admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 11:06:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-04-19 17:01:50 +00:00
parent 52ca6cf90b
commit 0d41f58e81
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
11 changed files with 511 additions and 380 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2021/4xxx/CVE-2021-4039.json
View File

@ -48,6 +48,11 @@
"refsource": "CONFIRM",
"name": "https://www.zyxel.com/support/OS-command-injection-vulnerability-of-NWA1100-NH-access-point.shtml",
"url": "https://www.zyxel.com/support/OS-command-injection-vulnerability-of-NWA1100-NH-access-point.shtml"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/166752/Zyxel-NWA-1100-NH-Command-Injection.html",
"url": "http://packetstormsecurity.com/files/166752/Zyxel-NWA-1100-NH-Command-Injection.html"
}
]
},

5
2022/0xxx/CVE-2022-0995.json
View File

@ -53,6 +53,11 @@
"refsource": "MISC",
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=93ce93587d36493f2f86921fa79921b3cba63fbb",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=93ce93587d36493f2f86921fa79921b3cba63fbb"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/166770/Linux-watch_queue-Filter-Out-Of-Bounds-Write.html",
"url": "http://packetstormsecurity.com/files/166770/Linux-watch_queue-Filter-Out-Of-Bounds-Write.html"
}
]
},

5
2022/1xxx/CVE-2022-1011.json
View File

@ -58,6 +58,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2022-de4474b89d",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C5AUUDGSDLGYU7SZSK4PFAN22NISQZBT/"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/166772/Linux-FUSE-Use-After-Free.html",
"url": "http://packetstormsecurity.com/files/166772/Linux-FUSE-Use-After-Free.html"
}
]
},

17
2022/25xxx/CVE-2022-25648.json
View File

@ -48,16 +48,19 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-RUBY-GIT-2421270"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-RUBY-GIT-2421270",
"name": "https://snyk.io/vuln/SNYK-RUBY-GIT-2421270"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/ruby-git/ruby-git/releases/tag/v1.11.0"
"refsource": "MISC",
"url": "https://github.com/ruby-git/ruby-git/releases/tag/v1.11.0",
"name": "https://github.com/ruby-git/ruby-git/releases/tag/v1.11.0"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/ruby-git/ruby-git/pull/569"
"refsource": "MISC",
"url": "https://github.com/ruby-git/ruby-git/pull/569",
"name": "https://github.com/ruby-git/ruby-git/pull/569"
}
]
},
@ -65,7 +68,7 @@
"description_data": [
{
"lang": "eng",
"value": "The package git before 1.11.0 are vulnerable to Command Injection via git argument injection. When calling the fetch(remote = 'origin', opts = {}) function, the remote parameter is passed to the git fetch subcommand in a way that additional flags can be set. The additional flags can be used to perform a command injection.\r\n\r\n\r\n"
"value": "The package git before 1.11.0 are vulnerable to Command Injection via git argument injection. When calling the fetch(remote = 'origin', opts = {}) function, the remote parameter is passed to the git fetch subcommand in a way that additional flags can be set. The additional flags can be used to perform a command injection."
}
]
},

72
2022/27xxx/CVE-2022-27055.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-27055",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-27055",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** ecjia-daojia 1.38.1-20210202629 is vulnerable to information leakage via content/apps/installer/classes/Helper.php. When the web program is installed, a new environment file is created, and the database information is recorded, including the database record password. NOTE: the vendor disputes this because the environment file is in the data directory, which is not intended for access by website visitors (only the statics directory can be accessed by website visitors)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/ecjia/ecjia-daojia/issues/20",
"refsource": "MISC",
"name": "https://github.com/ecjia/ecjia-daojia/issues/20"
},
{
"refsource": "MISC",
"name": "https://github.com/ecjia/ecjia-daojia/blob/dfb322387e8d3d50719e44d23d793072616ff789/content/apps/installer/classes/Controllers/IndexController.php#L74-L78",
"url": "https://github.com/ecjia/ecjia-daojia/blob/dfb322387e8d3d50719e44d23d793072616ff789/content/apps/installer/classes/Controllers/IndexController.php#L74-L78"
},
{
"refsource": "MISC",
"name": "https://github.com/ecjia/ecjia-daojia/blob/dfb322387e8d3d50719e44d23d793072616ff789/content/apps/installer/classes/Helper.php#L312-L318",
"url": "https://github.com/ecjia/ecjia-daojia/blob/dfb322387e8d3d50719e44d23d793072616ff789/content/apps/installer/classes/Helper.php#L312-L318"
}
]
}

72
2022/27xxx/CVE-2022-27104.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-27104",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-27104",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Unauthenticated time-based blind SQL injection vulnerability exists in Forma LMS prior to v.1.4.3."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.swascan.com/it/security-blog/",
"refsource": "MISC",
"name": "https://www.swascan.com/it/security-blog/"
},
{
"url": "https://www.formalms.org/download.html",
"refsource": "MISC",
"name": "https://www.formalms.org/download.html"
},
{
"refsource": "MISC",
"name": "https://www.swascan.com/security-advisory-forma-lms/",
"url": "https://www.swascan.com/security-advisory-forma-lms/"
}
]
}

5
2022/29xxx/CVE-2022-29072.json
View File

@ -71,6 +71,11 @@
"refsource": "MISC",
"name": "https://news.ycombinator.com/item?id=31070256",
"url": "https://news.ycombinator.com/item?id=31070256"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/166763/7-Zip-21.07-Code-Execution-Privilege-Escalation.html",
"url": "http://packetstormsecurity.com/files/166763/7-Zip-21.07-Code-Execution-Privilege-Escalation.html"
}
]
}