From bfca4e1ecb827b118d25f6b3cda68bb9983cd584 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 31 Dec 2020 03:01:43 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2016/9xxx/CVE-2016-9021.json | 53 ++++++++++++++++++++++++++++++++-- 2016/9xxx/CVE-2016-9022.json | 53 ++++++++++++++++++++++++++++++++-- 2016/9xxx/CVE-2016-9023.json | 53 ++++++++++++++++++++++++++++++++-- 2016/9xxx/CVE-2016-9025.json | 53 ++++++++++++++++++++++++++++++++-- 2016/9xxx/CVE-2016-9026.json | 53 ++++++++++++++++++++++++++++++++-- 2018/14xxx/CVE-2018-14067.json | 48 ++++++++++++++++++++++++++++-- 2018/16xxx/CVE-2018-16795.json | 53 ++++++++++++++++++++++++++++++++-- 7 files changed, 352 insertions(+), 14 deletions(-) diff --git a/2016/9xxx/CVE-2016-9021.json b/2016/9xxx/CVE-2016-9021.json index a12b41e9003..c722df25e9e 100644 --- a/2016/9xxx/CVE-2016-9021.json +++ b/2016/9xxx/CVE-2016-9021.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-9021", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Exponent CMS before 2.6.0 has improper input validation in storeController.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/exponentcms/exponent-cms/commit/a8efd9ca71fc9b8b843ad0910d435d237482ee31", + "refsource": "MISC", + "name": "https://github.com/exponentcms/exponent-cms/commit/a8efd9ca71fc9b8b843ad0910d435d237482ee31" + }, + { + "url": "https://exponentcms.lighthouseapp.com/projects/61783/changesets/a8efd9ca71fc9b8b843ad0910d435d237482ee31", + "refsource": "MISC", + "name": "https://exponentcms.lighthouseapp.com/projects/61783/changesets/a8efd9ca71fc9b8b843ad0910d435d237482ee31" } ] } diff --git a/2016/9xxx/CVE-2016-9022.json b/2016/9xxx/CVE-2016-9022.json index 5606691c46b..dac722dce6b 100644 --- a/2016/9xxx/CVE-2016-9022.json +++ b/2016/9xxx/CVE-2016-9022.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-9022", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Exponent CMS before 2.6.0 has improper input validation in usersController.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/exponentcms/exponent-cms/commit/a8efd9ca71fc9b8b843ad0910d435d237482ee31", + "refsource": "MISC", + "name": "https://github.com/exponentcms/exponent-cms/commit/a8efd9ca71fc9b8b843ad0910d435d237482ee31" + }, + { + "url": "https://exponentcms.lighthouseapp.com/projects/61783/changesets/a8efd9ca71fc9b8b843ad0910d435d237482ee31", + "refsource": "MISC", + "name": "https://exponentcms.lighthouseapp.com/projects/61783/changesets/a8efd9ca71fc9b8b843ad0910d435d237482ee31" } ] } diff --git a/2016/9xxx/CVE-2016-9023.json b/2016/9xxx/CVE-2016-9023.json index 47c5d0eb2fc..01f7142c583 100644 --- a/2016/9xxx/CVE-2016-9023.json +++ b/2016/9xxx/CVE-2016-9023.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-9023", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Exponent CMS before 2.6.0 has improper input validation in cron/find_help.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/exponentcms/exponent-cms/commit/a8efd9ca71fc9b8b843ad0910d435d237482ee31", + "refsource": "MISC", + "name": "https://github.com/exponentcms/exponent-cms/commit/a8efd9ca71fc9b8b843ad0910d435d237482ee31" + }, + { + "url": "https://exponentcms.lighthouseapp.com/projects/61783/changesets/a8efd9ca71fc9b8b843ad0910d435d237482ee31", + "refsource": "MISC", + "name": "https://exponentcms.lighthouseapp.com/projects/61783/changesets/a8efd9ca71fc9b8b843ad0910d435d237482ee31" } ] } diff --git a/2016/9xxx/CVE-2016-9025.json b/2016/9xxx/CVE-2016-9025.json index 7da9014eacd..d73b02db75a 100644 --- a/2016/9xxx/CVE-2016-9025.json +++ b/2016/9xxx/CVE-2016-9025.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-9025", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Exponent CMS before 2.6.0 has improper input validation in purchaseOrderController.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/exponentcms/exponent-cms/commit/a8efd9ca71fc9b8b843ad0910d435d237482ee31", + "refsource": "MISC", + "name": "https://github.com/exponentcms/exponent-cms/commit/a8efd9ca71fc9b8b843ad0910d435d237482ee31" + }, + { + "url": "https://exponentcms.lighthouseapp.com/projects/61783/changesets/a8efd9ca71fc9b8b843ad0910d435d237482ee31", + "refsource": "MISC", + "name": "https://exponentcms.lighthouseapp.com/projects/61783/changesets/a8efd9ca71fc9b8b843ad0910d435d237482ee31" } ] } diff --git a/2016/9xxx/CVE-2016-9026.json b/2016/9xxx/CVE-2016-9026.json index 9b4686d5cc5..dfc263f697f 100644 --- a/2016/9xxx/CVE-2016-9026.json +++ b/2016/9xxx/CVE-2016-9026.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-9026", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Exponent CMS before 2.6.0 has improper input validation in fileController.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/exponentcms/exponent-cms/commit/a8efd9ca71fc9b8b843ad0910d435d237482ee31", + "refsource": "MISC", + "name": "https://github.com/exponentcms/exponent-cms/commit/a8efd9ca71fc9b8b843ad0910d435d237482ee31" + }, + { + "url": "https://exponentcms.lighthouseapp.com/projects/61783/changesets/a8efd9ca71fc9b8b843ad0910d435d237482ee31", + "refsource": "MISC", + "name": "https://exponentcms.lighthouseapp.com/projects/61783/changesets/a8efd9ca71fc9b8b843ad0910d435d237482ee31" } ] } diff --git a/2018/14xxx/CVE-2018-14067.json b/2018/14xxx/CVE-2018-14067.json index 6b0375a917e..910353c9a48 100644 --- a/2018/14xxx/CVE-2018-14067.json +++ b/2018/14xxx/CVE-2018-14067.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-14067", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Green Packet WiMax DV-360 2.10.14-g1.0.6.1 devices allow Command Injection, with unauthenticated remote command execution, via a crafted payload to the HTTPS port, because lighttpd listens on all network interfaces (including the external Internet) by default. NOTE: this may overlap CVE-2017-9980." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.shellcode.it/article/greenpacket-wimax/", + "url": "https://www.shellcode.it/article/greenpacket-wimax/" } ] } diff --git a/2018/16xxx/CVE-2018-16795.json b/2018/16xxx/CVE-2018-16795.json index 78038f78fa6..1484d6266a7 100644 --- a/2018/16xxx/CVE-2018-16795.json +++ b/2018/16xxx/CVE-2018-16795.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-16795", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "OpenEMR 5.0.1.3 allows Cross-Site Request Forgery (CSRF) via library/ajax and interface/super, as demonstrated by use of interface/super/manage_site_files.php to upload a .php file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://community.open-emr.org/t/openemr-security/10597", + "url": "https://community.open-emr.org/t/openemr-security/10597" + }, + { + "refsource": "MISC", + "name": "https://www.open-emr.org/wiki/images/1/11/Openemr_insecurity.pdf", + "url": "https://www.open-emr.org/wiki/images/1/11/Openemr_insecurity.pdf" } ] }