diff --git a/2021/42xxx/CVE-2021-42700.json b/2021/42xxx/CVE-2021-42700.json index f826ebcd7a0..57c0f66accb 100644 --- a/2021/42xxx/CVE-2021-42700.json +++ b/2021/42xxx/CVE-2021-42700.json @@ -43,7 +43,7 @@ "description_data": [ { "lang": "eng", - "value": "Inkscape 0.19 is vulnerable to an out-of-bounds read, which may allow an attacker to have access to unauthorized information." + "value": "Inkscape 0.91 is vulnerable to an out-of-bounds read, which may allow an attacker to have access to unauthorized information." } ] }, @@ -84,6 +84,11 @@ "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-132-03", "refsource": "CONFIRM", "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-132-03" + }, + { + "name": "https://www.integraxor.com/scada-animation-graphic-editor-extension-inkscape/", + "refsource": "CONFIRM", + "url": "https://www.integraxor.com/scada-animation-graphic-editor-extension-inkscape/" } ] }, diff --git a/2021/42xxx/CVE-2021-42702.json b/2021/42xxx/CVE-2021-42702.json index d77aa2a2b2b..44f6e7cf782 100644 --- a/2021/42xxx/CVE-2021-42702.json +++ b/2021/42xxx/CVE-2021-42702.json @@ -43,7 +43,7 @@ "description_data": [ { "lang": "eng", - "value": "Inkscape version 0.19 can access an uninitialized pointer, which may allow an attacker to have access to unauthorized information." + "value": "Inkscape version 0.91 can access an uninitialized pointer, which may allow an attacker to have access to unauthorized information." } ] }, @@ -84,6 +84,11 @@ "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-132-03", "refsource": "CONFIRM", "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-132-03" + }, + { + "name": "https://www.integraxor.com/scada-animation-graphic-editor-extension-inkscape/", + "refsource": "CONFIRM", + "url": "https://www.integraxor.com/scada-animation-graphic-editor-extension-inkscape/" } ] }, diff --git a/2021/42xxx/CVE-2021-42704.json b/2021/42xxx/CVE-2021-42704.json index 68a888d70d1..8949160c5f7 100644 --- a/2021/42xxx/CVE-2021-42704.json +++ b/2021/42xxx/CVE-2021-42704.json @@ -43,7 +43,7 @@ "description_data": [ { "lang": "eng", - "value": "Inkscape version 0.19 is vulnerable to an out-of-bounds write, which may allow an attacker to arbitrary execute code." + "value": "Inkscape version 0.91 is vulnerable to an out-of-bounds write, which may allow an attacker to arbitrary execute code." } ] }, @@ -84,6 +84,11 @@ "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-132-03", "refsource": "CONFIRM", "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-132-03" + }, + { + "name": "https://www.integraxor.com/scada-animation-graphic-editor-extension-inkscape/", + "refsource": "CONFIRM", + "url": "https://www.integraxor.com/scada-animation-graphic-editor-extension-inkscape/" } ] }, diff --git a/2021/43xxx/CVE-2021-43566.json b/2021/43xxx/CVE-2021-43566.json index d713854a374..f25f607f086 100644 --- a/2021/43xxx/CVE-2021-43566.json +++ b/2021/43xxx/CVE-2021-43566.json @@ -52,16 +52,16 @@ }, "references": { "reference_data": [ - { - "url": "https://www.samba.org/samba/history/", - "refsource": "MISC", - "name": "https://www.samba.org/samba/history/" - }, { "url": "https://bugzilla.samba.org/show_bug.cgi?id=13979", "refsource": "MISC", "name": "https://bugzilla.samba.org/show_bug.cgi?id=13979" }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20220110-0001/", + "url": "https://security.netapp.com/advisory/ntap-20220110-0001/" + }, { "refsource": "MISC", "name": "https://www.samba.org/samba/security/CVE-2021-43566.html", diff --git a/2021/4xxx/CVE-2021-4014.json b/2021/4xxx/CVE-2021-4014.json index 3db01ee37b9..1d621f16ca2 100644 --- a/2021/4xxx/CVE-2021-4014.json +++ b/2021/4xxx/CVE-2021-4014.json @@ -5,13 +5,13 @@ "CVE_data_meta": { "ID": "CVE-2021-4014", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." } ] } diff --git a/2021/4xxx/CVE-2021-4202.json b/2021/4xxx/CVE-2021-4202.json index d0ef5d97ab8..b8c7bbe6774 100644 --- a/2021/4xxx/CVE-2021-4202.json +++ b/2021/4xxx/CVE-2021-4202.json @@ -68,6 +68,11 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20220513-0002/", "url": "https://security.netapp.com/advisory/ntap-20220513-0002/" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20220601 Re: CVE-2021-4204: Linux Kernel eBPF Improper Input Validation Vulnerability", + "url": "http://www.openwall.com/lists/oss-security/2022/06/01/2" } ] }, diff --git a/2022/1xxx/CVE-2022-1964.json b/2022/1xxx/CVE-2022-1964.json new file mode 100644 index 00000000000..afc33cb4aed --- /dev/null +++ b/2022/1xxx/CVE-2022-1964.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1964", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1965.json b/2022/1xxx/CVE-2022-1965.json new file mode 100644 index 00000000000..ccb6c758923 --- /dev/null +++ b/2022/1xxx/CVE-2022-1965.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1965", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1966.json b/2022/1xxx/CVE-2022-1966.json new file mode 100644 index 00000000000..bdca716a071 --- /dev/null +++ b/2022/1xxx/CVE-2022-1966.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1966", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1967.json b/2022/1xxx/CVE-2022-1967.json new file mode 100644 index 00000000000..178a22666ec --- /dev/null +++ b/2022/1xxx/CVE-2022-1967.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1967", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1968.json b/2022/1xxx/CVE-2022-1968.json new file mode 100644 index 00000000000..196f0fb11ca --- /dev/null +++ b/2022/1xxx/CVE-2022-1968.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1968", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1969.json b/2022/1xxx/CVE-2022-1969.json new file mode 100644 index 00000000000..b86de8490c0 --- /dev/null +++ b/2022/1xxx/CVE-2022-1969.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1969", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1970.json b/2022/1xxx/CVE-2022-1970.json new file mode 100644 index 00000000000..97bc949dcb3 --- /dev/null +++ b/2022/1xxx/CVE-2022-1970.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1970", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/23xxx/CVE-2022-23082.json b/2022/23xxx/CVE-2022-23082.json index 29138a12e94..cf43b663b46 100644 --- a/2022/23xxx/CVE-2022-23082.json +++ b/2022/23xxx/CVE-2022-23082.json @@ -47,7 +47,7 @@ "description_data": [ { "lang": "eng", - "value": "In CureKit versions v1.0.1 through v1.1.3 are vulnerable to path traversal as the function \u2018isFileOutsideDir\u2019 fails to sanitize the user input which may lead to path traversal." + "value": "In CureKit versions v1.0.1 through v1.1.3 are vulnerable to path traversal as the function isFileOutsideDir fails to sanitize the user input which may lead to path traversal." } ] }, diff --git a/2022/23xxx/CVE-2022-23222.json b/2022/23xxx/CVE-2022-23222.json index aca7e795903..43fd21e7bf0 100644 --- a/2022/23xxx/CVE-2022-23222.json +++ b/2022/23xxx/CVE-2022-23222.json @@ -86,6 +86,11 @@ "refsource": "FEDORA", "name": "FEDORA-2022-edbd74424e", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z5VTIZZUPC73IEJNZX66BY2YCBRZAELB/" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20220601 Re: Linux Kernel eBPF Improper Input Validation Vulnerability", + "url": "http://www.openwall.com/lists/oss-security/2022/06/01/1" } ] } diff --git a/2022/23xxx/CVE-2022-23236.json b/2022/23xxx/CVE-2022-23236.json index 2981b0bdd5f..b2177e7f205 100644 --- a/2022/23xxx/CVE-2022-23236.json +++ b/2022/23xxx/CVE-2022-23236.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-23236", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-alert@netapp.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "E-Series SANtricity OS Controller Software 11.x", + "version": { + "version_data": [ + { + "version_value": "11.40 through 11.70.2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://security.netapp.com/advisory/NTAP-20220527-0001/", + "url": "https://security.netapp.com/advisory/NTAP-20220527-0001/" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "E-Series SANtricity OS Controller Software versions 11.40 through 11.70.2 store the LDAP BIND password in plaintext within a file accessible only to privileged users." } ] } diff --git a/2022/23xxx/CVE-2022-23237.json b/2022/23xxx/CVE-2022-23237.json index 6d28039fc8d..2806f887458 100644 --- a/2022/23xxx/CVE-2022-23237.json +++ b/2022/23xxx/CVE-2022-23237.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-23237", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-alert@netapp.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "E-Series SANtricity OS Controller Software 11.x", + "version": { + "version_data": [ + { + "version_value": "11.x through 11.70.2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Host Header Injection" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://security.netapp.com/advisory/NTAP-20220527-0002/", + "url": "https://security.netapp.com/advisory/NTAP-20220527-0002/" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "E-Series SANtricity OS Controller Software 11.x versions through 11.70.2 are vulnerable to host header injection attacks that could allow an attacker to redirect users to malicious websites." } ] } diff --git a/2022/26xxx/CVE-2022-26971.json b/2022/26xxx/CVE-2022-26971.json index f710b4f9720..4d9de4d4435 100644 --- a/2022/26xxx/CVE-2022-26971.json +++ b/2022/26xxx/CVE-2022-26971.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-26971", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-26971", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism. This upload can be executed without authentication." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.barco.com/en/support/transform-n-management-server", + "refsource": "MISC", + "name": "https://www.barco.com/en/support/transform-n-management-server" + }, + { + "refsource": "MISC", + "name": "https://www.barco.com/en/support/knowledge-base/KB12681", + "url": "https://www.barco.com/en/support/knowledge-base/KB12681" } ] } diff --git a/2022/26xxx/CVE-2022-26972.json b/2022/26xxx/CVE-2022-26972.json index 2c19e2d06d5..e6f099b90ee 100644 --- a/2022/26xxx/CVE-2022-26972.json +++ b/2022/26xxx/CVE-2022-26972.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-26972", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-26972", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a URL /cgi-bin endpoint. The URL parameters are not correctly sanitized, leading to reflected XSS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.barco.com/en/support/transform-n-management-server", + "refsource": "MISC", + "name": "https://www.barco.com/en/support/transform-n-management-server" + }, + { + "refsource": "MISC", + "name": "https://www.barco.com/en/support/knowledge-base/KB12685", + "url": "https://www.barco.com/en/support/knowledge-base/KB12685" } ] } diff --git a/2022/26xxx/CVE-2022-26973.json b/2022/26xxx/CVE-2022-26973.json index dbb3787e107..00e43569523 100644 --- a/2022/26xxx/CVE-2022-26973.json +++ b/2022/26xxx/CVE-2022-26973.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-26973", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-26973", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism. By tweaking the license file name, the returned error message exposes internal directory path details." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.barco.com/en/support/transform-n-management-server", + "refsource": "MISC", + "name": "https://www.barco.com/en/support/transform-n-management-server" + }, + { + "refsource": "MISC", + "name": "https://www.barco.com/en/support/knowledge-base/KB12678", + "url": "https://www.barco.com/en/support/knowledge-base/KB12678" } ] } diff --git a/2022/26xxx/CVE-2022-26974.json b/2022/26xxx/CVE-2022-26974.json index f0bdf03eb37..5d853f9e6ce 100644 --- a/2022/26xxx/CVE-2022-26974.json +++ b/2022/26xxx/CVE-2022-26974.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-26974", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-26974", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a file upload mechanism. Lack of input sanitization in the upload mechanism leads to reflected XSS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.barco.com/en/support/transform-n-management-server", + "refsource": "MISC", + "name": "https://www.barco.com/en/support/transform-n-management-server" + }, + { + "refsource": "MISC", + "name": "https://www.barco.com/en/support/knowledge-base/KB12684", + "url": "https://www.barco.com/en/support/knowledge-base/KB12684" } ] } diff --git a/2022/26xxx/CVE-2022-26975.json b/2022/26xxx/CVE-2022-26975.json index cde4d0ba047..bec615d659a 100644 --- a/2022/26xxx/CVE-2022-26975.json +++ b/2022/26xxx/CVE-2022-26975.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-26975", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-26975", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing log files without authentication." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.barco.com/en/support/transform-n-management-server", + "refsource": "MISC", + "name": "https://www.barco.com/en/support/transform-n-management-server" + }, + { + "refsource": "MISC", + "name": "https://www.barco.com/en/support/knowledge-base/KB12677", + "url": "https://www.barco.com/en/support/knowledge-base/KB12677" } ] } diff --git a/2022/26xxx/CVE-2022-26976.json b/2022/26xxx/CVE-2022-26976.json index 09a7f4a8363..4003448bac3 100644 --- a/2022/26xxx/CVE-2022-26976.json +++ b/2022/26xxx/CVE-2022-26976.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-26976", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-26976", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism. Lack of input sanitization in the upload mechanism is leads to reflected XSS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.barco.com/en/support/transform-n-management-server", + "refsource": "MISC", + "name": "https://www.barco.com/en/support/transform-n-management-server" + }, + { + "refsource": "MISC", + "name": "https://www.barco.com/en/support/knowledge-base/KB12682", + "url": "https://www.barco.com/en/support/knowledge-base/KB12682" } ] } diff --git a/2022/26xxx/CVE-2022-26977.json b/2022/26xxx/CVE-2022-26977.json index d703a5cb298..426066f9b57 100644 --- a/2022/26xxx/CVE-2022-26977.json +++ b/2022/26xxx/CVE-2022-26977.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-26977", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-26977", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism. Lack of input sanitization of the upload mechanism is leads to stored XSS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.barco.com/en/support/transform-n-management-server", + "refsource": "MISC", + "name": "https://www.barco.com/en/support/transform-n-management-server" + }, + { + "refsource": "MISC", + "name": "https://www.barco.com/en/support/knowledge-base/KB12683", + "url": "https://www.barco.com/en/support/knowledge-base/KB12683" } ] } diff --git a/2022/26xxx/CVE-2022-26978.json b/2022/26xxx/CVE-2022-26978.json index 936bc0c6ab4..02ac6be32de 100644 --- a/2022/26xxx/CVE-2022-26978.json +++ b/2022/26xxx/CVE-2022-26978.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-26978", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-26978", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a URL /checklogin.jsp endpoint. The os_username parameters is not correctly sanitized, leading to reflected XSS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.barco.com/en/support/transform-n-management-server", + "refsource": "MISC", + "name": "https://www.barco.com/en/support/transform-n-management-server" + }, + { + "refsource": "MISC", + "name": "https://www.barco.com/en/support/knowledge-base/KB12686", + "url": "https://www.barco.com/en/support/knowledge-base/KB12686" } ] } diff --git a/2022/29xxx/CVE-2022-29234.json b/2022/29xxx/CVE-2022-29234.json index f52834acd69..768c7f132bd 100644 --- a/2022/29xxx/CVE-2022-29234.json +++ b/2022/29xxx/CVE-2022-29234.json @@ -72,16 +72,6 @@ }, "references": { "reference_data": [ - { - "name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-36vc-c338-6xjv", - "refsource": "CONFIRM", - "url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-36vc-c338-6xjv" - }, - { - "name": "https://github.com/bigbluebutton/bigbluebutton/pull/13850", - "refsource": "MISC", - "url": "https://github.com/bigbluebutton/bigbluebutton/pull/13850" - }, { "name": "https://github.com/bigbluebutton/bigbluebutton/pull/14265", "refsource": "MISC", @@ -92,6 +82,16 @@ "refsource": "MISC", "url": "https://github.com/bigbluebutton/bigbluebutton/releases/tag/v2.3.18" }, + { + "name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-36vc-c338-6xjv", + "refsource": "CONFIRM", + "url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-36vc-c338-6xjv" + }, + { + "name": "https://github.com/bigbluebutton/bigbluebutton/pull/13850", + "refsource": "MISC", + "url": "https://github.com/bigbluebutton/bigbluebutton/pull/13850" + }, { "name": "https://github.com/bigbluebutton/bigbluebutton/releases/tag/v2.4.1", "refsource": "MISC", diff --git a/2022/29xxx/CVE-2022-29235.json b/2022/29xxx/CVE-2022-29235.json index f0ad6d0ea3c..17b43831bf9 100644 --- a/2022/29xxx/CVE-2022-29235.json +++ b/2022/29xxx/CVE-2022-29235.json @@ -72,16 +72,6 @@ }, "references": { "reference_data": [ - { - "name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-x82p-j22f-v4q6", - "refsource": "CONFIRM", - "url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-x82p-j22f-v4q6" - }, - { - "name": "https://github.com/bigbluebutton/bigbluebutton/pull/13788", - "refsource": "MISC", - "url": "https://github.com/bigbluebutton/bigbluebutton/pull/13788" - }, { "name": "https://github.com/bigbluebutton/bigbluebutton/pull/14265", "refsource": "MISC", @@ -96,6 +86,16 @@ "name": "https://github.com/bigbluebutton/bigbluebutton/releases/tag/v2.4-rc-6", "refsource": "MISC", "url": "https://github.com/bigbluebutton/bigbluebutton/releases/tag/v2.4-rc-6" + }, + { + "name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-x82p-j22f-v4q6", + "refsource": "CONFIRM", + "url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-x82p-j22f-v4q6" + }, + { + "name": "https://github.com/bigbluebutton/bigbluebutton/pull/13788", + "refsource": "MISC", + "url": "https://github.com/bigbluebutton/bigbluebutton/pull/13788" } ] }, diff --git a/2022/29xxx/CVE-2022-29236.json b/2022/29xxx/CVE-2022-29236.json index ba906e3622d..987d25c4126 100644 --- a/2022/29xxx/CVE-2022-29236.json +++ b/2022/29xxx/CVE-2022-29236.json @@ -72,16 +72,6 @@ }, "references": { "reference_data": [ - { - "name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-p93g-r9gm-9v6r", - "refsource": "CONFIRM", - "url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-p93g-r9gm-9v6r" - }, - { - "name": "https://github.com/bigbluebutton/bigbluebutton/pull/13803", - "refsource": "MISC", - "url": "https://github.com/bigbluebutton/bigbluebutton/pull/13803" - }, { "name": "https://github.com/bigbluebutton/bigbluebutton/pull/14265", "refsource": "MISC", @@ -92,6 +82,16 @@ "refsource": "MISC", "url": "https://github.com/bigbluebutton/bigbluebutton/releases/tag/v2.3.18" }, + { + "name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-p93g-r9gm-9v6r", + "refsource": "CONFIRM", + "url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-p93g-r9gm-9v6r" + }, + { + "name": "https://github.com/bigbluebutton/bigbluebutton/pull/13803", + "refsource": "MISC", + "url": "https://github.com/bigbluebutton/bigbluebutton/pull/13803" + }, { "name": "https://github.com/bigbluebutton/bigbluebutton/releases/tag/v2.4-rc-6", "refsource": "MISC", diff --git a/2022/29xxx/CVE-2022-29622.json b/2022/29xxx/CVE-2022-29622.json index 6bff8f1b732..846f5f0b2aa 100644 --- a/2022/29xxx/CVE-2022-29622.json +++ b/2022/29xxx/CVE-2022-29622.json @@ -66,6 +66,11 @@ "refsource": "MISC", "name": "https://github.com/node-formidable/formidable/issues/862", "url": "https://github.com/node-formidable/formidable/issues/862" + }, + { + "refsource": "MISC", + "name": "https://medium.com/@zsolt.imre/is-cybersecurity-the-next-supply-chain-vulnerability-9a00de745022", + "url": "https://medium.com/@zsolt.imre/is-cybersecurity-the-next-supply-chain-vulnerability-9a00de745022" } ] } diff --git a/2022/29xxx/CVE-2022-29776.json b/2022/29xxx/CVE-2022-29776.json index fb78ecac564..af8a43d25cb 100644 --- a/2022/29xxx/CVE-2022-29776.json +++ b/2022/29xxx/CVE-2022-29776.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-29776", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-29776", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Onlyoffice Document Server v6.0.0 and below and Core 6.1.0.26 and below were discovered to contain a stack overflow via the component DesktopEditor/common/File.cpp." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/ONLYOFFICE/DocumentServer/blob/master/CHANGELOG.md#601", + "refsource": "MISC", + "name": "https://github.com/ONLYOFFICE/DocumentServer/blob/master/CHANGELOG.md#601" + }, + { + "url": "https://github.com/ONLYOFFICE/core/commit/88cf60a3ed4a2b40d71a1c2ced72fa3902a30967", + "refsource": "MISC", + "name": "https://github.com/ONLYOFFICE/core/commit/88cf60a3ed4a2b40d71a1c2ced72fa3902a30967" } ] } diff --git a/2022/29xxx/CVE-2022-29777.json b/2022/29xxx/CVE-2022-29777.json index 2f49f403a9e..3d50822e95d 100644 --- a/2022/29xxx/CVE-2022-29777.json +++ b/2022/29xxx/CVE-2022-29777.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-29777", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-29777", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Onlyoffice Document Server v6.0.0 and below and Core 6.1.0.26 and below were discovered to contain a heap overflow via the component DesktopEditor/fontengine/fontconverter/FontFileBase.h." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/ONLYOFFICE/DocumentServer/blob/master/CHANGELOG.md#601", + "refsource": "MISC", + "name": "https://github.com/ONLYOFFICE/DocumentServer/blob/master/CHANGELOG.md#601" + }, + { + "url": "https://github.com/ONLYOFFICE/core/commit/b17d5e860f30e8be2caeb0022b63be4c76660178", + "refsource": "MISC", + "name": "https://github.com/ONLYOFFICE/core/commit/b17d5e860f30e8be2caeb0022b63be4c76660178" } ] } diff --git a/2022/29xxx/CVE-2022-29875.json b/2022/29xxx/CVE-2022-29875.json index cc39f9b0210..744b7518cf9 100644 --- a/2022/29xxx/CVE-2022-29875.json +++ b/2022/29xxx/CVE-2022-29875.json @@ -273,9 +273,10 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://www.siemens-healthineers.com/support-documentation/cybersecurity/shsa-455016" + "refsource": "MISC", + "url": "https://www.siemens-healthineers.com/support-documentation/cybersecurity/shsa-455016", + "name": "https://www.siemens-healthineers.com/support-documentation/cybersecurity/shsa-455016" } ] } -} +} \ No newline at end of file diff --git a/2022/30xxx/CVE-2022-30293.json b/2022/30xxx/CVE-2022-30293.json index 3dcdcda2ec7..9c3cfab4e9d 100644 --- a/2022/30xxx/CVE-2022-30293.json +++ b/2022/30xxx/CVE-2022-30293.json @@ -66,6 +66,16 @@ "refsource": "MLIST", "name": "[oss-security] 20220530 WebKitGTK and WPE WebKit Security Advisory WSA-2022-0005", "url": "http://www.openwall.com/lists/oss-security/2022/05/30/1" + }, + { + "refsource": "DEBIAN", + "name": "DSA-5154", + "url": "https://www.debian.org/security/2022/dsa-5154" + }, + { + "refsource": "DEBIAN", + "name": "DSA-5155", + "url": "https://www.debian.org/security/2022/dsa-5155" } ] } diff --git a/2022/30xxx/CVE-2022-30294.json b/2022/30xxx/CVE-2022-30294.json index d3e11aa3b14..7aadfa46895 100644 --- a/2022/30xxx/CVE-2022-30294.json +++ b/2022/30xxx/CVE-2022-30294.json @@ -66,6 +66,16 @@ "refsource": "MLIST", "name": "[oss-security] 20220530 WebKitGTK and WPE WebKit Security Advisory WSA-2022-0005", "url": "http://www.openwall.com/lists/oss-security/2022/05/30/1" + }, + { + "refsource": "DEBIAN", + "name": "DSA-5154", + "url": "https://www.debian.org/security/2022/dsa-5154" + }, + { + "refsource": "DEBIAN", + "name": "DSA-5155", + "url": "https://www.debian.org/security/2022/dsa-5155" } ] } diff --git a/2022/31xxx/CVE-2022-31339.json b/2022/31xxx/CVE-2022-31339.json index 8f10d22b2c2..1b3071eef73 100644 --- a/2022/31xxx/CVE-2022-31339.json +++ b/2022/31xxx/CVE-2022-31339.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31339", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31339", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Simple Inventory System v1.0 is vulnerable to SQL Injection via /inventory/login.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/k0xx11/bug_report/blob/main/vendors/argie/simple-inventory-system/SQLi-1.md", + "url": "https://github.com/k0xx11/bug_report/blob/main/vendors/argie/simple-inventory-system/SQLi-1.md" } ] } diff --git a/2022/31xxx/CVE-2022-31340.json b/2022/31xxx/CVE-2022-31340.json index 5e326e430e7..c328bea4216 100644 --- a/2022/31xxx/CVE-2022-31340.json +++ b/2022/31xxx/CVE-2022-31340.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31340", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31340", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Simple Inventory System v1.0 is vulnerable to SQL Injection via /inventory/table_edit_ajax.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/k0xx11/bug_report/blob/main/vendors/argie/simple-inventory-system/SQLi-2.md", + "url": "https://github.com/k0xx11/bug_report/blob/main/vendors/argie/simple-inventory-system/SQLi-2.md" } ] } diff --git a/2022/31xxx/CVE-2022-31342.json b/2022/31xxx/CVE-2022-31342.json index aa7df026084..816cb7c1753 100644 --- a/2022/31xxx/CVE-2022-31342.json +++ b/2022/31xxx/CVE-2022-31342.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31342", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31342", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Online Car Wash Booking System v1.0 is vulnerable to Delete any file via /ocwbs/classes/Master.php?f=delete_img." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/online-car-wash-booking-system/delete-file-1.md", + "url": "https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/online-car-wash-booking-system/delete-file-1.md" } ] } diff --git a/2022/31xxx/CVE-2022-31343.json b/2022/31xxx/CVE-2022-31343.json index 9d782c862ba..c79c60b46cb 100644 --- a/2022/31xxx/CVE-2022-31343.json +++ b/2022/31xxx/CVE-2022-31343.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31343", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31343", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/admin/?page=bookings/view_details&id=." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/online-car-wash-booking-system/SQLi-1.md", + "url": "https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/online-car-wash-booking-system/SQLi-1.md" } ] } diff --git a/2022/31xxx/CVE-2022-31344.json b/2022/31xxx/CVE-2022-31344.json index 0928480e2a2..f9b8d57d3f4 100644 --- a/2022/31xxx/CVE-2022-31344.json +++ b/2022/31xxx/CVE-2022-31344.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31344", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31344", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/classes/Master.php?f=delete_booking." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/online-car-wash-booking-system/SQLi-3.md", + "url": "https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/online-car-wash-booking-system/SQLi-3.md" } ] } diff --git a/2022/31xxx/CVE-2022-31345.json b/2022/31xxx/CVE-2022-31345.json index 88380a74992..ad194c0036d 100644 --- a/2022/31xxx/CVE-2022-31345.json +++ b/2022/31xxx/CVE-2022-31345.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31345", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31345", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/admin/?page=user/manage_user&id=." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/online-car-wash-booking-system/SQLi-2.md", + "url": "https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/online-car-wash-booking-system/SQLi-2.md" } ] } diff --git a/2022/31xxx/CVE-2022-31346.json b/2022/31xxx/CVE-2022-31346.json index dfdb640320c..dbf76aa98cb 100644 --- a/2022/31xxx/CVE-2022-31346.json +++ b/2022/31xxx/CVE-2022-31346.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31346", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31346", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/classes/Master.php?f=delete_service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/online-car-wash-booking-system/SQLi-5.md", + "url": "https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/online-car-wash-booking-system/SQLi-5.md" } ] } diff --git a/2022/31xxx/CVE-2022-31347.json b/2022/31xxx/CVE-2022-31347.json index f5761d6d5d9..152759fcb5f 100644 --- a/2022/31xxx/CVE-2022-31347.json +++ b/2022/31xxx/CVE-2022-31347.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31347", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31347", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/classes/Master.php?f=delete_vehicle." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/online-car-wash-booking-system/SQLi-4.md", + "url": "https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/online-car-wash-booking-system/SQLi-4.md" } ] } diff --git a/2022/31xxx/CVE-2022-31348.json b/2022/31xxx/CVE-2022-31348.json index 240ba0bf2a7..85f3cf2f443 100644 --- a/2022/31xxx/CVE-2022-31348.json +++ b/2022/31xxx/CVE-2022-31348.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31348", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31348", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/admin/bookings/update_status.php?id=." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/online-car-wash-booking-system/SQLi-6.md", + "url": "https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/online-car-wash-booking-system/SQLi-6.md" } ] }