From 898a4106a032b3826321b8c53fdbec6e7e31bddc Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 21 Jan 2022 16:01:13 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2020/23xxx/CVE-2020-23904.json | 2 +- 2021/35xxx/CVE-2021-35003.json | 124 +++++++++++++++++---------------- 2021/35xxx/CVE-2021-35004.json | 124 +++++++++++++++++---------------- 2021/40xxx/CVE-2021-40855.json | 61 ++++++++++++++-- 2021/45xxx/CVE-2021-45463.json | 7 +- 2021/46xxx/CVE-2021-46198.json | 61 ++++++++++++++-- 2021/46xxx/CVE-2021-46200.json | 56 +++++++++++++-- 2021/46xxx/CVE-2021-46201.json | 56 +++++++++++++-- 2021/46xxx/CVE-2021-46307.json | 56 +++++++++++++-- 2022/23xxx/CVE-2022-23220.json | 61 ++++++++++++++-- 10 files changed, 448 insertions(+), 160 deletions(-) diff --git a/2020/23xxx/CVE-2020-23904.json b/2020/23xxx/CVE-2020-23904.json index a5a17b3d221..ff4262a11f0 100644 --- a/2020/23xxx/CVE-2020-23904.json +++ b/2020/23xxx/CVE-2020-23904.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "A stack buffer overflow in speexenc.c of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file." + "value": "** DISPUTED ** A stack buffer overflow in speexenc.c of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file. NOTE: the vendor states \"I cannot reproduce it\" and it \"is a demo program.\"" } ] }, diff --git a/2021/35xxx/CVE-2021-35003.json b/2021/35xxx/CVE-2021-35003.json index 25475dc3280..5d6e34268b6 100644 --- a/2021/35xxx/CVE-2021-35003.json +++ b/2021/35xxx/CVE-2021-35003.json @@ -1,67 +1,69 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2021-35003", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Archer C90", - "version": { - "version_data": [ - { - "version_value": "1.0.6 Build 20200114 rel.73164(5553)" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2021-35003", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Archer C90", + "version": { + "version_data": [ + { + "version_value": "1.0.6 Build 20200114 rel.73164(5553)" + } + ] + } + } + ] + }, + "vendor_name": "TP-Link" } - } ] - }, - "vendor_name": "TP-Link" } - ] - } - }, - "credit": "Team FLASHBACK: Pedro Ribeiro (@pedrib1337 | pedrib@gmail.com) + Radek Domanski (@RabbitPro)", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link Archer C90 1.0.6 Build 20200114 rel.73164(5553) routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of DNS responses. A crafted DNS message can trigger an overflow of a fixed-length, stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-14655." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-121: Stack-based Buffer Overflow" - } + }, + "credit": "Team FLASHBACK: Pedro Ribeiro (@pedrib1337 | pedrib@gmail.com) + Radek Domanski (@RabbitPro)", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link Archer C90 1.0.6 Build 20200114 rel.73164(5553) routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of DNS responses. A crafted DNS message can trigger an overflow of a fixed-length, stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-14655." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-080/" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-121: Stack-based Buffer Overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-080/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-22-080/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2021/35xxx/CVE-2021-35004.json b/2021/35xxx/CVE-2021-35004.json index 374a1fd908c..30231c38509 100644 --- a/2021/35xxx/CVE-2021-35004.json +++ b/2021/35xxx/CVE-2021-35004.json @@ -1,67 +1,69 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2021-35004", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "TL-WA1201", - "version": { - "version_data": [ - { - "version_value": "1.0.1 Build 20200709 rel.66244(5553)" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2021-35004", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "TL-WA1201", + "version": { + "version_data": [ + { + "version_value": "1.0.1 Build 20200709 rel.66244(5553)" + } + ] + } + } + ] + }, + "vendor_name": "TP-Link" } - } ] - }, - "vendor_name": "TP-Link" } - ] - } - }, - "credit": "Team FLASHBACK: Pedro Ribeiro (@pedrib1337 | pedrib@gmail.com) + Radek Domanski (@RabbitPro)", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link TL-WA1201 1.0.1 Build 20200709 rel.66244(5553) wireless access points. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of DNS responses. A crafted DNS message can trigger an overflow of a fixed-length, stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-14656." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-121: Stack-based Buffer Overflow" - } + }, + "credit": "Team FLASHBACK: Pedro Ribeiro (@pedrib1337 | pedrib@gmail.com) + Radek Domanski (@RabbitPro)", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link TL-WA1201 1.0.1 Build 20200709 rel.66244(5553) wireless access points. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of DNS responses. A crafted DNS message can trigger an overflow of a fixed-length, stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-14656." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-081/" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-121: Stack-based Buffer Overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-081/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-22-081/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2021/40xxx/CVE-2021-40855.json b/2021/40xxx/CVE-2021-40855.json index 8439aa9e86d..835d7573753 100644 --- a/2021/40xxx/CVE-2021-40855.json +++ b/2021/40xxx/CVE-2021-40855.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-40855", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-40855", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The EU Technical Specifications for Digital COVID Certificates before 1.1 mishandle certificate governance. A non-production public key certificate could have been used in production." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.consilium.europa.eu/en/policies/coronavirus/eu-digital-covid-certificate/", + "refsource": "MISC", + "name": "https://www.consilium.europa.eu/en/policies/coronavirus/eu-digital-covid-certificate/" + }, + { + "refsource": "MISC", + "name": "https://github.com/eu-digital-green-certificates/dgc-overview/security/advisories/GHSA-xcvc-p4fw-qmcj", + "url": "https://github.com/eu-digital-green-certificates/dgc-overview/security/advisories/GHSA-xcvc-p4fw-qmcj" } ] } diff --git a/2021/45xxx/CVE-2021-45463.json b/2021/45xxx/CVE-2021-45463.json index c2a094143cd..2441c876d36 100644 --- a/2021/45xxx/CVE-2021-45463.json +++ b/2021/45xxx/CVE-2021-45463.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "GEGL before 0.4.34, as used (for example) in GIMP before 2.10.30, allows shell expansion when a pathname in a constructed command line is not escaped or filtered. This is caused by use of the system library function for execution of the ImageMagick convert fallback in magick-load." + "value": "load_cache in GEGL before 0.4.34 allows shell expansion when a pathname in a constructed command line is not escaped or filtered. This is caused by use of the system library function for execution of the ImageMagick convert fallback in magick-load. NOTE: GEGL releases before 0.4.34 are used in GIMP releases before 2.10.30; however, this does not imply that GIMP builds enable the vulnerable feature." } ] }, @@ -81,6 +81,11 @@ "refsource": "FEDORA", "name": "FEDORA-2022-5b5a738d7a", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZP5NDNOTMPI335FXE7VUPW7FXYTT7PYN/" + }, + { + "refsource": "CONFIRM", + "name": "https://gitlab.gnome.org/GNOME/gegl/-/issues/298", + "url": "https://gitlab.gnome.org/GNOME/gegl/-/issues/298" } ] } diff --git a/2021/46xxx/CVE-2021-46198.json b/2021/46xxx/CVE-2021-46198.json index a4ae9db2fba..acce93c31d4 100644 --- a/2021/46xxx/CVE-2021-46198.json +++ b/2021/46xxx/CVE-2021-46198.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-46198", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-46198", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An SQL Injection vulnerability exists in Sourceodester Courier Management System 1.0 via the email parameter in /cms/ajax.php app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.nu11secur1ty.com/2022/01/courier-management-system-10-sql.html", + "refsource": "MISC", + "name": "https://www.nu11secur1ty.com/2022/01/courier-management-system-10-sql.html" + }, + { + "url": "https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Courier-Management-System", + "refsource": "MISC", + "name": "https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Courier-Management-System" } ] } diff --git a/2021/46xxx/CVE-2021-46200.json b/2021/46xxx/CVE-2021-46200.json index a0d83e08f3f..4828c05ab72 100644 --- a/2021/46xxx/CVE-2021-46200.json +++ b/2021/46xxx/CVE-2021-46200.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-46200", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-46200", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An SQL Injection vulnerability exists in Sourcecodester Simple Music Clour Community System 1.0 via the email parameter in /music/ajax.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Simple-Music-Cloud-Community-System", + "refsource": "MISC", + "name": "https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Simple-Music-Cloud-Community-System" } ] } diff --git a/2021/46xxx/CVE-2021-46201.json b/2021/46xxx/CVE-2021-46201.json index 40ff9d18a0c..a000a88ccf5 100644 --- a/2021/46xxx/CVE-2021-46201.json +++ b/2021/46xxx/CVE-2021-46201.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-46201", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-46201", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An SQL Injection vulnerability exists in Sourcecodester Online Resort Management System 1.0 via the id parameterv in /orms/ node." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Online-Resort-Management-System-1.0", + "refsource": "MISC", + "name": "https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Online-Resort-Management-System-1.0" } ] } diff --git a/2021/46xxx/CVE-2021-46307.json b/2021/46xxx/CVE-2021-46307.json index 3a49293d2e4..c08cbe388d6 100644 --- a/2021/46xxx/CVE-2021-46307.json +++ b/2021/46xxx/CVE-2021-46307.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-46307", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-46307", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An SQL Injection vulnerability exists in Projectworlds Online Examination System 1.0 via the eid parameter in account.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/Projectworlds/2022/Online%20Examination%20System", + "refsource": "MISC", + "name": "https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/Projectworlds/2022/Online%20Examination%20System" } ] } diff --git a/2022/23xxx/CVE-2022-23220.json b/2022/23xxx/CVE-2022-23220.json index 28da4b506b7..940e9366383 100644 --- a/2022/23xxx/CVE-2022-23220.json +++ b/2022/23xxx/CVE-2022-23220.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-23220", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-23220", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "USBView 2.1 before 2.2 allows some local users (e.g., ones logged in via SSH) to execute arbitrary code as root because certain Polkit settings (e.g., allow_any=yes) for pkexec disable the authentication requirement. Code execution can, for example, use the --gtk-module option. This affects Ubuntu, Debian, and Gentoo." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/gregkh/usbview/commit/bf374fa4e5b9a756789dfd88efa93806a395463b", + "url": "https://github.com/gregkh/usbview/commit/bf374fa4e5b9a756789dfd88efa93806a395463b" + }, + { + "refsource": "MISC", + "name": "https://www.openwall.com/lists/oss-security/2022/01/21/1", + "url": "https://www.openwall.com/lists/oss-security/2022/01/21/1" } ] }