From 2d86ec250d90231621cecaa3088506ad5047563e Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 22 Apr 2022 20:01:22 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2021/0xxx/CVE-2021-0252.json | 5 +++ 2021/0xxx/CVE-2021-0253.json | 5 +++ 2021/1xxx/CVE-2021-1384.json | 5 +++ 2021/26xxx/CVE-2021-26104.json | 5 +++ 2021/43xxx/CVE-2021-43065.json | 5 +++ 2022/27xxx/CVE-2022-27340.json | 61 ++++++++++++++++++++++++++++++---- 2022/27xxx/CVE-2022-27341.json | 56 +++++++++++++++++++++++++++---- 2022/27xxx/CVE-2022-27342.json | 56 +++++++++++++++++++++++++++---- 2022/29xxx/CVE-2022-29595.json | 18 ++++++++++ 2022/29xxx/CVE-2022-29596.json | 18 ++++++++++ 2022/29xxx/CVE-2022-29597.json | 18 ++++++++++ 2022/29xxx/CVE-2022-29598.json | 18 ++++++++++ 12 files changed, 252 insertions(+), 18 deletions(-) create mode 100644 2022/29xxx/CVE-2022-29595.json create mode 100644 2022/29xxx/CVE-2022-29596.json create mode 100644 2022/29xxx/CVE-2022-29597.json create mode 100644 2022/29xxx/CVE-2022-29598.json diff --git a/2021/0xxx/CVE-2021-0252.json b/2021/0xxx/CVE-2021-0252.json index 5e0581db0a2..32a875ccd1c 100644 --- a/2021/0xxx/CVE-2021-0252.json +++ b/2021/0xxx/CVE-2021-0252.json @@ -132,6 +132,11 @@ "refsource": "MISC", "url": "https://kb.juniper.net/JSA11145", "name": "https://kb.juniper.net/JSA11145" + }, + { + "refsource": "MISC", + "name": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-gr7j-26pv-5v57", + "url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-gr7j-26pv-5v57" } ] }, diff --git a/2021/0xxx/CVE-2021-0253.json b/2021/0xxx/CVE-2021-0253.json index c98c7281748..facd16d283e 100644 --- a/2021/0xxx/CVE-2021-0253.json +++ b/2021/0xxx/CVE-2021-0253.json @@ -157,6 +157,11 @@ "refsource": "MISC", "url": "https://kb.juniper.net/JSA11146", "name": "https://kb.juniper.net/JSA11146" + }, + { + "refsource": "MISC", + "name": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-vrf9-cjcp-rwcr", + "url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-vrf9-cjcp-rwcr" } ] }, diff --git a/2021/1xxx/CVE-2021-1384.json b/2021/1xxx/CVE-2021-1384.json index 0b71522a71f..05bdfa0c376 100644 --- a/2021/1xxx/CVE-2021-1384.json +++ b/2021/1xxx/CVE-2021-1384.json @@ -71,6 +71,11 @@ "name": "20210324 Cisco IOx for IOS XE Software Command Injection Vulnerability", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-cmdinj-RkSURGHG" + }, + { + "refsource": "MISC", + "name": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-h332-fj6p-2232", + "url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-h332-fj6p-2232" } ] }, diff --git a/2021/26xxx/CVE-2021-26104.json b/2021/26xxx/CVE-2021-26104.json index b95fa9c903e..815f55b3951 100644 --- a/2021/26xxx/CVE-2021-26104.json +++ b/2021/26xxx/CVE-2021-26104.json @@ -64,6 +64,11 @@ "refsource": "CONFIRM", "name": "https://fortiguard.com/advisory/FG-IR-21-037", "url": "https://fortiguard.com/advisory/FG-IR-21-037" + }, + { + "refsource": "MISC", + "name": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-f73m-fvj3-m2pm", + "url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-f73m-fvj3-m2pm" } ] }, diff --git a/2021/43xxx/CVE-2021-43065.json b/2021/43xxx/CVE-2021-43065.json index 63f1d1be4c9..8919a4bfdbf 100644 --- a/2021/43xxx/CVE-2021-43065.json +++ b/2021/43xxx/CVE-2021-43065.json @@ -64,6 +64,11 @@ "refsource": "CONFIRM", "name": "https://fortiguard.com/advisory/FG-IR-21-178", "url": "https://fortiguard.com/advisory/FG-IR-21-178" + }, + { + "refsource": "MISC", + "name": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-8wx4-g5p9-348h", + "url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-8wx4-g5p9-348h" } ] }, diff --git a/2022/27xxx/CVE-2022-27340.json b/2022/27xxx/CVE-2022-27340.json index c09f6a83c3a..ac908d2311d 100644 --- a/2022/27xxx/CVE-2022-27340.json +++ b/2022/27xxx/CVE-2022-27340.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-27340", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-27340", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "MCMS v5.2.7 contains a Cross-Site Request Forgery (CSRF) via /role/saveOrUpdateRole.do. This vulnerability allows attackers to escalate privileges and modify data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/ming-soft/MCMS", + "refsource": "MISC", + "name": "https://github.com/ming-soft/MCMS" + }, + { + "url": "https://github.com/UDKI11/vul/blob/main/Mcms%E8%B7%A8%E7%AB%99%E8%AF%B7%E6%B1%82%E4%BC%AA%E9%80%A0.docx", + "refsource": "MISC", + "name": "https://github.com/UDKI11/vul/blob/main/Mcms%E8%B7%A8%E7%AB%99%E8%AF%B7%E6%B1%82%E4%BC%AA%E9%80%A0.docx" } ] } diff --git a/2022/27xxx/CVE-2022-27341.json b/2022/27xxx/CVE-2022-27341.json index b121cfb9ff9..9e9caffc2d8 100644 --- a/2022/27xxx/CVE-2022-27341.json +++ b/2022/27xxx/CVE-2022-27341.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-27341", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-27341", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "JFinalCMS v2.0 was discovered to contain a SQL injection vulnerability via the Article Management function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/UDKI11/vul/blob/main/JFinalCMS-sqli-2.docx", + "refsource": "MISC", + "name": "https://github.com/UDKI11/vul/blob/main/JFinalCMS-sqli-2.docx" } ] } diff --git a/2022/27xxx/CVE-2022-27342.json b/2022/27xxx/CVE-2022-27342.json index 2cd67b43389..4bc0617a8fe 100644 --- a/2022/27xxx/CVE-2022-27342.json +++ b/2022/27xxx/CVE-2022-27342.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-27342", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-27342", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Link-Admin v0.0.1 was discovered to contain a SQL injection vulnerability via DictRest.ResponseResult()." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/UDKI11/vul/blob/main/link-admin.docx", + "refsource": "MISC", + "name": "https://github.com/UDKI11/vul/blob/main/link-admin.docx" } ] } diff --git a/2022/29xxx/CVE-2022-29595.json b/2022/29xxx/CVE-2022-29595.json new file mode 100644 index 00000000000..6553ce7ef57 --- /dev/null +++ b/2022/29xxx/CVE-2022-29595.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-29595", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/29xxx/CVE-2022-29596.json b/2022/29xxx/CVE-2022-29596.json new file mode 100644 index 00000000000..1256e6a2ec3 --- /dev/null +++ b/2022/29xxx/CVE-2022-29596.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-29596", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/29xxx/CVE-2022-29597.json b/2022/29xxx/CVE-2022-29597.json new file mode 100644 index 00000000000..3934a3c3d69 --- /dev/null +++ b/2022/29xxx/CVE-2022-29597.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-29597", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/29xxx/CVE-2022-29598.json b/2022/29xxx/CVE-2022-29598.json new file mode 100644 index 00000000000..6e21425fb89 --- /dev/null +++ b/2022/29xxx/CVE-2022-29598.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-29598", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file