admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-21 05:40:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-04-20 20:01:35 +00:00
parent 0442f1a6c0
commit c274bca68c
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
12 changed files with 183 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

66
2021/37xxx/CVE-2021-37740.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-37740",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-37740",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A denial of service vulnerability exists in MDT's firmware for the KNXnet/IP Secure router SCN-IP100.03 and KNX IP interface SCN-IP000.03 before v3.0.4, that allows a remote attacker to turn the device unresponsive to all requests on the KNXnet/IP Secure layer, until the device is rebooted, via a SESSION_REQUEST frame with a modified total length field."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.mdt.de/EN_IP_Interface_Router.html",
"refsource": "MISC",
"name": "https://www.mdt.de/EN_IP_Interface_Router.html"
},
{
"refsource": "MISC",
"name": "https://www.mdt.de/download/MDT_CL_SCN_IP_03_IP_Interface_Router.pdf",
"url": "https://www.mdt.de/download/MDT_CL_SCN_IP_03_IP_Interface_Router.pdf"
},
{
"refsource": "MISC",
"name": "https://github.com/robertguetzkow/CVE-2021-37740",
"url": "https://github.com/robertguetzkow/CVE-2021-37740"
}
]
}

2
2021/38xxx/CVE-2021-38265.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "Liferay Portal v7.3.6 and below and Liferay DXP v7.3 and below were discovered to contain a cross-site scripting (XSS) vulnerability via the _com_liferay_asset_list_web_portlet_AssetListPortlet_title parameter."
"value": "Cross-site scripting (XSS) vulnerability in the Asset module in Liferay Portal 7.3.4 through 7.3.6 allow remote attackers to inject arbitrary web script or HTML when creating a collection page via the _com_liferay_asset_list_web_portlet_AssetListPortlet_title parameter."
}
]
},

61
2021/43xxx/CVE-2021-43481.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-43481",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-43481",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An SQL Injection vulnerability exists in Webtareas 2.4p3 and earlier via the $uq HTTP POST parameter in editapprovalstage.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://sourceforge.net/projects/webtareas/",
"refsource": "MISC",
"name": "https://sourceforge.net/projects/webtareas/"
},
{
"refsource": "MISC",
"name": "https://behradtaher.dev/2021/11/05/Discovering-a-Blind-SQL-Injection-Whitebox-Approach/",
"url": "https://behradtaher.dev/2021/11/05/Discovering-a-Blind-SQL-Injection-Whitebox-Approach/"
}
]
}

18
2022/1xxx/CVE-2022-1418.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-1418",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/1xxx/CVE-2022-1419.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-1419",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

5
2022/20xxx/CVE-2022-20718.json
View File

@ -71,6 +71,11 @@
"name": "20220413 Cisco IOx Application Hosting Environment Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj"
},
{
"refsource": "MISC",
"name": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-px2c-q384-5wxc",
"url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-px2c-q384-5wxc"
}
]
},

5
2022/20xxx/CVE-2022-20719.json
View File

@ -71,6 +71,11 @@
"name": "20220413 Cisco IOx Application Hosting Environment Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj"
},
{
"refsource": "MISC",
"name": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-8v5w-4fhm-gqxj",
"url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-8v5w-4fhm-gqxj"
}
]
},

5
2022/20xxx/CVE-2022-20723.json
View File

@ -71,6 +71,11 @@
"name": "20220413 Cisco IOx Application Hosting Environment Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj"
},
{
"refsource": "MISC",
"name": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-cq9c-3cwm-7j7q",
"url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-cq9c-3cwm-7j7q"
}
]
},

5
2022/20xxx/CVE-2022-20724.json
View File

@ -71,6 +71,11 @@
"name": "20220413 Cisco IOx Application Hosting Environment Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj"
},
{
"refsource": "MISC",
"name": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-xr7h-wjgg-h3rp",
"url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-xr7h-wjgg-h3rp"
}
]
},

5
2022/20xxx/CVE-2022-20725.json
View File

@ -71,6 +71,11 @@
"name": "20220413 Cisco IOx Application Hosting Environment Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj"
},
{
"refsource": "MISC",
"name": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-q2v9-qpmg-4qc4",
"url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-q2v9-qpmg-4qc4"
}
]
},

2
2022/24xxx/CVE-2022-24871.json
View File

@ -35,7 +35,7 @@
"description_data": [
{
"lang": "eng",
"value": "Shopware is an open commerce platform based on Symfony Framework and Vue. In affected versions an attacker can abuse the Admin SDK functionality on the server to read or update internal resources. Users are advised to update to the current version 6.4.10.1. For older versions of 6.1, 6.2, and 6.3, corresponding security measures are also available via a plugin. There are no known workarounds for this issue.\n"
"value": "Shopware is an open commerce platform based on Symfony Framework and Vue. In affected versions an attacker can abuse the Admin SDK functionality on the server to read or update internal resources. Users are advised to update to the current version 6.4.10.1. For older versions of 6.1, 6.2, and 6.3, corresponding security measures are also available via a plugin. There are no known workarounds for this issue."
}
]
},

10
2022/24xxx/CVE-2022-24872.json
View File

@ -69,11 +69,6 @@
},
"references": {
"reference_data": [
{
"name": "https://github.com/shopware/platform/security/advisories/GHSA-9wrv-g75h-8ccc",
"refsource": "CONFIRM",
"url": "https://github.com/shopware/platform/security/advisories/GHSA-9wrv-g75h-8ccc"
},
{
"name": "https://github.com/shopware/platform/commit/083765e2d64a00315050c4891800c9e98ba0c77c",
"refsource": "MISC",
@ -83,6 +78,11 @@
"name": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-04-2022",
"refsource": "MISC",
"url": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-04-2022"
},
{
"name": "https://github.com/shopware/platform/security/advisories/GHSA-9wrv-g75h-8ccc",
"refsource": "CONFIRM",
"url": "https://github.com/shopware/platform/security/advisories/GHSA-9wrv-g75h-8ccc"
}
]
},