admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-09-23 12:00:33 +00:00
parent 3190b1a802
commit 412efac464
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
7 changed files with 70 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
2022/2xxx/CVE-2022-2566.json
View File

@ -83,12 +83,13 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://github.com/FFmpeg/FFmpeg/commit/c953baa084607dd1d84c3bfcce3cf6a87c3e6e05"
"refsource": "MISC",
"url": "https://github.com/FFmpeg/FFmpeg/commit/c953baa084607dd1d84c3bfcce3cf6a87c3e6e05",
"name": "https://github.com/FFmpeg/FFmpeg/commit/c953baa084607dd1d84c3bfcce3cf6a87c3e6e05"
}
]
},
"source": {
"discovery": "INTERNAL"
}
}
}

12
2022/2xxx/CVE-2022-2785.json
View File

@ -81,16 +81,18 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://git.kernel.org/bpf/bpf/c/86f44fcec22c"
"refsource": "MISC",
"url": "https://git.kernel.org/bpf/bpf/c/86f44fcec22c",
"name": "https://git.kernel.org/bpf/bpf/c/86f44fcec22c"
},
{
"refsource": "CONFIRM",
"url": "https://lore.kernel.org/bpf/20220816205517.682470-1-zhuyifei@google.com/T/#t"
"refsource": "MISC",
"url": "https://lore.kernel.org/bpf/20220816205517.682470-1-zhuyifei@google.com/T/#t",
"name": "https://lore.kernel.org/bpf/20220816205517.682470-1-zhuyifei@google.com/T/#t"
}
]
},
"source": {
"discovery": "INTERNAL"
}
}
}

2
2022/39xxx/CVE-2022-39815.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "In NOKIA 1350 OMS R14.2, multiple OS Command Injection vulnerabilities occur in /CGI-BIN/OTNE_1-14/runBatch.cgi via the file HTTP POST parameter, /CGI-BIN/OTNE_1-14/getRadioTLs.cgi via the context HTTP POST parameter, /CGI-BIN/OTNE_1-14/runRouteReport.cgi via the file HTTP POST parameter or /CGI-BIN/RemoteCommandManager.cgi via the command HTTP POST parameter."
"value": "In NOKIA 1350 OMS R14.2, multiple OS Command Injection vulnerabilities occurs. This vulnerability allow unauthenticated users to execute commands on the operating system."
}
]
},

2
2022/39xxx/CVE-2022-39816.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "In NOKIA 1350 OMS R14.2, Insufficiently Protected Credentials (cleartext password) occur in /cgi-bin/R14.2/cgi-bin/R14.2/host.pl on the edit configuration page. Exploitation requires an authenticated attacker."
"value": "In NOKIA 1350 OMS R14.2, Insufficiently Protected Credentials (cleartext administrator password) occur in the edit configuration page. Exploitation requires an authenticated attacker."
}
]
},

2
2022/39xxx/CVE-2022-39819.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "In NOKIA 1350 OMS R14.2, multiple OS Command Injection vulnerabilities occur in /cgi-bin/R14.2/log.pl via the cmd HTTP GET parameter and /cgi-bin/R14.2/checkping.pl via the addr HTTP GET parameter. This allows authenticated users to execute commands on the operating system."
"value": "In NOKIA 1350 OMS R14.2, multiple OS Command Injection vulnerabilities occurs. This allows authenticated users to execute commands on the operating system."
}
]
},

2
2022/39xxx/CVE-2022-39821.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "In NOKIA 1350 OMS R14.2, an Insertion of Sensitive Information into an Application Log File vulnerability occurs under /usr/Systems/OTNE_1_14_Master/maintenance/trace/web/.otn.default.log. The web application stores critical information, such as cleartext user credentials, in world-readable files in the filesystem."
"value": "In NOKIA 1350 OMS R14.2, an Insertion of Sensitive Information into an Application Log File vulnerability occurs. The web application stores critical information, such as cleartext user credentials, in world-readable files in the filesystem."
}
]
},

61
2022/40xxx/CVE-2022-40716.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40716",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-40716",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "HashiCorp Consul and Consul Enterprise up to 1.11.8, 1.12.4, and 1.13.1 do not check for multiple SAN URI values in a CSR on the internal RPC endpoint, enabling leverage of privileged access to bypass service mesh intentions. Fixed in 1.11.9, 1.12.5, and 1.13.2.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://discuss.hashicorp.com",
"refsource": "MISC",
"name": "https://discuss.hashicorp.com"
},
{
"refsource": "MISC",
"name": "https://discuss.hashicorp.com/t/hcsec-2022-20-consul-service-mesh-intention-bypass-with-malicious-certificate-signing-request/44628",
"url": "https://discuss.hashicorp.com/t/hcsec-2022-20-consul-service-mesh-intention-bypass-with-malicious-certificate-signing-request/44628"
}
]
}