From 361f06cc5806a0724388ccb20b26a0fce2ee8974 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 31 Jan 2022 18:01:07 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2021/24xxx/CVE-2021-24946.json | 5 ++ 2021/42xxx/CVE-2021-42631.json | 86 +++++++++++++++++++++++++++++++--- 2021/42xxx/CVE-2021-42635.json | 86 +++++++++++++++++++++++++++++++--- 2021/44xxx/CVE-2021-44114.json | 61 +++++++++++++++++++++--- 2021/44xxx/CVE-2021-44593.json | 10 ++++ 2022/0xxx/CVE-2022-0434.json | 18 +++++++ 6 files changed, 248 insertions(+), 18 deletions(-) create mode 100644 2022/0xxx/CVE-2022-0434.json diff --git a/2021/24xxx/CVE-2021-24946.json b/2021/24xxx/CVE-2021-24946.json index 606532b6531..98fbb08f5f3 100644 --- a/2021/24xxx/CVE-2021-24946.json +++ b/2021/24xxx/CVE-2021-24946.json @@ -53,6 +53,11 @@ "refsource": "MISC", "name": "http://packetstormsecurity.com/files/165742/WordPress-Modern-Events-Calendar-6.1-SQL-Injection.html", "url": "http://packetstormsecurity.com/files/165742/WordPress-Modern-Events-Calendar-6.1-SQL-Injection.html" + }, + { + "refsource": "MISC", + "name": "https://github.com/Hacker5preme/Exploits/tree/main/Wordpress/CVE-2021-24946", + "url": "https://github.com/Hacker5preme/Exploits/tree/main/Wordpress/CVE-2021-24946" } ] }, diff --git a/2021/42xxx/CVE-2021-42631.json b/2021/42xxx/CVE-2021-42631.json index 9b22398a92c..070437b603d 100644 --- a/2021/42xxx/CVE-2021-42631.json +++ b/2021/42xxx/CVE-2021-42631.json @@ -1,17 +1,91 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-42631", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-42631", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "PrinterLogic Web Stack versions 19.1.1.13 SP9 and below deserializes attacker controlled leading to pre-auth remote code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://printerlogic.com", + "refsource": "MISC", + "name": "http://printerlogic.com" + }, + { + "refsource": "CONFIRM", + "name": "https://www.printerlogic.com/security-bulletin/", + "url": "https://www.printerlogic.com/security-bulletin/" + }, + { + "refsource": "MISC", + "name": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/", + "url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/" + }, + { + "refsource": "MISC", + "name": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite", + "url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite" + }, + { + "refsource": "MISC", + "name": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html", + "url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html" + }, + { + "refsource": "MISC", + "name": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints", + "url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints" + }, + { + "refsource": "MISC", + "name": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss&utm_medium=rss&utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite", + "url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss&utm_medium=rss&utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite" } ] } diff --git a/2021/42xxx/CVE-2021-42635.json b/2021/42xxx/CVE-2021-42635.json index dd4767cd5a5..b8bfb925c5b 100644 --- a/2021/42xxx/CVE-2021-42635.json +++ b/2021/42xxx/CVE-2021-42635.json @@ -1,17 +1,91 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-42635", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-42635", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use a hardcoded APP_KEY value, leading to pre-auth remote code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://printerlogic.com", + "refsource": "MISC", + "name": "http://printerlogic.com" + }, + { + "refsource": "CONFIRM", + "name": "https://www.printerlogic.com/security-bulletin/", + "url": "https://www.printerlogic.com/security-bulletin/" + }, + { + "refsource": "MISC", + "name": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/", + "url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/" + }, + { + "refsource": "MISC", + "name": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite", + "url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite" + }, + { + "refsource": "MISC", + "name": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html", + "url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html" + }, + { + "refsource": "MISC", + "name": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints", + "url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints" + }, + { + "refsource": "MISC", + "name": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss&utm_medium=rss&utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite", + "url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss&utm_medium=rss&utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite" } ] } diff --git a/2021/44xxx/CVE-2021-44114.json b/2021/44xxx/CVE-2021-44114.json index 67afaadba49..cfa2c0786ae 100644 --- a/2021/44xxx/CVE-2021-44114.json +++ b/2021/44xxx/CVE-2021-44114.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-44114", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-44114", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Stock Management System in PHP/OOP 1.0, which allows remote malicious users to execute arbitrary remote code execution via create user function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.sourcecodester.com/php/15023/stock-management-system-phpoop-source-code.html", + "refsource": "MISC", + "name": "https://www.sourcecodester.com/php/15023/stock-management-system-phpoop-source-code.html" + }, + { + "refsource": "MISC", + "name": "https://medium.com/@mayhem7999/cve-2021-44114-957145c1773", + "url": "https://medium.com/@mayhem7999/cve-2021-44114-957145c1773" } ] } diff --git a/2021/44xxx/CVE-2021-44593.json b/2021/44xxx/CVE-2021-44593.json index 425314416a5..e480e18e525 100644 --- a/2021/44xxx/CVE-2021-44593.json +++ b/2021/44xxx/CVE-2021-44593.json @@ -61,6 +61,16 @@ "refsource": "MISC", "name": "https://github.com/Mister-Joe/CVE-2021-44593", "url": "https://github.com/Mister-Joe/CVE-2021-44593" + }, + { + "refsource": "MISC", + "name": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44593", + "url": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44593" + }, + { + "refsource": "MISC", + "name": "https://www.nu11secur1ty.com/2022/01/cve-2021-44593.html", + "url": "https://www.nu11secur1ty.com/2022/01/cve-2021-44593.html" } ] } diff --git a/2022/0xxx/CVE-2022-0434.json b/2022/0xxx/CVE-2022-0434.json new file mode 100644 index 00000000000..7b2b6dea4d1 --- /dev/null +++ b/2022/0xxx/CVE-2022-0434.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-0434", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file