a2-9d57-01631a1f35d6" } ] }, diff --git a/2021/24xxx/CVE-2021-24128.json b/2021/24xxx/CVE-2021-24128.json index d46ea729daa..24788320150 100644 --- a/2021/24xxx/CVE-2021-24128.json +++ b/2021/24xxx/CVE-2021-24128.json @@ -65,8 +65,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://wpscan.com/vulnerability/11dc3325-e696-4c9e-ba10-968416d5c864" + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/11dc3325-e696-4c9e-ba10-968416d5c864", + "name": "https://wpscan.com/vulnerability/11dc3325-e696-4c9e-ba10-968416d5c864" } ] }, diff --git a/2021/24xxx/CVE-2021-24129.json b/2021/24xxx/CVE-2021-24129.json index dc9f684017d..2448e44b375 100644 --- a/2021/24xxx/CVE-2021-24129.json +++ b/2021/24xxx/CVE-2021-24129.json @@ -65,8 +65,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://wpscan.com/vulnerability/c8537e5f-1948-418b-9d29-3cf50cd8f9a6" + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/c8537e5f-1948-418b-9d29-3cf50cd8f9a6", + "name": "https://wpscan.com/vulnerability/c8537e5f-1948-418b-9d29-3cf50cd8f9a6" } ] }, diff --git a/2021/24xxx/CVE-2021-24130.json b/2021/24xxx/CVE-2021-24130.json index 9ed8f2eae0b..9a68a25565c 100644 --- a/2021/24xxx/CVE-2021-24130.json +++ b/2021/24xxx/CVE-2021-24130.json @@ -65,8 +65,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://wpscan.com/vulnerability/46af9a4d-67ac-4e08-a753-a2a44245f4f8" + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/46af9a4d-67ac-4e08-a753-a2a44245f4f8", + "name": "https://wpscan.com/vulnerability/46af9a4d-67ac-4e08-a753-a2a44245f4f8" } ] }, diff --git a/2021/24xxx/CVE-2021-24131.json b/2021/24xxx/CVE-2021-24131.json index 5eec560532d..66c31ab3ee8 100644 --- a/2021/24xxx/CVE-2021-24131.json +++ b/2021/24xxx/CVE-2021-24131.json @@ -65,8 +65,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://wpscan.com/vulnerability/1bc28021-28c0-43fa-b89e-6b93c345e5d8" + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/1bc28021-28c0-43fa-b89e-6b93c345e5d8", + "name": "https://wpscan.com/vulnerability/1bc28021-28c0-43fa-b89e-6b93c345e5d8" } ] }, diff --git a/2021/24xxx/CVE-2021-24132.json b/2021/24xxx/CVE-2021-24132.json index e9ca6e63018..24e56d3b9d6 100644 --- a/2021/24xxx/CVE-2021-24132.json +++ b/2021/24xxx/CVE-2021-24132.json @@ -65,8 +65,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://wpscan.com/vulnerability/c1f45000-6c16-4606-be80-1938a755af2c" + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/c1f45000-6c16-4606-be80-1938a755af2c", + "name": "https://wpscan.com/vulnerability/c1f45000-6c16-4606-be80-1938a755af2c" } ] }, diff --git a/2021/24xxx/CVE-2021-24133.json b/2021/24xxx/CVE-2021-24133.json index 4f99f327102..cfc58283740 100644 --- a/2021/24xxx/CVE-2021-24133.json +++ b/2021/24xxx/CVE-2021-24133.json @@ -65,8 +65,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://wpscan.com/vulnerability/a72a5be4-654b-496f-94cd-3814c0e40120" + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/a72a5be4-654b-496f-94cd-3814c0e40120", + "name": "https://wpscan.com/vulnerability/a72a5be4-654b-496f-94cd-3814c0e40120" } ] }, diff --git a/2021/24xxx/CVE-2021-24134.json b/2021/24xxx/CVE-2021-24134.json index 1f970674f94..94338aaeb88 100644 --- a/2021/24xxx/CVE-2021-24134.json +++ b/2021/24xxx/CVE-2021-24134.json @@ -65,8 +65,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://wpscan.com/vulnerability/8f3cca92-d072-4806-9142-7f1a987f840b" + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/8f3cca92-d072-4806-9142-7f1a987f840b", + "name": "https://wpscan.com/vulnerability/8f3cca92-d072-4806-9142-7f1a987f840b" } ] }, diff --git a/2021/24xxx/CVE-2021-24135.json b/2021/24xxx/CVE-2021-24135.json index 9c8f5ff8b72..177e00f371d 100644 --- a/2021/24xxx/CVE-2021-24135.json +++ b/2021/24xxx/CVE-2021-24135.json @@ -65,8 +65,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://wpscan.com/vulnerability/07e9e70b-97a6-42e3-b0de-8cb69dedcbd3" + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/07e9e70b-97a6-42e3-b0de-8cb69dedcbd3", + "name": "https://wpscan.com/vulnerability/07e9e70b-97a6-42e3-b0de-8cb69dedcbd3" } ] }, diff --git a/2021/24xxx/CVE-2021-24136.json b/2021/24xxx/CVE-2021-24136.json index 8cabe1ed7be..fc70d0615e2 100644 --- a/2021/24xxx/CVE-2021-24136.json +++ b/2021/24xxx/CVE-2021-24136.json @@ -43,7 +43,7 @@ "description_data": [ { "lang": "eng", - "value": "Unvalidated input and lack of output encoding in the Testimonials Widget WordPress plugin, versions before 4.0.0, lead to multiple Cross-Site Scripting vulnerabilities, allowing remote attackers to inject arbitrary JavaScript code or HTML via the below parameters:\n\n- Author\n- Job Title\n- Location\n- Company\n- Email\n- URL" + "value": "Unvalidated input and lack of output encoding in the Testimonials Widget WordPress plugin, versions before 4.0.0, lead to multiple Cross-Site Scripting vulnerabilities, allowing remote attackers to inject arbitrary JavaScript code or HTML via the below parameters: - Author - Job Title - Location - Company - Email - URL" } ] }, @@ -65,8 +65,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://wpscan.com/vulnerability/537ee410-3833-4e88-9d4a-ee3c72b44ca1" + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/537ee410-3833-4e88-9d4a-ee3c72b44ca1", + "name": "https://wpscan.com/vulnerability/537ee410-3833-4e88-9d4a-ee3c72b44ca1" } ] }, diff --git a/2021/24xxx/CVE-2021-24137.json b/2021/24xxx/CVE-2021-24137.json index ef3c7caf713..f4dbbff94f7 100644 --- a/2021/24xxx/CVE-2021-24137.json +++ b/2021/24xxx/CVE-2021-24137.json @@ -65,8 +65,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://wpscan.com/vulnerability/9eb94e55-765b-4df5-baea-b247ef72aef3" + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/9eb94e55-765b-4df5-baea-b247ef72aef3", + "name": "https://wpscan.com/vulnerability/9eb94e55-765b-4df5-baea-b247ef72aef3" } ] }, diff --git a/2021/24xxx/CVE-2021-24138.json b/2021/24xxx/CVE-2021-24138.json index e5d557298e9..1a28e3ce031 100644 --- a/2021/24xxx/CVE-2021-24138.json +++ b/2021/24xxx/CVE-2021-24138.json @@ -65,8 +65,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://wpscan.com/vulnerability/aafac655-3616-4b27-9d0f-1cbc2faf0151" + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/aafac655-3616-4b27-9d0f-1cbc2faf0151", + "name": "https://wpscan.com/vulnerability/aafac655-3616-4b27-9d0f-1cbc2faf0151" } ] }, diff --git a/2021/24xxx/CVE-2021-24139.json b/2021/24xxx/CVE-2021-24139.json index 20872577ca3..66e8fb47417 100644 --- a/2021/24xxx/CVE-2021-24139.json +++ b/2021/24xxx/CVE-2021-24139.json @@ -65,8 +65,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://wpscan.com/vulnerability/2e33088e-7b93-44af-aa6a-e5d924f86e28" + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/2e33088e-7b93-44af-aa6a-e5d924f86e28", + "name": "https://wpscan.com/vulnerability/2e33088e-7b93-44af-aa6a-e5d924f86e28" } ] }, diff --git a/2021/24xxx/CVE-2021-24140.json b/2021/24xxx/CVE-2021-24140.json index 9d713af1efc..60369f03f43 100644 --- a/2021/24xxx/CVE-2021-24140.json +++ b/2021/24xxx/CVE-2021-24140.json @@ -65,8 +65,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://wpscan.com/vulnerability/1876312e-3dba-4909-97a5-afbb76fbc056" + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/1876312e-3dba-4909-97a5-afbb76fbc056", + "name": "https://wpscan.com/vulnerability/1876312e-3dba-4909-97a5-afbb76fbc056" } ] }, diff --git a/2021/24xxx/CVE-2021-24141.json b/2021/24xxx/CVE-2021-24141.json index df7296fa8fd..86e75d3337e 100644 --- a/2021/24xxx/CVE-2021-24141.json +++ b/2021/24xxx/CVE-2021-24141.json @@ -65,8 +65,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://wpscan.com/vulnerability/5c8adca0-fe19-4624-81ef-465b8d007f93" + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/5c8adca0-fe19-4624-81ef-465b8d007f93", + "name": "https://wpscan.com/vulnerability/5c8adca0-fe19-4624-81ef-465b8d007f93" } ] }, diff --git a/2021/24xxx/CVE-2021-24142.json b/2021/24xxx/CVE-2021-24142.json index 1a41b68ac2d..5f9b5f4c50c 100644 --- a/2021/24xxx/CVE-2021-24142.json +++ b/2021/24xxx/CVE-2021-24142.json @@ -65,8 +65,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://wpscan.com/vulnerability/19800898-d7b6-4edd-887b-dac3c0597f14" + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/19800898-d7b6-4edd-887b-dac3c0597f14", + "name": "https://wpscan.com/vulnerability/19800898-d7b6-4edd-887b-dac3c0597f14" } ] }, diff --git a/2021/24xxx/CVE-2021-24143.json b/2021/24xxx/CVE-2021-24143.json index 0977b79052c..0931a597c8e 100644 --- a/2021/24xxx/CVE-2021-24143.json +++ b/2021/24xxx/CVE-2021-24143.json @@ -65,8 +65,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://wpscan.com/vulnerability/02c5e10c-1ac7-447e-8ae5-b6d251be750b" + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/02c5e10c-1ac7-447e-8ae5-b6d251be750b", + "name": "https://wpscan.com/vulnerability/02c5e10c-1ac7-447e-8ae5-b6d251be750b" } ] }, diff --git a/2021/24xxx/CVE-2021-24144.json b/2021/24xxx/CVE-2021-24144.json index 990e838d7e7..8bf0e1d91ad 100644 --- a/2021/24xxx/CVE-2021-24144.json +++ b/2021/24xxx/CVE-2021-24144.json @@ -65,8 +65,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://wpscan.com/vulnerability/143cdaff-c536-4ff9-8d64-c617511ddd48" + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/143cdaff-c536-4ff9-8d64-c617511ddd48", + "name": "https://wpscan.com/vulnerability/143cdaff-c536-4ff9-8d64-c617511ddd48" } ] }, diff --git a/2021/24xxx/CVE-2021-24145.json b/2021/24xxx/CVE-2021-24145.json index 50eb4713480..ba6d20622d1 100644 --- a/2021/24xxx/CVE-2021-24145.json +++ b/2021/24xxx/CVE-2021-24145.json @@ -65,8 +65,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://wpscan.com/vulnerability/f42cc26b-9aab-4824-8168-b5b8571d1610" + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/f42cc26b-9aab-4824-8168-b5b8571d1610", + "name": "https://wpscan.com/vulnerability/f42cc26b-9aab-4824-8168-b5b8571d1610" } ] }, diff --git a/2021/24xxx/CVE-2021-24146.json b/2021/24xxx/CVE-2021-24146.json index 8bd401e2525..9d27b4385d0 100644 --- a/2021/24xxx/CVE-2021-24146.json +++ b/2021/24xxx/CVE-2021-24146.json @@ -65,8 +65,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://wpscan.com/vulnerability/c7b1ebd6-3050-4725-9c87-0ea525f8fecc" + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/c7b1ebd6-3050-4725-9c87-0ea525f8fecc", + "name": "https://wpscan.com/vulnerability/c7b1ebd6-3050-4725-9c87-0ea525f8fecc" } ] }, diff --git a/2021/24xxx/CVE-2021-24147.json b/2021/24xxx/CVE-2021-24147.json index 788010db723..0b0924be3f1 100644 --- a/2021/24xxx/CVE-2021-24147.json +++ b/2021/24xxx/CVE-2021-24147.json @@ -65,8 +65,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://wpscan.com/vulnerability/0f9ba284-5d7e-4092-8344-c68316b0146f" + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/0f9ba284-5d7e-4092-8344-c68316b0146f", + "name": "https://wpscan.com/vulnerability/0f9ba284-5d7e-4092-8344-c68316b0146f" } ] }, diff --git a/2021/24xxx/CVE-2021-24148.json b/2021/24xxx/CVE-2021-24148.json index 3454e89bf61..3ad6247992c 100644 --- a/2021/24xxx/CVE-2021-24148.json +++ b/2021/24xxx/CVE-2021-24148.json @@ -65,8 +65,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://wpscan.com/vulnerability/bf5ddc43-974d-41fa-8276-c1a27d3cc882" + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/bf5ddc43-974d-41fa-8276-c1a27d3cc882", + "name": "https://wpscan.com/vulnerability/bf5ddc43-974d-41fa-8276-c1a27d3cc882" } ] }, diff --git a/2021/24xxx/CVE-2021-24149.json b/2021/24xxx/CVE-2021-24149.json index ea0bc61299c..f1c170bc70c 100644 --- a/2021/24xxx/CVE-2021-24149.json +++ b/2021/24xxx/CVE-2021-24149.json @@ -65,8 +65,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://wpscan.com/vulnerability/26819680-22a8-4348-b63d-dc52c0d50ed0" + "refsource": "MISC", + "url": "https://wpscan.com/vulnerability/26819680-22a8-4348-b63d-dc52c0d50ed0", + "name": "https://wpscan.com/vulnerability/26819680-22a8-4348-b63d-dc52c0d50ed0" } ] }, diff --git a/2021/26xxx/CVE-2021-26215.json b/2021/26xxx/CVE-2021-26215.json index e5d662cccaf..54a6717bea5 100644 --- a/2021/26xxx/CVE-2021-26215.json +++ b/2021/26xxx/CVE-2021-26215.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-26215", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-26215", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SeedDMS 5.1.x is affected by cross-site request forgery (CSRF) in out.EditDocument.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://seeddms.com", + "refsource": "MISC", + "name": "http://seeddms.com" + }, + { + "refsource": "MISC", + "name": "https://tuhin1729.medium.com/cve-2021-26215-7ce6800be822", + "url": "https://tuhin1729.medium.com/cve-2021-26215-7ce6800be822" } ] } diff --git a/2021/26xxx/CVE-2021-26216.json b/2021/26xxx/CVE-2021-26216.json index 7efe2a2eb6e..11791cf523f 100644 --- a/2021/26xxx/CVE-2021-26216.json +++ b/2021/26xxx/CVE-2021-26216.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-26216", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-26216", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SeedDMS 5.1.x is affected by cross-site request forgery (CSRF) in out.EditFolder.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://seeddms.com", + "refsource": "MISC", + "name": "http://seeddms.com" + }, + { + "refsource": "MISC", + "name": "https://tuhin1729.medium.com/cve-2021-26216-ffb33321dc91", + "url": "https://tuhin1729.medium.com/cve-2021-26216-ffb33321dc91" } ] } diff --git a/2021/26xxx/CVE-2021-26855.json b/2021/26xxx/CVE-2021-26855.json index 24ceccc7fef..269e276a469 100644 --- a/2021/26xxx/CVE-2021-26855.json +++ b/2021/26xxx/CVE-2021-26855.json @@ -156,6 +156,11 @@ "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26855", "refsource": "MISC", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26855" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/161846/Microsoft-Exchange-2019-SSRF-Arbitrary-File-Write.html", + "url": "http://packetstormsecurity.com/files/161846/Microsoft-Exchange-2019-SSRF-Arbitrary-File-Write.html" } ] } diff --git a/2021/27xxx/CVE-2021-27292.json b/2021/27xxx/CVE-2021-27292.json index c7d34245111..6ec9e1e75ff 100644 --- a/2021/27xxx/CVE-2021-27292.json +++ b/2021/27xxx/CVE-2021-27292.json @@ -61,6 +61,11 @@ "refsource": "MISC", "name": "https://gist.github.com/b-c-ds/6941d80d6b4e694df4bc269493b7be76", "url": "https://gist.github.com/b-c-ds/6941d80d6b4e694df4bc269493b7be76" + }, + { + "refsource": "MISC", + "name": "https://github.com/faisalman/ua-parser-js/commit/809439e20e273ce0d25c1d04e111dcf6011eb566", + "url": "https://github.com/faisalman/ua-parser-js/commit/809439e20e273ce0d25c1d04e111dcf6011eb566" } ] } diff --git a/2021/28xxx/CVE-2021-28145.json b/2021/28xxx/CVE-2021-28145.json index 7c3b15e6664..9128b71d8ba 100644 --- a/2021/28xxx/CVE-2021-28145.json +++ b/2021/28xxx/CVE-2021-28145.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-28145", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-28145", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Concrete CMS (formerly concrete5) before 8.5.5 allows remote authenticated users to conduct XSS attacks via a crafted survey block. This requires at least Editor privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.concrete5.org/developers/security", + "refsource": "MISC", + "name": "https://www.concrete5.org/developers/security" + }, + { + "refsource": "CONFIRM", + "name": "https://documentation.concrete5.org/developers/introduction/version-history/855-release-notes", + "url": "https://documentation.concrete5.org/developers/introduction/version-history/855-release-notes" } ] } diff --git a/2021/28xxx/CVE-2021-28788.json b/2021/28xxx/CVE-2021-28788.json new file mode 100644 index 00000000000..b056be0940c --- /dev/null +++ b/2021/28xxx/CVE-2021-28788.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-28788", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/28xxx/CVE-2021-28789.json b/2021/28xxx/CVE-2021-28789.json new file mode 100644 index 00000000000..6a4065e2eb1 --- /dev/null +++ b/2021/28xxx/CVE-2021-28789.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2021-28789", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The unofficial apple/swift-format extension before 1.1.2 for Visual Studio Code allows remote attackers to execute arbitrary code by constructing a malicious workspace with a crafted apple-swift-format.path configuration value that triggers execution upon opening the workspace." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/vknabel/vscode-apple-swift-format/releases/tag/1.1.2", + "refsource": "MISC", + "name": "https://github.com/vknabel/vscode-apple-swift-format/releases/tag/1.1.2" + } + ] + } +} \ No newline at end of file diff --git a/2021/28xxx/CVE-2021-28790.json b/2021/28xxx/CVE-2021-28790.json new file mode 100644 index 00000000000..f764662f2b7 --- /dev/null +++ b/2021/28xxx/CVE-2021-28790.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2021-28790", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The unofficial SwiftLint extension before 1.4.5 for Visual Studio Code allows remote attackers to execute arbitrary code by constructing a malicious workspace with a crafted swiftlint.path configuration value that triggers execution upon opening the workspace." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/vknabel/vscode-swiftlint/releases/tag/1.4.5", + "refsource": "MISC", + "name": "https://github.com/vknabel/vscode-swiftlint/releases/tag/1.4.5" + } + ] + } +} \ No newline at end of file diff --git a/2021/28xxx/CVE-2021-28791.json b/2021/28xxx/CVE-2021-28791.json new file mode 100644 index 00000000000..f60b46ccc41 --- /dev/null +++ b/2021/28xxx/CVE-2021-28791.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2021-28791", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The unofficial SwiftFormat extension before 1.3.7 for Visual Studio Code allows remote attackers to execute arbitrary code by constructing a malicious workspace with a crafted swiftformat.path configuration value that triggers execution upon opening the workspace." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/vknabel/vscode-swiftformat/releases/tag/1.3.7", + "refsource": "MISC", + "name": "https://github.com/vknabel/vscode-swiftformat/releases/tag/1.3.7" + } + ] + } +} \ No newline at end of file diff --git a/2021/28xxx/CVE-2021-28792.json b/2021/28xxx/CVE-2021-28792.json new file mode 100644 index 00000000000..fefc2a128ce --- /dev/null +++ b/2021/28xxx/CVE-2021-28792.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2021-28792", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The unofficial Swift Development Environment extension before 2.12.1 for Visual Studio Code allows remote attackers to execute arbitrary code by constructing a malicious workspace with a crafted sourcekit-lsp.serverPath, swift.languageServerPath, swift.path.sourcekite, swift.path.sourcekiteDockerMode, swift.path.swift_driver_bin, or swift.path.shell configuration value that triggers execution upon opening the workspace." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/vknabel/vscode-swift-development-environment/releases/tag/2.12.1", + "refsource": "MISC", + "name": "https://github.com/vknabel/vscode-swift-development-environment/releases/tag/2.12.1" + } + ] + } +} \ No newline at end of file diff --git a/2021/28xxx/CVE-2021-28793.json b/2021/28xxx/CVE-2021-28793.json new file mode 100644 index 00000000000..c2a34a8ea62 --- /dev/null +++ b/2021/28xxx/CVE-2021-28793.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-28793", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/28xxx/CVE-2021-28794.json b/2021/28xxx/CVE-2021-28794.json new file mode 100644 index 00000000000..6bf0d4207d4 --- /dev/null +++ b/2021/28xxx/CVE-2021-28794.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2021-28794", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The unofficial ShellCheck extension before 0.13.4 for Visual Studio Code mishandles shellcheck.executablePath." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/timonwong/vscode-shellcheck/pull/181", + "refsource": "MISC", + "name": "https://github.com/timonwong/vscode-shellcheck/pull/181" + }, + { + "url": "https://github.com/timonwong/vscode-shellcheck/releases/tag/v0.13.4", + "refsource": "MISC", + "name": "https://github.com/timonwong/vscode-shellcheck/releases/tag/v0.13.4" + } + ] + } +} \ No newline at end of file diff --git a/2021/28xxx/CVE-2021-28795.json b/2021/28xxx/CVE-2021-28795.json new file mode 100644 index 00000000000..0c408d5d1d7 --- /dev/null +++ b/2021/28xxx/CVE-2021-28795.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-28795", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/28xxx/CVE-2021-28796.json b/2021/28xxx/CVE-2021-28796.json new file mode 100644 index 00000000000..e57461e5473 --- /dev/null +++ b/2021/28xxx/CVE-2021-28796.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2021-28796", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Increments Qiita::Markdown before 0.33.0 allows XSS in transformers." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/increments/qiita-markdown/compare/v0.32.0...v0.33.0", + "refsource": "MISC", + "name": "https://github.com/increments/qiita-markdown/compare/v0.32.0...v0.33.0" + } + ] + } +} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3111.json b/2021/3xxx/CVE-2021-3111.json index b201c3260c5..64e34254688 100644 --- a/2021/3xxx/CVE-2021-3111.json +++ b/2021/3xxx/CVE-2021-3111.json @@ -66,6 +66,11 @@ "refsource": "MISC", "name": "http://packetstormsecurity.com/files/161600/Concrete5-8.5.4-Cross-Site-Scripting.html", "url": "http://packetstormsecurity.com/files/161600/Concrete5-8.5.4-Cross-Site-Scripting.html" + }, + { + "refsource": "MISC", + "name": "https://documentation.concrete5.org/developers/introduction/version-history/855-release-notes", + "url": "https://documentation.concrete5.org/developers/introduction/version-history/855-release-notes" } ] }