admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 19:17:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-02-21 19:01:23 +00:00
parent 410af4d998
commit 59b32fa43f
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
6 changed files with 282 additions and 112 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
2021/44xxx/CVE-2021-44569.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-44569",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-44569",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A heap-buffer openSUSE libsolv through 13 Dec 2020 exists in the solver_solve function at src/solver.c: line 3445."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/openSUSE/libsolv/issues/423",
"refsource": "MISC",
"name": "https://github.com/openSUSE/libsolv/issues/423"
},
{
"url": "https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/solver_solve-3445",
"refsource": "MISC",
"name": "https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/solver_solve-3445"
}
]
}

66
2021/44xxx/CVE-2021-44570.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-44570",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-44570",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Two heap-overflow vulnerabilities exists in openSUSE/libsolv through 13 Dec 2020 in the bugs in the solver_get_recommendations funtion function at src/solver.c: line 4286 & line 4305 FOR_PROVIDES."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/openSUSE/libsolv/issues/424",
"refsource": "MISC",
"name": "https://github.com/openSUSE/libsolv/issues/424"
},
{
"url": "https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/solver_get_recommendations-4286",
"refsource": "MISC",
"name": "https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/solver_get_recommendations-4286"
},
{
"url": "https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/solver_get_recommendations-4305",
"refsource": "MISC",
"name": "https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/solver_get_recommendations-4305"
}
]
}

50
2022/0xxx/CVE-2022-0563.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-0563",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "util-linux",
"version": {
"version_data": [
{
"version_value": "util-linux 2.37.4"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-209"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u",
"url": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A flaw was found in the Linux kernel\u2019s util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an \"INPUTRC\" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4."
}
]
}

18
2022/0xxx/CVE-2022-0713.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-0713",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

194
2022/22xxx/CVE-2022-22308.json
View File

@ -1,100 +1,100 @@
{
"data_version" : "4.0",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Gain Access",
"lang" : "eng"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6557106 (Planning Analytics Workspace)",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6557106",
"url" : "https://www.ibm.com/support/pages/node/6557106"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/216891",
"refsource" : "XF",
"name" : "ibm-planning-cve202222308-file-include (216891)",
"title" : "X-Force Vulnerability Report"
}
]
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Planning Analytics 2.0 is vulnerable to a Remote File Include (RFI) attack. User input could be passed into file include commands and the web application could be tricked into including remote files with malicious code. IBM X-Force ID: 216891."
}
]
},
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"BM" : {
"S" : "U",
"PR" : "N",
"C" : "H",
"SCORE" : "7.100",
"A" : "L",
"I" : "H",
"UI" : "R",
"AV" : "N",
"AC" : "H"
},
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
}
}
},
"CVE_data_meta" : {
"DATE_PUBLIC" : "2022-02-18T00:00:00",
"ID" : "CVE-2022-22308",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC"
},
"data_type" : "CVE",
"affects" : {
"vendor" : {
"vendor_data" : [
"data_version": "4.0",
"problemtype": {
"problemtype_data": [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "2.0"
}
]
},
"product_name" : "Planning Analytics"
},
{
"version" : {
"version_data" : [
{
"version_value" : "2.0"
}
]
},
"product_name" : "Planning Analytics Workspace"
}
]
},
"vendor_name" : "IBM"
"description": [
{
"value": "Gain Access",
"lang": "eng"
}
]
}
]
}
}
}
]
},
"references": {
"reference_data": [
{
"title": "IBM Security Bulletin 6557106 (Planning Analytics Workspace)",
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/pages/node/6557106",
"url": "https://www.ibm.com/support/pages/node/6557106"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/216891",
"refsource": "XF",
"name": "ibm-planning-cve202222308-file-include (216891)",
"title": "X-Force Vulnerability Report"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Planning Analytics 2.0 is vulnerable to a Remote File Include (RFI) attack. User input could be passed into file include commands and the web application could be tricked into including remote files with malicious code. IBM X-Force ID: 216891."
}
]
},
"data_format": "MITRE",
"impact": {
"cvssv3": {
"BM": {
"S": "U",
"PR": "N",
"C": "H",
"SCORE": "7.100",
"A": "L",
"I": "H",
"UI": "R",
"AV": "N",
"AC": "H"
},
"TM": {
"RL": "O",
"RC": "C",
"E": "U"
}
}
},
"CVE_data_meta": {
"DATE_PUBLIC": "2022-02-18T00:00:00",
"ID": "CVE-2022-22308",
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC"
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "2.0"
}
]
},
"product_name": "Planning Analytics"
},
{
"version": {
"version_data": [
{
"version_value": "2.0"
}
]
},
"product_name": "Planning Analytics Workspace"
}
]
},
"vendor_name": "IBM"
}
]
}
}
}

5
2022/25xxx/CVE-2022-25375.json
View File

@ -66,6 +66,11 @@
"url": "https://github.com/szymonh/rndis-co",
"refsource": "MISC",
"name": "https://github.com/szymonh/rndis-co"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20220221 CVE-2022-25375 : Linux RNDIS USB Gadget memory extraction via packet filter",
"url": "http://www.openwall.com/lists/oss-security/2022/02/21/1"
}
]
}