admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-21 05:40:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-02-19 16:00:40 +00:00
parent 1136e5a446
commit ef73830a6d
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
9 changed files with 214 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
2020/12xxx/CVE-2020-12373.json
View File

@ -15,11 +15,11 @@
"product": {
"product_data": [
{
"product_name": "Intel(R) Server Boards, Server Systems and Compute Modules",
"product_name": "Intel(R) Graphics Drivers",
"version": {
"version_data": [
{
"version_value": "before version 2.47"
"version_value": "before version 26.20.100.8141"
}
]
}
@ -36,7 +36,7 @@
"description": [
{
"lang": "eng",
"value": "escalation of privilege"
"value": "denial of service"
}
]
}
@ -46,8 +46,8 @@
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00434.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00434.html"
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html"
}
]
},
@ -55,7 +55,7 @@
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow a privileged user to potentially enable escalation of privilege via local access."
"value": "Expired pointer dereference in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable a denial of service via local access."
}
]
}

50
2020/12xxx/CVE-2020-12374.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-12374",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Server Boards, Server Systems and Compute Modules",
"version": {
"version_data": [
{
"version_value": "before version 2.47"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "escalation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00434.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00434.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Buffer overflow in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow a privileged user to potentially enable escalation of privilege via local access."
}
]
}

5
2020/35xxx/CVE-2020-35776.json
View File

@ -71,6 +71,11 @@
"refsource": "CONFIRM",
"name": "https://issues.asterisk.org/jira/browse/ASTERISK-29227",
"url": "https://issues.asterisk.org/jira/browse/ASTERISK-29227"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/161470/Asterisk-Project-Security-Advisory-AST-2021-001.html",
"url": "http://packetstormsecurity.com/files/161470/Asterisk-Project-Security-Advisory-AST-2021-001.html"
}
]
}

50
2021/22xxx/CVE-2021-22701.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-22701",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "PowerLogic ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 (see notification for affected versions)",
"version": {
"version_data": [
{
"version_value": "EcoStruxure\u2122 Operator Terminal Expert 3.1 Service Pack 1A and prior running on Harmony HMIs HMIST6 Series, HMIG3U in HMIGTU Series, HMISTO Series and Pro-face BLUE 3.1 Service Pack 1A and prior running on Pro-face HMIs: ST6000 Series, SP-5B41 in SP5000 Series, GP4100 Series"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352: Cross-Site Request Forgery"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.se.com/ww/en/download/document/SEVD-2021-040-01/",
"url": "https://www.se.com/ww/en/download/document/SEVD-2021-040-01/"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A CWE-352: Cross-Site Request Forgery vulnerability exists in PowerLogic ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 (see notification for affected versions), that could cause a user to perform an unintended action on the target device when using the HTTP web interface."
}
]
}

50
2021/22xxx/CVE-2021-22702.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-22702",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "PowerLogic ION7400, ION7650, ION7700/73xx, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 (see notification for affected versions)",
"version": {
"version_data": [
{
"version_value": "EcoStruxure Power Build - Rapsody software V2.1.13 and prior."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-319: Cleartext transmission of sensitive information"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.se.com/ww/en/download/document/SEVD-2021-040-01/",
"url": "https://www.se.com/ww/en/download/document/SEVD-2021-040-01/"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A CWE-319: Cleartext transmission of sensitive information vulnerability exists in PowerLogic ION7400, ION7650, ION7700/73xx, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 (see notification for affected versions), that could cause disclosure of user credentials when a malicious actor intercepts Telnet network traffic between a user and the device."
}
]
}

50
2021/22xxx/CVE-2021-22703.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-22703",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "PowerLogic ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 (see notification for affected versions)",
"version": {
"version_data": [
{
"version_value": "EcoStruxure Power Build - Rapsody software V2.1.13 and prior."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-319: Cleartext transmission of sensitive information"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.se.com/ww/en/download/document/SEVD-2021-040-01/",
"url": "https://www.se.com/ww/en/download/document/SEVD-2021-040-01/"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A CWE-319: Cleartext transmission of sensitive information vulnerability exists in PowerLogic ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 (see notification for affected versions), that could cause disclosure of user credentials when a malicious actor intercepts HTTP network traffic between a user and the device."
}
]
}

5
2021/26xxx/CVE-2021-26712.json
View File

@ -71,6 +71,11 @@
"refsource": "CONFIRM",
"name": "https://issues.asterisk.org/jira/browse/ASTERISK-29260",
"url": "https://issues.asterisk.org/jira/browse/ASTERISK-29260"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/161473/Asterisk-Project-Security-Advisory-AST-2021-003.html",
"url": "http://packetstormsecurity.com/files/161473/Asterisk-Project-Security-Advisory-AST-2021-003.html"
}
]
}

5
2021/26xxx/CVE-2021-26717.json
View File

@ -71,6 +71,11 @@
"refsource": "CONFIRM",
"name": "https://issues.asterisk.org/jira/browse/ASTERISK-29203",
"url": "https://issues.asterisk.org/jira/browse/ASTERISK-29203"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/161471/Asterisk-Project-Security-Advisory-AST-2021-002.html",
"url": "http://packetstormsecurity.com/files/161471/Asterisk-Project-Security-Advisory-AST-2021-002.html"
}
]
}

5
2021/26xxx/CVE-2021-26906.json
View File

@ -71,6 +71,11 @@
"refsource": "CONFIRM",
"name": "https://issues.asterisk.org/jira/browse/ASTERISK-29196",
"url": "https://issues.asterisk.org/jira/browse/ASTERISK-29196"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/161477/Asterisk-Project-Security-Advisory-AST-2021-005.html",
"url": "http://packetstormsecurity.com/files/161477/Asterisk-Project-Security-Advisory-AST-2021-005.html"
}
]
}