admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 18:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-02-04 23:01:43 +00:00
parent 81316ff43f
commit 9db2740f21
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
19 changed files with 332 additions and 1406 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2019/3xxx/CVE-2019-3728.json
View File

@ -74,8 +74,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.dell.com/support/kbdoc/000194054"
"refsource": "MISC",
"url": "https://www.dell.com/support/kbdoc/000194054",
"name": "https://www.dell.com/support/kbdoc/000194054"
}
]
}

5
2019/3xxx/CVE-2019-3729.json
View File

@ -63,8 +63,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.dell.com/support/kbdoc/000194054"
"refsource": "MISC",
"url": "https://www.dell.com/support/kbdoc/000194054",
"name": "https://www.dell.com/support/kbdoc/000194054"
}
]
}

5
2019/3xxx/CVE-2019-3730.json
View File

@ -63,8 +63,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.dell.com/support/kbdoc/000194054"
"refsource": "MISC",
"url": "https://www.dell.com/support/kbdoc/000194054",
"name": "https://www.dell.com/support/kbdoc/000194054"
}
]
}

5
2019/3xxx/CVE-2019-3731.json
View File

@ -74,8 +74,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.dell.com/support/kbdoc/000194054"
"refsource": "MISC",
"url": "https://www.dell.com/support/kbdoc/000194054",
"name": "https://www.dell.com/support/kbdoc/000194054"
}
]
}

5
2019/3xxx/CVE-2019-3732.json
View File

@ -74,8 +74,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.dell.com/support/kbdoc/000194054"
"refsource": "MISC",
"url": "https://www.dell.com/support/kbdoc/000194054",
"name": "https://www.dell.com/support/kbdoc/000194054"
}
]
}

5
2019/3xxx/CVE-2019-3733.json
View File

@ -74,8 +74,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.dell.com/support/kbdoc/000194054"
"refsource": "MISC",
"url": "https://www.dell.com/support/kbdoc/000194054",
"name": "https://www.dell.com/support/kbdoc/000194054"
}
]
}

82
2021/26xxx/CVE-2021-26471.json
View File

@ -13,90 +13,18 @@
"product": {
"product_data": [
{
"product_name": "VembuBDR",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.2.x",
"version_value": "4.2.0.1"
},
{
"version_affected": "=",
"version_name": "4.2.x",
"version_value": "4.2.0"
},
{
"version_affected": "=",
"version_name": "4.1.x",
"version_value": "4.1.0"
},
{
"version_affected": "=",
"version_name": "4.0.x",
"version_value": "4.0.2"
},
{
"version_affected": "=",
"version_name": "4.0.x",
"version_value": "4.0.1"
},
{
"version_affected": "=",
"version_name": "4.0.x",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_name": "3.9.x",
"version_value": "3.9.1 Update1"
},
{
"version_affected": "=",
"version_name": "3.9.x",
"version_value": "3.9.0 Update1"
},
{
"version_affected": "=",
"version_name": "3.9.x",
"version_value": "3.9.0"
},
{
"version_affected": "=",
"version_name": "3.8.x",
"version_value": "3.8.0"
},
{
"version_affected": "=",
"version_name": "3.7.x",
"version_value": "3.7.0"
},
{
"version_affected": "=",
"version_name": "3.5.x",
"version_value": "3.5.0.0"
}
]
}
},
{
"product_name": "VembuOffsiteDR ",
"version": {
"version_data": [
{
"version_name": "4.2.x",
"version_value": "4.2.0.1"
},
{
"version_name": "4.2.x",
"version_value": "4.2.0"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "VembuBDR"
"vendor_name": "n/a"
}
]
}
@ -118,7 +46,7 @@
"description_data": [
{
"lang": "eng",
"value": "In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1, the http API located at /sgwebservice_o.php accepts a command argument. Using this command argument an unauthenticated attacker can execute arbitrary shell commands.\n"
"value": "In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1, the http API located at /sgwebservice_o.php accepts a command argument. Using this command argument an unauthenticated attacker can execute arbitrary shell commands."
}
]
},
@ -147,7 +75,7 @@
"description": [
{
"lang": "eng",
"value": "CWE-78 OS Command Injection"
"value": "n/a"
}
]
}

93
2021/26xxx/CVE-2021-26472.json
View File

@ -13,91 +13,18 @@
"product": {
"product_data": [
{
"product_name": "VembuBDR",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.2.x",
"version_value": "4.2.0.1"
},
{
"version_affected": "=",
"version_name": "4.2.x",
"version_value": "4.2.0"
},
{
"version_affected": "=",
"version_name": "4.1.x",
"version_value": "4.1.0"
},
{
"version_affected": "=",
"version_name": "4.0.x",
"version_value": "4.0.2"
},
{
"version_affected": "=",
"version_name": "4.0.x",
"version_value": "4.0.1"
},
{
"version_affected": "=",
"version_name": "4.0.x",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_name": "3.9.x",
"version_value": "3.9.1 Update1"
},
{
"version_affected": "=",
"version_name": "3.9.x",
"version_value": "3.9.0 Update1"
},
{
"version_affected": "=",
"version_name": "3.9.x",
"version_value": "3.9.0"
},
{
"version_affected": "=",
"version_name": "3.8.x",
"version_value": "3.8.0"
},
{
"version_affected": "=",
"version_name": "3.7.x",
"version_value": "3.7.0"
},
{
"version_affected": "=",
"version_name": "3.5.x",
"version_value": "3.5.0.0"
}
]
}
},
{
"product_name": "VembuOffsiteDR ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.2.x",
"version_value": "4.2.0.1"
},
{
"version_name": "4.2.x",
"version_value": "4.2.0"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "VembuBDR"
"vendor_name": "n/a"
}
]
}
@ -119,7 +46,7 @@
"description_data": [
{
"lang": "eng",
"value": "In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 installed on Windows, the http API located at /consumerweb/secure/download.php. Using this command argument an unauthenticated attacker can execute arbitrary OS commands with SYSTEM privileges.\n"
"value": "In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 installed on Windows, the http API located at /consumerweb/secure/download.php. Using this command argument an unauthenticated attacker can execute arbitrary OS commands with SYSTEM privileges."
}
]
},
@ -148,7 +75,7 @@
"description": [
{
"lang": "eng",
"value": "CWE-78 OS Command Injection"
"value": "n/a"
}
]
}
@ -156,11 +83,6 @@
},
"references": {
"reference_data": [
{
"name": "https://csirt.divd.nl/cves/CVE-2021-26472/",
"refsource": "CONFIRM",
"url": "https://csirt.divd.nl/cves/CVE-2021-26472/"
},
{
"name": "https://csirt.divd.nl/cases/DIVD-2020-00011/",
"refsource": "CONFIRM",
@ -175,6 +97,11 @@
"name": "https://www.wbsec.nl/vembu",
"refsource": "CONFIRM",
"url": "https://www.wbsec.nl/vembu"
},
{
"name": "https://csirt.divd.nl/cves/CVE-2021-26472/",
"refsource": "CONFIRM",
"url": "https://csirt.divd.nl/cves/CVE-2021-26472/"
}
]
},

91
2021/26xxx/CVE-2021-26473.json
View File

@ -13,91 +13,18 @@
"product": {
"product_data": [
{
"product_name": "VembuBDR",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.2.x",
"version_value": "4.2.0.1"
},
{
"version_affected": "=",
"version_name": "4.2.x",
"version_value": "4.2.0"
},
{
"version_affected": "=",
"version_name": "4.1.x",
"version_value": "4.1.0"
},
{
"version_affected": "=",
"version_name": "4.0.x",
"version_value": "4.0.2"
},
{
"version_affected": "=",
"version_name": "4.0.x",
"version_value": "4.0.1"
},
{
"version_affected": "=",
"version_name": "4.0.x",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_name": "3.9.x",
"version_value": "3.9.1 Update1"
},
{
"version_affected": "=",
"version_name": "3.9.x",
"version_value": "3.9.0 Update1"
},
{
"version_affected": "=",
"version_name": "3.9.x",
"version_value": "3.9.0"
},
{
"version_affected": "=",
"version_name": "3.8.x",
"version_value": "3.8.0"
},
{
"version_affected": "=",
"version_name": "3.7.x",
"version_value": "3.7.0"
},
{
"version_affected": "=",
"version_name": "3.5.x",
"version_value": "3.5.0.0"
}
]
}
},
{
"product_name": "VembuOffsiteDR ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.2.x",
"version_value": "4.2.0.1"
},
{
"version_name": "4.2.x",
"version_value": "4.2.0"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "VembuBDR"
"vendor_name": "n/a"
}
]
}
@ -148,7 +75,7 @@
"description": [
{
"lang": "eng",
"value": "CWE-434 Unrestricted Upload of File with Dangerous Type"
"value": "n/a"
}
]
}
@ -156,11 +83,6 @@
},
"references": {
"reference_data": [
{
"name": "https://csirt.divd.nl/cves/CVE-2021-26473/",
"refsource": "CONFIRM",
"url": "https://csirt.divd.nl/cves/CVE-2021-26473/"
},
{
"name": "https://csirt.divd.nl/cases/DIVD-2020-00011/",
"refsource": "CONFIRM",
@ -175,6 +97,11 @@
"name": "https://www.wbsec.nl/vembu",
"refsource": "CONFIRM",
"url": "https://www.wbsec.nl/vembu"
},
{
"name": "https://csirt.divd.nl/cves/CVE-2021-26473/",
"refsource": "CONFIRM",
"url": "https://csirt.divd.nl/cves/CVE-2021-26473/"
}
]
},

891
2021/26xxx/CVE-2021-26474.json
View File

@ -13,889 +13,18 @@
"product": {
"product_data": [
{
"product_name": "VembuBDR",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "6.1.x",
"version_value": "6.1.0.0"
},
{
"version_affected": "=",
"version_name": "4.2.x",
"version_value": "4.2.0.1"
},
{
"version_affected": "=",
"version_name": "4.2.x",
"version_value": "4.2.0"
},
{
"version_affected": "=",
"version_name": "4.1.x",
"version_value": "4.1.0"
},
{
"version_affected": "=",
"version_name": "4.0.x",
"version_value": "4.0.2"
},
{
"version_affected": "=",
"version_name": "4.0.x",
"version_value": "4.0.1"
},
{
"version_affected": "=",
"version_name": "4.0.x",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_name": "3.9.x",
"version_value": "3.9.1 Update1"
},
{
"version_affected": "=",
"version_name": "3.9.x",
"version_value": "3.9.0 Update1"
},
{
"version_affected": "=",
"version_name": "3.9.x",
"version_value": "3.9.0"
},
{
"version_affected": "=",
"version_name": "3.8.x",
"version_value": "3.8.0"
},
{
"version_affected": "=",
"version_name": "3.7.x",
"version_value": "3.7.0"
},
{
"version_affected": "=",
"version_name": "3.5.x",
"version_value": "3.5.0.0"
}
]
}
},
{
"product_name": "360DR",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0.0"
}
]
}
},
{
"product_name": "BackSpace",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.5.x",
"version_value": "4.5.0"
}
]
}
},
{
"product_name": "BackupService",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "5.2.x",
"version_value": "5.2.0"
}
]
}
},
{
"product_name": "BackupSolution",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0.0"
}
]
}
},
{
"product_name": "BaltnetaOnlineBackup",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.1.x",
"version_value": "4.1.0"
}
]
}
},
{
"product_name": "ClearPointBackup ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0.0"
}
]
}
},
{
"product_name": "CloudBackup ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0.0"
}
]
}
},
{
"product_name": "CloudBasedBackup ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0"
}
]
}
},
{
"product_name": "CloudStor ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0.0"
}
]
}
},
{
"product_name": "CloudStore ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0.0"
}
]
}
},
{
"product_name": "CtrlSDataAssurance ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.5.x",
"version_value": "4.5.0"
},
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.2"
},
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0.0"
},
{
"version_affected": "=",
"version_name": "4.2.x",
"version_value": "4.2.0.0"
},
{
"version_affected": "=",
"version_name": "4.2.x",
"version_value": "4.2.0"
},
{
"version_affected": "=",
"version_name": "3.5.x",
"version_value": "3.5.0.0"
}
]
}
},
{
"product_name": "DataAddicts ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0.0"
}
]
}
},
{
"product_name": "DataBackup",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.3.x",
"version_value": "4.3.0"
}
]
}
},
{
"product_name": "DataCrib ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "5.2.x",
"version_value": "5.2.0"
}
]
}
},
{
"product_name": "DataVault ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "5.1.x",
"version_value": "5.1.0"
}
]
}
},
{
"product_name": "DBS ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0.0"
}
]
}
},
{
"product_name": "EclipseBaaS ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0.0"
}
]
}
},
{
"product_name": "EnklareBackup ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "5.1.x",
"version_value": "5.1.0"
}
]
}
},
{
"product_name": "FastBackup ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0.0"
}
]
}
},
{
"product_name": "Guardian ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "5.1.x",
"version_value": "5.1.0"
},
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0.0"
},
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0"
}
]
}
},
{
"product_name": "HotlinkBackup ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0"
}
]
}
},
{
"product_name": "IronVault ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0.0"
}
]
}
},
{
"product_name": "iwksbackup ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "5.0.x",
"version_value": "5.0.0"
}
]
}
},
{
"product_name": "Level365OnlineBackup ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0.0"
}
]
}
},
{
"product_name": "LocalTel_RDS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0.0"
}
]
}
},
{
"product_name": "MBCBackup ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0.0"
}
]
}
},
{
"product_name": "Netbackup ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "5.2.x",
"version_value": "5.2.0"
}
]
}
},
{
"product_name": "NetrepidHostedBackups ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.1"
}
]
}
},
{
"product_name": "OffsiteVAULT ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0.0"
}
]
}
},
{
"product_name": "OnlineBackup_Client ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "5.1.x",
"version_value": "5.1.0"
},
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0.0"
},
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0"
}
]
}
},
{
"product_name": "OnyxSync ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0.0"
}
]
}
},
{
"product_name": "Opusbackup ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0.0"
}
]
}
},
{
"product_name": "P2VOnlineBackup ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0.0"
}
]
}
},
{
"product_name": "ProdigyBackup ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0.0"
}
]
}
},
{
"product_name": "QloudwiseBackup ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.2"
}
]
}
},
{
"product_name": "RAKVault ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0.0"
}
]
}
},
{
"product_name": "ReflexBackups ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0.0"
}
]
}
},
{
"product_name": "RemoteDataRecovery ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "5.1.x",
"version_value": "5.1.0"
}
]
}
},
{
"product_name": "saf-gate ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0.0"
}
]
}
},
{
"product_name": "SamcoStor ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "5.0.x",
"version_value": "5.0.0"
}
]
}
},
{
"product_name": "SM4Store ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0.0"
}
]
}
},
{
"product_name": "StoreGrid ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "5.2.x",
"version_value": "5.2.0"
},
{
"version_affected": "=",
"version_name": "5.1.x",
"version_value": "5.1.0"
},
{
"version_affected": "=",
"version_name": "5.0.x",
"version_value": "5.0.0"
},
{
"version_affected": "=",
"version_name": "4.5.x",
"version_value": "4.5.0"
},
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.1.0"
},
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.1"
},
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0.0"
},
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0"
},
{
"version_affected": "=",
"version_name": "4.2.x",
"version_value": "4.2.1.0"
},
{
"version_affected": "=",
"version_name": "4.2.x",
"version_value": "4.2.1"
},
{
"version_affected": "=",
"version_name": "4.0.x",
"version_value": "4.0.0.0"
},
{
"version_affected": "=",
"version_name": "3.5.x",
"version_value": "3.5.0.0"
},
{
"version_affected": "=",
"version_name": "3.1.x",
"version_value": "3.1.0.0"
}
]
}
},
{
"product_name": "StoreSafeDC ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0.0"
}
]
}
},
{
"product_name": "StorNet ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "5.0.x",
"version_value": "5.0.0"
},
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0"
}
]
}
},
{
"product_name": "STPOffsite ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0.0"
}
]
}
},
{
"product_name": "Syntax ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0.0"
}
]
}
},
{
"product_name": "TBITBackup ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "5.1.x",
"version_value": "5.1.0"
}
]
}
},
{
"product_name": "TechNetBackup ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0.0"
}
]
}
},
{
"product_name": "TheDataVault ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.5.x",
"version_value": "4.5.0"
}
]
}
},
{
"product_name": "TitanBackup ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "5.2.x",
"version_value": "5.2.0"
},
{
"version_affected": "=",
"version_name": "5.1.x",
"version_value": "5.1.0"
}
]
}
},
{
"product_name": "TruStor ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0.0"
},
{
"version_affected": "=",
"version_name": "3.5.x",
"version_value": "3.5.0.0"
}
]
}
},
{
"product_name": "UndergroundBackups ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0.0"
}
]
}
},
{
"product_name": "VELOCIsecure ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0.0"
}
]
}
},
{
"product_name": "VembuOffsiteDR ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.2.x",
"version_value": "4.2.0.1"
},
{
"version_affected": "=",
"version_name": "4.2.x",
"version_value": "4.2.0"
}
]
}
},
{
"product_name": "WrightOnline ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0.0"
}
]
}
},
{
"product_name": "XpressSTOR ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0.0"
}
]
}
},
{
"product_name": "ZipData ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "4.4.x",
"version_value": "4.4.0.0"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "VembuBDR"
"vendor_name": "n/a"
}
]
}
@ -917,7 +46,7 @@
"description_data": [
{
"lang": "eng",
"value": "Various Vembu products allow an attacker to execute a (non-blind) http-only Cross Site Request Forgery\n\n(Other products or versions of products in this family may be affected too.)"
"value": "Various Vembu products allow an attacker to execute a (non-blind) http-only Cross Site Request Forgery (Other products or versions of products in this family may be affected too.)"
}
]
},
@ -946,7 +75,7 @@
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
"value": "n/a"
}
]
}
@ -954,11 +83,6 @@
},
"references": {
"reference_data": [
{
"name": "https://csirt.divd.nl/cves/CVE-2021-26474/",
"refsource": "CONFIRM",
"url": "https://csirt.divd.nl/cves/CVE-2021-26474/"
},
{
"name": "https://csirt.divd.nl/cases/DIVD-2020-00011/",
"refsource": "CONFIRM",
@ -973,6 +97,11 @@
"name": "https://www.wbsec.nl/vembu",
"refsource": "CONFIRM",
"url": "https://www.wbsec.nl/vembu"
},
{
"name": "https://csirt.divd.nl/cves/CVE-2021-26474/",
"refsource": "CONFIRM",
"url": "https://csirt.divd.nl/cves/CVE-2021-26474/"
}
]
},

7
2021/32xxx/CVE-2021-32036.json
View File

@ -91,12 +91,13 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://jira.mongodb.org/browse/SERVER-59294"
"refsource": "MISC",
"url": "https://jira.mongodb.org/browse/SERVER-59294",
"name": "https://jira.mongodb.org/browse/SERVER-59294"
}
]
},
"source": {
"discovery": "INTERNAL"
}
}
}

9
2021/36xxx/CVE-2021-36151.json
View File

@ -43,7 +43,7 @@
"description_data": [
{
"lang": "eng",
"value": "In Apache Gobblin, the Hadoop token is written to a temp file that is visible to all local users on Unix-like systems. This affects versions <= 0.15.0. Users should update to version 0.16.0 which addresses this issue. "
"value": "In Apache Gobblin, the Hadoop token is written to a temp file that is visible to all local users on Unix-like systems. This affects versions <= 0.15.0. Users should update to version 0.16.0 which addresses this issue."
}
]
},
@ -68,12 +68,13 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://lists.apache.org/thread/3cdkyxdd6xk05lsvr3l66dsnvhwyo1t0"
"refsource": "MISC",
"url": "https://lists.apache.org/thread/3cdkyxdd6xk05lsvr3l66dsnvhwyo1t0",
"name": "https://lists.apache.org/thread/3cdkyxdd6xk05lsvr3l66dsnvhwyo1t0"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}

9
2021/36xxx/CVE-2021-36152.json
View File

@ -43,7 +43,7 @@
"description_data": [
{
"lang": "eng",
"value": "Apache Gobblin trusts all certificates used for LDAP connections in Gobblin-as-a-Service. This affects versions <= 0.15.0. Users should update to version 0.16.0 which addresses this issue. "
"value": "Apache Gobblin trusts all certificates used for LDAP connections in Gobblin-as-a-Service. This affects versions <= 0.15.0. Users should update to version 0.16.0 which addresses this issue."
}
]
},
@ -70,12 +70,13 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://lists.apache.org/thread/3bxf7rbf4zh95r78jtgth6gwhr5fyl2j"
"refsource": "MISC",
"url": "https://lists.apache.org/thread/3bxf7rbf4zh95r78jtgth6gwhr5fyl2j",
"name": "https://lists.apache.org/thread/3bxf7rbf4zh95r78jtgth6gwhr5fyl2j"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}

204
2021/38xxx/CVE-2021-38960.json
View File

@ -1,106 +1,106 @@
{
"CVE_data_meta" : {
"DATE_PUBLIC" : "2022-02-02T00:00:00",
"ID" : "CVE-2021-38960",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC"
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6529322 (OPENBMC)",
"name" : "https://www.ibm.com/support/pages/node/6529322",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/6529322"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/212047",
"refsource" : "XF",
"name" : "ibm-openbmc-cve202138960-info-disc (212047)",
"title" : "X-Force Vulnerability Report"
}
]
},
"description" : {
"description_data" : [
{
"value" : "IBM OPENBMC OP920, OP930, and OP940 could allow an unauthenticated user to obtain sensitive information. IBM X-Force ID: 212047.",
"lang" : "eng"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
"CVE_data_meta": {
"DATE_PUBLIC": "2022-02-02T00:00:00",
"ID": "CVE-2021-38960",
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC"
},
"references": {
"reference_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "OPENBMC",
"version" : {
"version_data" : [
{
"version_value" : "OP920"
},
{
"version_value" : "OP930"
},
{
"version_value" : "OP940"
}
]
}
},
{
"version" : {
"version_data" : [
{
"version_value" : "OP940"
}
]
},
"product_name" : "HMC"
}
]
}
"title": "IBM Security Bulletin 6529322 (OPENBMC)",
"name": "https://www.ibm.com/support/pages/node/6529322",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/pages/node/6529322"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/212047",
"refsource": "XF",
"name": "ibm-openbmc-cve202138960-info-disc (212047)",
"title": "X-Force Vulnerability Report"
}
]
}
},
"data_type" : "CVE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
},
"description": {
"description_data": [
{
"value": "IBM OPENBMC OP920, OP930, and OP940 could allow an unauthenticated user to obtain sensitive information. IBM X-Force ID: 212047.",
"lang": "eng"
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "OPENBMC",
"version": {
"version_data": [
{
"version_value": "OP920"
},
{
"version_value": "OP930"
},
{
"version_value": "OP940"
}
]
}
},
{
"version": {
"version_data": [
{
"version_value": "OP940"
}
]
},
"product_name": "HMC"
}
]
}
}
]
}
]
},
"data_version" : "4.0",
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"E" : "U",
"RC" : "C"
},
"BM" : {
"AV" : "N",
"PR" : "N",
"I" : "N",
"AC" : "L",
"S" : "U",
"A" : "N",
"UI" : "N",
"C" : "L",
"SCORE" : "5.300"
}
}
}
}
}
},
"data_type": "CVE",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Obtain Information",
"lang": "eng"
}
]
}
]
},
"data_version": "4.0",
"data_format": "MITRE",
"impact": {
"cvssv3": {
"TM": {
"RL": "O",
"E": "U",
"RC": "C"
},
"BM": {
"AV": "N",
"PR": "N",
"I": "N",
"AC": "L",
"S": "U",
"A": "N",
"UI": "N",
"C": "L",
"SCORE": "5.300"
}
}
}
}

2
2021/45xxx/CVE-2021-45268.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "A Cross Site Request Forgery (CSRF) vulnerability exists in Backdrop CMS 1.20, which allows Remote Attackers to gain Remote Code Execution (RCE) on the Hosting Webserver via uploading a maliciously add-on with crafted PHP file."
"value": "** DISPUTED ** A Cross Site Request Forgery (CSRF) vulnerability exists in Backdrop CMS 1.20, which allows Remote Attackers to gain Remote Code Execution (RCE) on the Hosting Webserver via uploading a maliciously add-on with crafted PHP file. NOTE: the vendor disputes this because the attack requires a session cookie of a high-privileged authenticated user who is entitled to install arbitrary add-ons."
}
]
},

183
2022/0xxx/CVE-2022-0317.json
View File

@ -1,92 +1,93 @@
{
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"DATE_PUBLIC": "2022-01-25T13:36:00.000Z",
"ID": "CVE-2022-0317",
"STATE": "PUBLIC",
"TITLE": "Improper Input Validation in AKPublic.Verify in go-attestation"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "go-attestation",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "0.4.0"
}
]
}
}
]
},
"vendor_name": "Google LLC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Nikki VonHollen"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An improper input validation vulnerability in go-attestation before 0.3.3 allows local users to provide a maliciously-formed Quote over no/some PCRs, causing AKPublic.Verify to succeed despite the inconsistency. Subsequent use of the same set of PCR values in Eventlog.Verify lacks the authentication performed by quote verification, meaning a local attacker could couple this vulnerability with a maliciously-crafted TCG log in Eventlog.Verify to spoof events in the TCG log, hence defeating remotely-attested measured-boot. We recommend upgrading to Version 0.4.0 or above."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://github.com/google/go-attestation/security/advisories/GHSA-99cg-575x-774p"
}
]
},
"source": {
"discovery": "INTERNAL"
}
}
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"DATE_PUBLIC": "2022-01-25T13:36:00.000Z",
"ID": "CVE-2022-0317",
"STATE": "PUBLIC",
"TITLE": "Improper Input Validation in AKPublic.Verify in go-attestation"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "go-attestation",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "0.4.0"
}
]
}
}
]
},
"vendor_name": "Google LLC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Nikki VonHollen"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An improper input validation vulnerability in go-attestation before 0.3.3 allows local users to provide a maliciously-formed Quote over no/some PCRs, causing AKPublic.Verify to succeed despite the inconsistency. Subsequent use of the same set of PCR values in Eventlog.Verify lacks the authentication performed by quote verification, meaning a local attacker could couple this vulnerability with a maliciously-crafted TCG log in Eventlog.Verify to spoof events in the TCG log, hence defeating remotely-attested measured-boot. We recommend upgrading to Version 0.4.0 or above."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://github.com/google/go-attestation/security/advisories/GHSA-99cg-575x-774p",
"name": "https://github.com/google/go-attestation/security/advisories/GHSA-99cg-575x-774p"
}
]
},
"source": {
"discovery": "INTERNAL"
}
}

2
2022/23xxx/CVE-2022-23611.json
View File

@ -35,7 +35,7 @@
"description_data": [
{
"lang": "eng",
"value": "iTunesRPC-Remastered is a Discord Rich Presence for iTunes on Windows utility. In affected versions iTunesRPC-Remastered did not properly sanitize image file paths leading to OS level command injection. This issue has been patched in commit cdcd48b. Users are advised to upgrade.\n"
"value": "iTunesRPC-Remastered is a Discord Rich Presence for iTunes on Windows utility. In affected versions iTunesRPC-Remastered did not properly sanitize image file paths leading to OS level command injection. This issue has been patched in commit cdcd48b. Users are advised to upgrade."
}
]
},

128
2022/23xxx/CVE-2022-23805.json
View File

@ -1,63 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@trendmicro.com",
"ID" : "CVE-2022-23805",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Trend Micro Worry-Free Business Security",
"version" : {
"version_data" : [
{
"version_value" : "10.0 SP1"
}
]
}
}
]
},
"vendor_name" : "Trend Micro"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A security out-of-bounds read information disclosure vulnerability in Trend Micro Worry-Free Business Security Server could allow a local attacker to send garbage data to a specific named pipe and crash the server.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Out-Of-Bounds Read Information Disclosure"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://success.trendmicro.com/solution/000290416"
},
{
"url" : "https://www.zerodayinitiative.com/advisories/ZDI-22-147/"
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2022-23805",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Worry-Free Business Security",
"version": {
"version_data": [
{
"version_value": "10.0 SP1"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A security out-of-bounds read information disclosure vulnerability in Trend Micro Worry-Free Business Security Server could allow a local attacker to send garbage data to a specific named pipe and crash the server. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-Of-Bounds Read Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://success.trendmicro.com/solution/000290416",
"refsource": "MISC",
"name": "https://success.trendmicro.com/solution/000290416"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-147/",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-147/"
}
]
}
}

7
2022/23xxx/CVE-2022-23913.json
View File

@ -67,8 +67,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2"
"refsource": "MISC",
"url": "https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2",
"name": "https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2"
}
]
},
@ -82,4 +83,4 @@
"value": "Upgrade to Apache ActiveMQ Artemis 2.20.0 or 2.19.1 (if you're still using Java 8)."
}
]
}
}