admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-02-13 20:00:33 +00:00
parent b717e9fc56
commit 2a621ceeba
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
38 changed files with 1726 additions and 173 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

125
2020/12xxx/CVE-2020-12930.json
View File

@ -1,14 +1,37 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2022-11-08T17:00:00.000Z",
"ID": "CVE-2020-12930", "ID": "CVE-2020-12930",
"ASSIGNER": "psirt@amd.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper parameters handling in AMD Secure Processor (ASP) drivers may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": { "affects": {
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"vendor_name": "AMD",
"product": { "product": {
"product_data": [ "product_data": [
{ {
@ -32,51 +55,87 @@
} }
] ]
} }
},
{
"product_name": "AMD Ryzen(TM) Embedded R1000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": "AMD Ryzen(TM) Embedded R2000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": "AMD Ryzen(TM) Embedded 5000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": "AMD Ryzen(TM) Embedded V1000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": "AMD Ryzen(TM) Embedded V2000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
} }
] ]
}, }
"vendor_name": "AMD"
} }
] ]
} }
}, },
"data_format": "MITRE", "references": {
"data_type": "CVE", "reference_data": [
"data_version": "4.0",
"description": {
"description_data": [
{ {
"lang": "eng", "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1029",
"value": "Improper parameters handling in AMD Secure Processor (ASP) drivers may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity." "refsource": "MISC",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1029"
},
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-5001",
"refsource": "MISC",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-5001"
} }
] ]
}, },
"generator": { "generator": {
"engine": "Vulnogram 0.0.9" "engine": "Vulnogram 0.0.9"
}, },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "TBD"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1029",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1029"
}
]
},
"source": { "source": {
"advisory": "AMD-SB-1029", "advisory": "AMD-SB-1029, AMD-SB-5001",
"discovery": "EXTERNAL" "discovery": "EXTERNAL"
} }
} }

114
2020/12xxx/CVE-2020-12931.json
View File

@ -1,14 +1,37 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2022-11-08T17:00:00.000Z",
"ID": "CVE-2020-12931", "ID": "CVE-2020-12931",
"ASSIGNER": "psirt@amd.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper parameters handling in the AMD Secure Processor (ASP) kernel may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": { "affects": {
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"vendor_name": "AMD",
"product": { "product": {
"product_data": [ "product_data": [
{ {
@ -32,51 +55,76 @@
} }
] ]
} }
},
{
"product_name": "AMD Ryzen(TM) Embedded R1000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": "AMD Ryzen(TM) Embedded R2000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": "AMD Ryzen(TM) Embedded 5000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": "AMD Ryzen(TM) Embedded V1000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
} }
] ]
}, }
"vendor_name": "AMD"
} }
] ]
} }
}, },
"data_format": "MITRE", "references": {
"data_type": "CVE", "reference_data": [
"data_version": "4.0",
"description": {
"description_data": [
{ {
"lang": "eng", "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1029",
"value": "Improper parameters handling in the AMD Secure Processor (ASP) kernel may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity." "refsource": "MISC",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1029"
},
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-5001",
"refsource": "MISC",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-5001"
} }
] ]
}, },
"generator": { "generator": {
"engine": "Vulnogram 0.0.9" "engine": "Vulnogram 0.0.9"
}, },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "TBD"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1029",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1029"
}
]
},
"source": { "source": {
"advisory": "AMD-SB-1029", "advisory": "AMD-SB-1029, AMD-SB-5001",
"discovery": "EXTERNAL" "discovery": "EXTERNAL"
} }
} }

29
2021/26xxx/CVE-2021-26345.json
View File

@ -55,6 +55,28 @@
} }
] ]
} }
},
{
"product_name": "AMD EPYC\u2122 Embedded 7002",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": "AMD EPYC\u2122 Embedded 7003",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
} }
] ]
} }
@ -86,6 +108,11 @@
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002", "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002",
"refsource": "MISC", "refsource": "MISC",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002" "name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002"
},
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001",
"refsource": "MISC",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001"
} }
] ]
}, },
@ -93,7 +120,7 @@
"engine": "Vulnogram 0.1.0-dev" "engine": "Vulnogram 0.1.0-dev"
}, },
"source": { "source": {
"advisory": "AMD-SB-3002", "advisory": "AMD-SB-3002, AMD-5001",
"discovery": "UNKNOWN" "discovery": "UNKNOWN"
} }
} }

136
2021/26xxx/CVE-2021-26392.json
View File

@ -1,14 +1,37 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2022-11-08T17:00:00.000Z",
"ID": "CVE-2021-26392", "ID": "CVE-2021-26392",
"ASSIGNER": "psirt@amd.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficient verification of missing size check in 'LoadModule' may lead to an out-of-bounds write potentially allowing an attacker with privileges to gain code execution of the OS/kernel by loading a malicious TA.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": { "affects": {
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"vendor_name": "AMD",
"product": { "product": {
"product_data": [ "product_data": [
{ {
@ -54,51 +77,98 @@
} }
] ]
} }
},
{
"product_name": "AMD Ryzen\u2122 Embedded R1000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": "AMD Ryzen\u2122 Embedded R2000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": "AMD Ryzen\u2122 Embedded 5000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": "AMD Ryzen\u2122 Embedded V1000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": "AMD Ryzen\u2122 Embedded V2000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": "AMD Ryzen\u2122Embedded V3000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
} }
] ]
}, }
"vendor_name": "AMD"
} }
] ]
} }
}, },
"data_format": "MITRE", "references": {
"data_type": "CVE", "reference_data": [
"data_version": "4.0",
"description": {
"description_data": [
{ {
"lang": "eng", "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1029",
"value": "Insufficient verification of missing size check in 'LoadModule' may lead to an out-of-bounds write potentially allowing an attacker with privileges to gain code execution of the OS/kernel by loading a malicious TA." "refsource": "MISC",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1029"
},
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-5001",
"refsource": "MISC",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-5001"
} }
] ]
}, },
"generator": { "generator": {
"engine": "Vulnogram 0.0.9" "engine": "Vulnogram 0.0.9"
}, },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "TBD"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1029",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1029"
}
]
},
"source": { "source": {
"advisory": "AMD-SB-1029", "advisory": "AMD-SB-1029, AMD-SB-5001",
"discovery": "EXTERNAL" "discovery": "EXTERNAL"
} }
} }

114
2021/26xxx/CVE-2021-26393.json
View File

@ -1,14 +1,37 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2022-11-08T17:00:00.000Z",
"ID": "CVE-2021-26393", "ID": "CVE-2021-26393",
"ASSIGNER": "psirt@amd.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficient memory cleanup in the AMD Secure Processor (ASP) Trusted Execution Environment (TEE) may allow an authenticated attacker with privileges to generate a valid signed TA and potentially poison the contents of the process memory with attacker controlled data resulting in a loss of confidentiality.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": { "affects": {
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"vendor_name": "AMD",
"product": { "product": {
"product_data": [ "product_data": [
{ {
@ -54,51 +77,76 @@
} }
] ]
} }
},
{
"product_name": "AMD Ryzen\u2122 Embedded R1000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": "AMD Ryzen\u2122 Embedded R2000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": "AMD Ryzen\u2122 Embedded V1000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": "AMD Ryzen\u2122 Embedded V2000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
} }
] ]
}, }
"vendor_name": "AMD"
} }
] ]
} }
}, },
"data_format": "MITRE", "references": {
"data_type": "CVE", "reference_data": [
"data_version": "4.0",
"description": {
"description_data": [
{ {
"lang": "eng", "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1029",
"value": "Insufficient memory cleanup in the AMD Secure Processor (ASP) Trusted Execution Environment (TEE) may allow an authenticated attacker with privileges to generate a valid signed TA and potentially poison the contents of the process memory with attacker controlled data resulting in a loss of confidentiality." "refsource": "MISC",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1029"
},
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-5001",
"refsource": "MISC",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-5001"
} }
] ]
}, },
"generator": { "generator": {
"engine": "Vulnogram 0.0.9" "engine": "Vulnogram 0.0.9"
}, },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "TBD"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1029",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1029"
}
]
},
"source": { "source": {
"advisory": "AMD-SB-1029", "advisory": "AMD-SB-1029, AMD-SB-5001",
"discovery": "EXTERNAL" "discovery": "EXTERNAL"
} }
} }

51
2021/46xxx/CVE-2021-46754.json
View File

@ -132,6 +132,50 @@
} }
] ]
} }
},
{
"product_name": "AMD Ryzen\u2122 Embedded R1000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": "AMD Ryzen\u2122 Embedded R2000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": "AMD Ryzen\u2122 Embedded V1000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": "AMD Ryzen\u2122 Embedded V2000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
} }
] ]
} }
@ -145,6 +189,11 @@
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001", "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001",
"refsource": "MISC", "refsource": "MISC",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001" "name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001"
},
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001",
"refsource": "MISC",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001"
} }
] ]
}, },
@ -152,7 +201,7 @@
"engine": "Vulnogram 0.1.0-dev" "engine": "Vulnogram 0.1.0-dev"
}, },
"source": { "source": {
"advisory": "AMD-SB-4001", "advisory": "AMD-SB-4001, AMD-SB-5001",
"discovery": "UNKNOWN" "discovery": "UNKNOWN"
} }
} }

60
2021/46xxx/CVE-2021-46757.json
View File

@ -1,18 +1,70 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-46757", "ID": "CVE-2021-46757",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "psirt@amd.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Insufficient checking of memory buffer in ASP\nSecure OS may allow an attacker with a malicious TA to read/write to the ASP\nSecure OS kernel virtual address space potentially leading to privilege\nescalation.\n\n\n\n"
} }
] ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "AMD",
"product": {
"product_data": [
{
"product_name": "AMD Ryzen\u2122 Embedded 5000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001",
"refsource": "MISC",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"advisory": "AMD-SB-5001",
"discovery": "UNKNOWN"
} }
} }

29
2021/46xxx/CVE-2021-46762.json
View File

@ -55,6 +55,28 @@
} }
] ]
} }
},
{
"product_name": "AMD EPYC\u2122 Embedded 7002",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": "AMD EPYC\u2122 Embedded 7003",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
} }
] ]
} }
@ -68,6 +90,11 @@
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3001", "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3001",
"refsource": "MISC", "refsource": "MISC",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3001" "name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3001"
},
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001",
"refsource": "MISC",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001"
} }
] ]
}, },
@ -75,7 +102,7 @@
"engine": "Vulnogram 0.1.0-dev" "engine": "Vulnogram 0.1.0-dev"
}, },
"source": { "source": {
"advisory": "AMD-SB-3001", "advisory": "AMD-SB-3001, AMD-SB-5001",
"discovery": "UNKNOWN" "discovery": "UNKNOWN"
} }
} }

18
2021/46xxx/CVE-2021-46766.json
View File

@ -55,6 +55,17 @@
} }
] ]
} }
},
{
"product_name": "AMD EPYC\u2122 Embedded 9003",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
} }
] ]
} }
@ -73,6 +84,11 @@
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002", "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002",
"refsource": "MISC", "refsource": "MISC",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002" "name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002"
},
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001",
"refsource": "MISC",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001"
} }
] ]
}, },
@ -80,7 +96,7 @@
"engine": "Vulnogram 0.1.0-dev" "engine": "Vulnogram 0.1.0-dev"
}, },
"source": { "source": {
"advisory": "AMD-SB-4002, AMD-SB-3002", "advisory": "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001",
"discovery": "UNKNOWN" "discovery": "UNKNOWN"
} }
} }

51
2021/46xxx/CVE-2021-46774.json
View File

@ -132,6 +132,50 @@
} }
] ]
} }
},
{
"product_name": "AMD EPYC\u2122 Embedded 3000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": "AMD EPYC\u2122 Embedded 7002",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": "AMD EPYC\u2122 Embedded 7003",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": "AMD Ryzen\u2122 Embedded 5000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
} }
] ]
} }
@ -150,6 +194,11 @@
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002", "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002",
"refsource": "MISC", "refsource": "MISC",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002" "name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002"
},
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001",
"refsource": "MISC",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001"
} }
] ]
}, },
@ -157,7 +206,7 @@
"engine": "Vulnogram 0.1.0-dev" "engine": "Vulnogram 0.1.0-dev"
}, },
"source": { "source": {
"advisory": "AMD-SB-4002, AMD-SB-3002", "advisory": "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001",
"discovery": "UNKNOWN" "discovery": "UNKNOWN"
} }
} }

18
2022/23xxx/CVE-2022-23820.json
View File

@ -231,6 +231,17 @@
} }
] ]
} }
},
{
"product_name": "AMD EPYC\u2122 Embedded 7003",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various "
}
]
}
} }
] ]
} }
@ -249,6 +260,11 @@
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002", "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002",
"refsource": "MISC", "refsource": "MISC",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002" "name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002"
},
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001",
"refsource": "MISC",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001"
} }
] ]
}, },
@ -256,7 +272,7 @@
"engine": "Vulnogram 0.1.0-dev" "engine": "Vulnogram 0.1.0-dev"
}, },
"source": { "source": {
"advisory": "AMD-SB-4002, AMD-SB-3002", "advisory": "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001",
"discovery": "UNKNOWN" "discovery": "UNKNOWN"
} }
} }

73
2022/23xxx/CVE-2022-23821.json
View File

@ -235,6 +235,72 @@
} }
] ]
} }
},
{
"product_name": "AMD Ryzen\u2122 Embedded R1000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various "
}
]
}
},
{
"product_name": "AMD Ryzen\u2122 Embedded R2000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various "
}
]
}
},
{
"product_name": "AMD Ryzen\u2122 Embedded 5000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various "
}
]
}
},
{
"product_name": "AMD Ryzen\u2122 Embedded V1000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": "AMD Ryzen\u2122 Embedded V2000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": "AMD Ryzen\u2122 Embedded V3000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
} }
] ]
} }
@ -248,6 +314,11 @@
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002", "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002",
"refsource": "MISC", "refsource": "MISC",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002" "name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002"
},
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001",
"refsource": "MISC",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001"
} }
] ]
}, },
@ -255,7 +326,7 @@
"engine": "Vulnogram 0.1.0-dev" "engine": "Vulnogram 0.1.0-dev"
}, },
"source": { "source": {
"advisory": "AMD-SB-4002", "advisory": "AMD-SB-4002, AMD-SB-5001",
"discovery": "UNKNOWN" "discovery": "UNKNOWN"
} }
} }

20
2022/23xxx/CVE-2022-23830.json
View File

@ -44,6 +44,17 @@
} }
] ]
} }
},
{
"product_name": "AMD EPYC\u2122 Embedded 7003 ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various "
}
]
}
} }
] ]
} }
@ -53,7 +64,7 @@
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "4th Gen AMD EPYC\u2122 Processors ", "product_name": "4th Gen AMD EPY\u2122 Processors ",
"version": { "version": {
"version_data": [ "version_data": [
{ {
@ -75,6 +86,11 @@
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002", "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002",
"refsource": "MISC", "refsource": "MISC",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002" "name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002"
},
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001",
"refsource": "MISC",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001"
} }
] ]
}, },
@ -82,7 +98,7 @@
"engine": "Vulnogram 0.1.0-dev" "engine": "Vulnogram 0.1.0-dev"
}, },
"source": { "source": {
"advisory": "AMD-SB-3002", "advisory": "AMD-SB-3002, AMD-SB-5001",
"discovery": "UNKNOWN" "discovery": "UNKNOWN"
} }
} }

73
2023/20xxx/CVE-2023-20521.json
View File

@ -121,6 +121,72 @@
} }
] ]
} }
},
{
"product_name": "AMD EPYC\u2122 Embedded 3000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": "AMD EPYC\u2122 Embedded 7002",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": "AMD EPYC\u2122 Embedded 7003",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": "AMD Ryzen\u2122 Embedded R1000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": "AMD Ryzen\u2122 Embedded R2000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": "AMD Ryzen\u2122 Embedded V1000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
} }
] ]
} }
@ -139,6 +205,11 @@
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002", "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002",
"refsource": "MISC", "refsource": "MISC",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002" "name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002"
},
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001",
"refsource": "MISC",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001"
} }
] ]
}, },
@ -146,7 +217,7 @@
"engine": "Vulnogram 0.1.0-dev" "engine": "Vulnogram 0.1.0-dev"
}, },
"source": { "source": {
"advisory": "AMD-SB-4002, AMD-SB-3002", "advisory": "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001",
"discovery": "UNKNOWN" "discovery": "UNKNOWN"
} }
} }

40
2023/20xxx/CVE-2023-20526.json
View File

@ -77,6 +77,39 @@
} }
] ]
} }
},
{
"product_name": "AMD EPYC\u2122 Embedded 3000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various "
}
]
}
},
{
"product_name": "AMD EPYC\u2122 Embedded 7002",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various "
}
]
}
},
{
"product_name": "AMD EPYC\u2122 Embedded 7003",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various "
}
]
}
} }
] ]
} }
@ -95,6 +128,11 @@
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002", "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002",
"refsource": "MISC", "refsource": "MISC",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002" "name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002"
},
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001",
"refsource": "MISC",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001"
} }
] ]
}, },
@ -102,7 +140,7 @@
"engine": "Vulnogram 0.1.0-dev" "engine": "Vulnogram 0.1.0-dev"
}, },
"source": { "source": {
"advisory": "AMD-SB-4002, AMD-SB-3002", "advisory": "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001",
"discovery": "UNKNOWN" "discovery": "UNKNOWN"
} }
} }

40
2023/20xxx/CVE-2023-20533.json
View File

@ -110,6 +110,39 @@
} }
] ]
} }
},
{
"product_name": "AMD EPYC\u2122 Embedded 7002",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various "
}
]
}
},
{
"product_name": "AMD EPYC\u2122 Embedded 7003",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various "
}
]
}
},
{
"product_name": "AMD Ryzen\u2122 Embedded 5000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various "
}
]
}
} }
] ]
} }
@ -128,6 +161,11 @@
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002", "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002",
"refsource": "MISC", "refsource": "MISC",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002" "name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002"
},
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001",
"refsource": "MISC",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001"
} }
] ]
}, },
@ -135,7 +173,7 @@
"engine": "Vulnogram 0.1.0-dev" "engine": "Vulnogram 0.1.0-dev"
}, },
"source": { "source": {
"advisory": "AMD-SB-4002, AMD-SB-3002", "advisory": "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001",
"discovery": "UNKNOWN" "discovery": "UNKNOWN"
} }
} }

51
2023/20xxx/CVE-2023-20563.json
View File

@ -121,6 +121,50 @@
} }
] ]
} }
},
{
"product_name": "AMD Ryzen\u2122 Embedded R1000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various "
}
]
}
},
{
"product_name": "AMD Ryzen\u2122 Embedded R2000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various "
}
]
}
},
{
"product_name": "AMD Ryzen\u2122 Embedded 5000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various "
}
]
}
},
{
"product_name": "AMD Ryzen\u2122 Embedded V3000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various "
}
]
}
} }
] ]
} }
@ -134,6 +178,11 @@
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002", "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002",
"refsource": "MISC", "refsource": "MISC",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002" "name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002"
},
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001",
"refsource": "MISC",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001"
} }
] ]
}, },
@ -141,7 +190,7 @@
"engine": "Vulnogram 0.1.0-dev" "engine": "Vulnogram 0.1.0-dev"
}, },
"source": { "source": {
"advisory": "AMD-SB-4002", "advisory": "AMD-SB-4002, AMD-SB-5001",
"discovery": "UNKNOWN" "discovery": "UNKNOWN"
} }
} }

18
2023/20xxx/CVE-2023-20565.json
View File

@ -110,6 +110,17 @@
} }
] ]
} }
},
{
"product_name": "AMD Ryzen\u2122 Embedded V3000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various "
}
]
}
} }
] ]
} }
@ -123,6 +134,11 @@
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002", "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002",
"refsource": "MISC", "refsource": "MISC",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002" "name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002"
},
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001",
"refsource": "MISC",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001"
} }
] ]
}, },
@ -130,7 +146,7 @@
"engine": "Vulnogram 0.1.0-dev" "engine": "Vulnogram 0.1.0-dev"
}, },
"source": { "source": {
"advisory": "AMD-SB-4002", "advisory": "AMD-SB-4002, AMD-SB-5001",
"discovery": "UNKNOWN" "discovery": "UNKNOWN"
} }
} }

207
2023/20xxx/CVE-2023-20579.json
View File

@ -1,18 +1,217 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-20579", "ID": "CVE-2023-20579",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "psirt@amd.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Improper\nAccess Control in the AMD SPI protection feature may allow a user with Ring0\n(kernel mode) privileged access to bypass protections potentially resulting in\nloss of integrity and availability.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n"
} }
] ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "AMD",
"product": {
"product_data": [
{
"product_name": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various "
}
]
}
},
{
"product_name": "AMD Ryzen\u2122 7000 Series Desktop Processor ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Various "
}
]
}
},
{
"product_name": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various "
}
]
}
},
{
"product_name": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various "
}
]
}
},
{
"product_name": "AMD Ryzen\u2122 4000 Series Desktop Processors with Radeon\u2122 Graphics ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various "
}
]
}
},
{
"product_name": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various "
}
]
}
},
{
"product_name": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various "
},
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various "
}
]
}
},
{
"product_name": "AMD Ryzen\u2122 7045 Series Mobile Processors ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various "
}
]
}
},
{
"product_name": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": "AMD Ryzen\u2122 Embedded V2000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": "AMD Ryzen\u2122 Embedded V3000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": "AMD Ryzen\u2122 7035 Series Mobile Processors with Radeon\u2122 Graphics ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": "AMD Ryzen\u2122 3000 Series Processors with Radeon\u2122 Graphics",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7009",
"refsource": "MISC",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7009"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"advisory": "AMD-SB-7009",
"discovery": "UNKNOWN"
} }
} }

145
2023/20xxx/CVE-2023-20587.json
View File

@ -1,18 +1,155 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-20587", "ID": "CVE-2023-20587",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "psirt@amd.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Improper\nAccess Control in System Management Mode (SMM) may allow an attacker access to\nthe SPI flash potentially leading to arbitrary code execution.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n"
} }
] ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "AMD",
"product": {
"product_data": [
{
"product_name": "3rd Gen AMD EPYC\u2122 Processors",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various "
}
]
}
},
{
"product_name": "4th Gen AMD EPYC\u2122 Processors",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": "1st Gen AMD EPYC\u2122 Processors",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "affected",
"version": "various"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "2nd Gen AMD EPYC\u2122 Processors",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": "AMD EPYC(TM) Embedded 3000 ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": "AMD EPYC(TM) Embedded 7002 ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": "AMD EPYC(TM) Embedded 7003",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": "AMD EPYC(TM) Embedded 9003",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7009",
"refsource": "MISC",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7009"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"advisory": "AMD-SB-7009",
"discovery": "UNKNOWN"
} }
} }

5
2023/2xxx/CVE-2023-2804.json
View File

@ -68,6 +68,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/668#issuecomment-1492586118", "name": "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/668#issuecomment-1492586118",
"url": "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/668#issuecomment-1492586118" "url": "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/668#issuecomment-1492586118"
},
{
"refsource": "CONFIRM",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01006.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01006.html"
} }
] ]
}, },

5
2023/2xxx/CVE-2023-2976.json
View File

@ -63,6 +63,11 @@
"url": "https://security.netapp.com/advisory/ntap-20230818-0008/", "url": "https://security.netapp.com/advisory/ntap-20230818-0008/",
"refsource": "MISC", "refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20230818-0008/" "name": "https://security.netapp.com/advisory/ntap-20230818-0008/"
},
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01006.html",
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01006.html"
} }
] ]
}, },

94
2023/31xxx/CVE-2023-31346.json
View File

@ -1,18 +1,104 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-31346", "ID": "CVE-2023-31346",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "psirt@amd.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Failure to initialize\nmemory in SEV Firmware may allow a privileged attacker to access stale data\nfrom other guests.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n"
} }
] ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "AMD",
"product": {
"product_data": [
{
"product_name": "3rd Gen AMD EPYC\u2122 Processors",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "affected",
"version": "various "
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
},
{
"vendor_name": " AMD",
"product": {
"product_data": [
{
"product_name": "4th Gen AMD EPYC\u2122 Processors ",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "affected",
"version": "various "
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3007",
"refsource": "MISC",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3007"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"advisory": "AMD-SB-3007",
"discovery": "UNKNOWN"
} }
} }

94
2023/31xxx/CVE-2023-31347.json
View File

@ -1,18 +1,104 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-31347", "ID": "CVE-2023-31347",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "psirt@amd.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Due to a code bug in\nSecure_TSC, SEV firmware may allow an attacker with high privileges to cause a\nguest to observe an incorrect TSC when Secure TSC is enabled potentially\nresulting in a loss of guest integrity. \u00a0\n\n\n\n\n"
} }
] ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "AMD",
"product": {
"product_data": [
{
"product_name": "3rd Gen AMD EPYC\u2122 Processors",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "affected",
"version": "various "
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
},
{
"vendor_name": " AMD",
"product": {
"product_data": [
{
"product_name": "4th Gen AMD EPYC\u2122 Processors ",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "affected",
"version": "various "
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3007",
"refsource": "MISC",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3007"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"advisory": "AMD-SB-3007",
"discovery": "UNKNOWN"
} }
} }

18
2024/1xxx/CVE-2024-1481.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-1481",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

4
2024/24xxx/CVE-2024-24590.json
View File

@ -11,7 +11,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "Deserialization of untrusted data can occur in version 0.17.0 or newer of Allegro AI\u2019s ClearML platform, enabling a maliciously uploaded artifact to run arbitrary code on an end user\u2019s system when interacted with.\n" "value": "Deserialization of untrusted data can occur in versions 0.17.0 to 1.14.2 of the client SDK of Allegro AI\u2019s ClearML platform, enabling a maliciously uploaded artifact to run arbitrary code on an end user\u2019s system when interacted with.\n"
} }
] ]
}, },
@ -44,7 +44,7 @@
"x_cve_json_5_version_data": { "x_cve_json_5_version_data": {
"versions": [ "versions": [
{ {
"lessThanOrEqual": "*", "lessThan": "1.14.3",
"status": "affected", "status": "affected",
"version": "0.17.0", "version": "0.17.0",
"versionType": "custom" "versionType": "custom"

2
2024/24xxx/CVE-2024-24591.json
View File

@ -11,7 +11,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "A path traversal vulnerability in version 1.4.0 or newer of Allegro AI\u2019s ClearML platform enables a maliciously uploaded dataset to write local or remote files to an arbitrary location on an end user\u2019s system when interacted with.\n" "value": "A path traversal vulnerability in versions 1.4.0 to 1.14.1 of the client SDK of Allegro AI\u2019s ClearML platform enables a maliciously uploaded dataset to write local or remote files to an arbitrary location on an end user\u2019s system when interacted with.\n"
} }
] ]
}, },

85
2024/25xxx/CVE-2024-25122.json
View File

@ -1,17 +1,94 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2024-25122", "ID": "CVE-2024-25122",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "security-advisories@github.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "sidekiq-unique-jobs is an open source project which prevents simultaneous Sidekiq jobs with the same unique arguments to run. Specially crafted GET request parameters handled by any of the following endpoints of sidekiq-unique-jobs' \"admin\" web UI, allow a super-user attacker, or an unwitting, but authorized, victim, who has received a disguised / crafted link, to successfully execute malicious code, which could potentially steal cookies, session data, or local storage data from the app the sidekiq-unique-jobs web UI is mounted in. 1. `/changelogs`, 2. `/locks` or 3. `/expiring_locks`. This issue has been addressed in versions 7.1.33 and 8.0.7. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "mhenrixon",
"product": {
"product_data": [
{
"product_name": "sidekiq-unique-jobs",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "< 7.1.33"
},
{
"version_affected": "=",
"version_value": ">= 8.0.0, < 8.0.7"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/mhenrixon/sidekiq-unique-jobs/security/advisories/GHSA-cmh9-rx85-xj38",
"refsource": "MISC",
"name": "https://github.com/mhenrixon/sidekiq-unique-jobs/security/advisories/GHSA-cmh9-rx85-xj38"
},
{
"url": "https://github.com/mhenrixon/sidekiq-unique-jobs/commit/ec3afd920c1b55843c72f748a87baac7f8be82ed",
"refsource": "MISC",
"name": "https://github.com/mhenrixon/sidekiq-unique-jobs/commit/ec3afd920c1b55843c72f748a87baac7f8be82ed"
}
]
},
"source": {
"advisory": "GHSA-cmh9-rx85-xj38",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
} }
] ]
} }

18
2024/25xxx/CVE-2024-25984.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-25984",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/25xxx/CVE-2024-25985.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-25985",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/25xxx/CVE-2024-25986.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-25986",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/25xxx/CVE-2024-25987.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-25987",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/25xxx/CVE-2024-25988.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-25988",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/25xxx/CVE-2024-25989.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-25989",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/25xxx/CVE-2024-25990.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-25990",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/25xxx/CVE-2024-25991.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-25991",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/25xxx/CVE-2024-25992.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-25992",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/25xxx/CVE-2024-25993.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-25993",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}