Skip to content
This repository was archived by the owner on Jun 10, 2025. It is now read-only.

Commit 5d7cb1f

Browse files
committed
"-Synchronized-Data."
1 parent ae0978b commit 5d7cb1f

21 files changed

+1068
-87
lines changed

2021/22xxx/CVE-2021-22716.json

Lines changed: 45 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -1,42 +1,72 @@
11
{
2-
"data_type": "CVE",
3-
"data_format": "MITRE",
4-
"data_version": "4.0",
52
"CVE_data_meta": {
6-
"ID": "CVE-2021-22716",
73
"ASSIGNER": "[email protected]",
4+
"DATE_PUBLIC": "2022-11-08T16:45:00.000Z",
5+
"ID": "CVE-2021-22716",
86
"STATE": "PUBLIC"
97
},
108
"affects": {
119
"vendor": {
1210
"vendor_data": [
1311
{
14-
"vendor_name": "n/a",
1512
"product": {
1613
"product_data": [
1714
{
18-
"product_name": "C-Bus Toolkit V1.15.7 and prior",
15+
"product_name": "C-Bus Toolkit",
1916
"version": {
2017
"version_data": [
2118
{
22-
"version_value": "C-Bus Toolkit V1.15.7 and prior"
19+
"version_affected": "<",
20+
"version_name": "V",
21+
"version_value": "1.15.9"
2322
}
2423
]
2524
}
2625
}
2726
]
28-
}
27+
},
28+
"vendor_name": "Schneider Electric"
2929
}
3030
]
3131
}
3232
},
33+
"data_format": "MITRE",
34+
"data_type": "CVE",
35+
"data_version": "4.0",
36+
"description": {
37+
"description_data": [
38+
{
39+
"lang": "eng",
40+
"value": "A CWE-732: Incorrect Permission Assignment for Critical Resource vulnerability exists that could allow remote code execution when an unprivileged user modifies a file. Affected Product: C-Bus Toolkit (V1.15.9 and prior)"
41+
}
42+
]
43+
},
44+
"generator": {
45+
"engine": "Vulnogram 0.0.9"
46+
},
47+
"impact": {
48+
"cvss": {
49+
"attackComplexity": "LOW",
50+
"attackVector": "LOCAL",
51+
"availabilityImpact": "HIGH",
52+
"baseScore": 7.8,
53+
"baseSeverity": "HIGH",
54+
"confidentialityImpact": "HIGH",
55+
"integrityImpact": "HIGH",
56+
"privilegesRequired": "LOW",
57+
"scope": "UNCHANGED",
58+
"userInteraction": "NONE",
59+
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
60+
"version": "3.1"
61+
}
62+
},
3363
"problemtype": {
3464
"problemtype_data": [
3565
{
3666
"description": [
3767
{
3868
"lang": "eng",
39-
"value": "CWE-269: Improper Privilege Management"
69+
"value": "CWE-732 Incorrect Permission Assignment for Critical Resource"
4070
}
4171
]
4272
}
@@ -46,22 +76,17 @@
4676
"reference_data": [
4777
{
4878
"refsource": "MISC",
49-
"name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-103-01",
50-
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-103-01"
79+
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-103-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2021-103-01_C-Bus_Toolkit_C-Gate_Server_Security_Notification.pdf",
80+
"name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-103-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2021-103-01_C-Bus_Toolkit_C-Gate_Server_Security_Notification.pdf"
5181
},
5282
{
5383
"refsource": "MISC",
54-
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-562/",
55-
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-562/"
84+
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-105-01",
85+
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-105-01"
5686
}
5787
]
5888
},
59-
"description": {
60-
"description_data": [
61-
{
62-
"lang": "eng",
63-
"value": "A CWE-269: Improper Privilege Management vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when an unprivileged user modifies a file."
64-
}
65-
]
89+
"source": {
90+
"discovery": "UNKNOWN"
6691
}
6792
}

2021/33xxx/CVE-2021-33621.json

Lines changed: 50 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,17 +1,61 @@
11
{
2-
"data_type": "CVE",
3-
"data_format": "MITRE",
4-
"data_version": "4.0",
52
"CVE_data_meta": {
6-
"ID": "CVE-2021-33621",
73
"ASSIGNER": "[email protected]",
8-
"STATE": "RESERVED"
4+
"ID": "CVE-2021-33621",
5+
"STATE": "PUBLIC"
96
},
7+
"affects": {
8+
"vendor": {
9+
"vendor_data": [
10+
{
11+
"product": {
12+
"product_data": [
13+
{
14+
"product_name": "n/a",
15+
"version": {
16+
"version_data": [
17+
{
18+
"version_value": "n/a"
19+
}
20+
]
21+
}
22+
}
23+
]
24+
},
25+
"vendor_name": "n/a"
26+
}
27+
]
28+
}
29+
},
30+
"data_format": "MITRE",
31+
"data_type": "CVE",
32+
"data_version": "4.0",
1033
"description": {
1134
"description_data": [
1235
{
1336
"lang": "eng",
14-
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
37+
"value": "cgi.rb in Ruby through 2.6.x, through 3.0x, and through 3.1.x allows HTTP header injection. If a CGI application using the CGI library inserts untrusted input into the HTTP response header, an attacker can exploit it to insert a newline character to split a header, and inject malicious content to deceive clients."
38+
}
39+
]
40+
},
41+
"problemtype": {
42+
"problemtype_data": [
43+
{
44+
"description": [
45+
{
46+
"lang": "eng",
47+
"value": "n/a"
48+
}
49+
]
50+
}
51+
]
52+
},
53+
"references": {
54+
"reference_data": [
55+
{
56+
"url": "https://hackerone.com/reports/1204695",
57+
"refsource": "MISC",
58+
"name": "https://hackerone.com/reports/1204695"
1559
}
1660
]
1761
}

2022/40xxx/CVE-2022-40130.json

Lines changed: 93 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,18 +1,105 @@
11
{
2-
"data_type": "CVE",
3-
"data_format": "MITRE",
4-
"data_version": "4.0",
52
"CVE_data_meta": {
3+
"ASSIGNER": "[email protected]",
4+
"DATE_PUBLIC": "2022-10-05T19:36:00.000Z",
65
"ID": "CVE-2022-40130",
7-
"ASSIGNER": "[email protected]",
8-
"STATE": "RESERVED"
6+
"STATE": "PUBLIC",
7+
"TITLE": "WordPress WP-Polls plugin <= 2.76.0 - Auth. Race Condition vulnerability"
98
},
9+
"affects": {
10+
"vendor": {
11+
"vendor_data": [
12+
{
13+
"product": {
14+
"product_data": [
15+
{
16+
"product_name": "WP-Polls (WordPress plugin)",
17+
"version": {
18+
"version_data": [
19+
{
20+
"version_affected": "<=",
21+
"version_name": "<= 2.76.0",
22+
"version_value": "2.76.0"
23+
}
24+
]
25+
}
26+
}
27+
]
28+
},
29+
"vendor_name": "Lester 'GaMerZ' Chan"
30+
}
31+
]
32+
}
33+
},
34+
"credit": [
35+
{
36+
"lang": "eng",
37+
"value": "Vulnerability discovered by Nguy Minh Tuan (Patchstack Alliance)"
38+
}
39+
],
40+
"data_format": "MITRE",
41+
"data_type": "CVE",
42+
"data_version": "4.0",
1043
"description": {
1144
"description_data": [
1245
{
1346
"lang": "eng",
14-
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
47+
"value": "Auth. (subscriber+) Race Condition vulnerability in WP-Polls plugin <= 2.76.0 on WordPress."
1548
}
1649
]
50+
},
51+
"generator": {
52+
"engine": "Vulnogram 0.0.9"
53+
},
54+
"impact": {
55+
"cvss": {
56+
"attackComplexity": "LOW",
57+
"attackVector": "NETWORK",
58+
"availabilityImpact": "NONE",
59+
"baseScore": 4.3,
60+
"baseSeverity": "MEDIUM",
61+
"confidentialityImpact": "NONE",
62+
"integrityImpact": "LOW",
63+
"privilegesRequired": "LOW",
64+
"scope": "UNCHANGED",
65+
"userInteraction": "NONE",
66+
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
67+
"version": "3.1"
68+
}
69+
},
70+
"problemtype": {
71+
"problemtype_data": [
72+
{
73+
"description": [
74+
{
75+
"lang": "eng",
76+
"value": "Race condition"
77+
}
78+
]
79+
}
80+
]
81+
},
82+
"references": {
83+
"reference_data": [
84+
{
85+
"name": "https://patchstack.com/database/vulnerability/wp-polls/wordpress-wp-polls-plugin-2-76-0-race-condition-vulnerability?_s_id=cve",
86+
"refsource": "CONFIRM",
87+
"url": "https://patchstack.com/database/vulnerability/wp-polls/wordpress-wp-polls-plugin-2-76-0-race-condition-vulnerability?_s_id=cve"
88+
},
89+
{
90+
"name": "https://wordpress.org/plugins/wp-polls/#developers",
91+
"refsource": "CONFIRM",
92+
"url": "https://wordpress.org/plugins/wp-polls/#developers"
93+
}
94+
]
95+
},
96+
"solution": [
97+
{
98+
"lang": "eng",
99+
"value": "Update to 2.77.0 or higher version."
100+
}
101+
],
102+
"source": {
103+
"discovery": "EXTERNAL"
17104
}
18105
}

0 commit comments

Comments
 (0)