diff --git a/2020/19xxx/CVE-2020-19137.json b/2020/19xxx/CVE-2020-19137.json index 923bd65c796..9b8c700b927 100644 --- a/2020/19xxx/CVE-2020-19137.json +++ b/2020/19xxx/CVE-2020-19137.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-19137", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-19137", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Incorrect Access Control in Autumn v1.0.4 and earlier allows remote attackers to obtain clear-text login credentials via the component \"autumn-cms/user/getAllUser/?page=1&limit=10\"." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/ShuaiJunlan/Autumn/issues/82", + "refsource": "MISC", + "name": "https://github.com/ShuaiJunlan/Autumn/issues/82" } ] } diff --git a/2020/19xxx/CVE-2020-19138.json b/2020/19xxx/CVE-2020-19138.json index 61aa97c45a9..61188738a3c 100644 --- a/2020/19xxx/CVE-2020-19138.json +++ b/2020/19xxx/CVE-2020-19138.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-19138", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-19138", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Unrestricted Upload of File with Dangerous Type in DotCMS v5.2.3 and earlier allow remote attackers to execute arbitrary code via the component \"/src/main/java/com/dotmarketing/filters/CMSFilter.java\"." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/dotCMS/core/issues/17796", + "refsource": "MISC", + "name": "https://github.com/dotCMS/core/issues/17796" } ] } diff --git a/2020/26xxx/CVE-2020-26772.json b/2020/26xxx/CVE-2020-26772.json index 7ffeaac1c23..e0f30b99bb5 100644 --- a/2020/26xxx/CVE-2020-26772.json +++ b/2020/26xxx/CVE-2020-26772.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-26772", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-26772", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Command Injection in PPGo_Jobs v2.8.0 allows remote attackers to execute arbitrary code via the 'AjaxRun()' function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://blog.csdn.net/qq_33020901/article/details/108938473", + "refsource": "MISC", + "name": "https://blog.csdn.net/qq_33020901/article/details/108938473" + }, + { + "url": "https://github.com/george518/PPGo_Job/issues/56", + "refsource": "MISC", + "name": "https://github.com/george518/PPGo_Job/issues/56" } ] } diff --git a/2021/30xxx/CVE-2021-30605.json b/2021/30xxx/CVE-2021-30605.json index 03e4ce0d5cb..fe5f868e95e 100644 --- a/2021/30xxx/CVE-2021-30605.json +++ b/2021/30xxx/CVE-2021-30605.json @@ -4,7 +4,8 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-30605", - "ASSIGNER": "chrome-cve-admin@google.com" + "ASSIGNER": "chrome-cve-admin@google.com", + "STATE": "PUBLIC" }, "affects": { "vendor": { @@ -45,10 +46,14 @@ "references": { "reference_data": [ { - "url": "https://crbug.com/1240952" + "url": "https://crbug.com/1240952", + "refsource": "MISC", + "name": "https://crbug.com/1240952" }, { - "url": "https://bit.ly/37CS6G9" + "url": "https://bit.ly/37CS6G9", + "refsource": "MISC", + "name": "https://bit.ly/37CS6G9" } ] }, @@ -60,5 +65,4 @@ } ] } -} - +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36440.json b/2021/36xxx/CVE-2021-36440.json index 715cd1a9298..db5ad9321aa 100644 --- a/2021/36xxx/CVE-2021-36440.json +++ b/2021/36xxx/CVE-2021-36440.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-36440", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-36440", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Unrestricted File Upload in ShowDoc v2.9.5 allows remote attackers to execute arbitrary code via the 'file_url' parameter in the component AdminUpdateController.class.php'." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/star7th/showdoc/issues/1406", + "refsource": "MISC", + "name": "https://github.com/star7th/showdoc/issues/1406" } ] } diff --git a/2021/40xxx/CVE-2021-40509.json b/2021/40xxx/CVE-2021-40509.json index cdf2780b64f..e68b27bfdfc 100644 --- a/2021/40xxx/CVE-2021-40509.json +++ b/2021/40xxx/CVE-2021-40509.json @@ -52,6 +52,11 @@ }, "references": { "reference_data": [ + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/164045/jforum-2.7.0-Cross-Site-Scripting.html", + "url": "http://packetstormsecurity.com/files/164045/jforum-2.7.0-Cross-Site-Scripting.html" + }, { "url": "https://lists.openwall.net/full-disclosure/2021/09/03/7", "refsource": "MISC", diff --git a/2021/40xxx/CVE-2021-40809.json b/2021/40xxx/CVE-2021-40809.json new file mode 100644 index 00000000000..2aa692f3db4 --- /dev/null +++ b/2021/40xxx/CVE-2021-40809.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-40809", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/40xxx/CVE-2021-40810.json b/2021/40xxx/CVE-2021-40810.json new file mode 100644 index 00000000000..ec584debeb8 --- /dev/null +++ b/2021/40xxx/CVE-2021-40810.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-40810", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/40xxx/CVE-2021-40811.json b/2021/40xxx/CVE-2021-40811.json new file mode 100644 index 00000000000..0901a57d96f --- /dev/null +++ b/2021/40xxx/CVE-2021-40811.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-40811", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/40xxx/CVE-2021-40812.json b/2021/40xxx/CVE-2021-40812.json new file mode 100644 index 00000000000..f5a83d748a8 --- /dev/null +++ b/2021/40xxx/CVE-2021-40812.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2021-40812", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The GD Graphics Library (aka LibGD) through 2.3.2 has an out-of-bounds read because of the lack of certain gdGetBuf and gdPutBuf return value checks." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/libgd/libgd/commit/6f5136821be86e7068fcdf651ae9420b5d42e9a9", + "refsource": "MISC", + "name": "https://github.com/libgd/libgd/commit/6f5136821be86e7068fcdf651ae9420b5d42e9a9" + }, + { + "url": "https://github.com/libgd/libgd/issues/750#issuecomment-914872385", + "refsource": "MISC", + "name": "https://github.com/libgd/libgd/issues/750#issuecomment-914872385" + } + ] + } +} \ No newline at end of file