admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 19:17:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-04-19 17:01:50 +00:00
parent 52ca6cf90b
commit 0d41f58e81
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
11 changed files with 511 additions and 380 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

192
2021/39xxx/CVE-2021-39033.json
View File

@ -1,99 +1,99 @@
{ {
"description" : { "description": {
"description_data" : [ "description_data": [
{
"lang" : "eng",
"value" : "IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5 and 6.1.0.0 through 6.1.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 213963."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
},
"BM" : {
"UI" : "N",
"SCORE" : "4.300",
"PR" : "L",
"S" : "U",
"I" : "N",
"A" : "N",
"C" : "L",
"AC" : "L",
"AV" : "N"
}
}
},
"CVE_data_meta" : {
"DATE_PUBLIC" : "2022-04-18T00:00:00",
"STATE" : "PUBLIC",
"ID" : "CVE-2021-39033",
"ASSIGNER" : "psirt@us.ibm.com"
},
"data_type" : "CVE",
"affects" : {
"vendor" : {
"vendor_data" : [
{ {
"product" : { "lang": "eng",
"product_data" : [ "value": "IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5 and 6.1.0.0 through 6.1.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 213963."
{
"version" : {
"version_data" : [
{
"version_value" : "6.0.0.0"
},
{
"version_value" : "6.1.0.0"
},
{
"version_value" : "6.1.1.0"
},
{
"version_value" : "6.0.3.5"
}
]
},
"product_name" : "Sterling B2B Integrator"
}
]
},
"vendor_name" : "IBM"
} }
] ]
} },
}, "problemtype": {
"data_format" : "MITRE", "problemtype_data": [
"references" : { {
"reference_data" : [ "description": [
{ {
"name" : "https://www.ibm.com/support/pages/node/6573049", "lang": "eng",
"title" : "IBM Security Bulletin 6573049 (Sterling B2B Integrator)", "value": "Obtain Information"
"refsource" : "CONFIRM", }
"url" : "https://www.ibm.com/support/pages/node/6573049" ]
}, }
{ ]
"name" : "ibm-sterling-cve202139033-info-disc (213963)", },
"title" : "X-Force Vulnerability Report", "impact": {
"refsource" : "XF", "cvssv3": {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/213963" "TM": {
} "E": "U",
] "RL": "O",
}, "RC": "C"
"data_version" : "4.0" },
} "BM": {
"UI": "N",
"SCORE": "4.300",
"PR": "L",
"S": "U",
"I": "N",
"A": "N",
"C": "L",
"AC": "L",
"AV": "N"
}
}
},
"CVE_data_meta": {
"DATE_PUBLIC": "2022-04-18T00:00:00",
"STATE": "PUBLIC",
"ID": "CVE-2021-39033",
"ASSIGNER": "psirt@us.ibm.com"
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "6.0.0.0"
},
{
"version_value": "6.1.0.0"
},
{
"version_value": "6.1.1.0"
},
{
"version_value": "6.0.3.5"
}
]
},
"product_name": "Sterling B2B Integrator"
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"references": {
"reference_data": [
{
"name": "https://www.ibm.com/support/pages/node/6573049",
"title": "IBM Security Bulletin 6573049 (Sterling B2B Integrator)",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/pages/node/6573049"
},
{
"name": "ibm-sterling-cve202139033-info-disc (213963)",
"title": "X-Force Vulnerability Report",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/213963"
}
]
},
"data_version": "4.0"
}

176
2021/39xxx/CVE-2021-39072.json
View File

@ -1,90 +1,90 @@
{ {
"data_format" : "MITRE", "data_format": "MITRE",
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Security Guardium", "product_name": "Security Guardium",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "11.3" "version_value": "11.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM" "vendor_name": "IBM"
} }
]
}
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6573005 (Security Guardium)",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/6573005",
"name" : "https://www.ibm.com/support/pages/node/6573005"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/215581",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"name" : "ibm-guardium-cve202139072-info-disc (215581)"
}
]
},
"data_version" : "4.0",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
] ]
} }
] },
}, "references": {
"description" : { "reference_data": [
"description_data" : [ {
{ "title": "IBM Security Bulletin 6573005 (Security Guardium)",
"lang" : "eng", "refsource": "CONFIRM",
"value" : "IBM Security Guardium 11.3 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 215581." "url": "https://www.ibm.com/support/pages/node/6573005",
} "name": "https://www.ibm.com/support/pages/node/6573005"
] },
}, {
"data_type" : "CVE", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/215581",
"CVE_data_meta" : { "refsource": "XF",
"STATE" : "PUBLIC", "title": "X-Force Vulnerability Report",
"DATE_PUBLIC" : "2022-04-18T00:00:00", "name": "ibm-guardium-cve202139072-info-disc (215581)"
"ASSIGNER" : "psirt@us.ibm.com", }
"ID" : "CVE-2021-39072" ]
}, },
"impact" : { "data_version": "4.0",
"cvssv3" : { "problemtype": {
"TM" : { "problemtype_data": [
"E" : "U", {
"RL" : "O", "description": [
"RC" : "C" {
}, "lang": "eng",
"BM" : { "value": "Obtain Information"
"C" : "H", }
"AC" : "H", ]
"AV" : "N", }
"A" : "N", ]
"I" : "N", },
"UI" : "N", "description": {
"PR" : "N", "description_data": [
"SCORE" : "5.900", {
"S" : "U" "lang": "eng",
} "value": "IBM Security Guardium 11.3 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 215581."
} }
} ]
} },
"data_type": "CVE",
"CVE_data_meta": {
"STATE": "PUBLIC",
"DATE_PUBLIC": "2022-04-18T00:00:00",
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2021-39072"
},
"impact": {
"cvssv3": {
"TM": {
"E": "U",
"RL": "O",
"RC": "C"
},
"BM": {
"C": "H",
"AC": "H",
"AV": "N",
"A": "N",
"I": "N",
"UI": "N",
"PR": "N",
"SCORE": "5.900",
"S": "U"
}
}
}
}

178
2021/39xxx/CVE-2021-39076.json
View File

@ -1,93 +1,93 @@
{ {
"references" : { "references": {
"reference_data" : [ "reference_data": [
{
"name" : "https://www.ibm.com/support/pages/node/6572979",
"url" : "https://www.ibm.com/support/pages/node/6572979",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6572979 (Security Guardium)"
},
{
"name" : "ibm-guardium-cve202139076-info-disc (215585)",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/215585",
"refsource" : "XF"
}
]
},
"data_version" : "4.0",
"data_format" : "MITRE",
"affects" : {
"vendor" : {
"vendor_data" : [
{ {
"product" : { "name": "https://www.ibm.com/support/pages/node/6572979",
"product_data" : [ "url": "https://www.ibm.com/support/pages/node/6572979",
{ "refsource": "CONFIRM",
"product_name" : "Security Guardium", "title": "IBM Security Bulletin 6572979 (Security Guardium)"
"version" : { },
"version_data" : [ {
{ "name": "ibm-guardium-cve202139076-info-disc (215585)",
"version_value" : "10.5" "title": "X-Force Vulnerability Report",
}, "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/215585",
{ "refsource": "XF"
"version_value" : "11.3"
}
]
}
}
]
},
"vendor_name" : "IBM"
} }
] ]
} },
}, "data_version": "4.0",
"impact" : { "data_format": "MITRE",
"cvssv3" : { "affects": {
"TM" : { "vendor": {
"E" : "U", "vendor_data": [
"RL" : "O", {
"RC" : "C" "product": {
}, "product_data": [
"BM" : { {
"AV" : "N", "product_name": "Security Guardium",
"C" : "L", "version": {
"AC" : "H", "version_data": [
"A" : "N", {
"I" : "N", "version_value": "10.5"
"S" : "U", },
"PR" : "N", {
"SCORE" : "3.700", "version_value": "11.3"
"UI" : "N" }
} ]
} }
}, }
"CVE_data_meta" : { ]
"ID" : "CVE-2021-39076", },
"ASSIGNER" : "psirt@us.ibm.com", "vendor_name": "IBM"
"DATE_PUBLIC" : "2022-04-18T00:00:00", }
"STATE" : "PUBLIC"
},
"data_type" : "CVE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
] ]
} }
] },
}, "impact": {
"description" : { "cvssv3": {
"description_data" : [ "TM": {
{ "E": "U",
"value" : "IBM Security Guardium 10.5 and 11.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive information. IBM X-Force ID: 215585.", "RL": "O",
"lang" : "eng" "RC": "C"
} },
] "BM": {
} "AV": "N",
} "C": "L",
"AC": "H",
"A": "N",
"I": "N",
"S": "U",
"PR": "N",
"SCORE": "3.700",
"UI": "N"
}
}
},
"CVE_data_meta": {
"ID": "CVE-2021-39076",
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2022-04-18T00:00:00",
"STATE": "PUBLIC"
},
"data_type": "CVE",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"description": {
"description_data": [
{
"value": "IBM Security Guardium 10.5 and 11.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive information. IBM X-Force ID: 215585.",
"lang": "eng"
}
]
}
}

176
2021/39xxx/CVE-2021-39078.json
View File

@ -1,90 +1,90 @@
{ {
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"vendor_name" : "IBM", "vendor_name": "IBM",
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "10.5" "version_value": "10.5"
} }
] ]
}, },
"product_name" : "Security Guardium" "product_name": "Security Guardium"
} }
] ]
} }
} }
]
}
},
"data_format" : "MITRE",
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/6572983",
"title" : "IBM Security Bulletin 6572983 (Security Guardium)",
"name" : "https://www.ibm.com/support/pages/node/6572983"
},
{
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/215589",
"title" : "X-Force Vulnerability Report",
"name" : "ibm-guardium-cve202139078-info-disc (215589)"
}
]
},
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Guardium 10.5 stores user credentials in plain clear text which can be read by a local privileged user. IBM X-Force ID: 215589."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
] ]
} }
] },
}, "data_format": "MITRE",
"CVE_data_meta" : { "references": {
"ASSIGNER" : "psirt@us.ibm.com", "reference_data": [
"ID" : "CVE-2021-39078", {
"STATE" : "PUBLIC", "refsource": "CONFIRM",
"DATE_PUBLIC" : "2022-04-18T00:00:00" "url": "https://www.ibm.com/support/pages/node/6572983",
}, "title": "IBM Security Bulletin 6572983 (Security Guardium)",
"impact" : { "name": "https://www.ibm.com/support/pages/node/6572983"
"cvssv3" : { },
"TM" : { {
"RC" : "C", "refsource": "XF",
"E" : "U", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/215589",
"RL" : "O" "title": "X-Force Vulnerability Report",
}, "name": "ibm-guardium-cve202139078-info-disc (215589)"
"BM" : { }
"A" : "N", ]
"AV" : "L", },
"C" : "H", "data_version": "4.0",
"AC" : "H", "description": {
"S" : "U", "description_data": [
"SCORE" : "4.100", {
"PR" : "H", "lang": "eng",
"UI" : "N", "value": "IBM Security Guardium 10.5 stores user credentials in plain clear text which can be read by a local privileged user. IBM X-Force ID: 215589."
"I" : "N" }
} ]
} },
}, "problemtype": {
"data_type" : "CVE" "problemtype_data": [
} {
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2021-39078",
"STATE": "PUBLIC",
"DATE_PUBLIC": "2022-04-18T00:00:00"
},
"impact": {
"cvssv3": {
"TM": {
"RC": "C",
"E": "U",
"RL": "O"
},
"BM": {
"A": "N",
"AV": "L",
"C": "H",
"AC": "H",
"S": "U",
"SCORE": "4.100",
"PR": "H",
"UI": "N",
"I": "N"
}
}
},
"data_type": "CVE"
}

5
2021/4xxx/CVE-2021-4039.json
View File

@ -48,6 +48,11 @@
"refsource": "CONFIRM", "refsource": "CONFIRM",
"name": "https://www.zyxel.com/support/OS-command-injection-vulnerability-of-NWA1100-NH-access-point.shtml", "name": "https://www.zyxel.com/support/OS-command-injection-vulnerability-of-NWA1100-NH-access-point.shtml",
"url": "https://www.zyxel.com/support/OS-command-injection-vulnerability-of-NWA1100-NH-access-point.shtml" "url": "https://www.zyxel.com/support/OS-command-injection-vulnerability-of-NWA1100-NH-access-point.shtml"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/166752/Zyxel-NWA-1100-NH-Command-Injection.html",
"url": "http://packetstormsecurity.com/files/166752/Zyxel-NWA-1100-NH-Command-Injection.html"
} }
] ]
}, },

5
2022/0xxx/CVE-2022-0995.json
View File

@ -53,6 +53,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=93ce93587d36493f2f86921fa79921b3cba63fbb", "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=93ce93587d36493f2f86921fa79921b3cba63fbb",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=93ce93587d36493f2f86921fa79921b3cba63fbb" "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=93ce93587d36493f2f86921fa79921b3cba63fbb"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/166770/Linux-watch_queue-Filter-Out-Of-Bounds-Write.html",
"url": "http://packetstormsecurity.com/files/166770/Linux-watch_queue-Filter-Out-Of-Bounds-Write.html"
} }
] ]
}, },

5
2022/1xxx/CVE-2022-1011.json
View File

@ -58,6 +58,11 @@
"refsource": "FEDORA", "refsource": "FEDORA",
"name": "FEDORA-2022-de4474b89d", "name": "FEDORA-2022-de4474b89d",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C5AUUDGSDLGYU7SZSK4PFAN22NISQZBT/" "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C5AUUDGSDLGYU7SZSK4PFAN22NISQZBT/"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/166772/Linux-FUSE-Use-After-Free.html",
"url": "http://packetstormsecurity.com/files/166772/Linux-FUSE-Use-After-Free.html"
} }
] ]
}, },

17
2022/25xxx/CVE-2022-25648.json
View File

@ -48,16 +48,19 @@
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-RUBY-GIT-2421270" "url": "https://snyk.io/vuln/SNYK-RUBY-GIT-2421270",
"name": "https://snyk.io/vuln/SNYK-RUBY-GIT-2421270"
}, },
{ {
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://github.com/ruby-git/ruby-git/releases/tag/v1.11.0" "url": "https://github.com/ruby-git/ruby-git/releases/tag/v1.11.0",
"name": "https://github.com/ruby-git/ruby-git/releases/tag/v1.11.0"
}, },
{ {
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://github.com/ruby-git/ruby-git/pull/569" "url": "https://github.com/ruby-git/ruby-git/pull/569",
"name": "https://github.com/ruby-git/ruby-git/pull/569"
} }
] ]
}, },
@ -65,7 +68,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "The package git before 1.11.0 are vulnerable to Command Injection via git argument injection. When calling the fetch(remote = 'origin', opts = {}) function, the remote parameter is passed to the git fetch subcommand in a way that additional flags can be set. The additional flags can be used to perform a command injection.\r\n\r\n\r\n" "value": "The package git before 1.11.0 are vulnerable to Command Injection via git argument injection. When calling the fetch(remote = 'origin', opts = {}) function, the remote parameter is passed to the git fetch subcommand in a way that additional flags can be set. The additional flags can be used to perform a command injection."
} }
] ]
}, },

66
2022/27xxx/CVE-2022-27055.json
View File

@ -1,17 +1,71 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-27055",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2022-27055",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** DISPUTED ** ecjia-daojia 1.38.1-20210202629 is vulnerable to information leakage via content/apps/installer/classes/Helper.php. When the web program is installed, a new environment file is created, and the database information is recorded, including the database record password. NOTE: the vendor disputes this because the environment file is in the data directory, which is not intended for access by website visitors (only the statics directory can be accessed by website visitors)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/ecjia/ecjia-daojia/issues/20",
"refsource": "MISC",
"name": "https://github.com/ecjia/ecjia-daojia/issues/20"
},
{
"refsource": "MISC",
"name": "https://github.com/ecjia/ecjia-daojia/blob/dfb322387e8d3d50719e44d23d793072616ff789/content/apps/installer/classes/Controllers/IndexController.php#L74-L78",
"url": "https://github.com/ecjia/ecjia-daojia/blob/dfb322387e8d3d50719e44d23d793072616ff789/content/apps/installer/classes/Controllers/IndexController.php#L74-L78"
},
{
"refsource": "MISC",
"name": "https://github.com/ecjia/ecjia-daojia/blob/dfb322387e8d3d50719e44d23d793072616ff789/content/apps/installer/classes/Helper.php#L312-L318",
"url": "https://github.com/ecjia/ecjia-daojia/blob/dfb322387e8d3d50719e44d23d793072616ff789/content/apps/installer/classes/Helper.php#L312-L318"
} }
] ]
} }

66
2022/27xxx/CVE-2022-27104.json
View File

@ -1,17 +1,71 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-27104",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2022-27104",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An Unauthenticated time-based blind SQL injection vulnerability exists in Forma LMS prior to v.1.4.3."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.swascan.com/it/security-blog/",
"refsource": "MISC",
"name": "https://www.swascan.com/it/security-blog/"
},
{
"url": "https://www.formalms.org/download.html",
"refsource": "MISC",
"name": "https://www.formalms.org/download.html"
},
{
"refsource": "MISC",
"name": "https://www.swascan.com/security-advisory-forma-lms/",
"url": "https://www.swascan.com/security-advisory-forma-lms/"
} }
] ]
} }

5
2022/29xxx/CVE-2022-29072.json
View File

@ -71,6 +71,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://news.ycombinator.com/item?id=31070256", "name": "https://news.ycombinator.com/item?id=31070256",
"url": "https://news.ycombinator.com/item?id=31070256" "url": "https://news.ycombinator.com/item?id=31070256"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/166763/7-Zip-21.07-Code-Execution-Privilege-Escalation.html",
"url": "http://packetstormsecurity.com/files/166763/7-Zip-21.07-Code-Execution-Privilege-Escalation.html"
} }
] ]
} }