admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-04-12 14:00:43 +00:00
parent b02718478b
commit f2aa35c3aa
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
7 changed files with 220 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
2020/28xxx/CVE-2020-28872.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-28872",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-28872",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An authorization bypass vulnerability in Monitorr v1.7.6m in Monitorr/assets/config/_installation/_register.php allows an unauthorized person to create valid credentials."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://lyhinslab.org/index.php/2020/09/12/how-the-white-box-hacking-works-authorization-bypass-and-remote-code-execution-in-monitorr-1-7-6/",
"refsource": "MISC",
"name": "https://lyhinslab.org/index.php/2020/09/12/how-the-white-box-hacking-works-authorization-bypass-and-remote-code-execution-in-monitorr-1-7-6/"
},
{
"url": "https://www.exploit-db.com/exploits/48981",
"refsource": "MISC",
"name": "https://www.exploit-db.com/exploits/48981"
}
]
}

22
2021/23xxx/CVE-2021-23368.json
View File

@ -52,20 +52,24 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-JS-POSTCSS-1090595"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JS-POSTCSS-1090595",
"name": "https://snyk.io/vuln/SNYK-JS-POSTCSS-1090595"
},
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1244795"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1244795",
"name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1244795"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/postcss/postcss/commit/b6f3e4d5a8d7504d553267f80384373af3a3dec5"
"refsource": "MISC",
"url": "https://github.com/postcss/postcss/commit/b6f3e4d5a8d7504d553267f80384373af3a3dec5",
"name": "https://github.com/postcss/postcss/commit/b6f3e4d5a8d7504d553267f80384373af3a3dec5"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/postcss/postcss/commit/8682b1e4e328432ba692bed52326e84439cec9e4"
"refsource": "MISC",
"url": "https://github.com/postcss/postcss/commit/8682b1e4e328432ba692bed52326e84439cec9e4",
"name": "https://github.com/postcss/postcss/commit/8682b1e4e328432ba692bed52326e84439cec9e4"
}
]
},
@ -73,7 +77,7 @@
"description_data": [
{
"lang": "eng",
"value": "The package postcss from 7.0.0 and before 8.2.10 are vulnerable to Regular Expression Denial of Service (ReDoS) during source map parsing.\r\n\r\n"
"value": "The package postcss from 7.0.0 and before 8.2.10 are vulnerable to Regular Expression Denial of Service (ReDoS) during source map parsing."
}
]
},

32
2021/23xxx/CVE-2021-23369.json
View File

@ -48,28 +48,34 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-JS-HANDLEBARS-1056767"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JS-HANDLEBARS-1056767",
"name": "https://snyk.io/vuln/SNYK-JS-HANDLEBARS-1056767"
},
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074950"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074950",
"name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074950"
},
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074951"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074951",
"name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074951"
},
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074952"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074952",
"name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074952"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/handlebars-lang/handlebars.js/commit/b6d3de7123eebba603e321f04afdbae608e8fea8"
"refsource": "MISC",
"url": "https://github.com/handlebars-lang/handlebars.js/commit/b6d3de7123eebba603e321f04afdbae608e8fea8",
"name": "https://github.com/handlebars-lang/handlebars.js/commit/b6d3de7123eebba603e321f04afdbae608e8fea8"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/handlebars-lang/handlebars.js/commit/f0589701698268578199be25285b2ebea1c1e427"
"refsource": "MISC",
"url": "https://github.com/handlebars-lang/handlebars.js/commit/f0589701698268578199be25285b2ebea1c1e427",
"name": "https://github.com/handlebars-lang/handlebars.js/commit/f0589701698268578199be25285b2ebea1c1e427"
}
]
},
@ -77,7 +83,7 @@
"description_data": [
{
"lang": "eng",
"value": "The package handlebars before 4.7.7 are vulnerable to Remote Code Execution (RCE) when selecting certain compiling options to compile templates coming from an untrusted source.\r\n\r\n"
"value": "The package handlebars before 4.7.7 are vulnerable to Remote Code Execution (RCE) when selecting certain compiling options to compile templates coming from an untrusted source."
}
]
},

32
2021/23xxx/CVE-2021-23370.json
View File

@ -48,28 +48,34 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-JS-SWIPER-1088062"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JS-SWIPER-1088062",
"name": "https://snyk.io/vuln/SNYK-JS-SWIPER-1088062"
},
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1244696"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1244696",
"name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1244696"
},
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBNOLIMITS4WEB-1244697"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBNOLIMITS4WEB-1244697",
"name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBNOLIMITS4WEB-1244697"
},
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1244698"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1244698",
"name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1244698"
},
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1244699"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1244699",
"name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1244699"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/nolimits4web/swiper/commit/9dad2739b7474f383474773d5ab898a0c29ac178"
"refsource": "MISC",
"url": "https://github.com/nolimits4web/swiper/commit/9dad2739b7474f383474773d5ab898a0c29ac178",
"name": "https://github.com/nolimits4web/swiper/commit/9dad2739b7474f383474773d5ab898a0c29ac178"
}
]
},
@ -77,7 +83,7 @@
"description_data": [
{
"lang": "eng",
"value": "This affects the package swiper before 6.5.1.\n "
"value": "This affects the package swiper before 6.5.1."
}
]
},

17
2021/23xxx/CVE-2021-23371.json
View File

@ -48,16 +48,19 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-JS-CHRONONODE-1083228"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JS-CHRONONODE-1083228",
"name": "https://snyk.io/vuln/SNYK-JS-CHRONONODE-1083228"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/wanasit/chrono/issues/382"
"refsource": "MISC",
"url": "https://github.com/wanasit/chrono/issues/382",
"name": "https://github.com/wanasit/chrono/issues/382"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/wanasit/chrono/commit/98815b57622443b5c498a427210ebd603d705f4c"
"refsource": "MISC",
"url": "https://github.com/wanasit/chrono/commit/98815b57622443b5c498a427210ebd603d705f4c",
"name": "https://github.com/wanasit/chrono/commit/98815b57622443b5c498a427210ebd603d705f4c"
}
]
},
@ -65,7 +68,7 @@
"description_data": [
{
"lang": "eng",
"value": "This affects the package chrono-node before 2.2.4.\n It hangs on a date-like string with lots of embedded spaces.\n"
"value": "This affects the package chrono-node before 2.2.4. It hangs on a date-like string with lots of embedded spaces."
}
]
},

55
2021/25xxx/CVE-2021-25925.json
View File

@ -4,14 +4,63 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-25925",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "vulnerabilitylab@whitesourcesoftware.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "sickrage",
"version": {
"version_data": [
{
"version_value": "4.2.0-10.0.11.dev1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/SiCKRAGE/SiCKRAGE/commit/9f42426727e16609ad3d1337f6637588b8ed28e4",
"url": "https://github.com/SiCKRAGE/SiCKRAGE/commit/9f42426727e16609ad3d1337f6637588b8ed28e4"
},
{
"refsource": "MISC",
"name": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25925",
"url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25925"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "in SiCKRAGE, versions 4.2.0 to 10.0.11.dev1 are vulnerable to Stored Cross-Site-Scripting (XSS) due to user input not being validated properly when processed by the server. Therefore, an attacker can inject arbitrary JavaScript code inside the application, and possibly steal a user\u2019s sensitive information."
}
]
}

55
2021/25xxx/CVE-2021-25926.json
View File

@ -4,14 +4,63 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-25926",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "vulnerabilitylab@whitesourcesoftware.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "sickrage",
"version": {
"version_data": [
{
"version_value": "9.3.54.dev1-10.0.11.dev1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25926,",
"url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25926,"
},
{
"refsource": "MISC",
"name": "https://github.com/SiCKRAGE/SiCKRAGE/commit/9f42426727e16609ad3d1337f6637588b8ed28e4",
"url": "https://github.com/SiCKRAGE/SiCKRAGE/commit/9f42426727e16609ad3d1337f6637588b8ed28e4"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In SiCKRAGE, versions 9.3.54.dev1 to 10.0.11.dev1 are vulnerable to Reflected Cross-Site-Scripting (XSS) due to user input not being validated properly in the `quicksearch` feature. Therefore, an attacker can steal a user's sessionID to masquerade as a victim user, to carry out any actions in the context of the user."
}
]
}