admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-09-22 18:00:39 +00:00
parent ab57e94ca4
commit 70ce4b223c
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
6 changed files with 159 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

76
2022/34xxx/CVE-2022-34026.json
View File

@ -1,17 +1,81 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-34026",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-34026",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "ICEcoder v8.1 allows attackers to execute a directory traversal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/icecoder/ICEcoder",
"refsource": "MISC",
"name": "https://github.com/icecoder/ICEcoder"
},
{
"url": "http://icecoder.com",
"refsource": "MISC",
"name": "http://icecoder.com"
},
{
"url": "https://github.com/icecoder/ICEcoder/blob/master/classes/Settings.php",
"refsource": "MISC",
"name": "https://github.com/icecoder/ICEcoder/blob/master/classes/Settings.php"
},
{
"url": "https://github.com/icecoder/ICEcoder/blob/master/lib/settings.php",
"refsource": "MISC",
"name": "https://github.com/icecoder/ICEcoder/blob/master/lib/settings.php"
},
{
"refsource": "MISC",
"name": "https://gist.github.com/enferas/85cdbadf5cba32ec7c8db6ea9e6833bf",
"url": "https://gist.github.com/enferas/85cdbadf5cba32ec7c8db6ea9e6833bf"
}
]
}

66
2022/35xxx/CVE-2022-35894.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-35894",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-35894",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. The SMI handler for the FwBlockServiceSmm driver uses an untrusted pointer as the location to copy data to an attacker-specified buffer, leading to information disclosure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.insyde.com/security-pledge",
"refsource": "MISC",
"name": "https://www.insyde.com/security-pledge"
},
{
"refsource": "MISC",
"name": "https://binarly.io/advisories/BRLY-2022-018/index.html",
"url": "https://binarly.io/advisories/BRLY-2022-018/index.html"
},
{
"refsource": "MISC",
"name": "https://www.insyde.com/security-pledge/SA-2022030",
"url": "https://www.insyde.com/security-pledge/SA-2022030"
}
]
}

2
2022/36xxx/CVE-2022-36062.json
View File

@ -41,7 +41,7 @@
"description_data": [
{
"lang": "eng",
"value": "Grafana is an open-source platform for monitoring and observability. In versions prior to 8.5.13, 9.0.9, and 9.1.6, Grafana is subject to Improper Preservation of Permissions resulting in privilege escalation on some folders where Admin is the only used permission. The vulnerability impacts Grafana instances where RBAC was disabled and enabled afterwards, as the migrations which are translating legacy folder permissions to RBAC permissions do not account for the scenario where the only user permission in the folder is Admin, as a result RBAC adds permissions for Editors and Viewers which allow them to edit and view folders accordingly. This issue has been patched in versions 8.5.13, 9.0.9, and 9.1.6. A workaround when the impacted folder/dashboard is known is to remove the additional permissions manually.\n\n"
"value": "Grafana is an open-source platform for monitoring and observability. In versions prior to 8.5.13, 9.0.9, and 9.1.6, Grafana is subject to Improper Preservation of Permissions resulting in privilege escalation on some folders where Admin is the only used permission. The vulnerability impacts Grafana instances where RBAC was disabled and enabled afterwards, as the migrations which are translating legacy folder permissions to RBAC permissions do not account for the scenario where the only user permission in the folder is Admin, as a result RBAC adds permissions for Editors and Viewers which allow them to edit and view folders accordingly. This issue has been patched in versions 8.5.13, 9.0.9, and 9.1.6. A workaround when the impacted folder/dashboard is known is to remove the additional permissions manually."
}
]
},

5
2022/36xxx/CVE-2022-36804.json
View File

@ -173,6 +173,11 @@
"url": "https://jira.atlassian.com/browse/BSERV-13438",
"refsource": "MISC",
"name": "https://jira.atlassian.com/browse/BSERV-13438"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/168470/Bitbucket-Git-Command-Injection.html",
"url": "http://packetstormsecurity.com/files/168470/Bitbucket-Git-Command-Injection.html"
}
]
}

18
2022/3xxx/CVE-2022-3274.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-3274",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

5
2022/41xxx/CVE-2022-41222.json
View File

@ -66,6 +66,11 @@
"url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=97113eb39fa7972722ff490b947d8af023e1f6a2",
"refsource": "MISC",
"name": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=97113eb39fa7972722ff490b947d8af023e1f6a2"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/168466/Linux-Stable-5.4-5.10-Use-After-Free-Race-Condition.html",
"url": "http://packetstormsecurity.com/files/168466/Linux-Stable-5.4-5.10-Use-After-Free-Race-Condition.html"
}
]
}