admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-05-11 16:01:45 +00:00
parent 26aebe9b4d
commit 79f10f7001
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
8 changed files with 375 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
2020/12xxx/CVE-2020-12944.json
View File

@ -1,7 +1,7 @@
{
"CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2021-11-09T20:00:00.000Z",
"DATE_PUBLIC": "2022-05-10T20:00:00.000Z",
"ID": "CVE-2020-12944",
"STATE": "PUBLIC"
},
@ -12,34 +12,23 @@
"product": {
"product_data": [
{
"product_name": "1st Gen AMD EPYC\u2122",
"product_name": "Ryzen\u2122 Series ",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "NaplesPI-SP3_1.0.0.G"
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": "2nd Gen AMD EPYC\u2122",
"product_name": " Athlon\u2122 Series ",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "RomePI-SP3_1.0.0.C"
}
]
}
},
{
"product_name": "3rd Gen AMD EPYC\u2122",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "MilanPI-SP3_1.0.0.4"
"version_affected": "=",
"version_value": "various"
}
]
}
@ -58,7 +47,7 @@
"description_data": [
{
"lang": "eng",
"value": "Insufficient validation of BIOS image length by PSP Firmware could lead to arbitrary code execution."
"value": "Insufficient validation of BIOS image length by ASP Firmware could lead to arbitrary code execution."
}
]
},
@ -71,7 +60,7 @@
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
"value": "tbd"
}
]
}
@ -81,13 +70,13 @@
"reference_data": [
{
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1021",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1021"
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027"
}
]
},
"source": {
"advisory": "AMD-SB-1021",
"advisory": "AMD-SB-1027 ",
"discovery": "UNKNOWN"
}
}

50
2021/3xxx/CVE-2021-3611.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3611",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "QEMU",
"version": {
"version_data": [
{
"version_value": "QEMU versions prior to 7.0.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1973784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1973784"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A stack overflow vulnerability was found in the Intel HD Audio device (intel-hda) of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability. This flaw affects QEMU versions prior to 7.0.0."
}
]
}

50
2022/22xxx/CVE-2022-22975.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-22975",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@vmware.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Pinniped",
"version": {
"version_data": [
{
"version_value": "Pinniped versions before v0.17.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "LDAP query injection in Pinniped Supervisor before v0.17.0 causes a malicious user to escalate privileges by changing Kubernetes group memberships when the attacker is also able to edit their own LDAP user entry"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/vmware-tanzu/pinniped/security/advisories/GHSA-hvrf-5hhv-4348",
"url": "https://github.com/vmware-tanzu/pinniped/security/advisories/GHSA-hvrf-5hhv-4348"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in the Pinniped Supervisor with either LADPIdentityProvider or ActiveDirectoryIdentityProvider resources. An attack would involve the malicious user changing the common name (CN) of their user entry on the LDAP or AD server to include special characters, which could be used to perform LDAP query injection on the Supervisor's LDAP query which determines their Kubernetes group membership."
}
]
}

50
2022/23xxx/CVE-2022-23137.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-23137",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@zte.com.cn",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "ZXCDN",
"version": {
"version_data": [
{
"version_value": "All versions up to ZXCDN-IAMV8.01.01.02"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "reflective XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1024404",
"url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1024404"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "ZTE's ZXCDN product has a reflective XSS vulnerability. The attacker could modify the parameters in the content clearing request url, and when a user clicks the url, an XSS attack will be triggered."
}
]
}

50
2022/23xxx/CVE-2022-23743.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-23743",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@checkpoint.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "ZoneAlarm",
"version": {
"version_data": [
{
"version_value": "before 15.8.200.19118"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269: Improper Privilege Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.zonealarm.com/software/extreme-security/release-history",
"url": "https://www.zonealarm.com/software/extreme-security/release-history"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Check Point ZoneAlarm before version 15.8.200.19118 allows a local actor to escalate privileges during the upgrade process."
}
]
}

142
2022/29xxx/CVE-2022-29616.json
View File

@ -4,14 +4,150 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-29616",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@sap.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "SAP SE",
"product": {
"product_data": [
{
"product_name": "SAP NetWeaver and ABAP Platform",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "KRNL64NUC 7.22"
},
{
"version_affected": "=",
"version_value": "7.22EXT"
},
{
"version_affected": "=",
"version_value": "7.49"
},
{
"version_affected": "=",
"version_value": "KRNL64UC 8.04"
},
{
"version_affected": "=",
"version_value": "7.22"
},
{
"version_affected": "=",
"version_value": "7.22EXT"
},
{
"version_affected": "=",
"version_value": "7.49"
},
{
"version_affected": "=",
"version_value": "7.53"
},
{
"version_affected": "=",
"version_value": "KERNEL 7.22"
},
{
"version_affected": "=",
"version_value": "8.04"
},
{
"version_affected": "=",
"version_value": "7.49"
},
{
"version_affected": "=",
"version_value": "7.53"
},
{
"version_affected": "=",
"version_value": "7.77"
},
{
"version_affected": "=",
"version_value": "7.81"
},
{
"version_affected": "=",
"version_value": "7.85"
},
{
"version_affected": "=",
"version_value": "7.86"
},
{
"version_affected": "=",
"version_value": "7.87"
},
{
"version_affected": "=",
"version_value": "7.88"
}
]
}
},
{
"product_name": "SAP Host Agent",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "7.22"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "SAP Host Agent, SAP NetWeaver and ABAP Platform allow an attacker to leverage logical errors in memory management to cause a memory corruption."
}
]
},
"impact": {
"cvss": {
"baseScore": "null",
"vectorString": "null",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
"refsource": "MISC",
"name": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"url": "https://launchpad.support.sap.com/#/notes/3145702",
"refsource": "MISC",
"name": "https://launchpad.support.sap.com/#/notes/3145702"
}
]
}

18
2022/30xxx/CVE-2022-30550.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-30550",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/30xxx/CVE-2022-30551.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-30551",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}