admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-09-15 18:01:00 +00:00
parent da638fccd4
commit fecbc6ce9b
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
12 changed files with 492 additions and 301 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

172
2021/20xxx/CVE-2021-20433.json
View File

@ -1,90 +1,90 @@
{
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2021-20433",
"DATE_PUBLIC" : "2021-09-14T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC"
},
"data_format" : "MITRE",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Guardium 11.3 could allow a an authenticated user to obtain sensitive information that could be used in further attacks against the system. IBM X-Force ID: 196345."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20433",
"DATE_PUBLIC": "2021-09-14T00:00:00",
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"description": {
"description_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Security Guardium",
"version" : {
"version_data" : [
{
"version_value" : "11.3"
}
]
}
}
]
}
"lang": "eng",
"value": "IBM Security Guardium 11.3 could allow a an authenticated user to obtain sensitive information that could be used in further attacks against the system. IBM X-Force ID: 196345."
}
]
}
},
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
},
"BM" : {
"AC" : "L",
"I" : "N",
"AV" : "N",
"C" : "H",
"SCORE" : "6.500",
"PR" : "L",
"UI" : "N",
"A" : "N",
"S" : "U"
}
}
},
"data_type" : "CVE",
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6488941 (Security Guardium)",
"url" : "https://www.ibm.com/support/pages/node/6488941",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6488941"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/196345",
"name" : "ibm-guardium-cve202120433-info-disc (196345)",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "Security Guardium",
"version": {
"version_data": [
{
"version_value": "11.3"
}
]
}
}
]
}
}
]
}
},
"impact": {
"cvssv3": {
"TM": {
"RL": "O",
"RC": "C",
"E": "U"
},
"BM": {
"AC": "L",
"I": "N",
"AV": "N",
"C": "H",
"SCORE": "6.500",
"PR": "L",
"UI": "N",
"A": "N",
"S": "U"
}
}
},
"data_type": "CVE",
"references": {
"reference_data": [
{
"title": "IBM Security Bulletin 6488941 (Security Guardium)",
"url": "https://www.ibm.com/support/pages/node/6488941",
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/pages/node/6488941"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/196345",
"name": "ibm-guardium-cve202120433-info-disc (196345)",
"refsource": "XF",
"title": "X-Force Vulnerability Report"
}
]
}
}

2
2021/27xxx/CVE-2021-27027.json
View File

@ -80,7 +80,7 @@
"description_data": [
{
"lang": "eng",
"value": "A Out-Of-Bounds Read/Write Vulnerability in Autodesk FBX Review version 1.4.0 may lead to remote code execution through maliciously crafted DLL files or information disclosure."
"value": "An Out-Of-Bounds Read Vulnerability in Autodesk FBX Review version 1.5.0 and prior may lead to code execution through maliciously crafted DLL files or information disclosure."
}
]
}

2
2021/27xxx/CVE-2021-27028.json
View File

@ -65,7 +65,7 @@
"description_data": [
{
"lang": "eng",
"value": "A Memory Corruption Vulnerability in Autodesk FBX Review version 1.4.0 may lead to remote code execution through maliciously crafted DLL files."
"value": "A Memory Corruption Vulnerability in Autodesk FBX Review version 1.5.0 and prior may lead to remote code execution through maliciously crafted DLL files."
}
]
}

2
2021/27xxx/CVE-2021-27029.json
View File

@ -60,7 +60,7 @@
"description_data": [
{
"lang": "eng",
"value": "The user may be tricked into opening a malicious FBX file which may exploit a Null Pointer Dereference vulnerability in FBX's Review causing the application to crash leading to a denial of service."
"value": "The user may be tricked into opening a malicious FBX file which may exploit a Null Pointer Dereference vulnerability in FBX's Review version 1.5.0 and prior causing the application to crash leading to a denial of service."
}
]
}

4
2021/27xxx/CVE-2021-27044.json
View File

@ -36,7 +36,7 @@
"description": [
{
"lang": "eng",
"value": "Out-Of-Bounds Write Vulnerability "
"value": "Out-Of-Bounds Read Vulnerability "
}
]
}
@ -55,7 +55,7 @@
"description_data": [
{
"lang": "eng",
"value": "An Out-Of-Bounds Write Vulnerability in Autodesk FBX Review version 1.5.0 and prior may lead to code execution through maliciously crafted DLL files or information disclosure."
"value": "A Out-Of-Bounds Read/Write Vulnerability in Autodesk FBX Review version 1.4.0 may lead to remote code execution through maliciously crafted DLL files or information disclosure."
}
]
}

56
2021/28xxx/CVE-2021-28901.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-28901",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-28901",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Multiple cross-site scripting (XSS) vulnerabilities exist in SITA Software Azur CMS 1.2.3.1 and earlier, which allows remote attackers to inject arbitrary web script or HTML via the (1) NOM_CLI , (2) ADRESSE , (3) ADRESSE2, (4) LOCALITE parameters to /eshop/products/json/aouCustomerAdresse; and the (5) nom_liste parameter to /eshop/products/json/addCustomerFavorite."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/post-cyberlabs/CVE-Advisory/blob/main/CVE_2021_28901.pdf",
"url": "https://github.com/post-cyberlabs/CVE-Advisory/blob/main/CVE_2021_28901.pdf"
}
]
}

178
2021/29xxx/CVE-2021-29750.json
View File

@ -1,93 +1,93 @@
{
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"description" : {
"description_data" : [
{
"value" : "IBM QRadar SIEM 7.3 and 7.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 201778.",
"lang" : "eng"
}
]
},
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"ID" : "CVE-2021-29750",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2021-09-14T00:00:00"
},
"data_version" : "4.0",
"data_format" : "MITRE",
"data_type" : "CVE",
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6488945 (QRadar SIEM)",
"url" : "https://www.ibm.com/support/pages/node/6488945",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6488945"
},
{
"title" : "X-Force Vulnerability Report",
"name" : "ibm-qradar-cve202129750-info-disc (201778)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/201778"
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"S" : "U",
"A" : "N",
"UI" : "N",
"AV" : "N",
"C" : "H",
"AC" : "H",
"I" : "N",
"SCORE" : "5.900",
"PR" : "N"
},
"TM" : {
"RC" : "C",
"E" : "U",
"RL" : "O"
}
}
},
"affects" : {
"vendor" : {
"vendor_data" : [
"problemtype": {
"problemtype_data": [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "7.3"
},
{
"version_value" : "7.4"
}
]
},
"product_name" : "QRadar SIEM"
}
]
},
"vendor_name" : "IBM"
"description": [
{
"value": "Obtain Information",
"lang": "eng"
}
]
}
]
}
}
]
},
"description": {
"description_data": [
{
"value": "IBM QRadar SIEM 7.3 and 7.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 201778.",
"lang": "eng"
}
]
},
"CVE_data_meta": {
"STATE": "PUBLIC",
"ID": "CVE-2021-29750",
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2021-09-14T00:00:00"
},
"data_version": "4.0",
"data_format": "MITRE",
"data_type": "CVE",
"references": {
"reference_data": [
{
"title": "IBM Security Bulletin 6488945 (QRadar SIEM)",
"url": "https://www.ibm.com/support/pages/node/6488945",
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/pages/node/6488945"
},
{
"title": "X-Force Vulnerability Report",
"name": "ibm-qradar-cve202129750-info-disc (201778)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/201778"
}
]
},
"impact": {
"cvssv3": {
"BM": {
"S": "U",
"A": "N",
"UI": "N",
"AV": "N",
"C": "H",
"AC": "H",
"I": "N",
"SCORE": "5.900",
"PR": "N"
},
"TM": {
"RC": "C",
"E": "U",
"RL": "O"
}
}
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "7.3"
},
{
"version_value": "7.4"
}
]
},
"product_name": "QRadar SIEM"
}
]
},
"vendor_name": "IBM"
}
]
}
}
}

178
2021/29xxx/CVE-2021-29773.json
View File

@ -1,93 +1,93 @@
{
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"description" : {
"description_data" : [
{
"value" : "IBM Security Guardium 10.6 and 11.3 could allow a remote authenticated attacker to obtain sensitive information or modify user details caused by an insecure direct object vulnerability (IDOR). IBM X-Force ID: 202865.",
"lang" : "eng"
}
]
},
"data_version" : "4.0",
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"ID" : "CVE-2021-29773",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2021-09-14T00:00:00"
},
"data_format" : "MITRE",
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/pages/node/6488943",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/6488943",
"title" : "IBM Security Bulletin 6488943 (Security Guardium)"
},
{
"title" : "X-Force Vulnerability Report",
"name" : "ibm-guardium-cve202129773-info-disc (202865)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/202865"
}
]
},
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
},
"BM" : {
"A" : "N",
"S" : "U",
"UI" : "N",
"PR" : "L",
"SCORE" : "5.400",
"C" : "L",
"AV" : "N",
"I" : "L",
"AC" : "L"
}
}
},
"affects" : {
"vendor" : {
"vendor_data" : [
"problemtype": {
"problemtype_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "10.6"
},
{
"version_value" : "11.3"
}
]
},
"product_name" : "Security Guardium"
}
]
}
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
}
}
]
},
"description": {
"description_data": [
{
"value": "IBM Security Guardium 10.6 and 11.3 could allow a remote authenticated attacker to obtain sensitive information or modify user details caused by an insecure direct object vulnerability (IDOR). IBM X-Force ID: 202865.",
"lang": "eng"
}
]
},
"data_version": "4.0",
"CVE_data_meta": {
"STATE": "PUBLIC",
"ID": "CVE-2021-29773",
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2021-09-14T00:00:00"
},
"data_format": "MITRE",
"references": {
"reference_data": [
{
"name": "https://www.ibm.com/support/pages/node/6488943",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/pages/node/6488943",
"title": "IBM Security Bulletin 6488943 (Security Guardium)"
},
{
"title": "X-Force Vulnerability Report",
"name": "ibm-guardium-cve202129773-info-disc (202865)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/202865"
}
]
},
"data_type": "CVE",
"impact": {
"cvssv3": {
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
},
"BM": {
"A": "N",
"S": "U",
"UI": "N",
"PR": "L",
"SCORE": "5.400",
"C": "L",
"AV": "N",
"I": "L",
"AC": "L"
}
}
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "10.6"
},
{
"version_value": "11.3"
}
]
},
"product_name": "Security Guardium"
}
]
}
}
]
}
}
}

10
2021/39xxx/CVE-2021-39213.json
View File

@ -69,15 +69,15 @@
},
"references": {
"reference_data": [
{
"name": "https://github.com/glpi-project/glpi/security/advisories/GHSA-6w9f-2m6g-5777",
"refsource": "CONFIRM",
"url": "https://github.com/glpi-project/glpi/security/advisories/GHSA-6w9f-2m6g-5777"
},
{
"name": "https://github.com/glpi-project/glpi/releases/tag/9.5.6",
"refsource": "MISC",
"url": "https://github.com/glpi-project/glpi/releases/tag/9.5.6"
},
{
"name": "https://github.com/glpi-project/glpi/security/advisories/GHSA-6w9f-2m6g-5777",
"refsource": "CONFIRM",
"url": "https://github.com/glpi-project/glpi/security/advisories/GHSA-6w9f-2m6g-5777"
}
]
},

61
2021/40xxx/CVE-2021-40964.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-40964",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-40964",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Path Traversal vulnerability exists in TinyFileManager all version up to and including 2.4.6 that allows attackers to upload a file (with Admin credentials or with the CSRF vulnerability) with the \"fullpath\" parameter containing path traversal strings (../ and ..\\) in order to escape the server's intended working directory and write malicious files onto any directory on the computer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/prasathmani/tinyfilemanager",
"refsource": "MISC",
"name": "https://github.com/prasathmani/tinyfilemanager"
},
{
"refsource": "MISC",
"name": "https://gist.github.com/omriinbar/953368dcdd9e5eeefd83920166099528",
"url": "https://gist.github.com/omriinbar/953368dcdd9e5eeefd83920166099528"
}
]
}

61
2021/40xxx/CVE-2021-40965.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-40965",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-40965",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Cross-Site Request Forgery (CSRF) vulnerability exists in TinyFileManager all version up to and including 2.4.6 that allows attackers to upload files and run OS commands by inducing the Administrator user to browse a URL controlled by an attacker."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/prasathmani/tinyfilemanager",
"refsource": "MISC",
"name": "https://github.com/prasathmani/tinyfilemanager"
},
{
"refsource": "MISC",
"name": "https://gist.github.com/omriinbar/953368dcdd9e5eeefd83920166099528",
"url": "https://gist.github.com/omriinbar/953368dcdd9e5eeefd83920166099528"
}
]
}

61
2021/40xxx/CVE-2021-40966.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-40966",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-40966",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Stored XSS exists in TinyFileManager All version up to and including 2.4.6 in /tinyfilemanager.php when the server is given a file that contains HTML and javascript in its name. A malicious user can upload a file with a malicious filename containing javascript code and it will run on any user browser when they access the server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/prasathmani/tinyfilemanager",
"refsource": "MISC",
"name": "https://github.com/prasathmani/tinyfilemanager"
},
{
"refsource": "MISC",
"name": "https://gist.github.com/omriinbar/953368dcdd9e5eeefd83920166099528",
"url": "https://gist.github.com/omriinbar/953368dcdd9e5eeefd83920166099528"
}
]
}