admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-02-02 12:01:16 +00:00
parent f95b3e6465
commit 63398a74c1
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
9 changed files with 52 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
2020/26xxx/CVE-2020-26208.json
View File

@ -78,9 +78,9 @@
"references": {
"reference_data": [
{
"name": "https://github.com/F-ZhaoYang/jhead/security/advisories/GHSA-7pr6-xq4f-qhgc",
"refsource": "CONFIRM",
"url": "https://github.com/F-ZhaoYang/jhead/security/advisories/GHSA-7pr6-xq4f-qhgc"
"name": "https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/1900821",
"refsource": "MISC",
"url": "https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/1900821"
},
{
"name": "https://github.com/Matthias-Wandel/jhead/issues/7",
@ -93,9 +93,9 @@
"url": "https://github.com/F-ZhaoYang/jhead/commit/5186ddcf9e35a7aa0ff0539489a930434a1325f4"
},
{
"name": "https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/1900821",
"refsource": "MISC",
"url": "https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/1900821"
"name": "https://github.com/F-ZhaoYang/jhead/security/advisories/GHSA-7pr6-xq4f-qhgc",
"refsource": "CONFIRM",
"url": "https://github.com/F-ZhaoYang/jhead/security/advisories/GHSA-7pr6-xq4f-qhgc"
}
]
},

10
2021/36xxx/CVE-2021-36177.json
View File

@ -11,21 +11,21 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Fortinet",
"product": {
"product_data": [
{
"product_name": "Fortinet FortiAuthenticator",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "FortiAuthenticator 6.3.2 and below, 6.2.x, 6.1.x, 6.0.x"
"version_value": "n/a"
}
]
}
}
]
}
},
"vendor_name": "n/a"
}
]
}
@ -52,7 +52,7 @@
"description": [
{
"lang": "eng",
"value": "Improper access control"
"value": "n/a"
}
]
}

2
2021/36xxx/CVE-2021-36193.json
View File

@ -71,7 +71,7 @@
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows\u00a0in the command line interpreter of FortiWeb before 6.4.2 may allow an authenticated attacker to achieve arbitrary code execution via specially crafted commands."
"value": "Multiple stack-based buffer overflows in the command line interpreter of FortiWeb before 6.4.2 may allow an authenticated attacker to achieve arbitrary code execution via specially crafted commands."
}
]
}

10
2021/41xxx/CVE-2021-41016.json
View File

@ -11,21 +11,21 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Fortinet",
"product": {
"product_data": [
{
"product_name": "Fortinet FortiExtender",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "FortiExtender 7.0.1, 7.0.0, 5.3.2, 4.2.3, 4.2.2, 4.2.1, 4.2.0, 4.1.7, 4.1.6, 4.1.5, 4.1.4, 4.1.3, 4.1.2, 4.1.1, 4.0.2, 4.0.1, 4.0.0, 3.3.2, 3.3.1, 3.3.0, 3.2.3, 3.2.2, 3.2.1, 3.1.2, 3.1.1, 3.1.0, 3.0.2, 3.0.1, 3.0.0, 2.0.3, 2.0.2, 2.0.1, 2.0.0, 1.0.0, 0.4.10"
"version_value": "n/a"
}
]
}
}
]
}
},
"vendor_name": "n/a"
}
]
}
@ -52,7 +52,7 @@
"description": [
{
"lang": "eng",
"value": "Escalation of privilege"
"value": "n/a"
}
]
}

10
2021/42xxx/CVE-2021-42753.json
View File

@ -11,21 +11,21 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Fortinet",
"product": {
"product_data": [
{
"product_name": "Fortinet FortiWeb",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "FortiWeb 6.4.1 and below, 6.3.15 and below, 6.2.x, 6.1.x, 6.0.x, 5.9.x and 5.8.x"
"version_value": "n/a"
}
]
}
}
]
}
},
"vendor_name": "n/a"
}
]
}
@ -52,7 +52,7 @@
"description": [
{
"lang": "eng",
"value": "Execute unauthorized code or commands"
"value": "n/a"
}
]
}

10
2021/43xxx/CVE-2021-43062.json
View File

@ -11,21 +11,21 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Fortinet",
"product": {
"product_data": [
{
"product_name": "Fortinet FortiMail",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "FortiMail 7.0.1, 7.0.0, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.11, 6.0.10, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0"
"version_value": "n/a"
}
]
}
}
]
}
},
"vendor_name": "n/a"
}
]
}
@ -52,7 +52,7 @@
"description": [
{
"lang": "eng",
"value": "Execute unauthorized code or commands"
"value": "n/a"
}
]
}

10
2021/43xxx/CVE-2021-43073.json
View File

@ -11,21 +11,21 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Fortinet",
"product": {
"product_data": [
{
"product_name": "Fortinet FortiWeb",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "FortiWeb 6.4.1, 6.4.0, 6.3.15, 6.3.14, 6.3.13, 6.3.12, 6.3.11, 6.3.10, 6.3.9, 6.3.8, 6.3.7, 6.3.6, 6.3.5, 6.3.4, 6.3.3, 6.3.2, 6.3.1, 6.3.0, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0"
"version_value": "n/a"
}
]
}
}
]
}
},
"vendor_name": "n/a"
}
]
}
@ -52,7 +52,7 @@
"description": [
{
"lang": "eng",
"value": "Execute unauthorized code or commands"
"value": "n/a"
}
]
}

18
2022/0xxx/CVE-2022-0476.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-0476",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

4
2022/21xxx/CVE-2022-21724.json
View File

@ -38,7 +38,7 @@
"description_data": [
{
"lang": "eng",
"value": "pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in the jdbc driver for postgresql database while doing security research. The system using the postgresql library will be attacked when attacker control the jdbc url or properties. pgjdbc instantiates plugin instances based on class names provided via `authenticationPluginClassName`, `sslhostnameverifier`, `socketFactory`, `sslfactory`, `sslpasswordcallback` connection properties. However, the driver did not verify if the class implements the expected interface before instantiating the class. This can lead to remote code execution loaded via arbitrary classes. Users using plugins are advised to upgrade. There are no known workarounds for this issue."
"value": "pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in the jdbc driver for postgresql database while doing security research. The system using the postgresql library will be attacked when attacker control the jdbc url or properties. pgjdbc instantiates plugin instances based on class names provided via `authenticationPluginClassName`, `sslhostnameverifier`, `socketFactory`, `sslfactory`, `sslpasswordcallback` connection properties. However, the driver did not verify if the class implements the expected interface before instantiating the class. This can lead to remote code execution loaded via arbitrary classes. Users using plugins are advised to upgrade. There are no known workarounds for this issue."
}
]
},
@ -88,4 +88,4 @@
"advisory": "GHSA-v7wg-cpwc-24m4",
"discovery": "UNKNOWN"
}
}
}