admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-01-31 01:00:36 +00:00
parent 1b5884c2cf
commit 2fb50f64d0
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
18 changed files with 411 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2020/8xxx/CVE-2020-8161.json
View File

@ -63,6 +63,11 @@
"refsource": "UBUNTU",
"name": "USN-4561-1",
"url": "https://usn.ubuntu.com/4561-1/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230130 [SECURITY] [DLA 3298-1] ruby-rack security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00038.html"
}
]
},

5
2020/8xxx/CVE-2020-8184.json
View File

@ -63,6 +63,11 @@
"refsource": "UBUNTU",
"name": "USN-4561-1",
"url": "https://usn.ubuntu.com/4561-1/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230130 [SECURITY] [DLA 3298-1] ruby-rack security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00038.html"
}
]
},

5
2022/24xxx/CVE-2022-24785.json
View File

@ -106,6 +106,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2022-35b698150c",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230130 [SECURITY] [DLA 3295-1] node-moment security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00035.html"
}
]
},

5
2022/24xxx/CVE-2022-24999.json
View File

@ -66,6 +66,11 @@
"refsource": "MISC",
"name": "https://github.com/n8tz/CVE-2022-24999",
"url": "https://github.com/n8tz/CVE-2022-24999"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230130 [SECURITY] [DLA 3299-1] node-qs security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00039.html"
}
]
}

5
2022/25xxx/CVE-2022-25648.json
View File

@ -76,6 +76,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2022-1aa40056fc",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q2V3HOFU4ZVTQZHAVAVL3EX2KU53SP7R/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230130 [SECURITY] [DLA 3303-1] ruby-git security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00043.html"
}
]
},

13
2022/26xxx/CVE-2022-26872.json
View File

@ -79,6 +79,19 @@
"advisory": "AMI-SA-2023001",
"discovery": "UNKNOWN"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "See AMI-SA-2023001"
}
],
"value": "See\u00a0AMI-SA-2023001"
}
],
"credits": [
{
"lang": "en",

40
2022/2xxx/CVE-2022-2827.json
View File

@ -66,22 +66,54 @@
"references": {
"reference_data": [
{
"url": "https://eclypsium.com/2022/12/05/supply-chain-vulnerabilities-put-server-ecosystem-at-risk/",
"url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023001.pdf",
"refsource": "MISC",
"name": "https://eclypsium.com/2022/12/05/supply-chain-vulnerabilities-put-server-ecosystem-at-risk/"
"name": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023001.pdf"
}
]
},
"generator": {
"engine": "cveClient/1.0.13"
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"advisory": "AMI-SA-2023001",
"discovery": "UNKNOWN"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "AMI-SA-2023001<br>"
}
],
"value": "AMI-SA-2023001\n"
}
],
"credits": [
{
"lang": "en",
"value": "Vlad Babkin from Eclypsium Research"
}
]
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
]
}
}

71
2022/30xxx/CVE-2022-30421.json
View File

@ -1,17 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-30421",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-30421",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper Authentication vulnerability in Toshiba Storage Security Software V1.2.0.7413 is that allows for sensitive information to be obtained via(local) password authentication module."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://global.gmarket.co.kr/item?goodscode=741668527",
"refsource": "MISC",
"name": "http://global.gmarket.co.kr/item?goodscode=741668527"
},
{
"url": "https://www.ebay.com/itm/274246695791",
"refsource": "MISC",
"name": "https://www.ebay.com/itm/274246695791"
},
{
"refsource": "MISC",
"name": "http://global.11st.co.kr/glb/product/SellerProductDetail.tmall?method=getSellerProductDetail&prdNo=1398327038",
"url": "http://global.11st.co.kr/glb/product/SellerProductDetail.tmall?method=getSellerProductDetail&prdNo=1398327038"
},
{
"refsource": "MISC",
"name": "https://github.com/bosslabdcu/Vulnerability-Reporting/security/advisories/GHSA-px7r-44vj-8h7m",
"url": "https://github.com/bosslabdcu/Vulnerability-Reporting/security/advisories/GHSA-px7r-44vj-8h7m"
}
]
}

5
2022/31xxx/CVE-2022-31129.json
View File

@ -113,6 +113,11 @@
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20221014-0003/",
"url": "https://security.netapp.com/advisory/ntap-20221014-0003/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230130 [SECURITY] [DLA 3295-1] node-moment security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00035.html"
}
]
},

41
2022/40xxx/CVE-2022-40242.json
View File

@ -66,23 +66,54 @@
"references": {
"reference_data": [
{
"url": "https://eclypsium.com/2022/12/05/supply-chain-vulnerabilities-put-server-ecosystem-at-risk/",
"url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023001.pdf",
"refsource": "MISC",
"name": "https://eclypsium.com/2022/12/05/supply-chain-vulnerabilities-put-server-ecosystem-at-risk/"
"name": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023001.pdf"
}
]
},
"generator": {
"engine": "cveClient/1.0.13"
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"advisory": "AMI_MegaRAC_SPx_Default_UID",
"advisory": "AMI-SA-2023001",
"discovery": "EXTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "AMI-SA-2023001<br>"
}
],
"value": "AMI-SA-2023001\n"
}
],
"credits": [
{
"lang": "en",
"value": "Vlad Babkin from Eclypsium Research"
}
]
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
]
}
}

109
2022/40xxx/CVE-2022-40258.json
View File

@ -1,17 +1,118 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40258",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cert@cert.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "AMI Megarac Weak password hashes for Redfish & API"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-916 Use of Password Hash With Insufficient Computational Effort",
"cweId": "CWE-916"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "AMI",
"product": {
"product_data": [
{
"product_name": "MegaRAC SPx-12",
"version": {
"version_data": [
{
"version_value": "0",
"version_affected": "="
}
]
}
},
{
"product_name": "MegaRAC SPx-13",
"version": {
"version_data": [
{
"version_value": "0",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023001.pdf",
"refsource": "MISC",
"name": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023001.pdf"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"advisory": "AMI-SA-2023001",
"discovery": "UNKNOWN"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "AMI-SA-2023001<br>"
}
],
"value": "AMI-SA-2023001\n"
}
],
"credits": [
{
"lang": "en",
"value": "Vlad Bakin from Eclypsium Research"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
]
}

41
2022/40xxx/CVE-2022-40259.json
View File

@ -75,23 +75,54 @@
"references": {
"reference_data": [
{
"url": "https://eclypsium.com/2022/12/05/supply-chain-vulnerabilities-put-server-ecosystem-at-risk/",
"url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023001.pdf",
"refsource": "MISC",
"name": "https://eclypsium.com/2022/12/05/supply-chain-vulnerabilities-put-server-ecosystem-at-risk/"
"name": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023001.pdf"
}
]
},
"generator": {
"engine": "cveClient/1.0.13"
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"advisory": "AMI_MegaRAC_SPx_Redfish_Authentication_Vulnerabilities",
"advisory": "AMI-SA-2023001",
"discovery": "UNKNOWN"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "AMI-SA-2023001<br>"
}
],
"value": "AMI-SA-2023001\n"
}
],
"credits": [
{
"lang": "en",
"value": "Vlad Babkin from Eclypsium Research"
}
]
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
]
}
}

61
2022/44xxx/CVE-2022-44897.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-44897",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-44897",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A cross-site scripting (XSS) vulnerability in ApolloTheme AP PageBuilder component through 2.4.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the show_number parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://apollotheme.com",
"refsource": "MISC",
"name": "http://apollotheme.com"
},
{
"refsource": "MISC",
"name": "https://github.com/daaaalllii/cve-s/blob/main/CVE-2022-44897/poc.txt",
"url": "https://github.com/daaaalllii/cve-s/blob/main/CVE-2022-44897/poc.txt"
}
]
}

5
2022/46xxx/CVE-2022-46648.json
View File

@ -58,6 +58,11 @@
"url": "https://jvn.jp/en/jp/JVN16765254/index.html",
"refsource": "MISC",
"name": "https://jvn.jp/en/jp/JVN16765254/index.html"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230130 [SECURITY] [DLA 3303-1] ruby-git security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00043.html"
}
]
},

5
2022/47xxx/CVE-2022-47318.json
View File

@ -63,6 +63,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2023-e3985c2b3b",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4KPFLSZPUM7APWVBRM5DCAY5OUVQBF4K/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230130 [SECURITY] [DLA 3303-1] ruby-git security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00043.html"
}
]
},

15
2022/47xxx/CVE-2022-47951.json
View File

@ -61,6 +61,21 @@
"refsource": "CONFIRM",
"name": "https://security.openstack.org/ossa/OSSA-2023-002.html",
"url": "https://security.openstack.org/ossa/OSSA-2023-002.html"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230130 [SECURITY] [DLA 3300-1] glance security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00040.html"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230130 [SECURITY] [DLA 3301-1] cinder security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00041.html"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230130 [SECURITY] [DLA 3302-1] nova security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00042.html"
}
]
}

5
2022/48xxx/CVE-2022-48281.json
View File

@ -66,6 +66,11 @@
"refsource": "DEBIAN",
"name": "DSA-5333",
"url": "https://www.debian.org/security/2023/dsa-5333"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230130 [SECURITY] [DLA 3297-1] tiff security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00037.html"
}
]
}

5
2023/24xxx/CVE-2023-24038.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/clintongormley/perl-html-stripscripts/issues/3",
"refsource": "MISC",
"name": "https://github.com/clintongormley/perl-html-stripscripts/issues/3"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230130 [SECURITY] [DLA 3296-1] libhtml-stripscripts-perl security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00036.html"
}
]
}