diff --git a/2004/2xxx/CVE-2004-2189.json b/2004/2xxx/CVE-2004-2189.json index 522b1363f48..b78d6fc04f2 100644 --- a/2004/2xxx/CVE-2004-2189.json +++ b/2004/2xxx/CVE-2004-2189.json @@ -52,15 +52,15 @@ }, "references": { "reference_data": [ - { - "name": "http://www.maxpatrol.com/mp_advisory.asp", - "refsource": "MISC", - "url": "http://www.maxpatrol.com/mp_advisory.asp" - }, { "name": "11434", "refsource": "BID", "url": "http://www.securityfocus.com/bid/11434" + }, + { + "name": "http://www.maxpatrol.com/mp_advisory.asp", + "refsource": "MISC", + "url": "http://www.maxpatrol.com/mp_advisory.asp" } ] } diff --git a/2004/2xxx/CVE-2004-2194.json b/2004/2xxx/CVE-2004-2194.json index a8625df0e8b..c10427c380f 100644 --- a/2004/2xxx/CVE-2004-2194.json +++ b/2004/2xxx/CVE-2004-2194.json @@ -52,6 +52,11 @@ }, "references": { "reference_data": [ + { + "name": "11418", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/11418" + }, { "name": "http://www.mailenable.com/professionalhistory.asp", "refsource": "CONFIRM", @@ -61,11 +66,6 @@ "name": "http://www.mailenable.com/enterprisehistory.asp", "refsource": "CONFIRM", "url": "http://www.mailenable.com/enterprisehistory.asp" - }, - { - "name": "11418", - "refsource": "BID", - "url": "http://www.securityfocus.com/bid/11418" } ] } diff --git a/2004/2xxx/CVE-2004-2209.json b/2004/2xxx/CVE-2004-2209.json index 7f08704cc18..367bcad0541 100644 --- a/2004/2xxx/CVE-2004-2209.json +++ b/2004/2xxx/CVE-2004-2209.json @@ -52,6 +52,11 @@ }, "references": { "reference_data": [ + { + "name": "11424", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/11424" + }, { "name": "http://www.maxpatrol.com/mp_advisory.asp", "refsource": "MISC", @@ -61,11 +66,6 @@ "name": "http://www.maxpatrol.com/advdetails.asp?id=14", "refsource": "MISC", "url": "http://www.maxpatrol.com/advdetails.asp?id=14" - }, - { - "name": "11424", - "refsource": "BID", - "url": "http://www.securityfocus.com/bid/11424" } ] } diff --git a/2005/0xxx/CVE-2005-0927.json b/2005/0xxx/CVE-2005-0927.json index f52fa46e9eb..a7f89138901 100644 --- a/2005/0xxx/CVE-2005-0927.json +++ b/2005/0xxx/CVE-2005-0927.json @@ -52,6 +52,11 @@ }, "references": { "reference_data": [ + { + "name": "14716", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/14716" + }, { "name": "http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=195", "refsource": "CONFIRM", @@ -61,11 +66,6 @@ "name": "http://sourceforge.net/project/shownotes.php?release_id=316038", "refsource": "CONFIRM", "url": "http://sourceforge.net/project/shownotes.php?release_id=316038" - }, - { - "name": "14716", - "refsource": "SECUNIA", - "url": "http://secunia.com/advisories/14716" } ] } diff --git a/2005/0xxx/CVE-2005-0932.json b/2005/0xxx/CVE-2005-0932.json index af42395576d..de9d5cf7975 100644 --- a/2005/0xxx/CVE-2005-0932.json +++ b/2005/0xxx/CVE-2005-0932.json @@ -52,15 +52,15 @@ }, "references": { "reference_data": [ - { - "name": "http://www.gulftech.org/?node=research&article_id=00065-03292005", - "refsource": "MISC", - "url": "http://www.gulftech.org/?node=research&article_id=00065-03292005" - }, { "name": "12917", "refsource": "BID", "url": "http://www.securityfocus.com/bid/12917" + }, + { + "name": "http://www.gulftech.org/?node=research&article_id=00065-03292005", + "refsource": "MISC", + "url": "http://www.gulftech.org/?node=research&article_id=00065-03292005" } ] } diff --git a/2005/0xxx/CVE-2005-0994.json b/2005/0xxx/CVE-2005-0994.json index 36db68a668e..3a773ccbb4d 100644 --- a/2005/0xxx/CVE-2005-0994.json +++ b/2005/0xxx/CVE-2005-0994.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "Multiple SQL injection vulnerabilities in ProductCart 2.7 allow remote attackers to execute arbitrary SQL commands via (1) the Category or resultCnt parameters to advSearch_h.asp, and possibly (2) the offset parameter to tarinasworld_butterflyjournal.asp. NOTE: it is possible that item (2) is the result of a typo or editing error from the original research report." + "value": "Multiple SQL injection vulnerabilities in ProductCart 2.7 allow remote attackers to execute arbitrary SQL commands via (1) the Category or resultCnt parameters to advSearch_h.asp, and possibly (2) the offset parameter to tarinasworld_butterflyjournal.asp. NOTE: it is possible that item (2) is the result of a typo or editing error from the original research report." } ] }, diff --git a/2005/1xxx/CVE-2005-1035.json b/2005/1xxx/CVE-2005-1035.json index fb5a9662e04..632a64cd39a 100644 --- a/2005/1xxx/CVE-2005-1035.json +++ b/2005/1xxx/CVE-2005-1035.json @@ -52,15 +52,15 @@ }, "references": { "reference_data": [ - { - "name": "http://sourceforge.net/project/shownotes.php?release_id=313436", - "refsource": "CONFIRM", - "url": "http://sourceforge.net/project/shownotes.php?release_id=313436" - }, { "name": "14571", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/14571" + }, + { + "name": "http://sourceforge.net/project/shownotes.php?release_id=313436", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?release_id=313436" } ] } diff --git a/2005/1xxx/CVE-2005-1037.json b/2005/1xxx/CVE-2005-1037.json index 94d0760e18b..d8b149576ed 100644 --- a/2005/1xxx/CVE-2005-1037.json +++ b/2005/1xxx/CVE-2005-1037.json @@ -57,15 +57,15 @@ "refsource": "AIXAPAR", "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IY68825&apar=only" }, - { - "name": "http://www.niscc.gov.uk/niscc/docs/br-20050405-00278.html?lang=en", - "refsource": "MISC", - "url": "http://www.niscc.gov.uk/niscc/docs/br-20050405-00278.html?lang=en" - }, { "name": "14856", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/14856" + }, + { + "name": "http://www.niscc.gov.uk/niscc/docs/br-20050405-00278.html?lang=en", + "refsource": "MISC", + "url": "http://www.niscc.gov.uk/niscc/docs/br-20050405-00278.html?lang=en" } ] } diff --git a/2005/2xxx/CVE-2005-2200.json b/2005/2xxx/CVE-2005-2200.json index e9bd8a42f34..7a4705dde9c 100644 --- a/2005/2xxx/CVE-2005-2200.json +++ b/2005/2xxx/CVE-2005-2200.json @@ -52,11 +52,6 @@ }, "references": { "reference_data": [ - { - "name": "http://www.xerox.com/downloads/usa/en/c/cert_XRX05_006.pdf", - "refsource": "CONFIRM", - "url": "http://www.xerox.com/downloads/usa/en/c/cert_XRX05_006.pdf" - }, { "name": "15970", "refsource": "SECUNIA", @@ -66,6 +61,11 @@ "name": "1014429", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1014429" + }, + { + "name": "http://www.xerox.com/downloads/usa/en/c/cert_XRX05_006.pdf", + "refsource": "CONFIRM", + "url": "http://www.xerox.com/downloads/usa/en/c/cert_XRX05_006.pdf" } ] } diff --git a/2005/2xxx/CVE-2005-2210.json b/2005/2xxx/CVE-2005-2210.json index f2961caea6e..bd45201e74e 100644 --- a/2005/2xxx/CVE-2005-2210.json +++ b/2005/2xxx/CVE-2005-2210.json @@ -52,15 +52,15 @@ }, "references": { "reference_data": [ - { - "name": "http://www.ihsteam.com/download/ihsexpl/dlm.c", - "refsource": "MISC", - "url": "http://www.ihsteam.com/download/ihsexpl/dlm.c" - }, { "name": "1014404", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1014404" + }, + { + "name": "http://www.ihsteam.com/download/ihsexpl/dlm.c", + "refsource": "MISC", + "url": "http://www.ihsteam.com/download/ihsexpl/dlm.c" } ] } diff --git a/2005/2xxx/CVE-2005-2225.json b/2005/2xxx/CVE-2005-2225.json index 84757576dbc..821f5e77c30 100644 --- a/2005/2xxx/CVE-2005-2225.json +++ b/2005/2xxx/CVE-2005-2225.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "Microsoft MSN Messenger allows remote attackers to cause a denial of service via a plaintext message containing the \".pif\" string, which is interpreted as a malicious file extension and causes users to be kicked from a group conversation. NOTE: it has been reported that Gaim is also affected, so this may be an issue in the protocol or MSN servers." + "value": "Microsoft MSN Messenger allows remote attackers to cause a denial of service via a plaintext message containing the \".pif\" string, which is interpreted as a malicious file extension and causes users to be kicked from a group conversation. NOTE: it has been reported that Gaim is also affected, so this may be an issue in the protocol or MSN servers." } ] }, @@ -52,6 +52,11 @@ }, "references": { "reference_data": [ + { + "name": "1014444", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1014444" + }, { "name": "http://www.digitalparadox.org/viewadvisories.ah?view=45", "refsource": "MISC", @@ -61,11 +66,6 @@ "name": "http://www.messenger-blog.com/?p=146", "refsource": "MISC", "url": "http://www.messenger-blog.com/?p=146" - }, - { - "name": "1014444", - "refsource": "SECTRACK", - "url": "http://securitytracker.com/id?1014444" } ] } diff --git a/2005/2xxx/CVE-2005-2235.json b/2005/2xxx/CVE-2005-2235.json index 2a3b9dda192..043a2a8770a 100644 --- a/2005/2xxx/CVE-2005-2235.json +++ b/2005/2xxx/CVE-2005-2235.json @@ -57,25 +57,25 @@ "refsource": "SECUNIA", "url": "http://secunia.com/advisories/15636" }, - { - "name": "http://www.caughq.org/advisories/CAU-2005-0004.txt", - "refsource": "MISC", - "url": "http://www.caughq.org/advisories/CAU-2005-0004.txt" - }, { "name": "13912", "refsource": "BID", "url": "http://www.securityfocus.com/bid/13912" }, - { - "name": "http://www.security-focus.com/advisories/8819", - "refsource": "CONFIRM", - "url": "http://www.security-focus.com/advisories/8819" - }, { "name": "1014132", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1014132" + }, + { + "name": "http://www.caughq.org/advisories/CAU-2005-0004.txt", + "refsource": "MISC", + "url": "http://www.caughq.org/advisories/CAU-2005-0004.txt" + }, + { + "name": "http://www.security-focus.com/advisories/8819", + "refsource": "CONFIRM", + "url": "http://www.security-focus.com/advisories/8819" } ] } diff --git a/2020/29xxx/CVE-2020-29214.json b/2020/29xxx/CVE-2020-29214.json index ff1999e2bf9..855f5f3d45c 100644 --- a/2020/29xxx/CVE-2020-29214.json +++ b/2020/29xxx/CVE-2020-29214.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-29214", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-29214", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SQL injection vulnerability in SourceCodester Alumni Management System 1.0 allows the user to inject SQL payload to bypass the authentication via admin/login.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "EXPLOIT-DB", + "name": "48883", + "url": "https://www.exploit-db.com/exploits/48883" } ] } diff --git a/2020/29xxx/CVE-2020-29215.json b/2020/29xxx/CVE-2020-29215.json index 850c0310b97..0c8b324b00b 100644 --- a/2020/29xxx/CVE-2020-29215.json +++ b/2020/29xxx/CVE-2020-29215.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-29215", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-29215", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A Cross Site Scripting in SourceCodester Employee Management System 1.0 allows the user to execute alert messages via /Employee Management System/addemp.php on admin account." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "EXPLOIT-DB", + "name": "48881", + "url": "https://www.exploit-db.com/exploits/48881" } ] } diff --git a/2021/23xxx/CVE-2021-23395.json b/2021/23xxx/CVE-2021-23395.json index 361d144bf6f..1e75abb8a9b 100644 --- a/2021/23xxx/CVE-2021-23395.json +++ b/2021/23xxx/CVE-2021-23395.json @@ -48,8 +48,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://snyk.io/vuln/SNYK-JS-NEDB-1305279" + "refsource": "MISC", + "url": "https://snyk.io/vuln/SNYK-JS-NEDB-1305279", + "name": "https://snyk.io/vuln/SNYK-JS-NEDB-1305279" } ] }, @@ -57,7 +58,7 @@ "description_data": [ { "lang": "eng", - "value": "This affects all versions of package nedb.\n The library could be tricked into adding or modifying properties of Object.prototype using a __proto__ or constructor.prototype payload.\r\n\r\n" + "value": "This affects all versions of package nedb. The library could be tricked into adding or modifying properties of Object.prototype using a __proto__ or constructor.prototype payload." } ] }, diff --git a/2021/27xxx/CVE-2021-27388.json b/2021/27xxx/CVE-2021-27388.json index cdd6f198a5b..31342657c6f 100644 --- a/2021/27xxx/CVE-2021-27388.json +++ b/2021/27xxx/CVE-2021-27388.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-27388", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "productcert@siemens.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "SINAMICS Medium Voltage Products, Remote Access", + "version": { + "version_data": [ + { + "version_value": "SINAMICS SL150: All versions, SINAMICS SM150: All versions, SINAMICS SM150i: All versions" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "IMPROPER INPUT VALIDATION CWE-20" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-04", + "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-04" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SINAMICS medium voltage routable products are affected by a vulnerability in the Sm@rtServer component for remote access that could allow an unauthenticated attacker to cause a denial-of-service condition, and/or execution of limited configuration modifications and/or execution of limited control commands on the SINAMICS Medium Voltage Products, Remote Access (SINAMICS SL150: All versions, SINAMICS SM150: All versions, SINAMICS SM150i: All versions)." } ] }