From 3cea7325f3c860932a3deaae379acde66ff905ab Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 15 Aug 2022 12:00:38 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2016/5xxx/CVE-2016-5195.json | 5 +++ 2019/20xxx/CVE-2019-20807.json | 5 +++ 2022/2xxx/CVE-2022-2823.json | 18 +++++++++ 2022/33xxx/CVE-2022-33992.json | 66 ++++++++++++++++++++++++++++--- 2022/33xxx/CVE-2022-33993.json | 71 +++++++++++++++++++++++++++++++--- 2022/34xxx/CVE-2022-34294.json | 71 +++++++++++++++++++++++++++++++--- 2022/36xxx/CVE-2022-36262.json | 71 +++++++++++++++++++++++++++++++--- 7 files changed, 283 insertions(+), 24 deletions(-) create mode 100644 2022/2xxx/CVE-2022-2823.json diff --git a/2016/5xxx/CVE-2016-5195.json b/2016/5xxx/CVE-2016-5195.json index e07e2e74424..8f635eb60b8 100644 --- a/2016/5xxx/CVE-2016-5195.json +++ b/2016/5xxx/CVE-2016-5195.json @@ -676,6 +676,11 @@ "refsource": "MLIST", "name": "[oss-security] 20220809 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions", "url": "http://www.openwall.com/lists/oss-security/2022/08/09/4" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20220815 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions", + "url": "http://www.openwall.com/lists/oss-security/2022/08/15/1" } ] } diff --git a/2019/20xxx/CVE-2019-20807.json b/2019/20xxx/CVE-2019-20807.json index 4baab7e38e2..5f2769196fc 100644 --- a/2019/20xxx/CVE-2019-20807.json +++ b/2019/20xxx/CVE-2019-20807.json @@ -86,6 +86,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20220110 [SECURITY] [DLA 2876-1] vim security update", "url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00003.html" + }, + { + "refsource": "MISC", + "name": "https://www.starwindsoftware.com/security/sw-20220812-0003/", + "url": "https://www.starwindsoftware.com/security/sw-20220812-0003/" } ] } diff --git a/2022/2xxx/CVE-2022-2823.json b/2022/2xxx/CVE-2022-2823.json new file mode 100644 index 00000000000..20f566aa6c2 --- /dev/null +++ b/2022/2xxx/CVE-2022-2823.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-2823", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/33xxx/CVE-2022-33992.json b/2022/33xxx/CVE-2022-33992.json index 1976f2fe7ee..882c84045ac 100644 --- a/2022/33xxx/CVE-2022-33992.json +++ b/2022/33xxx/CVE-2022-33992.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-33992", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-33992", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "DNRD (aka Domain Name Relay Daemon) 2.20.3 forwards and caches DNS queries with the CD (aka checking disabled) bit set to 1. This leads to disabling of DNSSEC protection provided by upstream resolvers." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.usenix.org/conference/usenixsecurity22/presentation/jeitner", + "refsource": "MISC", + "name": "https://www.usenix.org/conference/usenixsecurity22/presentation/jeitner" + }, + { + "url": "http://dnrd.sourceforge.net/", + "refsource": "MISC", + "name": "http://dnrd.sourceforge.net/" + }, + { + "refsource": "MISC", + "name": "https://www.openwall.com/lists/oss-security/2022/08/14/1", + "url": "https://www.openwall.com/lists/oss-security/2022/08/14/1" } ] } diff --git a/2022/33xxx/CVE-2022-33993.json b/2022/33xxx/CVE-2022-33993.json index ee79680177f..53110a7acd1 100644 --- a/2022/33xxx/CVE-2022-33993.json +++ b/2022/33xxx/CVE-2022-33993.json @@ -1,17 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-33993", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-33993", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Misinterpretation of special domain name characters in DNRD (aka Domain Name Relay Daemon) 2.20.3 leads to cache poisoning because domain names and their associated IP addresses are cached in their misinterpreted form." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.usenix.org/conference/usenixsecurity21/presentation/jeitner", + "refsource": "MISC", + "name": "https://www.usenix.org/conference/usenixsecurity21/presentation/jeitner" + }, + { + "url": "https://www.usenix.org/conference/usenixsecurity22/presentation/jeitner", + "refsource": "MISC", + "name": "https://www.usenix.org/conference/usenixsecurity22/presentation/jeitner" + }, + { + "url": "http://dnrd.sourceforge.net/", + "refsource": "MISC", + "name": "http://dnrd.sourceforge.net/" + }, + { + "refsource": "MISC", + "name": "https://www.openwall.com/lists/oss-security/2022/08/14/1", + "url": "https://www.openwall.com/lists/oss-security/2022/08/14/1" } ] } diff --git a/2022/34xxx/CVE-2022-34294.json b/2022/34xxx/CVE-2022-34294.json index c22c1e984b0..f45fdfae6bc 100644 --- a/2022/34xxx/CVE-2022-34294.json +++ b/2022/34xxx/CVE-2022-34294.json @@ -1,17 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-34294", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-34294", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "totd 1.5.3 uses a fixed UDP source port in upstream queries sent to DNS resolvers. This allows DNS cache poisoning because there is not enough entropy to prevent traffic injection attacks." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.usenix.org/conference/usenixsecurity22/presentation/jeitner", + "refsource": "MISC", + "name": "https://www.usenix.org/conference/usenixsecurity22/presentation/jeitner" + }, + { + "url": "https://github.com/fwdillema/totd", + "refsource": "MISC", + "name": "https://github.com/fwdillema/totd" + }, + { + "url": "https://www.blackhat.com/presentations/bh-jp-08/bh-jp-08-Kaminsky/BlackHat-Japan-08-Kaminsky-DNS08-BlackOps.pdf", + "refsource": "MISC", + "name": "https://www.blackhat.com/presentations/bh-jp-08/bh-jp-08-Kaminsky/BlackHat-Japan-08-Kaminsky-DNS08-BlackOps.pdf" + }, + { + "refsource": "MISC", + "name": "https://www.openwall.com/lists/oss-security/2022/08/14/2", + "url": "https://www.openwall.com/lists/oss-security/2022/08/14/2" } ] } diff --git a/2022/36xxx/CVE-2022-36262.json b/2022/36xxx/CVE-2022-36262.json index 6b8ca97a87e..8b18cd3af17 100644 --- a/2022/36xxx/CVE-2022-36262.json +++ b/2022/36xxx/CVE-2022-36262.json @@ -1,17 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-36262", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-36262", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in taocms 3.0.2. in the website settings that allows arbitrary php code to be injected by modifying config.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://taocms.com", + "refsource": "MISC", + "name": "http://taocms.com" + }, + { + "url": "https://github.com/taogogo/taocms", + "refsource": "MISC", + "name": "https://github.com/taogogo/taocms" + }, + { + "url": "https://github.com/taogogo/taocms/issues/34", + "refsource": "MISC", + "name": "https://github.com/taogogo/taocms/issues/34" + }, + { + "refsource": "MISC", + "name": "https://github.com/taogogo/taocms/issues/34?by=xboy(topsec)", + "url": "https://github.com/taogogo/taocms/issues/34?by=xboy(topsec)" } ] }