admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-04-25 16:01:37 +00:00
parent 49ffd50c2c
commit 2f6723660b
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
6 changed files with 375 additions and 199 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

174
2021/39xxx/CVE-2021-39040.json
View File

@ -1,90 +1,90 @@
{
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2022-04-22T00:00:00",
"ID" : "CVE-2021-39040"
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/pages/node/6574003",
"url" : "https://www.ibm.com/support/pages/node/6574003",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6574003 (Planning Analytics Workspace)"
},
{
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/214025",
"name" : "ibm-planning-cve202139040-file-upload (214025)"
}
]
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Planning Analytics Workspace 2.0 could be vulnerable to malicious file upload by not validating the file types or sizes. Attackers can make use of this weakness and upload malicious executable files into the system and it can be sent to victim for performing further attacks. IBM X-Force ID: 214025."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Access"
}
]
}
]
},
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"BM" : {
"I" : "H",
"UI" : "R",
"A" : "N",
"C" : "L",
"SCORE" : "6.300",
"AV" : "N",
"AC" : "L",
"PR" : "L",
"S" : "U"
},
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
}
}
},
"data_type" : "CVE",
"affects" : {
"vendor" : {
"vendor_data" : [
"CVE_data_meta": {
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2022-04-22T00:00:00",
"ID": "CVE-2021-39040"
},
"references": {
"reference_data": [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "2.0"
}
]
},
"product_name" : "Planning Analytics Workspace"
}
]
},
"vendor_name" : "IBM"
"name": "https://www.ibm.com/support/pages/node/6574003",
"url": "https://www.ibm.com/support/pages/node/6574003",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 6574003 (Planning Analytics Workspace)"
},
{
"title": "X-Force Vulnerability Report",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/214025",
"name": "ibm-planning-cve202139040-file-upload (214025)"
}
]
}
},
"data_version" : "4.0"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Planning Analytics Workspace 2.0 could be vulnerable to malicious file upload by not validating the file types or sizes. Attackers can make use of this weakness and upload malicious executable files into the system and it can be sent to victim for performing further attacks. IBM X-Force ID: 214025."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Access"
}
]
}
]
},
"data_format": "MITRE",
"impact": {
"cvssv3": {
"BM": {
"I": "H",
"UI": "R",
"A": "N",
"C": "L",
"SCORE": "6.300",
"AV": "N",
"AC": "L",
"PR": "L",
"S": "U"
},
"TM": {
"RC": "C",
"RL": "O",
"E": "U"
}
}
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "2.0"
}
]
},
"product_name": "Planning Analytics Workspace"
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_version": "4.0"
}

176
2022/22xxx/CVE-2022-22392.json
View File

@ -1,90 +1,90 @@
{
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "2.0"
}
]
},
"product_name" : "Planning Analytics Workspace"
}
]
},
"vendor_name" : "IBM"
}
]
}
},
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-22392",
"DATE_PUBLIC" : "2022-04-22T00:00:00",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com"
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Access"
}
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "2.0"
}
]
},
"product_name": "Planning Analytics Workspace"
}
]
},
"vendor_name": "IBM"
}
]
}
]
},
"data_format" : "MITRE",
"description" : {
"description_data" : [
{
"value" : "IBM Planning Analytics Local 2.0 could allow an attacker to upload arbitrary executable files which, when executed by an unsuspecting victim could result in code execution. IBM X-Force ID: 222066.",
"lang" : "eng"
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/pages/node/6574003",
"url" : "https://www.ibm.com/support/pages/node/6574003",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6574003 (Planning Analytics Workspace)"
},
{
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"name" : "ibm-planning-cve202222392-code-exec (222066)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/222066"
}
]
},
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"BM" : {
"SCORE" : "6.800",
"AV" : "N",
"PR" : "H",
"AC" : "L",
"S" : "U",
"I" : "H",
"UI" : "R",
"C" : "H",
"A" : "H"
},
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
}
}
}
}
}
},
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-22392",
"DATE_PUBLIC": "2022-04-22T00:00:00",
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Access"
}
]
}
]
},
"data_format": "MITRE",
"description": {
"description_data": [
{
"value": "IBM Planning Analytics Local 2.0 could allow an attacker to upload arbitrary executable files which, when executed by an unsuspecting victim could result in code execution. IBM X-Force ID: 222066.",
"lang": "eng"
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.ibm.com/support/pages/node/6574003",
"url": "https://www.ibm.com/support/pages/node/6574003",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 6574003 (Planning Analytics Workspace)"
},
{
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"name": "ibm-planning-cve202222392-code-exec (222066)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/222066"
}
]
},
"data_type": "CVE",
"impact": {
"cvssv3": {
"BM": {
"SCORE": "6.800",
"AV": "N",
"PR": "H",
"AC": "L",
"S": "U",
"I": "H",
"UI": "R",
"C": "H",
"A": "H"
},
"TM": {
"E": "U",
"RL": "O",
"RC": "C"
}
}
}
}

56
2022/26xxx/CVE-2022-26596.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-26596",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-26596",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site scripting (XSS) vulnerability in Journal module's web content display configuration page in Liferay Portal 7.1.0 through 7.3.3, and Liferay DXP 7.0 before fix pack 94, 7.1 before fix pack 19, and 7.2 before fix pack 8, allows remote attackers to inject arbitrary web script or HTML via web content template names."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://liferay.com",
"refsource": "MISC",
"name": "http://liferay.com"
}
]
}

56
2022/26xxx/CVE-2022-26597.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-26597",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-26597",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site scripting (XSS) vulnerability in the Layout module's Open Graph integration in Liferay Portal 7.3.0 through 7.4.0, and Liferay DXP 7.3 before service pack 3 allows remote attackers to inject arbitrary web script or HTML via the site name."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://liferay.com",
"refsource": "MISC",
"name": "http://liferay.com"
}
]
}

56
2022/27xxx/CVE-2022-27374.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-27374",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-27374",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via the function sub_42E328 at /goform/SysToolReboot."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/tianhui999/myCVE/blob/main/AX12/AX12.md",
"refsource": "MISC",
"name": "https://github.com/tianhui999/myCVE/blob/main/AX12/AX12.md"
}
]
}

56
2022/27xxx/CVE-2022-27375.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-27375",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-27375",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via the function sub_422168 at /goform/WifiExtraSet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/tianhui999/myCVE/blob/main/AX12/AX12-2.md",
"refsource": "MISC",
"name": "https://github.com/tianhui999/myCVE/blob/main/AX12/AX12-2.md"
}
]
}