From 8645b4be3c8c518480c0d0be9f7b54410ad4fe4d Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 28 Jan 2022 12:01:05 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2003/5xxx/CVE-2003-5001.json | 18 ++++ 2003/5xxx/CVE-2003-5002.json | 18 ++++ 2003/5xxx/CVE-2003-5003.json | 18 ++++ 2005/10xxx/CVE-2005-10001.json | 18 ++++ 2008/10xxx/CVE-2008-10001.json | 18 ++++ 2010/10xxx/CVE-2010-10001.json | 18 ++++ 2015/10xxx/CVE-2015-10002.json | 18 ++++ 2017/20xxx/CVE-2017-20011.json | 18 ++++ 2017/20xxx/CVE-2017-20012.json | 18 ++++ 2017/20xxx/CVE-2017-20013.json | 18 ++++ 2017/20xxx/CVE-2017-20014.json | 18 ++++ 2017/20xxx/CVE-2017-20015.json | 18 ++++ 2017/20xxx/CVE-2017-20016.json | 18 ++++ 2018/25xxx/CVE-2018-25030.json | 18 ++++ 2020/28xxx/CVE-2020-28884.json | 56 +++++++++-- 2020/28xxx/CVE-2020-28885.json | 56 +++++++++-- 2022/0xxx/CVE-2022-0394.json | 165 ++++++++++++++++----------------- 2022/21xxx/CVE-2022-21720.json | 8 +- 18 files changed, 438 insertions(+), 99 deletions(-) create mode 100644 2003/5xxx/CVE-2003-5001.json create mode 100644 2003/5xxx/CVE-2003-5002.json create mode 100644 2003/5xxx/CVE-2003-5003.json create mode 100644 2005/10xxx/CVE-2005-10001.json create mode 100644 2008/10xxx/CVE-2008-10001.json create mode 100644 2010/10xxx/CVE-2010-10001.json create mode 100644 2015/10xxx/CVE-2015-10002.json create mode 100644 2017/20xxx/CVE-2017-20011.json create mode 100644 2017/20xxx/CVE-2017-20012.json create mode 100644 2017/20xxx/CVE-2017-20013.json create mode 100644 2017/20xxx/CVE-2017-20014.json create mode 100644 2017/20xxx/CVE-2017-20015.json create mode 100644 2017/20xxx/CVE-2017-20016.json create mode 100644 2018/25xxx/CVE-2018-25030.json diff --git a/2003/5xxx/CVE-2003-5001.json b/2003/5xxx/CVE-2003-5001.json new file mode 100644 index 00000000000..6f464c7ee3f --- /dev/null +++ b/2003/5xxx/CVE-2003-5001.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2003-5001", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2003/5xxx/CVE-2003-5002.json b/2003/5xxx/CVE-2003-5002.json new file mode 100644 index 00000000000..11108993513 --- /dev/null +++ b/2003/5xxx/CVE-2003-5002.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2003-5002", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2003/5xxx/CVE-2003-5003.json b/2003/5xxx/CVE-2003-5003.json new file mode 100644 index 00000000000..c82e9c40935 --- /dev/null +++ b/2003/5xxx/CVE-2003-5003.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2003-5003", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2005/10xxx/CVE-2005-10001.json b/2005/10xxx/CVE-2005-10001.json new file mode 100644 index 00000000000..82c5a65f351 --- /dev/null +++ b/2005/10xxx/CVE-2005-10001.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2005-10001", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2008/10xxx/CVE-2008-10001.json b/2008/10xxx/CVE-2008-10001.json new file mode 100644 index 00000000000..6a97c5d96d5 --- /dev/null +++ b/2008/10xxx/CVE-2008-10001.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2008-10001", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2010/10xxx/CVE-2010-10001.json b/2010/10xxx/CVE-2010-10001.json new file mode 100644 index 00000000000..01ccb443463 --- /dev/null +++ b/2010/10xxx/CVE-2010-10001.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2010-10001", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/10xxx/CVE-2015-10002.json b/2015/10xxx/CVE-2015-10002.json new file mode 100644 index 00000000000..6d9efaa5e18 --- /dev/null +++ b/2015/10xxx/CVE-2015-10002.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-10002", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/20xxx/CVE-2017-20011.json b/2017/20xxx/CVE-2017-20011.json new file mode 100644 index 00000000000..872bd8b6b00 --- /dev/null +++ b/2017/20xxx/CVE-2017-20011.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-20011", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/20xxx/CVE-2017-20012.json b/2017/20xxx/CVE-2017-20012.json new file mode 100644 index 00000000000..89dbd65f92c --- /dev/null +++ b/2017/20xxx/CVE-2017-20012.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-20012", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/20xxx/CVE-2017-20013.json b/2017/20xxx/CVE-2017-20013.json new file mode 100644 index 00000000000..fe4d2c8935f --- /dev/null +++ b/2017/20xxx/CVE-2017-20013.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-20013", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/20xxx/CVE-2017-20014.json b/2017/20xxx/CVE-2017-20014.json new file mode 100644 index 00000000000..818b98f065e --- /dev/null +++ b/2017/20xxx/CVE-2017-20014.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-20014", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/20xxx/CVE-2017-20015.json b/2017/20xxx/CVE-2017-20015.json new file mode 100644 index 00000000000..f92e8a9178e --- /dev/null +++ b/2017/20xxx/CVE-2017-20015.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-20015", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/20xxx/CVE-2017-20016.json b/2017/20xxx/CVE-2017-20016.json new file mode 100644 index 00000000000..6f64a2c08c9 --- /dev/null +++ b/2017/20xxx/CVE-2017-20016.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-20016", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/25xxx/CVE-2018-25030.json b/2018/25xxx/CVE-2018-25030.json new file mode 100644 index 00000000000..94c4c8356a8 --- /dev/null +++ b/2018/25xxx/CVE-2018-25030.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-25030", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/28xxx/CVE-2020-28884.json b/2020/28xxx/CVE-2020-28884.json index 6f60f062664..ab2ddf623ac 100644 --- a/2020/28xxx/CVE-2020-28884.json +++ b/2020/28xxx/CVE-2020-28884.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-28884", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-28884", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Liferay Portal Server tested on 7.3.5 GA6, 7.2.0 GA1 is affected by OS Command Injection. An administrator user can inject Groovy script to execute any OS command on the Liferay Portal Sever." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://medium.com/@tranpdanh/some-way-to-execute-os-command-in-liferay-portal-84498bde18d3", + "refsource": "MISC", + "name": "https://medium.com/@tranpdanh/some-way-to-execute-os-command-in-liferay-portal-84498bde18d3" } ] } diff --git a/2020/28xxx/CVE-2020-28885.json b/2020/28xxx/CVE-2020-28885.json index 3cba4fa7463..90f79e23c79 100644 --- a/2020/28xxx/CVE-2020-28885.json +++ b/2020/28xxx/CVE-2020-28885.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-28885", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-28885", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Liferay Portal Server tested on 7.3.5 GA6, 7.2.0 GA1 is affected by OS Command Injection. An administrator user can inject commands through the Gogo Shell module to execute any OS command on the Liferay Portal Sever." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://medium.com/@tranpdanh/some-way-to-execute-os-command-in-liferay-portal-84498bde18d3", + "refsource": "MISC", + "name": "https://medium.com/@tranpdanh/some-way-to-execute-os-command-in-liferay-portal-84498bde18d3" } ] } diff --git a/2022/0xxx/CVE-2022-0394.json b/2022/0xxx/CVE-2022-0394.json index 341980e10ec..30a0f6fda4c 100644 --- a/2022/0xxx/CVE-2022-0394.json +++ b/2022/0xxx/CVE-2022-0394.json @@ -1,89 +1,88 @@ { - "CVE_data_meta": { - "ASSIGNER": "security@huntr.dev", - "ID": "CVE-2022-0394", - "STATE": "PUBLIC", - "TITLE": "Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "livehelperchat/livehelperchat", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_value": "3.93v" - } - ] + "CVE_data_meta": { + "ASSIGNER": "security@huntr.dev", + "ID": "CVE-2022-0394", + "STATE": "PUBLIC", + "TITLE": "Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" } - } ] - }, - "vendor_name": "livehelperchat" } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v." - } - ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 5.3, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", - "version": "3.0" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" - } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://huntr.dev/bounties/e13823d0-271c-448b-a0c5-8549ea7ea272", - "refsource": "CONFIRM", - "url": "https://huntr.dev/bounties/e13823d0-271c-448b-a0c5-8549ea7ea272" - }, - { - "name": "https://github.com/livehelperchat/livehelperchat/commit/d7b85466c217b3750eaccc8703ce54ba8785c4d3", - "refsource": "MISC", - "url": "https://github.com/livehelperchat/livehelperchat/commit/d7b85466c217b3750eaccc8703ce54ba8785c4d3" - } - ] - }, - "source": { - "advisory": "e13823d0-271c-448b-a0c5-8549ea7ea272", - "discovery": "EXTERNAL" - } + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://huntr.dev/bounties/e13823d0-271c-448b-a0c5-8549ea7ea272", + "refsource": "CONFIRM", + "url": "https://huntr.dev/bounties/e13823d0-271c-448b-a0c5-8549ea7ea272" + }, + { + "name": "https://github.com/livehelperchat/livehelperchat/commit/d7b85466c217b3750eaccc8703ce54ba8785c4d3", + "refsource": "MISC", + "url": "https://github.com/livehelperchat/livehelperchat/commit/d7b85466c217b3750eaccc8703ce54ba8785c4d3" + } + ] + }, + "source": { + "advisory": "e13823d0-271c-448b-a0c5-8549ea7ea272", + "discovery": "EXTERNAL" + } } \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21720.json b/2022/21xxx/CVE-2022-21720.json index 14a840b47ce..a49bed1e1fb 100644 --- a/2022/21xxx/CVE-2022-21720.json +++ b/2022/21xxx/CVE-2022-21720.json @@ -12,18 +12,18 @@ "product": { "product_data": [ { - "product_name": "glpi", + "product_name": "n/a", "version": { "version_data": [ { - "version_value": "< 9.5.7" + "version_value": "n/a" } ] } } ] }, - "vendor_name": "glpi-project" + "vendor_name": "n/a" } ] } @@ -61,7 +61,7 @@ "description": [ { "lang": "eng", - "value": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')" + "value": "n/a" } ] }