diff --git a/2021/37xxx/CVE-2021-37589.json b/2021/37xxx/CVE-2021-37589.json index c852f7c5531..407775b7715 100644 --- a/2021/37xxx/CVE-2021-37589.json +++ b/2021/37xxx/CVE-2021-37589.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-37589", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-37589", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Virtua Cobranca before 12R allows SQL Injection on the login page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.virtuasoftware.com.br/conteudo.php?content=downloads&lang=pt-br", + "refsource": "MISC", + "name": "https://www.virtuasoftware.com.br/conteudo.php?content=downloads&lang=pt-br" + }, + { + "refsource": "MISC", + "name": "https://github.com/luca-regne/my-cves/tree/main/CVE-2021-37589", + "url": "https://github.com/luca-regne/my-cves/tree/main/CVE-2021-37589" } ] } diff --git a/2022/25xxx/CVE-2022-25361.json b/2022/25xxx/CVE-2022-25361.json index 7316b89c542..cba723dcc44 100644 --- a/2022/25xxx/CVE-2022-25361.json +++ b/2022/25xxx/CVE-2022-25361.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-25361", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-25361", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to delete arbitrary files from a limited set of directories on the system. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://watchguard.com", + "refsource": "MISC", + "name": "https://watchguard.com" + }, + { + "refsource": "MISC", + "name": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00004", + "url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00004" } ] } diff --git a/2022/26xxx/CVE-2022-26526.json b/2022/26xxx/CVE-2022-26526.json index d0ad21e8953..61b067d14b6 100644 --- a/2022/26xxx/CVE-2022-26526.json +++ b/2022/26xxx/CVE-2022-26526.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "Anaconda Anaconda3 through 2021.11.0.0 and Miniconda3 through 11.0.0.0 can create a world-writable directory under %PROGRAMDATA% and place that directory into the system PATH environment variable. Thus, for example, local users can gain privileges by placing a Trojan horse file into that directory. (This problem can only happen in a non-default installation. The person who installs the product must specify that it is being installed for all users. Also, the person who installs the product must specify that the system PATH should be changed.)" + "value": "Anaconda Anaconda3 (Anaconda Distribution) through 2021.11.0.0 and Miniconda3 through 4.11.0.0 can create a world-writable directory under %PROGRAMDATA% and place that directory into the system PATH environment variable. Thus, for example, local users can gain privileges by placing a Trojan horse file into that directory. (This problem can only happen in a non-default installation. The person who installs the product must specify that it is being installed for all users. Also, the person who installs the product must specify that the system PATH should be changed." } ] }, @@ -66,6 +66,11 @@ "refsource": "MISC", "name": "https://improsec.com/tech-blog/privilege-escalation-vulnerability-in-anaconda3-and-miniconda3", "url": "https://improsec.com/tech-blog/privilege-escalation-vulnerability-in-anaconda3-and-miniconda3" + }, + { + "refsource": "MISC", + "name": "https://repo.anaconda.com/miniconda/", + "url": "https://repo.anaconda.com/miniconda/" } ] } diff --git a/2022/29xxx/CVE-2022-29564.json b/2022/29xxx/CVE-2022-29564.json index bca6bf8d29a..4278292f3f5 100644 --- a/2022/29xxx/CVE-2022-29564.json +++ b/2022/29xxx/CVE-2022-29564.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-29564", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-29564", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Jamf Private Access before 2022-05-16 has Incorrect Access Control, in which an unauthorized user can reach a system in the internal infrastructure, aka WND-44801." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://jamf.com", + "refsource": "MISC", + "name": "https://jamf.com" + }, + { + "refsource": "MISC", + "name": "https://github.com/wandera/public-disclosures/blob/master/CVE-2022-29564.md", + "url": "https://github.com/wandera/public-disclosures/blob/master/CVE-2022-29564.md" } ] } diff --git a/2022/30xxx/CVE-2022-30429.json b/2022/30xxx/CVE-2022-30429.json index 53dd6e56dc2..77fe3ece16f 100644 --- a/2022/30xxx/CVE-2022-30429.json +++ b/2022/30xxx/CVE-2022-30429.json @@ -56,6 +56,11 @@ "refsource": "MISC", "name": "https://www.neos.io/blog/xss-in-various-backend-modules.html", "url": "https://www.neos.io/blog/xss-in-various-backend-modules.html" + }, + { + "refsource": "MISC", + "name": "https://it-sec.de/unbekannte-schwachstellen-in-neos-cms/", + "url": "https://it-sec.de/unbekannte-schwachstellen-in-neos-cms/" } ] }