From 1503610f16fc6e87993791d9d85d8d2d8825da45 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 18 Mar 2022 11:01:21 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2021/45xxx/CVE-2021-45834.json | 71 +++++++++++++++++++++++++++++++--- 2021/45xxx/CVE-2021-45835.json | 66 ++++++++++++++++++++++++++++--- 2022/24xxx/CVE-2022-24655.json | 66 ++++++++++++++++++++++++++++--- 2022/27xxx/CVE-2022-27242.json | 18 +++++++++ 4 files changed, 203 insertions(+), 18 deletions(-) create mode 100644 2022/27xxx/CVE-2022-27242.json diff --git a/2021/45xxx/CVE-2021-45834.json b/2021/45xxx/CVE-2021-45834.json index 6192a3f76ea..c1b7a745d3a 100644 --- a/2021/45xxx/CVE-2021-45834.json +++ b/2021/45xxx/CVE-2021-45834.json @@ -1,17 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-45834", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-45834", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An attacker can upload or transfer files of dangerous types to the OpenDocMan 1.4.4 portal via add.php using MIME-bypass, which may be automatically processed within the product's environment or lead to arbitrary code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://opendocman.com", + "refsource": "MISC", + "name": "http://opendocman.com" + }, + { + "url": "https://github.com/opendocman/opendocman", + "refsource": "MISC", + "name": "https://github.com/opendocman/opendocman" + }, + { + "url": "https://github.com/opendocman/opendocman/issues/326", + "refsource": "MISC", + "name": "https://github.com/opendocman/opendocman/issues/326" + }, + { + "refsource": "MISC", + "name": "https://github.com/opendocman/opendocman/issues/330", + "url": "https://github.com/opendocman/opendocman/issues/330" } ] } diff --git a/2021/45xxx/CVE-2021-45835.json b/2021/45xxx/CVE-2021-45835.json index 3b125df81cb..b9b29fda718 100644 --- a/2021/45xxx/CVE-2021-45835.json +++ b/2021/45xxx/CVE-2021-45835.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-45835", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-45835", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Online Admission System 1.0 allows an unauthenticated attacker to upload or transfer files of dangerous types to the application through documents.php, which may be used to execute malicious code or lead to code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/rskoolrash/Online-Admission-System", + "refsource": "MISC", + "name": "https://github.com/rskoolrash/Online-Admission-System" + }, + { + "refsource": "MISC", + "name": "https://github.com/rskoolrash/Online-Admission-System/issues/2", + "url": "https://github.com/rskoolrash/Online-Admission-System/issues/2" + }, + { + "refsource": "MISC", + "name": "https://www.exploit-db.com/exploits/50623", + "url": "https://www.exploit-db.com/exploits/50623" } ] } diff --git a/2022/24xxx/CVE-2022-24655.json b/2022/24xxx/CVE-2022-24655.json index 4786d03a63f..082310918b6 100644 --- a/2022/24xxx/CVE-2022-24655.json +++ b/2022/24xxx/CVE-2022-24655.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-24655", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-24655", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A stack overflow vulnerability exists in the upnpd service in Netgear EX6100v1 201.0.2.28, CAX80 2.1.2.6, and DC112A 1.0.0.62, which may lead to the execution of arbitrary code without authentication." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.netgear.com/about/security/", + "refsource": "MISC", + "name": "https://www.netgear.com/about/security/" + }, + { + "url": "https://kb.netgear.com/000064615/Security-Advisory-for-Pre-Authentication-Command-Injection-on-EX6100v1-and-Pre-Authentication-Stack-Overflow-on-Multiple-Products-PSV-2021-0282-PSV-2021-0288", + "refsource": "MISC", + "name": "https://kb.netgear.com/000064615/Security-Advisory-for-Pre-Authentication-Command-Injection-on-EX6100v1-and-Pre-Authentication-Stack-Overflow-on-Multiple-Products-PSV-2021-0282-PSV-2021-0288" + }, + { + "url": "https://github.com/doudoudedi/Netgear_product_stack_overflow/blob/main/NETGEAR%20EX%20series%20upnpd%20stack_overflow.md", + "refsource": "MISC", + "name": "https://github.com/doudoudedi/Netgear_product_stack_overflow/blob/main/NETGEAR%20EX%20series%20upnpd%20stack_overflow.md" } ] } diff --git a/2022/27xxx/CVE-2022-27242.json b/2022/27xxx/CVE-2022-27242.json new file mode 100644 index 00000000000..49d2520585a --- /dev/null +++ b/2022/27xxx/CVE-2022-27242.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-27242", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file