"-Synchronized-Data."

2025-08-04 08:44:25 +00:00 · 2023-01-05 12:00:43 +00:00 · 2023-01-05 12:00:43 +00:00 · 45f1589a73
commit 45f1589a73
parent 19f7323ad1
3 changed files with 381 additions and 0 deletions
--- a/2007/10xxx/CVE-2007-10001.json
+++ b/2007/10xxx/CVE-2007-10001.json
@ -0,0 +1,106 @@
+{
+    "data_version": "4.0",
+    "data_type": "CVE",
+    "data_format": "MITRE",
+    "CVE_data_meta": {
+        "ID": "CVE-2007-10001",
+        "ASSIGNER": "cna@vuldb.com",
+        "STATE": "PUBLIC"
+    },
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "A vulnerability classified as problematic has been found in web-cyradm. This affects an unknown part of the file search.php. The manipulation of the argument searchstring leads to sql injection. It is recommended to apply a patch to fix this issue. The identifier VDB-217449 was assigned to this vulnerability."
+            },
+            {
+                "lang": "deu",
+                "value": "Es wurde eine Schwachstelle in web-cyradm entdeckt. Sie wurde als problematisch eingestuft. Betroffen hiervon ist ein unbekannter Ablauf der Datei search.php. Dank Manipulation des Arguments searchstring mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "CWE-89 SQL Injection",
+                        "cweId": "CWE-89"
+                    }
+                ]
+            }
+        ]
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "n/a",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "web-cyradm",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a",
+                                            "version_affected": "="
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://vuldb.com/?id.217449",
+                "refsource": "MISC",
+                "name": "https://vuldb.com/?id.217449"
+            },
+            {
+                "url": "https://vuldb.com/?ctiid.217449",
+                "refsource": "MISC",
+                "name": "https://vuldb.com/?ctiid.217449"
+            },
+            {
+                "url": "https://github.com/web-cyradm/web-cyradm/commit/3e8f0717f133907bb6a09cb674b05c5f273da3e1",
+                "refsource": "MISC",
+                "name": "https://github.com/web-cyradm/web-cyradm/commit/3e8f0717f133907bb6a09cb674b05c5f273da3e1"
+            }
+        ]
+    },
+    "credits": [
+        {
+            "lang": "en",
+            "value": "VulDB GitHub Commit Analyzer"
+        }
+    ],
+    "impact": {
+        "cvss": [
+            {
+                "version": "3.1",
+                "baseScore": 3.5,
+                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
+                "baseSeverity": "LOW"
+            },
+            {
+                "version": "3.0",
+                "baseScore": 3.5,
+                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
+                "baseSeverity": "LOW"
+            },
+            {
+                "version": "2.0",
+                "baseScore": 2.7,
+                "vectorString": "AV:A/AC:L/Au:S/C:P/I:N/A:N",
+                "baseSeverity": "LOW"
+            }
+        ]
+    }
+}
--- a/2017/20xxx/CVE-2017-20162.json
+++ b/2017/20xxx/CVE-2017-20162.json
@ -0,0 +1,116 @@
+{
+    "data_version": "4.0",
+    "data_type": "CVE",
+    "data_format": "MITRE",
+    "CVE_data_meta": {
+        "ID": "CVE-2017-20162",
+        "ASSIGNER": "cna@vuldb.com",
+        "STATE": "PUBLIC"
+    },
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "A vulnerability, which was classified as problematic, has been found in vercel ms up to 1.x. This issue affects the function parse of the file index.js. The manipulation of the argument str leads to inefficient regular expression complexity. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.0.0 is able to address this issue. The name of the patch is caae2988ba2a37765d055c4eee63d383320ee662. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217451."
+            },
+            {
+                "lang": "deu",
+                "value": "Eine Schwachstelle wurde in vercel ms bis 1.x entdeckt. Sie wurde als problematisch eingestuft. Es geht hierbei um die Funktion parse der Datei index.js. Durch die Manipulation des Arguments str mit unbekannten Daten kann eine inefficient regular expression complexity-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Ein Aktualisieren auf die Version 2.0.0 vermag dieses Problem zu l\u00f6sen. Der Patch wird als caae2988ba2a37765d055c4eee63d383320ee662 bezeichnet. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "CWE-1333 Inefficient Regular Expression Complexity",
+                        "cweId": "CWE-1333"
+                    }
+                ]
+            }
+        ]
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "vercel",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "ms",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "1.x",
+                                            "version_affected": "="
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://vuldb.com/?id.217451",
+                "refsource": "MISC",
+                "name": "https://vuldb.com/?id.217451"
+            },
+            {
+                "url": "https://vuldb.com/?ctiid.217451",
+                "refsource": "MISC",
+                "name": "https://vuldb.com/?ctiid.217451"
+            },
+            {
+                "url": "https://github.com/vercel/ms/pull/89",
+                "refsource": "MISC",
+                "name": "https://github.com/vercel/ms/pull/89"
+            },
+            {
+                "url": "https://github.com/vercel/ms/commit/caae2988ba2a37765d055c4eee63d383320ee662",
+                "refsource": "MISC",
+                "name": "https://github.com/vercel/ms/commit/caae2988ba2a37765d055c4eee63d383320ee662"
+            },
+            {
+                "url": "https://github.com/vercel/ms/releases/tag/2.0.0",
+                "refsource": "MISC",
+                "name": "https://github.com/vercel/ms/releases/tag/2.0.0"
+            }
+        ]
+    },
+    "credits": [
+        {
+            "lang": "en",
+            "value": "VulDB GitHub Commit Analyzer"
+        }
+    ],
+    "impact": {
+        "cvss": [
+            {
+                "version": "3.1",
+                "baseScore": 4.3,
+                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
+                "baseSeverity": "MEDIUM"
+            },
+            {
+                "version": "3.0",
+                "baseScore": 4.3,
+                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
+                "baseSeverity": "MEDIUM"
+            },
+            {
+                "version": "2.0",
+                "baseScore": 3.5,
+                "vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P",
+                "baseSeverity": "LOW"
+            }
+        ]
+    }
+}
--- a/2020/36xxx/CVE-2020-36641.json
+++ b/2020/36xxx/CVE-2020-36641.json
@ -0,0 +1,159 @@
+{
+    "data_version": "4.0",
+    "data_type": "CVE",
+    "data_format": "MITRE",
+    "CVE_data_meta": {
+        "ID": "CVE-2020-36641",
+        "ASSIGNER": "cna@vuldb.com",
+        "STATE": "PUBLIC"
+    },
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "A vulnerability classified as problematic was found in gturri aXMLRPC up to 1.12.0. This vulnerability affects the function ResponseParser of the file src/main/java/de/timroes/axmlrpc/ResponseParser.java. The manipulation leads to xml external entity reference. Upgrading to version 1.12.1 is able to address this issue. The name of the patch is ad6615b3ec41353e614f6ea5fdd5b046442a832b. It is recommended to upgrade the affected component. VDB-217450 is the identifier assigned to this vulnerability."
+            },
+            {
+                "lang": "deu",
+                "value": "In gturri aXMLRPC bis 1.12.0 wurde eine Schwachstelle entdeckt. Sie wurde als problematisch eingestuft. Es geht um die Funktion ResponseParser der Datei src/main/java/de/timroes/axmlrpc/ResponseParser.java. Mit der Manipulation mit unbekannten Daten kann eine xml external entity reference-Schwachstelle ausgenutzt werden. Ein Aktualisieren auf die Version 1.12.1 vermag dieses Problem zu l\u00f6sen. Der Patch wird als ad6615b3ec41353e614f6ea5fdd5b046442a832b bezeichnet. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "CWE-611 XML External Entity Reference",
+                        "cweId": "CWE-611"
+                    }
+                ]
+            }
+        ]
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "gturri",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "aXMLRPC",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "1.0",
+                                            "version_affected": "="
+                                        },
+                                        {
+                                            "version_value": "1.1",
+                                            "version_affected": "="
+                                        },
+                                        {
+                                            "version_value": "1.2",
+                                            "version_affected": "="
+                                        },
+                                        {
+                                            "version_value": "1.3",
+                                            "version_affected": "="
+                                        },
+                                        {
+                                            "version_value": "1.4",
+                                            "version_affected": "="
+                                        },
+                                        {
+                                            "version_value": "1.5",
+                                            "version_affected": "="
+                                        },
+                                        {
+                                            "version_value": "1.6",
+                                            "version_affected": "="
+                                        },
+                                        {
+                                            "version_value": "1.7",
+                                            "version_affected": "="
+                                        },
+                                        {
+                                            "version_value": "1.8",
+                                            "version_affected": "="
+                                        },
+                                        {
+                                            "version_value": "1.9",
+                                            "version_affected": "="
+                                        },
+                                        {
+                                            "version_value": "1.10",
+                                            "version_affected": "="
+                                        },
+                                        {
+                                            "version_value": "1.11",
+                                            "version_affected": "="
+                                        },
+                                        {
+                                            "version_value": "1.12",
+                                            "version_affected": "="
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://vuldb.com/?id.217450",
+                "refsource": "MISC",
+                "name": "https://vuldb.com/?id.217450"
+            },
+            {
+                "url": "https://vuldb.com/?ctiid.217450",
+                "refsource": "MISC",
+                "name": "https://vuldb.com/?ctiid.217450"
+            },
+            {
+                "url": "https://github.com/gturri/aXMLRPC/commit/ad6615b3ec41353e614f6ea5fdd5b046442a832b",
+                "refsource": "MISC",
+                "name": "https://github.com/gturri/aXMLRPC/commit/ad6615b3ec41353e614f6ea5fdd5b046442a832b"
+            },
+            {
+                "url": "https://github.com/gturri/aXMLRPC/releases/tag/aXMLRPC-1.12.1",
+                "refsource": "MISC",
+                "name": "https://github.com/gturri/aXMLRPC/releases/tag/aXMLRPC-1.12.1"
+            }
+        ]
+    },
+    "credits": [
+        {
+            "lang": "en",
+            "value": "VulDB GitHub Commit Analyzer"
+        }
+    ],
+    "impact": {
+        "cvss": [
+            {
+                "version": "3.1",
+                "baseScore": 5.5,
+                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+                "baseSeverity": "MEDIUM"
+            },
+            {
+                "version": "3.0",
+                "baseScore": 5.5,
+                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+                "baseSeverity": "MEDIUM"
+            },
+            {
+                "version": "2.0",
+                "baseScore": 4.9,
+                "vectorString": "AV:A/AC:M/Au:S/C:P/I:P/A:P",
+                "baseSeverity": "MEDIUM"
+            }
+        ]
+    }
+}