From 4fce3d32b927576ef7f667794ed24e5e1b6bf898 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 14 Feb 2022 21:01:21 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2019/25xxx/CVE-2019-25057.json | 62 ++++++++++++++++++++++++++++++++++ 2021/45xxx/CVE-2021-45310.json | 56 ++++++++++++++++++++++++++---- 2022/22xxx/CVE-2022-22295.json | 56 ++++++++++++++++++++++++++---- 2022/23xxx/CVE-2022-23335.json | 56 ++++++++++++++++++++++++++---- 2022/23xxx/CVE-2022-23336.json | 56 ++++++++++++++++++++++++++---- 2022/23xxx/CVE-2022-23337.json | 56 ++++++++++++++++++++++++++---- 2022/23xxx/CVE-2022-23389.json | 56 ++++++++++++++++++++++++++---- 2022/23xxx/CVE-2022-23390.json | 56 ++++++++++++++++++++++++++---- 2022/23xxx/CVE-2022-23391.json | 56 ++++++++++++++++++++++++++---- 2022/23xxx/CVE-2022-23902.json | 56 ++++++++++++++++++++++++++---- 2022/24xxx/CVE-2022-24206.json | 56 ++++++++++++++++++++++++++---- 2022/25xxx/CVE-2022-25154.json | 18 ++++++++++ 12 files changed, 580 insertions(+), 60 deletions(-) create mode 100644 2019/25xxx/CVE-2019-25057.json create mode 100644 2022/25xxx/CVE-2022-25154.json diff --git a/2019/25xxx/CVE-2019-25057.json b/2019/25xxx/CVE-2019-25057.json new file mode 100644 index 00000000000..577e8f866a1 --- /dev/null +++ b/2019/25xxx/CVE-2019-25057.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-25057", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Corda before 4.1, the meaning of serialized data can be modified via an attacker-controlled CustomSerializer." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://docs.r3.com/en/platform/corda/4.1/open-source/release-notes.html", + "refsource": "MISC", + "name": "https://docs.r3.com/en/platform/corda/4.1/open-source/release-notes.html" + } + ] + } +} \ No newline at end of file diff --git a/2021/45xxx/CVE-2021-45310.json b/2021/45xxx/CVE-2021-45310.json index 5e5884d6c0b..35e6178e64f 100644 --- a/2021/45xxx/CVE-2021-45310.json +++ b/2021/45xxx/CVE-2021-45310.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-45310", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-45310", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Sangoma Technologies Corporation Switchvox Version 102409 is affected by an information disclosure vulnerability due to an improper access restriction. Users information such as first name, last name, acount id, server uuid, email address, profile image, number, timestamps, etc can be extracted by sending an unauthenticated HTTP GET request to the https://Switchvox-IP/main?cmd=invalid_browser." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/IthacaLabs/Sangoma/tree/main/Switchvox_Version%20102409", + "refsource": "MISC", + "name": "https://github.com/IthacaLabs/Sangoma/tree/main/Switchvox_Version%20102409" } ] } diff --git a/2022/22xxx/CVE-2022-22295.json b/2022/22xxx/CVE-2022-22295.json index ea829bc5606..c99987f92d6 100644 --- a/2022/22xxx/CVE-2022-22295.json +++ b/2022/22xxx/CVE-2022-22295.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-22295", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-22295", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Metinfo v7.5.0 was discovered to contain a SQL injection vulnerability in parameter_admin.class.php via the table_para parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://note.youdao.com/noteshare?id=2bbcb3b4a5cd232f7a0ad47aa70f0f95&sub=1BC1FED9D3274995B3489DB645AA630B", + "refsource": "MISC", + "name": "http://note.youdao.com/noteshare?id=2bbcb3b4a5cd232f7a0ad47aa70f0f95&sub=1BC1FED9D3274995B3489DB645AA630B" } ] } diff --git a/2022/23xxx/CVE-2022-23335.json b/2022/23xxx/CVE-2022-23335.json index d310d2e915a..59c1c5215e5 100644 --- a/2022/23xxx/CVE-2022-23335.json +++ b/2022/23xxx/CVE-2022-23335.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-23335", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-23335", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Metinfo v7.5.0 was discovered to contain a SQL injection vulnerability in language_general.class.php via doModifyParameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://note.youdao.com/noteshare?id=3009926ba5c401a766901ded26c1df63", + "refsource": "MISC", + "name": "http://note.youdao.com/noteshare?id=3009926ba5c401a766901ded26c1df63" } ] } diff --git a/2022/23xxx/CVE-2022-23336.json b/2022/23xxx/CVE-2022-23336.json index 296cb1c4ab9..cee91167b5f 100644 --- a/2022/23xxx/CVE-2022-23336.json +++ b/2022/23xxx/CVE-2022-23336.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-23336", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-23336", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "S-CMS v5.0 was discovered to contain a SQL injection vulnerability in member_pay.php via the O_id parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://note.youdao.com/noteshare?id=30c7cdeac5c7611fdf64379eb4569269", + "refsource": "MISC", + "name": "http://note.youdao.com/noteshare?id=30c7cdeac5c7611fdf64379eb4569269" } ] } diff --git a/2022/23xxx/CVE-2022-23337.json b/2022/23xxx/CVE-2022-23337.json index 78441b4e28f..5d1e0100054 100644 --- a/2022/23xxx/CVE-2022-23337.json +++ b/2022/23xxx/CVE-2022-23337.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-23337", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-23337", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "DedeCMS v5.7.87 was discovered to contain a SQL injection vulnerability in article_coonepage_rule.php via the ids parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://note.youdao.com/noteshare?id=608f19009c8bd1ace5f1a59c1ddd657b", + "refsource": "MISC", + "name": "http://note.youdao.com/noteshare?id=608f19009c8bd1ace5f1a59c1ddd657b" } ] } diff --git a/2022/23xxx/CVE-2022-23389.json b/2022/23xxx/CVE-2022-23389.json index 642fb6eb253..18b753907ed 100644 --- a/2022/23xxx/CVE-2022-23389.json +++ b/2022/23xxx/CVE-2022-23389.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-23389", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-23389", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "PublicCMS v4.0 was discovered to contain a remote code execution (RCE) vulnerability via the cmdarray parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/sanluan/PublicCMS/issues/59", + "refsource": "MISC", + "name": "https://github.com/sanluan/PublicCMS/issues/59" } ] } diff --git a/2022/23xxx/CVE-2022-23390.json b/2022/23xxx/CVE-2022-23390.json index b7cba9a2a71..ee4aaf42622 100644 --- a/2022/23xxx/CVE-2022-23390.json +++ b/2022/23xxx/CVE-2022-23390.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-23390", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-23390", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue in the getType function of BBS Forum v5.3 and below allows attackers to upload arbitrary files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/diyhi/bbs/issues/51", + "refsource": "MISC", + "name": "https://github.com/diyhi/bbs/issues/51" } ] } diff --git a/2022/23xxx/CVE-2022-23391.json b/2022/23xxx/CVE-2022-23391.json index 08cb6e407da..e8c99dacc37 100644 --- a/2022/23xxx/CVE-2022-23391.json +++ b/2022/23xxx/CVE-2022-23391.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-23391", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-23391", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A cross-site scripting (XSS) vulnerability in Pybbs v6.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the Search box." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/tomoya92/pybbs/issues/171", + "refsource": "MISC", + "name": "https://github.com/tomoya92/pybbs/issues/171" } ] } diff --git a/2022/23xxx/CVE-2022-23902.json b/2022/23xxx/CVE-2022-23902.json index ad3a7aa447c..69dccb0e19c 100644 --- a/2022/23xxx/CVE-2022-23902.json +++ b/2022/23xxx/CVE-2022-23902.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-23902", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-23902", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in export_data.php via the d_name parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://note.youdao.com/noteshare?id=7b52ec937a029a1b2c7f994d4b174583", + "refsource": "MISC", + "name": "http://note.youdao.com/noteshare?id=7b52ec937a029a1b2c7f994d4b174583" } ] } diff --git a/2022/24xxx/CVE-2022-24206.json b/2022/24xxx/CVE-2022-24206.json index 99187b2f436..0aabf715f2e 100644 --- a/2022/24xxx/CVE-2022-24206.json +++ b/2022/24xxx/CVE-2022-24206.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-24206", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-24206", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in /mobile_seal/get_seal.php via the DEVICE_LIST parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://note.youdao.com/noteshare?id=87fd3a0b18abf28fccd690e97c7ea3c6", + "refsource": "MISC", + "name": "http://note.youdao.com/noteshare?id=87fd3a0b18abf28fccd690e97c7ea3c6" } ] } diff --git a/2022/25xxx/CVE-2022-25154.json b/2022/25xxx/CVE-2022-25154.json new file mode 100644 index 00000000000..526b640d69b --- /dev/null +++ b/2022/25xxx/CVE-2022-25154.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-25154", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file