admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 02:32:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-03-01 02:01:21 +00:00
parent eeaf5c0704
commit 66694df0c3
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
11 changed files with 456 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
2020/12xxx/CVE-2020-12775.json
View File

@ -82,12 +82,14 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.twcert.org.tw/tw/cp-132-5695-421a7-1.html"
"refsource": "MISC",
"url": "https://www.twcert.org.tw/tw/cp-132-5695-421a7-1.html",
"name": "https://www.twcert.org.tw/tw/cp-132-5695-421a7-1.html"
},
{
"refsource": "CONFIRM",
"url": "https://moica.nat.gov.tw/rac_plugin.html"
"refsource": "MISC",
"url": "https://moica.nat.gov.tw/rac_plugin.html",
"name": "https://moica.nat.gov.tw/rac_plugin.html"
}
]
},

61
2021/42xxx/CVE-2021-42767.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-42767",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-42767",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A directory traversal vulnerability in the Apoc plugins in Neo4J Graph database 4.0.0 through 4.3.6 allows attackers to read local files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://neo4j.com",
"refsource": "MISC",
"name": "https://neo4j.com"
},
{
"refsource": "MISC",
"name": "https://github.com/neo4j-contrib/neo4j-apoc-procedures/security/advisories/GHSA-4mpj-488r-vh6m",
"url": "https://github.com/neo4j-contrib/neo4j-apoc-procedures/security/advisories/GHSA-4mpj-488r-vh6m"
}
]
}

61
2021/42xxx/CVE-2021-42951.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-42951",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-42951",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Remote Code Execution (RCE) vulnerability exists in Algorithmia MSOL all versions before October 10 2021 of SaaS. Users can register for an account and are allocated a set number of credits to try the product. Once users authenticate, they can proceed to create a new, specially crafted Algorithm and subsequently launch remote code execution with their desired result."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://algorithmia.com",
"refsource": "MISC",
"name": "http://algorithmia.com"
},
{
"refsource": "MISC",
"name": "https://seclists.org/fulldisclosure/2022/Feb/33",
"url": "https://seclists.org/fulldisclosure/2022/Feb/33"
}
]
}

66
2021/44xxx/CVE-2021-44961.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-44961",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-44961",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A memory leakage flaw exists in the class PerimeterGenerator of Slic3r libslic3r 1.3.0 and Master Commit b1a5500. A Specially crafAn out-of-bounds read vulnerability exists in the GCode::extrude() functionality of Slic3r libslic3r 1.3.0 and Master Commit b1a5500. A specially crafted stl file could lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability.ted stl files can exhaust available memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://libslic3r.com",
"refsource": "MISC",
"name": "http://libslic3r.com"
},
{
"url": "http://slic3r.com",
"refsource": "MISC",
"name": "http://slic3r.com"
},
{
"refsource": "MISC",
"name": "https://hackmd.io/nDT_UKLyRQendxDwil9A4w",
"url": "https://hackmd.io/nDT_UKLyRQendxDwil9A4w"
}
]
}

66
2021/44xxx/CVE-2021-44962.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-44962",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-44962",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An out-of-bounds read vulnerability exists in the GCode::extrude() functionality of Slic3r libslic3r 1.3.0 and Master Commit b1a5500. A specially crafted stl file could lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://libslic3r.com",
"refsource": "MISC",
"name": "http://libslic3r.com"
},
{
"url": "http://slic3r.com",
"refsource": "MISC",
"name": "http://slic3r.com"
},
{
"refsource": "MISC",
"name": "https://hackmd.io/KSI1bwGfSyO7T8UCf0HeTw",
"url": "https://hackmd.io/KSI1bwGfSyO7T8UCf0HeTw"
}
]
}

5
2022/0xxx/CVE-2022-0557.json
View File

@ -84,6 +84,11 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/166077/Microweber-1.2.11-Shell-Upload.html",
"url": "http://packetstormsecurity.com/files/166077/Microweber-1.2.11-Shell-Upload.html"
},
{
"refsource": "MISC",
"name": "https://www.exploit-db.com/exploits/50768",
"url": "https://www.exploit-db.com/exploits/50768"
}
]
},

9
2022/22xxx/CVE-2022-22262.json
View File

@ -5,7 +5,7 @@
"DATE_PUBLIC": "2022-01-31T01:24:00.000Z",
"ID": "CVE-2022-22262",
"STATE": "PUBLIC",
"TITLE": "ASUS Armoury Crate & Aura Creator InstallerROG Live Service - Improper Link Resolution Before File Access"
"TITLE": "ASUS Armoury Crate & Aura Creator Installer\u4e4bROG Live Service - Improper Link Resolution Before File Access"
},
"affects": {
"vendor": {
@ -38,7 +38,7 @@
"description_data": [
{
"lang": "eng",
"value": "ROG Live Services function for deleting temp files created by installation has an improper link resolution before file access vulnerability. Since this function does not validate the path before deletion, an unauthenticated local attacker can create an unexpected symbolic link to system file path, to delete arbitrary system files and disrupt system service."
"value": "ROG Live Service\u2019s function for deleting temp files created by installation has an improper link resolution before file access vulnerability. Since this function does not validate the path before deletion, an unauthenticated local attacker can create an unexpected symbolic link to system file path, to delete arbitrary system files and disrupt system service."
}
]
},
@ -76,8 +76,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.twcert.org.tw/tw/cp-132-5693-f108f-1.html"
"refsource": "MISC",
"url": "https://www.twcert.org.tw/tw/cp-132-5693-f108f-1.html",
"name": "https://www.twcert.org.tw/tw/cp-132-5693-f108f-1.html"
}
]
},

71
2022/25xxx/CVE-2022-25018.json
View File

@ -1,17 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-25018",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-25018",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Pluxml v5.8.7 was discovered to allow attackers to execute arbitrary code via crafted PHP code inserted into static pages."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://pluxml.com",
"refsource": "MISC",
"name": "http://pluxml.com"
},
{
"url": "https://github.com/pluxml/PluXml",
"refsource": "MISC",
"name": "https://github.com/pluxml/PluXml"
},
{
"url": "https://youtu.be/Gbe2UNCB0tY",
"refsource": "MISC",
"name": "https://youtu.be/Gbe2UNCB0tY"
},
{
"refsource": "MISC",
"name": "https://github.com/MoritzHuppert/CVE-2022-25018/blob/main/CVE-2022-25018.pdf",
"url": "https://github.com/MoritzHuppert/CVE-2022-25018/blob/main/CVE-2022-25018.pdf"
}
]
}

71
2022/25xxx/CVE-2022-25020.json
View File

@ -1,17 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-25020",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-25020",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A cross-site scripting (XSS) vulnerability in Pluxml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the thumbnail path of a blog post."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://pluxml.com",
"refsource": "MISC",
"name": "http://pluxml.com"
},
{
"url": "https://www.cvedetails.com/cve/CVE-2021-38602/",
"refsource": "MISC",
"name": "https://www.cvedetails.com/cve/CVE-2021-38602/"
},
{
"url": "https://youtu.be/TsGp-QB5XWI",
"refsource": "MISC",
"name": "https://youtu.be/TsGp-QB5XWI"
},
{
"refsource": "MISC",
"name": "https://github.com/MoritzHuppert/CVE-2022-25020/blob/main/CVE-2022-25020.pdf",
"url": "https://github.com/MoritzHuppert/CVE-2022-25020/blob/main/CVE-2022-25020.pdf"
}
]
}

76
2022/25xxx/CVE-2022-25022.json
View File

@ -1,17 +1,81 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-25022",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-25022",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A cross-site scripting (XSS) vulnerability in Htmly v2.8.1 allows attackers to excute arbitrary web scripts HTML via a crafted payload in the content field of a blog post."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://danpros.com",
"refsource": "MISC",
"name": "http://danpros.com"
},
{
"url": "http://htmly.com",
"refsource": "MISC",
"name": "http://htmly.com"
},
{
"url": "https://www.cvedetails.com/cve/CVE-2021-36703/",
"refsource": "MISC",
"name": "https://www.cvedetails.com/cve/CVE-2021-36703/"
},
{
"url": "https://youtu.be/acookTqf3Nc",
"refsource": "MISC",
"name": "https://youtu.be/acookTqf3Nc"
},
{
"refsource": "MISC",
"name": "https://github.com/MoritzHuppert/CVE-2022-25022/blob/main/CVE-2022-25022.pdf",
"url": "https://github.com/MoritzHuppert/CVE-2022-25022/blob/main/CVE-2022-25022.pdf"
}
]
}

10
2022/25xxx/CVE-2022-25096.json
View File

@ -56,6 +56,16 @@
"url": "https://www.exploit-db.com/exploits/50732",
"refsource": "MISC",
"name": "https://www.exploit-db.com/exploits/50732"
},
{
"refsource": "MISC",
"name": "https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Home-Owners-Collection-Management",
"url": "https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Home-Owners-Collection-Management"
},
{
"refsource": "MISC",
"name": "https://www.nu11secur1ty.com/2022/02/home-owners-collection-management-10-rce.html",
"url": "https://www.nu11secur1ty.com/2022/02/home-owners-collection-management-10-rce.html"
}
]
}