CVEProject
diff --git a/‎2006/1xxx/CVE-2006-1236.json
Lines changed: 5 additions & 0 deletions b/‎2006/1xxx/CVE-2006-1236.json
Lines changed: 5 additions & 0 deletions
diff --git a/‎2017/17xxx/CVE-2017-17837.json
Lines changed: 5 additions & 0 deletions b/‎2017/17xxx/CVE-2017-17837.json
Lines changed: 5 additions & 0 deletions
diff --git a/‎2020/18xxx/CVE-2020-18875.json
Lines changed: 55 additions & 6 deletions b/‎2020/18xxx/CVE-2020-18875.json
Lines changed: 55 additions & 6 deletions
diff --git a/‎2020/23xxx/CVE-2020-23069.json
Lines changed: 50 additions & 6 deletions b/‎2020/23xxx/CVE-2020-23069.json
Lines changed: 50 additions & 6 deletions
diff --git a/‎2020/28xxx/CVE-2020-28146.json
Lines changed: 60 additions & 6 deletions b/‎2020/28xxx/CVE-2020-28146.json
Lines changed: 60 additions & 6 deletions
diff --git a/‎2021/22xxx/CVE-2021-22555.json
Lines changed: 5 additions & 0 deletions b/‎2021/22xxx/CVE-2021-22555.json
Lines changed: 5 additions & 0 deletions
diff --git a/‎2021/23xxx/CVE-2021-23424.json
Lines changed: 10 additions & 7 deletions b/‎2021/23xxx/CVE-2021-23424.json
Lines changed: 10 additions & 7 deletions
diff --git a/‎2021/23xxx/CVE-2021-23425.json
Lines changed: 10 additions & 7 deletions b/‎2021/23xxx/CVE-2021-23425.json
Lines changed: 10 additions & 7 deletions
diff --git a/‎2021/32xxx/CVE-2021-32728.json
Lines changed: 5 additions & 5 deletions b/‎2021/32xxx/CVE-2021-32728.json
Lines changed: 5 additions & 5 deletions
diff --git a/‎2021/32xxx/CVE-2021-32936.json
Lines changed: 5 additions & 0 deletions b/‎2021/32xxx/CVE-2021-32936.json
Lines changed: 5 additions & 0 deletions
@@ -96,6 +96,11 @@
                 "name": "crossfire-setup-bo(25252)",
                 "refsource": "XF",
                 "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25252"
+            },
+            {
+                "refsource": "MISC",
+                "name": "http://packetstormsecurity.com/files/163873/Crossfire-Server-1.0-Buffer-Overflow.html",
+                "url": "http://packetstormsecurity.com/files/163873/Crossfire-Server-1.0-Buffer-Overflow.html"
             }
         ]
     }
 
@@ -67,6 +67,11 @@
                 "refsource": "MLIST",
                 "name": "[deltaspike-dev] 20210816 Another XSS vulnerability of the same type as CVE-2017-17837",
                 "url": "https://lists.apache.org/thread.html/r78565f0f4ecb4ad32a6c405b45b9ee568dfc4729ba63e7d7cb6adf88@%3Cdev.deltaspike.apache.org%3E"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[deltaspike-dev] 20210818 Re: Another XSS vulnerability of the same type as CVE-2017-17837",
+                "url": "https://lists.apache.org/thread.html/r17b326c0eb35d8c71c84c171eda83e3e1f011dc757781e34f2846018@%3Cdev.deltaspike.apache.org%3E"
             }
         ]
     }
 
@@ -1,17 +1,66 @@
 {
-    "data_type": "CVE",
-    "data_format": "MITRE",
-    "data_version": "4.0",
     "CVE_data_meta": {
-        "ID": "CVE-2020-18875",
         "ASSIGNER": "[email protected]",
-        "STATE": "RESERVED"
+        "ID": "CVE-2020-18875",
+        "STATE": "PUBLIC"
     },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "Incorrect Access Control in DotCMS versions before 5.1 allows remote attackers to gain privileges by injecting client configurations via vtl (velocity) files."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://dotcms.com/security/SI-51",
+                "refsource": "MISC",
+                "name": "https://dotcms.com/security/SI-51"
+            },
+            {
+                "url": "https://github.com/dotCMS/core/issues/15882",
+                "refsource": "MISC",
+                "name": "https://github.com/dotCMS/core/issues/15882"
             }
         ]
     }
 
@@ -1,17 +1,61 @@
 {
-    "data_type": "CVE",
-    "data_format": "MITRE",
-    "data_version": "4.0",
     "CVE_data_meta": {
-        "ID": "CVE-2020-23069",
         "ASSIGNER": "[email protected]",
-        "STATE": "RESERVED"
+        "ID": "CVE-2020-23069",
+        "STATE": "PUBLIC"
     },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "Path Traversal vulneraility exists in webTareas 2.0 via the extpath parameter in general_serv.php, which could let a malicious user read arbitrary files."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://www.exploit-db.com/exploits/48312",
+                "refsource": "MISC",
+                "name": "https://www.exploit-db.com/exploits/48312"
             }
         ]
     }
 
@@ -1,17 +1,71 @@
 {
-    "data_type": "CVE",
-    "data_format": "MITRE",
-    "data_version": "4.0",
     "CVE_data_meta": {
-        "ID": "CVE-2020-28146",
         "ASSIGNER": "[email protected]",
-        "STATE": "RESERVED"
+        "ID": "CVE-2020-28146",
+        "STATE": "PUBLIC"
     },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "Cross Site Scripting (XSS) vulnerability exists in Eyoucms v1.4.7 and earlier via the addonfieldext parameter."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://www.exploit-db.com/exploits/48530",
+                "refsource": "MISC",
+                "name": "https://www.exploit-db.com/exploits/48530"
+            },
+            {
+                "url": "https://github.com/eyoucms/eyoucms/issues/12",
+                "refsource": "MISC",
+                "name": "https://github.com/eyoucms/eyoucms/issues/12"
+            },
+            {
+                "url": "https://www.eyoucms.com/ask/list_1_0/4511.html",
+                "refsource": "MISC",
+                "name": "https://www.eyoucms.com/ask/list_1_0/4511.html"
             }
         ]
     }
 
@@ -104,6 +104,11 @@
                 "refsource": "CONFIRM",
                 "name": "https://security.netapp.com/advisory/ntap-20210805-0010/",
                 "url": "https://security.netapp.com/advisory/ntap-20210805-0010/"
+            },
+            {
+                "refsource": "MISC",
+                "name": "http://packetstormsecurity.com/files/163878/Kernel-Live-Patch-Security-Notice-LSN-0080-1.html",
+                "url": "http://packetstormsecurity.com/files/163878/Kernel-Live-Patch-Security-Notice-LSN-0080-1.html"
             }
         ]
     },
 
@@ -48,24 +48,27 @@
     "references": {
         "reference_data": [
             {
-                "refsource": "CONFIRM",
-                "url": "https://snyk.io/vuln/SNYK-JS-ANSIHTML-1296849"
+                "refsource": "MISC",
+                "url": "https://github.com/Tjatse/ansi-html/issues/19",
+                "name": "https://github.com/Tjatse/ansi-html/issues/19"
             },
             {
-                "refsource": "CONFIRM",
-                "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1567198"
+                "refsource": "MISC",
+                "url": "https://snyk.io/vuln/SNYK-JS-ANSIHTML-1296849",
+                "name": "https://snyk.io/vuln/SNYK-JS-ANSIHTML-1296849"
             },
             {
-                "refsource": "CONFIRM",
-                "url": "https://github.com/Tjatse/ansi-html/issues/19"
+                "refsource": "MISC",
+                "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1567198",
+                "name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1567198"
             }
         ]
     },
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "This affects all versions of package ansi-html.\n If an attacker provides a malicious string, it will get stuck processing the input for an extremely long time.\r\n\r\n"
+                "value": "This affects all versions of package ansi-html. If an attacker provides a malicious string, it will get stuck processing the input for an extremely long time."
             }
         ]
     },
 
@@ -48,24 +48,27 @@
     "references": {
         "reference_data": [
             {
-                "refsource": "CONFIRM",
-                "url": "https://snyk.io/vuln/SNYK-JS-TRIMOFFNEWLINES-1296850"
+                "refsource": "MISC",
+                "url": "https://snyk.io/vuln/SNYK-JS-TRIMOFFNEWLINES-1296850",
+                "name": "https://snyk.io/vuln/SNYK-JS-TRIMOFFNEWLINES-1296850"
             },
             {
-                "refsource": "CONFIRM",
-                "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1567197"
+                "refsource": "MISC",
+                "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1567197",
+                "name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1567197"
             },
             {
-                "refsource": "CONFIRM",
-                "url": "https://github.com/stevemao/trim-off-newlines/blob/master/index.js%23L6"
+                "refsource": "MISC",
+                "url": "https://github.com/stevemao/trim-off-newlines/blob/master/index.js%23L6",
+                "name": "https://github.com/stevemao/trim-off-newlines/blob/master/index.js%23L6"
             }
         ]
     },
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "All versions of package trim-off-newlines are vulnerable to Regular Expression Denial of Service (ReDoS) via string processing.\r\n\r\n"
+                "value": "All versions of package trim-off-newlines are vulnerable to Regular Expression Denial of Service (ReDoS) via string processing."
             }
         ]
     },
 
@@ -69,6 +69,11 @@
     },
     "references": {
         "reference_data": [
+            {
+                "name": "https://hackerone.com/reports/1189162",
+                "refsource": "MISC",
+                "url": "https://hackerone.com/reports/1189162"
+            },
             {
                 "name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-f5fr-5gcv-6cc5",
                 "refsource": "CONFIRM",
@@ -78,11 +83,6 @@
                 "name": "https://github.com/nextcloud/desktop/pull/3338",
                 "refsource": "MISC",
                 "url": "https://github.com/nextcloud/desktop/pull/3338"
-            },
-            {
-                "name": "https://hackerone.com/reports/1189162",
-                "refsource": "MISC",
-                "url": "https://hackerone.com/reports/1189162"
             }
         ]
     },
 
@@ -53,6 +53,11 @@
                 "refsource": "CONFIRM",
                 "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-365397.pdf",
                 "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-365397.pdf"
+            },
+            {
+                "refsource": "MISC",
+                "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-982/",
+                "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-982/"
             }
         ]
     },
Original file line number	Diff line number	Diff line change
`@@ -96,6 +96,11 @@`
`96`	`96`	`"name": "crossfire-setup-bo(25252)",`
`97`	`97`	`"refsource": "XF",`
`98`	`98`	`"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25252"`
	`99`	`+ },`
	`100`	`+ {`
	`101`	`+ "refsource": "MISC",`
	`102`	`+ "name": "http://packetstormsecurity.com/files/163873/Crossfire-Server-1.0-Buffer-Overflow.html",`
	`103`	`+ "url": "http://packetstormsecurity.com/files/163873/Crossfire-Server-1.0-Buffer-Overflow.html"`
`99`	`104`	`}`
`100`	`105`	`]`
`101`	`106`	`}`
Original file line number	Diff line number	Diff line change
`@@ -67,6 +67,11 @@`
`67`	`67`	`"refsource": "MLIST",`
`68`	`68`	`"name": "[deltaspike-dev] 20210816 Another XSS vulnerability of the same type as CVE-2017-17837",`
`69`	`69`	`"url": "https://lists.apache.org/thread.html/r78565f0f4ecb4ad32a6c405b45b9ee568dfc4729ba63e7d7cb6adf88@%3Cdev.deltaspike.apache.org%3E"`
	`70`	`+ },`
	`71`	`+ {`
	`72`	`+ "refsource": "MLIST",`
	`73`	`+ "name": "[deltaspike-dev] 20210818 Re: Another XSS vulnerability of the same type as CVE-2017-17837",`
	`74`	`+ "url": "https://lists.apache.org/thread.html/r17b326c0eb35d8c71c84c171eda83e3e1f011dc757781e34f2846018@%3Cdev.deltaspike.apache.org%3E"`
`70`	`75`	`}`
`71`	`76`	`]`
`72`	`77`	`}`
Original file line number	Diff line number	Diff line change
`@@ -104,6 +104,11 @@`
`104`	`104`	`"refsource": "CONFIRM",`
`105`	`105`	`"name": "https://security.netapp.com/advisory/ntap-20210805-0010/",`
`106`	`106`	`"url": "https://security.netapp.com/advisory/ntap-20210805-0010/"`
	`107`	`+ },`
	`108`	`+ {`
	`109`	`+ "refsource": "MISC",`
	`110`	`+ "name": "http://packetstormsecurity.com/files/163878/Kernel-Live-Patch-Security-Notice-LSN-0080-1.html",`
	`111`	`+ "url": "http://packetstormsecurity.com/files/163878/Kernel-Live-Patch-Security-Notice-LSN-0080-1.html"`
`107`	`112`	`}`
`108`	`113`	`]`
`109`	`114`	`},`
Original file line number	Diff line number	Diff line change
`@@ -48,24 +48,27 @@`
`48`	`48`	`"references": {`
`49`	`49`	`"reference_data": [`
`50`	`50`	`{`
`51`		`- "refsource": "CONFIRM",`
`52`		`- "url": "https://snyk.io/vuln/SNYK-JS-ANSIHTML-1296849"`
	`51`	`+ "refsource": "MISC",`
	`52`	`+ "url": "https://github.com/Tjatse/ansi-html/issues/19",`
	`53`	`+ "name": "https://github.com/Tjatse/ansi-html/issues/19"`
`53`	`54`	`},`
`54`	`55`	`{`
`55`		`- "refsource": "CONFIRM",`
`56`		`- "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1567198"`
	`56`	`+ "refsource": "MISC",`
	`57`	`+ "url": "https://snyk.io/vuln/SNYK-JS-ANSIHTML-1296849",`
	`58`	`+ "name": "https://snyk.io/vuln/SNYK-JS-ANSIHTML-1296849"`
`57`	`59`	`},`
`58`	`60`	`{`
`59`		`- "refsource": "CONFIRM",`
`60`		`- "url": "https://github.com/Tjatse/ansi-html/issues/19"`
	`61`	`+ "refsource": "MISC",`
	`62`	`+ "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1567198",`
	`63`	`+ "name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1567198"`
`61`	`64`	`}`
`62`	`65`	`]`
`63`	`66`	`},`
`64`	`67`	`"description": {`
`65`	`68`	`"description_data": [`
`66`	`69`	`{`
`67`	`70`	`"lang": "eng",`
`68`		`- "value": "This affects all versions of package ansi-html.\n If an attacker provides a malicious string, it will get stuck processing the input for an extremely long time.\r\n\r\n"`
	`71`	`+ "value": "This affects all versions of package ansi-html. If an attacker provides a malicious string, it will get stuck processing the input for an extremely long time."`
`69`	`72`	`}`
`70`	`73`	`]`
`71`	`74`	`},`
Original file line number	Diff line number	Diff line change
`@@ -53,6 +53,11 @@`
`53`	`53`	`"refsource": "CONFIRM",`
`54`	`54`	`"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-365397.pdf",`
`55`	`55`	`"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-365397.pdf"`
	`56`	`+ },`
	`57`	`+ {`
	`58`	`+ "refsource": "MISC",`
	`59`	`+ "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-982/",`
	`60`	`+ "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-982/"`
`56`	`61`	`}`
`57`	`62`	`]`
`58`	`63`	`},`