diff --git a/2021/46xxx/CVE-2021-46842.json b/2021/46xxx/CVE-2021-46842.json new file mode 100644 index 00000000000..5db2e0a48c6 --- /dev/null +++ b/2021/46xxx/CVE-2021-46842.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-46842", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/46xxx/CVE-2021-46843.json b/2021/46xxx/CVE-2021-46843.json new file mode 100644 index 00000000000..57e1ee1598a --- /dev/null +++ b/2021/46xxx/CVE-2021-46843.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-46843", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/46xxx/CVE-2021-46844.json b/2021/46xxx/CVE-2021-46844.json new file mode 100644 index 00000000000..6703477f4fc --- /dev/null +++ b/2021/46xxx/CVE-2021-46844.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-46844", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/37xxx/CVE-2022-37461.json b/2022/37xxx/CVE-2022-37461.json index dca25eb5569..e45a34d74c6 100644 --- a/2022/37xxx/CVE-2022-37461.json +++ b/2022/37xxx/CVE-2022-37461.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-37461", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-37461", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple cross-site scripting (XSS) vulnerabilities in Canon Medical Vitrea View 7.x before 7.7.6 allow remote attackers to inject arbitrary web script or HTML via (1) the input after the error subdirectory to the /vitrea-view/error/ subdirectory, or the (2) groupID, (3) offset, or (4) limit parameter to an Administrative Panel (Group and Users) page. There is a risk of an attacker retrieving patient information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.vitalimages.com/vitrea-vision/vitrea-view/", + "refsource": "MISC", + "name": "https://www.vitalimages.com/vitrea-vision/vitrea-view/" + }, + { + "refsource": "MISC", + "name": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=30693", + "url": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=30693" } ] } diff --git a/2022/3xxx/CVE-2022-3371.json b/2022/3xxx/CVE-2022-3371.json index f81c1cfcf64..8e5a2ea1d30 100644 --- a/2022/3xxx/CVE-2022-3371.json +++ b/2022/3xxx/CVE-2022-3371.json @@ -1,89 +1,89 @@ { - "CVE_data_meta": { - "ASSIGNER": "security@huntr.dev", - "ID": "CVE-2022-3371", - "STATE": "PUBLIC", - "TITLE": "No limit in length of \"Token name\" parameter results in DOS attack /memory corruption in ikus060/rdiffweb prior to 2.5.0a3 in ikus060/rdiffweb" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "ikus060/rdiffweb", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_value": "2.5.0a3" - } - ] + "CVE_data_meta": { + "ASSIGNER": "security@huntr.dev", + "ID": "CVE-2022-3371", + "STATE": "PUBLIC", + "TITLE": "No limit in length of \"Token name\" parameter results in DOS attack /memory corruption in ikus060/rdiffweb prior to 2.5.0a3 in ikus060/rdiffweb" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "ikus060/rdiffweb", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "2.5.0a3" + } + ] + } + } + ] + }, + "vendor_name": "ikus060" } - } ] - }, - "vendor_name": "ikus060" } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0a3." - } - ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "HIGH", - "baseScore": 7.5, - "baseSeverity": "HIGH", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "version": "3.0" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-770 Allocation of Resources Without Limits or Throttling" - } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0a3." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://huntr.dev/bounties/4e8f6136-50c7-4fa1-ac98-699bcb7b35ce", - "refsource": "CONFIRM", - "url": "https://huntr.dev/bounties/4e8f6136-50c7-4fa1-ac98-699bcb7b35ce" - }, - { - "name": "https://github.com/ikus060/rdiffweb/commit/b62c479ff6979563c7c23e7182942bc4f460a2c7", - "refsource": "MISC", - "url": "https://github.com/ikus060/rdiffweb/commit/b62c479ff6979563c7c23e7182942bc4f460a2c7" - } - ] - }, - "source": { - "advisory": "4e8f6136-50c7-4fa1-ac98-699bcb7b35ce", - "discovery": "EXTERNAL" - } + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-770 Allocation of Resources Without Limits or Throttling" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/ikus060/rdiffweb/commit/b62c479ff6979563c7c23e7182942bc4f460a2c7", + "refsource": "MISC", + "url": "https://github.com/ikus060/rdiffweb/commit/b62c479ff6979563c7c23e7182942bc4f460a2c7" + }, + { + "name": "https://huntr.dev/bounties/4e8f6136-50c7-4fa1-ac98-699bcb7b35ce", + "refsource": "CONFIRM", + "url": "https://huntr.dev/bounties/4e8f6136-50c7-4fa1-ac98-699bcb7b35ce" + } + ] + }, + "source": { + "advisory": "4e8f6136-50c7-4fa1-ac98-699bcb7b35ce", + "discovery": "EXTERNAL" + } } \ No newline at end of file diff --git a/2022/3xxx/CVE-2022-3373.json b/2022/3xxx/CVE-2022-3373.json new file mode 100644 index 00000000000..89d23fa8e05 --- /dev/null +++ b/2022/3xxx/CVE-2022-3373.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-3373", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/3xxx/CVE-2022-3374.json b/2022/3xxx/CVE-2022-3374.json new file mode 100644 index 00000000000..8be5d495300 --- /dev/null +++ b/2022/3xxx/CVE-2022-3374.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-3374", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file