admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-05-12 18:02:09 +00:00
parent 9733c321aa
commit 7c606a8ddc
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
18 changed files with 509 additions and 159 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
2020/12xxx/CVE-2020-12946.json
View File

@ -1,7 +1,7 @@
{ {
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "psirt@amd.com", "ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2021-11-09T20:00:00.000Z", "DATE_PUBLIC": "2022-05-10T20:00:00.000Z",
"ID": "CVE-2020-12946", "ID": "CVE-2020-12946",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
@ -12,23 +12,23 @@
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "2nd Gen AMD EPYC\u2122", "product_name": "Ryzen\u2122 Series ",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_affected": "<", "version_affected": "=",
"version_value": "RomePI-SP3_1.0.0.C" "version_value": "various"
} }
] ]
} }
}, },
{ {
"product_name": "3rd Gen AMD EPYC\u2122", "product_name": " Athlon\u2122 Series ",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_affected": "<", "version_affected": "=",
"version_value": "MilanPI-SP3_1.0.0.4" "version_value": "various"
} }
] ]
} }
@ -47,7 +47,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "Insufficient input validation in PSP firmware for discrete TPM commands could allow a potential loss of integrity and denial of service." "value": "Insufficient input validation in ASP firmware for discrete TPM commands could allow a potential loss of integrity and denial of service."
} }
] ]
}, },
@ -60,7 +60,7 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "CWE-20 Improper Input Validation" "value": "tbd"
} }
] ]
} }
@ -70,13 +70,13 @@
"reference_data": [ "reference_data": [
{ {
"refsource": "MISC", "refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1021", "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1021" "name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027"
} }
] ]
}, },
"source": { "source": {
"advisory": "AMD-SB-1021", "advisory": "AMD-SB-1027 ",
"discovery": "UNKNOWN" "discovery": "UNKNOWN"
} }
} }

35
2020/12xxx/CVE-2020-12951.json
View File

@ -1,7 +1,7 @@
{ {
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "psirt@amd.com", "ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2021-11-09T20:00:00.000Z", "DATE_PUBLIC": "2022-05-10T20:00:00.000Z",
"ID": "CVE-2020-12951", "ID": "CVE-2020-12951",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
@ -12,34 +12,23 @@
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "1st Gen AMD EPYC\u2122", "product_name": "Ryzen\u2122 Series ",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_affected": "<", "version_affected": "=",
"version_value": "NaplesPI-SP3_1.0.0.G" "version_value": "various"
} }
] ]
} }
}, },
{ {
"product_name": "2nd Gen AMD EPYC\u2122", "product_name": " Athlon\u2122 Series ",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_affected": "<", "version_affected": "=",
"version_value": "RomePI-SP3_1.0.0.C" "version_value": "various"
}
]
}
},
{
"product_name": "3rd Gen AMD EPYC\u2122",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "MilanPI-SP3_1.0.0.4"
} }
] ]
} }
@ -58,7 +47,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "Race condition in PSP FW could allow less privileged x86 code to perform PSP SMM operations." "value": "Race condition in ASP firmware could allow less privileged x86 code to perform ASP SMM (System Management Mode) operations."
} }
] ]
}, },
@ -71,7 +60,7 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "CWE-362 Race Condition (Concurrent Execution using Shared Resource with Improper Synchronization)" "value": "tbd"
} }
] ]
} }
@ -81,13 +70,13 @@
"reference_data": [ "reference_data": [
{ {
"refsource": "MISC", "refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1021", "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1021" "name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027"
} }
] ]
}, },
"source": { "source": {
"advisory": "AMD-SB-1021", "advisory": "AMD-SB-1027 ",
"discovery": "UNKNOWN" "discovery": "UNKNOWN"
} }
} }

35
2021/26xxx/CVE-2021-26335.json
View File

@ -1,7 +1,7 @@
{ {
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "psirt@amd.com", "ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2021-11-09T20:00:00.000Z", "DATE_PUBLIC": "2022-05-10T20:00:00.000Z",
"ID": "CVE-2021-26335", "ID": "CVE-2021-26335",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
@ -12,34 +12,23 @@
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "1st Gen AMD EPYC\u2122", "product_name": "Ryzen\u2122 Series ",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_affected": "<", "version_affected": "=",
"version_value": "NaplesPI-SP3_1.0.0.G" "version_value": "various"
} }
] ]
} }
}, },
{ {
"product_name": "2nd Gen AMD EPYC\u2122", "product_name": " Athlon\u2122 Series ",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_affected": "<", "version_affected": "=",
"version_value": "RomePI-SP3_1.0.0.C" "version_value": "various"
}
]
}
},
{
"product_name": "3rd Gen AMD EPYC\u2122",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "MilanPI-SP3_1.0.0.4"
} }
] ]
} }
@ -58,7 +47,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "Improper input and range checking in the Platform Security Processor (PSP) boot loader image header may allow for an attacker to use attack-controlled values prior to signature validation potentially resulting in arbitrary code execution." "value": "Improper input and range checking in the AMD Secure Processor (ASP) boot loader image header may allow an attacker to use attacker-controlled values prior to signature validation potentially resulting in arbitrary code execution."
} }
] ]
}, },
@ -71,7 +60,7 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "CWE-20 Improper Input Validation" "value": "tbd"
} }
] ]
} }
@ -81,13 +70,13 @@
"reference_data": [ "reference_data": [
{ {
"refsource": "MISC", "refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1021", "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1021" "name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027"
} }
] ]
}, },
"source": { "source": {
"advisory": "AMD-SB-1021", "advisory": "AMD-SB-1027 ",
"discovery": "UNKNOWN" "discovery": "UNKNOWN"
} }
} }

22
2021/26xxx/CVE-2021-26336.json
View File

@ -1,7 +1,7 @@
{ {
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "psirt@amd.com", "ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2021-11-09T20:00:00.000Z", "DATE_PUBLIC": "2022-05-10T20:00:00.000Z",
"ID": "CVE-2021-26336", "ID": "CVE-2021-26336",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
@ -12,23 +12,23 @@
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "2nd Gen AMD EPYC\u2122", "product_name": "Ryzen\u2122 Series ",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_affected": "<", "version_affected": "=",
"version_value": "RomePI-SP3_1.0.0.C" "version_value": "various"
} }
] ]
} }
}, },
{ {
"product_name": "3rd Gen AMD EPYC\u2122", "product_name": " Athlon\u2122 Series ",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_affected": "<", "version_affected": "=",
"version_value": "MilanPI-SP3_1.0.0.4" "version_value": "various"
} }
] ]
} }
@ -60,7 +60,7 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer" "value": "tbd"
} }
] ]
} }
@ -70,13 +70,13 @@
"reference_data": [ "reference_data": [
{ {
"refsource": "MISC", "refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1021", "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1021" "name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027"
} }
] ]
}, },
"source": { "source": {
"advisory": "AMD-SB-1021", "advisory": "AMD-SB-1027 ",
"discovery": "UNKNOWN" "discovery": "UNKNOWN"
} }
} }

22
2021/26xxx/CVE-2021-26337.json
View File

@ -1,7 +1,7 @@
{ {
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "psirt@amd.com", "ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2021-11-09T20:00:00.000Z", "DATE_PUBLIC": "2022-05-10T20:00:00.000Z",
"ID": "CVE-2021-26337", "ID": "CVE-2021-26337",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
@ -12,23 +12,23 @@
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "2nd Gen AMD EPYC\u2122", "product_name": "Ryzen\u2122 Series ",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_affected": "<", "version_affected": "=",
"version_value": "RomePI-SP3_1.0.0.C" "version_value": "various"
} }
] ]
} }
}, },
{ {
"product_name": "3rd Gen AMD EPYC\u2122", "product_name": " Athlon\u2122 Series ",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_affected": "<", "version_affected": "=",
"version_value": "MilanPI-SP3_1.0.0.4" "version_value": "various"
} }
] ]
} }
@ -60,7 +60,7 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "CWE-20 Improper Input Validation" "value": "tbd"
} }
] ]
} }
@ -70,13 +70,13 @@
"reference_data": [ "reference_data": [
{ {
"refsource": "MISC", "refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1021", "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1021" "name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027"
} }
] ]
}, },
"source": { "source": {
"advisory": "AMD-SB-1021", "advisory": "AMD-SB-1027 ",
"discovery": "UNKNOWN" "discovery": "UNKNOWN"
} }
} }

76
2021/26xxx/CVE-2021-26351.json
View File

@ -1,18 +1,82 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2022-05-10T20:00:00.000Z",
"ID": "CVE-2021-26351", "ID": "CVE-2021-26351",
"ASSIGNER": "cve@mitre.org", "STATE": "PUBLIC"
"STATE": "RESERVED"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Ryzen\u2122 Series ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": " Athlon\u2122 Series ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
}
]
},
"vendor_name": "AMD"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Insufficient DRAM address validation in System Management Unit (SMU) may result in a DMA (Direct Memory Access) read/write from/to invalid DRAM address that could result in denial of service."
} }
] ]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "tbd"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027"
}
]
},
"source": {
"advisory": "AMD-SB-1027 ",
"discovery": "UNKNOWN"
} }
} }

33
2021/26xxx/CVE-2021-26352.json
View File

@ -1,7 +1,7 @@
{ {
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "psirt@amd.com", "ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2022-05-06T20:00:00.000Z", "DATE_PUBLIC": "2022-05-10T20:00:00.000Z",
"ID": "CVE-2021-26352", "ID": "CVE-2021-26352",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
@ -12,34 +12,23 @@
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "1st Gen AMD EPYC\u2122", "product_name": "Ryzen\u2122 Series ",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_affected": "<", "version_affected": "=",
"version_value": "NaplesPI-SP3_1.0.0.G" "version_value": "various"
} }
] ]
} }
}, },
{ {
"product_name": "2nd Gen AMD EPYC\u2122", "product_name": " Athlon\u2122 Series ",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_affected": "<", "version_affected": "=",
"version_value": "RomePI-SP3_1.0.0.C" "version_value": "various"
}
]
}
},
{
"product_name": "3rd Gen AMD EPYC\u2122",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "MilanPI-SP3_1.0.0.4"
} }
] ]
} }
@ -71,7 +60,7 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer" "value": "tbd"
} }
] ]
} }
@ -81,13 +70,13 @@
"reference_data": [ "reference_data": [
{ {
"refsource": "MISC", "refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1021", "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1021" "name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027"
} }
] ]
}, },
"source": { "source": {
"advisory": "AMD-SB-1021", "advisory": "AMD-SB-1027 ",
"discovery": "UNKNOWN" "discovery": "UNKNOWN"
} }
} }

76
2021/26xxx/CVE-2021-26361.json
View File

@ -1,18 +1,82 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2022-05-10T20:00:00.000Z",
"ID": "CVE-2021-26361", "ID": "CVE-2021-26361",
"ASSIGNER": "cve@mitre.org", "STATE": "PUBLIC"
"STATE": "RESERVED"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Ryzen\u2122 Series ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": " Athlon\u2122 Series ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
}
]
},
"vendor_name": "AMD"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A malicious or compromised User Application (UApp) or AGESA Boot Loader (ABL) could be used by an attacker to exfiltrate arbitrary memory from the ASP stage 2 bootloader potentially leading to information disclosure."
} }
] ]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "tbd"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027"
}
]
},
"source": {
"advisory": "AMD-SB-1027 ",
"discovery": "UNKNOWN"
} }
} }

76
2021/26xxx/CVE-2021-26362.json
View File

@ -1,18 +1,82 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2022-05-10T20:00:00.000Z",
"ID": "CVE-2021-26362", "ID": "CVE-2021-26362",
"ASSIGNER": "cve@mitre.org", "STATE": "PUBLIC"
"STATE": "RESERVED"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Ryzen\u2122 Series ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": " Athlon\u2122 Series ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
}
]
},
"vendor_name": "AMD"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A malicious or compromised UApp or ABL may be used by an attacker to issue a malformed system call which results in mapping sensitive System Management Network (SMN) registers leading to a loss of integrity and availability."
} }
] ]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "tbd"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027"
}
]
},
"source": {
"advisory": "AMD-SB-1027 ",
"discovery": "UNKNOWN"
} }
} }

76
2021/26xxx/CVE-2021-26366.json
View File

@ -1,18 +1,82 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2022-05-10T20:00:00.000Z",
"ID": "CVE-2021-26366", "ID": "CVE-2021-26366",
"ASSIGNER": "cve@mitre.org", "STATE": "PUBLIC"
"STATE": "RESERVED"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Ryzen\u2122 Series ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": " Athlon\u2122 Series ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
}
]
},
"vendor_name": "AMD"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An attacker, who gained elevated privileges via some other vulnerability, may be able to read data from Boot ROM resulting in a loss of system integrity."
} }
] ]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "tbd"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027"
}
]
},
"source": {
"advisory": "AMD-SB-1027 ",
"discovery": "UNKNOWN"
} }
} }

76
2021/26xxx/CVE-2021-26369.json
View File

@ -1,18 +1,82 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2022-05-10T20:00:00.000Z",
"ID": "CVE-2021-26369", "ID": "CVE-2021-26369",
"ASSIGNER": "cve@mitre.org", "STATE": "PUBLIC"
"STATE": "RESERVED"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Ryzen\u2122 Series ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
},
{
"product_name": " Athlon\u2122 Series ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
}
]
},
"vendor_name": "AMD"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A malicious or compromised UApp or ABL may be used by an attacker to send a malformed system call to the bootloader, resulting in out-of-bounds memory accesses."
} }
] ]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "tbd"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027"
}
]
},
"source": {
"advisory": "AMD-SB-1027 ",
"discovery": "UNKNOWN"
} }
} }

31
2021/26xxx/CVE-2021-26390.json
View File

@ -1,7 +1,7 @@
{ {
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "psirt@amd.com", "ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2022-05-06T20:00:00.000Z", "DATE_PUBLIC": "2022-05-10T20:00:00.000Z",
"ID": "CVE-2021-26390", "ID": "CVE-2021-26390",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
@ -12,34 +12,23 @@
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "1st Gen AMD EPYC\u2122", "product_name": "Ryzen\u2122 Series ",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_affected": "<", "version_affected": "=",
"version_value": "NaplesPI-SP3_1.0.0.G" "version_value": "various"
} }
] ]
} }
}, },
{ {
"product_name": "2nd Gen AMD EPYC\u2122", "product_name": " Athlon\u2122 Series ",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_affected": "<", "version_affected": "=",
"version_value": "RomePI-SP3_1.0.0.C" "version_value": "various"
}
]
}
},
{
"product_name": "3rd Gen AMD EPYC\u2122",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "MilanPI-SP3_1.0.0.4"
} }
] ]
} }
@ -81,13 +70,13 @@
"reference_data": [ "reference_data": [
{ {
"refsource": "MISC", "refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1021", "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1021" "name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027"
} }
] ]
}, },
"source": { "source": {
"advisory": "AMD-SB-1021", "advisory": "AMD-SB-1027 ",
"discovery": "UNKNOWN" "discovery": "UNKNOWN"
} }
} }

5
2021/46xxx/CVE-2021-46424.json
View File

@ -56,6 +56,11 @@
"url": "https://drive.google.com/drive/folders/1_e3eJ8fzhCWnCkoRpbLoyQecuKkPR4OD?usp=sharing", "url": "https://drive.google.com/drive/folders/1_e3eJ8fzhCWnCkoRpbLoyQecuKkPR4OD?usp=sharing",
"refsource": "MISC", "refsource": "MISC",
"name": "https://drive.google.com/drive/folders/1_e3eJ8fzhCWnCkoRpbLoyQecuKkPR4OD?usp=sharing" "name": "https://drive.google.com/drive/folders/1_e3eJ8fzhCWnCkoRpbLoyQecuKkPR4OD?usp=sharing"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/167127/TLR-2005KSH-Arbitrary-File-Delete.html",
"url": "http://packetstormsecurity.com/files/167127/TLR-2005KSH-Arbitrary-File-Delete.html"
} }
] ]
} }

10
2022/1xxx/CVE-2022-1388.json
View File

@ -113,6 +113,16 @@
"refsource": "MISC", "refsource": "MISC",
"name": "http://packetstormsecurity.com/files/167007/F5-BIG-IP-Remote-Code-Execution.html", "name": "http://packetstormsecurity.com/files/167007/F5-BIG-IP-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/167007/F5-BIG-IP-Remote-Code-Execution.html" "url": "http://packetstormsecurity.com/files/167007/F5-BIG-IP-Remote-Code-Execution.html"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/167118/F5-BIG-IP-16.0.x-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/167118/F5-BIG-IP-16.0.x-Remote-Code-Execution.html"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/167150/F5-BIG-IP-iControl-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/167150/F5-BIG-IP-iControl-Remote-Code-Execution.html"
} }
] ]
}, },

5
2022/22xxx/CVE-2022-22666.json
View File

@ -81,6 +81,11 @@
"refsource": "MISC", "refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213186", "url": "https://support.apple.com/en-us/HT213186",
"name": "https://support.apple.com/en-us/HT213186" "name": "https://support.apple.com/en-us/HT213186"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/167144/AppleVideoDecoder-CreateHeaderBuffer-Out-Of-Bounds-Free.html",
"url": "http://packetstormsecurity.com/files/167144/AppleVideoDecoder-CreateHeaderBuffer-Out-Of-Bounds-Free.html"
} }
] ]
}, },

5
2022/28xxx/CVE-2022-28079.json
View File

@ -66,6 +66,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://www.nu11secur1ty.com/2022/05/cve-2022-28079.html", "name": "https://www.nu11secur1ty.com/2022/05/cve-2022-28079.html",
"url": "https://www.nu11secur1ty.com/2022/05/cve-2022-28079.html" "url": "https://www.nu11secur1ty.com/2022/05/cve-2022-28079.html"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/167131/College-Management-System-1.0-SQL-Injection.html",
"url": "http://packetstormsecurity.com/files/167131/College-Management-System-1.0-SQL-Injection.html"
} }
] ]
} }

5
2022/28xxx/CVE-2022-28080.json
View File

@ -66,6 +66,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/erengozaydin/Royal-Event-Management-System-todate-SQL-Injection-Authenticated", "name": "https://github.com/erengozaydin/Royal-Event-Management-System-todate-SQL-Injection-Authenticated",
"url": "https://github.com/erengozaydin/Royal-Event-Management-System-todate-SQL-Injection-Authenticated" "url": "https://github.com/erengozaydin/Royal-Event-Management-System-todate-SQL-Injection-Authenticated"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/167123/Royal-Event-Management-System-1.0-SQL-Injection.html",
"url": "http://packetstormsecurity.com/files/167123/Royal-Event-Management-System-1.0-SQL-Injection.html"
} }
] ]
} }

56
2022/29xxx/CVE-2022-29363.json
View File

@ -1,17 +1,61 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-29363",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2022-29363",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Phpok v6.1 was discovered to contain a deserialization vulnerability via the update_f() function in login_control.php. This vulnerability allows attackers to getshell via writing arbitrary files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/qinggan/phpok/issues/12",
"refsource": "MISC",
"name": "https://github.com/qinggan/phpok/issues/12"
} }
] ]
} }