admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-05-04 16:01:34 +00:00
parent 563cb68b17
commit 2ddee28df4
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
20 changed files with 404 additions and 77 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

112
2021/20xxx/CVE-2021-20051.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "psirt@sonicwall.com",
"ID": "CVE-2021-20051",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicWall Global VPN Client",
"version": {
"version_data": [
{
"version_value": "Global VPN Client 4.10.7.1117 and earlier versions"
}
]
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2021-20051",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicWall Global VPN Client",
"version": {
"version_data": [
{
"version_value": "Global VPN Client 4.10.7.1117 and earlier versions"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SonicWall Global VPN Client 4.10.7.1117 installer (32-bit and 64-bit) and earlier versions have a DLL Search Order Hijacking vulnerability in one of the installer components. Successful exploitation via a local attacker could result in command execution in the target system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-427: Uncontrolled Search Path Element"
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SonicWall Global VPN Client 4.10.7.1117 installer (32-bit and 64-bit) and earlier versions have a DLL Search Order Hijacking vulnerability in one of the installer components. Successful exploitation via a local attacker could result in command execution in the target system."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0036",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0036"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-427: Uncontrolled Search Path Element"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0036",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0036"
}
]
}
}

2
2021/43xxx/CVE-2021-43206.json
View File

@ -71,7 +71,7 @@
"description_data": [
{
"lang": "eng",
"value": "A server-generated error message containing sensitive information in Fortinet FortiOS 7.0.0 through 7.0.3, 6.4.0 through 6.4.8, 6.2.x, 6.0.x and FortiProxy 7.0.0 through 7.0.1, 2.0.x allows malicious webservers to retrieve a web\u00a0proxy's client username and IP\u00a0via same origin HTTP requests triggering proxy-generated HTTP status codes pages."
"value": "A server-generated error message containing sensitive information in Fortinet FortiOS 7.0.0 through 7.0.3, 6.4.0 through 6.4.8, 6.2.x, 6.0.x and FortiProxy 7.0.0 through 7.0.1, 2.0.x allows malicious webservers to retrieve a web proxy's client username and IP via same origin HTTP requests triggering proxy-generated HTTP status codes pages."
}
]
}

5
2021/46xxx/CVE-2021-46019.json
View File

@ -56,6 +56,11 @@
"url": "https://lists.gnu.org/archive/html/bug-recutils/2021-12/msg00009.html",
"refsource": "MISC",
"name": "https://lists.gnu.org/archive/html/bug-recutils/2021-12/msg00009.html"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2022-4e6bd7ca62",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRSXSN2XF6PX74WDYVV26TQMYIFAEQ3T/"
}
]
}

5
2021/46xxx/CVE-2021-46021.json
View File

@ -56,6 +56,11 @@
"url": "https://lists.gnu.org/archive/html/bug-recutils/2021-12/msg00008.html",
"refsource": "MISC",
"name": "https://lists.gnu.org/archive/html/bug-recutils/2021-12/msg00008.html"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2022-4e6bd7ca62",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRSXSN2XF6PX74WDYVV26TQMYIFAEQ3T/"
}
]
}

5
2021/46xxx/CVE-2021-46022.json
View File

@ -56,6 +56,11 @@
"url": "https://lists.gnu.org/archive/html/bug-recutils/2021-12/msg00007.html",
"refsource": "MISC",
"name": "https://lists.gnu.org/archive/html/bug-recutils/2021-12/msg00007.html"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2022-4e6bd7ca62",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRSXSN2XF6PX74WDYVV26TQMYIFAEQ3T/"
}
]
}

18
2022/1xxx/CVE-2022-1579.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-1579",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/1xxx/CVE-2022-1580.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-1580",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/1xxx/CVE-2022-1581.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-1581",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

2
2022/23xxx/CVE-2022-23443.json
View File

@ -71,7 +71,7 @@
"description_data": [
{
"lang": "eng",
"value": "An improper access control in Fortinet FortiSOAR before 7.2.0 allows unauthenticated attackers to access gateway API data\u00a0via crafted\u00a0HTTP GET requests."
"value": "An improper access control in Fortinet FortiSOAR before 7.2.0 allows unauthenticated attackers to access gateway API data via crafted HTTP GET requests."
}
]
}

56
2022/28xxx/CVE-2022-28556.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-28556",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-28556",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Tenda AC15 US_AC15V1.0BR_V15.03.05.20_multi_TDE01.bin is vulnerable to Buffer Overflow. The stack overflow vulnerability lies in the /goform/setpptpservercfg interface of the web. The sent post data startip and endip are copied to the stack using the sanf function, resulting in stack overflow. Similarly, this vulnerability can be used together with CVE-2021-44971"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/doudoudedi/TendaAC15_vul/blob/main/TendaAC15-vul.md",
"refsource": "MISC",
"name": "https://github.com/doudoudedi/TendaAC15_vul/blob/main/TendaAC15-vul.md"
}
]
}

56
2022/28xxx/CVE-2022-28557.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-28557",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-28557",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is a command injection vulnerability at the /goform/setsambacfg interface of Tenda AC15 US_AC15V1.0BR_V15.03.05.20_multi_TDE01.bin device web, which can also cooperate with CVE-2021-44971 to cause unconditional arbitrary command execution"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/doudoudedi/TendaAC15_vul/blob/main/TendaAC15-vul.md",
"refsource": "MISC",
"name": "https://github.com/doudoudedi/TendaAC15_vul/blob/main/TendaAC15-vul.md"
}
]
}

56
2022/28xxx/CVE-2022-28940.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-28940",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-28940",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In H3C MagicR100 <=V100R005, the / Ajax / ajaxget interface can be accessed without authorization. It sends a large amount of data through ajaxmsg to carry out DOS attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/zhefox/0day/blob/main/%E6%96%B0%E5%8D%8E%E4%B8%89magicR100%E5%AD%98%E5%9C%A8DOS%E6%94%BB%E5%87%BB%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90.md",
"refsource": "MISC",
"name": "https://github.com/zhefox/0day/blob/main/%E6%96%B0%E5%8D%8E%E4%B8%89magicR100%E5%AD%98%E5%9C%A8DOS%E6%94%BB%E5%87%BB%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90.md"
}
]
}

2
2022/29xxx/CVE-2022-29347.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "An arbitrary file upload vulnerability in Web@archiv 1.0 allows attackers to execute arbitrary commands via a crafted PHP file."
"value": "An arbitrary file upload vulnerability in Web@rchiv 1.0 allows attackers to execute arbitrary commands via a crafted PHP file."
}
]
},

18
2022/30xxx/CVE-2022-30232.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-30232",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/30xxx/CVE-2022-30233.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-30233",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/30xxx/CVE-2022-30234.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-30234",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/30xxx/CVE-2022-30235.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-30235",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/30xxx/CVE-2022-30236.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-30236",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/30xxx/CVE-2022-30237.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-30237",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/30xxx/CVE-2022-30238.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-30238",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}