admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-08-29 21:00:36 +00:00
parent 6af65ac23d
commit 582673cca1
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
6 changed files with 242 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

76
2020/26xxx/CVE-2020-26938.json
View File

@ -1,17 +1,81 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-26938",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-26938",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In oauth2-server (aka node-oauth2-server) through 3.1.1, the value of the redirect_uri parameter received during the authorization and token request is checked against an incorrect URI pattern (\"[a-zA-Z][a-zA-Z0-9+.-]+:\") before making a redirection. This allows a malicious client to pass an XSS payload through the redirect_uri parameter while making an authorization request. NOTE: this vulnerability is similar to CVE-2020-7741."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/oauthjs/node-oauth2-server/issues/637",
"url": "https://github.com/oauthjs/node-oauth2-server/issues/637"
},
{
"url": "https://github.com/oauthjs/node-oauth2-server/blob/91d2cbe70a0eddc53d72def96864e2de0fd41703/lib/validator/is.js#L12",
"refsource": "MISC",
"name": "https://github.com/oauthjs/node-oauth2-server/blob/91d2cbe70a0eddc53d72def96864e2de0fd41703/lib/validator/is.js#L12"
},
{
"url": "https://github.com/oauthjs/node-oauth2-server/blob/91d2cbe70a0eddc53d72def96864e2de0fd41703/lib/grant-types/authorization-code-grant-type.js#L143",
"refsource": "MISC",
"name": "https://github.com/oauthjs/node-oauth2-server/blob/91d2cbe70a0eddc53d72def96864e2de0fd41703/lib/grant-types/authorization-code-grant-type.js#L143"
},
{
"url": "https://tools.ietf.org/html/rfc3986#section-3",
"refsource": "MISC",
"name": "https://tools.ietf.org/html/rfc3986#section-3"
},
{
"url": "https://tools.ietf.org/html/rfc6749#section-3.1.2",
"refsource": "MISC",
"name": "https://tools.ietf.org/html/rfc6749#section-3.1.2"
}
]
}

4
2022/21xxx/CVE-2022-21385.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "A flaw in net_rds_alloc_sgs() in Oracle Linux kernels allows unprivileged local users to crash the machine. CVSS 3.1 Base Score 6.2 (Availability impacts). CVSS Vector (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)"
"value": "A flaw in net_rds_alloc_sgs() in Oracle Linux kernels allows unprivileged local users to crash the machine. CVSS 3.1 Base Score 6.2 (Availability impacts). CVSS Vector (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)"
}
]
},
@ -66,4 +66,4 @@
}
]
}
}
}

5
2022/32xxx/CVE-2022-32893.json
View File

@ -111,6 +111,11 @@
"refsource": "MLIST",
"name": "[oss-security] 20220829 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2022-0008",
"url": "http://www.openwall.com/lists/oss-security/2022/08/29/1"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20220829 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2022-0008",
"url": "http://www.openwall.com/lists/oss-security/2022/08/29/2"
}
]
},

61
2022/32xxx/CVE-2022-32993.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-32993",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-32993",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "TOTOLINK A7000R V4.1cu.4134 was discovered to contain an access control issue via /cgi-bin/ExportSettings.sh."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://totolink.com",
"refsource": "MISC",
"name": "http://totolink.com"
},
{
"refsource": "MISC",
"name": "https://github.com/laotun-s/POC/blob/main/CVE-2022-32993.txt",
"url": "https://github.com/laotun-s/POC/blob/main/CVE-2022-32993.txt"
}
]
}

61
2022/37xxx/CVE-2022-37177.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-37177",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-37177",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "HireVue Hiring Platform V1.0 suffers from Use of a Broken or Risky Cryptographic Algorithm."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.hirevue.com/",
"refsource": "MISC",
"name": "https://www.hirevue.com/"
},
{
"refsource": "MISC",
"name": "https://github.com/JC175/CVE-2022-37177",
"url": "https://github.com/JC175/CVE-2022-37177"
}
]
}

61
2022/38xxx/CVE-2022-38772.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-38772",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-38772",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 125658, 126003, 126105, and 126120 allow authenticated users to make database changes that lead to remote code execution in the NMAP feature."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://manageengine.com",
"refsource": "MISC",
"name": "https://manageengine.com"
},
{
"refsource": "MISC",
"name": "https://www.manageengine.com/itom/advisory/cve-2022-38772.html",
"url": "https://www.manageengine.com/itom/advisory/cve-2022-38772.html"
}
]
}