admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-12 02:05:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #671 from CVEProject/master

Browse Source 
XFA Rebase
This commit is contained in:
Scott Moore 2022-10-11 11:56:20 -04:00 committed by GitHub
commit 7f0317842d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
174 changed files with 10402 additions and 731 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

87
2021/25xxx/CVE-2021-25044.json
View File

@ -1,18 +1,75 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-25044",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2021-25044",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Cryptocurrency Pricing list and Ticker <= 1.5 - Reflected Cross-Site Scripting"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Cryptocurrency Pricing list and Ticker",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "1.5",
"version_value": "1.5"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Cryptocurrency Pricing list and Ticker WordPress plugin through 1.5 does not sanitise and escape the ccpw_setpage parameter before outputting it back in pages where its shortcode is embed, leading to a Reflected Cross-Site Scripting issue"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/dc1507c1-8894-4ab6-b25f-c5e26a425b03",
"name": "https://wpscan.com/vulnerability/dc1507c1-8894-4ab6-b25f-c5e26a425b03"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Jeremie Amsellem"
}
],
"source": {
"discovery": "EXTERNAL"
}
}

93
2021/35xxx/CVE-2021-35226.json
View File

@ -1,18 +1,99 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@solarwinds.com",
"ID": "CVE-2021-35226",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Hashed Credential Exposure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Network Configuration Manager",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2020.2.5 and previous version",
"version_value": "2020.2.5"
}
]
}
}
]
},
"vendor_name": "SolarWinds"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "SolarWinds would like to thank Preston Deason, Chad Larsen and Zachary Riezenman for reporting on the issue in a responsible manner."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An entity in Network Configuration Manager product is misconfigured and exposing password field to Solarwinds Information Service (SWIS). Exposed credentials are encrypted and require authenticated access with an NCM role."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 SQL Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35226",
"name": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35226"
}
]
},
"solution": [
{
"lang": "eng",
"value": "SolarWinds recommends\u202fcustomers upgrade to the latest version once it becomes generally available. "
}
],
"source": {
"discovery": "UNKNOWN"
}
}

22
2022/1xxx/CVE-2022-1328.json
View File

@ -19,7 +19,7 @@
"version": {
"version_data": [
{
"version_value": ">=0.94.13 <2.2.3"
"version_value": ">=0.94.13, <2.2.3"
}
]
}
@ -58,26 +58,6 @@
"name": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1328.json",
"url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1328.json",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20220414 mutt 2.2.3 released - fixes CVE-2022-1328",
"url": "http://www.openwall.com/lists/oss-security/2022/04/14/3"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20220510 [SECURITY] [DLA 2999-1] mutt security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00010.html"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2022-f1a8f72bb8",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/35CD7NH4NFPF5OEG2PHI3CZ3UOK3ICXR/"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/167717/Mutt-mutt_decode_uuencoded-Memory-Disclosure.html",
"url": "http://packetstormsecurity.com/files/167717/Mutt-mutt_decode_uuencoded-Memory-Disclosure.html"
}
]
},

80
2022/20xxx/CVE-2022-20830.json
View File

@ -1,18 +1,86 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2022-09-28T16:00:00",
"ID": "CVE-2022-20830",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Cisco Software-Defined Application Visibility and Control on Cisco vManage Authentication Bypass Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco SD-WAN vManage ",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and Control (SD-AVC) on Cisco vManage could allow an unauthenticated, remote attacker to access the GUI of Cisco SD-AVC without authentication. This vulnerability exists because the GUI is accessible on self-managed cloud installations or local server installations of Cisco vManage. An attacker could exploit this vulnerability by accessing the exposed GUI of Cisco SD-AVC. A successful exploit could allow the attacker to view managed device names, SD-AVC logs, and SD-AVC DNS server IP addresses."
}
]
},
"exploit": [
{
"lang": "eng",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
}
],
"impact": {
"cvss": {
"baseScore": "5.3",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N ",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-306"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20220928 Cisco Software-Defined Application Visibility and Control on Cisco vManage Authentication Bypass Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-avc-NddSGB8"
}
]
},
"source": {
"advisory": "cisco-sa-sdwan-avc-NddSGB8",
"defect": [
[
"CSCvx43977"
]
],
"discovery": "INTERNAL"
}
}

80
2022/20xxx/CVE-2022-20837.json
View File

@ -1,18 +1,86 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2022-09-28T23:00:00",
"ID": "CVE-2022-20837",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Cisco IOS XE Software DNS NAT Protocol Application Layer Gateway Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS XE Software ",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability in the DNS application layer gateway (ALG) functionality that is used by Network Address Translation (NAT) in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. This vulnerability is due to a logic error that occurs when an affected device inspects certain TCP DNS packets. An attacker could exploit this vulnerability by sending crafted DNS packets through the affected device that is performing NAT for DNS packets. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition on the affected device. Note: This vulnerability can be exploited only by sending IPv4 TCP packets through an affected device. This vulnerability cannot be exploited by sending IPv6 traffic."
}
]
},
"exploit": [
{
"lang": "eng",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H ",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-754"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20220928 Cisco IOS XE Software DNS NAT Protocol Application Layer Gateway Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-alg-dos-KU9Z8kFX"
}
]
},
"source": {
"advisory": "cisco-sa-alg-dos-KU9Z8kFX",
"defect": [
[
"CSCwa78096"
]
],
"discovery": "INTERNAL"
}
}

83
2022/20xxx/CVE-2022-20864.json
View File

@ -1,18 +1,89 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2022-09-28T16:00:00",
"ID": "CVE-2022-20864",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Cisco IOS XE ROM Monitor Software for Catalyst Switches Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS XE Software ",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability in the password-recovery disable feature of Cisco IOS XE ROM Monitor (ROMMON) Software for Cisco Catalyst Switches could allow an unauthenticated, local attacker to recover the configuration or reset the enable password. This vulnerability is due to a problem with the file and boot variable permissions in ROMMON. An attacker could exploit this vulnerability by rebooting the switch into ROMMON and entering specific commands through the console. A successful exploit could allow the attacker to read any file or reset the enable password."
}
]
},
"exploit": [
{
"lang": "eng",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
}
],
"impact": {
"cvss": {
"baseScore": "4.6",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N ",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-538"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20220928 Cisco IOS XE ROM Monitor Software for Catalyst Switches Information Disclosure Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-info-disc-nrORXjO"
}
]
},
"source": {
"advisory": "cisco-sa-iosxe-info-disc-nrORXjO",
"defect": [
[
"CSCvx64514",
"CSCvx88952",
"CSCwa53008",
"CSCwa58212"
]
],
"discovery": "INTERNAL"
}
}

81
2022/20xxx/CVE-2022-20870.json
View File

@ -1,18 +1,87 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2022-09-28T23:00:00",
"ID": "CVE-2022-20870",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Cisco IOS XE Software for Catalyst Switches MPLS Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS XE Software ",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability in the egress MPLS packet processing function of Cisco IOS XE Software for Cisco Catalyst 3650, Catalyst 3850, and Catalyst 9000 Family Switches could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient input validation of IPv4 traffic. An attacker could exploit this vulnerability by sending a malformed packet out of an affected MPLS-enabled interface. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."
}
]
},
"exploit": [
{
"lang": "eng",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H ",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-130"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20220928 Cisco IOS XE Software for Catalyst Switches MPLS Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-mpls-dos-Ab4OUL3"
}
]
},
"source": {
"advisory": "cisco-sa-iosxe-mpls-dos-Ab4OUL3",
"defect": [
[
"CSCvy16234",
"CSCwa68343"
]
],
"discovery": "INTERNAL"
}
}

80
2022/20xxx/CVE-2022-20915.json
View File

@ -1,18 +1,86 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2022-09-28T16:00:00",
"ID": "CVE-2022-20915",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Cisco IOS XE Software IPv6 VPN over MPLS Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS XE Software ",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability in the implementation of IPv6 VPN over MPLS (6VPE) with Zone-Based Firewall (ZBFW) of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper error handling of an IPv6 packet that is forwarded from an MPLS and ZBFW-enabled interface in a 6VPE deployment. An attacker could exploit this vulnerability by sending a crafted IPv6 packet sourced from a device on the IPv6-enabled virtual routing and forwarding (VRF) interface through the affected device. A successful exploit could allow the attacker to reload the device, resulting in a DoS condition."
}
]
},
"exploit": [
{
"lang": "eng",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
}
],
"impact": {
"cvss": {
"baseScore": "7.4",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H ",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-115"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20220928 Cisco IOS XE Software IPv6 VPN over MPLS Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-6vpe-dos-tJBtf5Zv"
}
]
},
"source": {
"advisory": "cisco-sa-iosxe-6vpe-dos-tJBtf5Zv",
"defect": [
[
"CSCwa41184"
]
],
"discovery": "INTERNAL"
}
}

80
2022/20xxx/CVE-2022-20920.json
View File

@ -1,18 +1,86 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2022-09-28T16:00:00",
"ID": "CVE-2022-20920",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Cisco IOS and IOS XE Software SSH Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS ",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability in the SSH implementation of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. This vulnerability is due to improper handling of resources during an exceptional situation. An attacker could exploit this vulnerability by continuously connecting to an affected device and sending specific SSH requests. A successful exploit could allow the attacker to cause the affected device to reload."
}
]
},
"exploit": [
{
"lang": "eng",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
}
],
"impact": {
"cvss": {
"baseScore": "7.7",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H ",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-755"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20220928 Cisco IOS and IOS XE Software SSH Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssh-excpt-dos-FzOBQTnk"
}
]
},
"source": {
"advisory": "cisco-sa-ssh-excpt-dos-FzOBQTnk",
"defect": [
[
"CSCvx63027"
]
],
"discovery": "INTERNAL"
}
}

80
2022/20xxx/CVE-2022-20944.json
View File

@ -1,18 +1,86 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2022-09-28T16:00:00",
"ID": "CVE-2022-20944",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Cisco IOS XE Software for Catalyst 9200 Series Switches Arbitrary Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS XE Software ",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability in the software image verification functionality of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. This vulnerability is due to an improper check in the code function that manages the verification of the digital signatures of system image files during the initial boot process. An attacker could exploit this vulnerability by loading unsigned software on an affected device. A successful exploit could allow the attacker to boot a malicious software image or execute unsigned code and bypass the image verification check part of the boot process of the affected device. To exploit this vulnerability, the attacker needs either unauthenticated physical access to the device or privileged access to the root shell on the device. Note: In Cisco IOS XE Software releases 16.11.1 and later, root shell access is protected by the Consent Token mechanism. However, an attacker with level-15 privileges could easily downgrade the Cisco IOS XE Software running on a device to a release where root shell access is more readily available."
}
]
},
"exploit": [
{
"lang": "eng",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
}
],
"impact": {
"cvss": {
"baseScore": "6.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N ",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-347"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20220928 Cisco IOS XE Software for Catalyst 9200 Series Switches Arbitrary Code Execution Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-cat-verify-D4NEQA6q"
}
]
},
"source": {
"advisory": "cisco-sa-ios-xe-cat-verify-D4NEQA6q",
"defect": [
[
"CSCvx12117"
]
],
"discovery": "INTERNAL"
}
}

8
2022/22xxx/CVE-2022-22503.json
View File

@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Gain Access"
}
]
}
@ -70,18 +70,18 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "Robotic Process Automation",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "21.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "IBM"
}
]
}

4
2022/24xxx/CVE-2022-24281.json
View File

@ -19,7 +19,7 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions < V1.0.3"
}
]
}
@ -46,7 +46,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SINEC NMS (All versions). A privileged authenticated attacker could execute arbitrary commands in the local database by sending specially crafted requests to the webserver of the affected application."
"value": "A vulnerability has been identified in SINEC NMS (All versions < V1.0.3). A privileged authenticated attacker could execute arbitrary commands in the local database by sending specially crafted requests to the webserver of the affected application."
}
]
},

14
2022/24xxx/CVE-2022-24282.json
View File

@ -19,7 +19,17 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions < V1.0.3"
}
]
}
},
{
"product_name": "SINEC NMS",
"version": {
"version_data": [
{
"version_value": "All versions >= V1.0.3"
}
]
}
@ -46,7 +56,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SINEC NMS (All versions). The affected system allows to upload JSON objects that are deserialized to Java objects. Due to insecure deserialization of user-supplied content by the affected software, a privileged attacker could exploit this vulnerability by sending a maliciously crafted serialized Java object. This could allow the attacker to execute arbitrary code on the device with root privileges."
"value": "A vulnerability has been identified in SINEC NMS (All versions < V1.0.3), SINEC NMS (All versions >= V1.0.3). The affected system allows to upload JSON objects that are deserialized to Java objects. Due to insecure deserialization of user-supplied content by the affected software, a privileged attacker could exploit this vulnerability by sending a maliciously crafted serialized Java object. This could allow the attacker to execute arbitrary code on the device with root privileges."
}
]
},

14
2022/25xxx/CVE-2022-25311.json
View File

@ -19,7 +19,17 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions < V1.0.3"
}
]
}
},
{
"product_name": "SINEC NMS",
"version": {
"version_data": [
{
"version_value": "All versions >= V1.0.3"
}
]
}
@ -46,7 +56,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SINEC NMS (All versions). The affected software do not properly check privileges between users during the same web browser session, creating an unintended sphere of control. This could allow an authenticated low privileged user to achieve privilege escalation."
"value": "A vulnerability has been identified in SINEC NMS (All versions < V1.0.3), SINEC NMS (All versions >= V1.0.3). The affected software do not properly check privileges between users during the same web browser session, creating an unintended sphere of control. This could allow an authenticated low privileged user to achieve privilege escalation."
}
]
},

222
2022/25xxx/CVE-2022-25622.json
View File

@ -34,6 +34,56 @@
]
}
},
{
"product_name": "SIMATIC ET 200S IM151-8 PN/DP CPU",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
}
]
}
},
{
"product_name": "SIMATIC ET 200S IM151-8F PN/DP CPU",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
}
]
}
},
{
"product_name": "SIMATIC ET 200pro IM154-8 PN/DP CPU",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
}
]
}
},
{
"product_name": "SIMATIC ET 200pro IM154-8F PN/DP CPU",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
}
]
}
},
{
"product_name": "SIMATIC ET 200pro IM154-8FX PN/DP CPU",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
}
]
}
},
{
"product_name": "SIMATIC ET200AL IM157-1 PN",
"version": {
@ -194,6 +244,106 @@
]
}
},
{
"product_name": "SIMATIC S7-300 CPU 314C-2 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.3.19"
}
]
}
},
{
"product_name": "SIMATIC S7-300 CPU 315-2 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
}
]
}
},
{
"product_name": "SIMATIC S7-300 CPU 315F-2 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
}
]
}
},
{
"product_name": "SIMATIC S7-300 CPU 315T-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
}
]
}
},
{
"product_name": "SIMATIC S7-300 CPU 317-2 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
}
]
}
},
{
"product_name": "SIMATIC S7-300 CPU 317F-2 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
}
]
}
},
{
"product_name": "SIMATIC S7-300 CPU 317T-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
}
]
}
},
{
"product_name": "SIMATIC S7-300 CPU 317TF-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
}
]
}
},
{
"product_name": "SIMATIC S7-300 CPU 319-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
}
]
}
},
{
"product_name": "SIMATIC S7-300 CPU 319F-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
}
]
}
},
{
"product_name": "SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
"version": {
@ -394,6 +544,26 @@
]
}
},
{
"product_name": "SIPLUS ET 200S IM151-8 PN/DP CPU",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
}
]
}
},
{
"product_name": "SIPLUS ET 200S IM151-8F PN/DP CPU",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
}
]
}
},
{
"product_name": "SIPLUS HCS4200 CIM4210",
"version": {
@ -433,6 +603,56 @@
}
]
}
},
{
"product_name": "SIPLUS S7-300 CPU 314C-2 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.3.19"
}
]
}
},
{
"product_name": "SIPLUS S7-300 CPU 315-2 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
}
]
}
},
{
"product_name": "SIPLUS S7-300 CPU 315F-2 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
}
]
}
},
{
"product_name": "SIPLUS S7-300 CPU 317-2 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
}
]
}
},
{
"product_name": "SIPLUS S7-300 CPU 317F-2 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
}
]
}
}
]
}
@ -456,7 +676,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC CFU DIQ (All versions), SIMATIC CFU PA (All versions), SIMATIC ET200AL IM157-1 PN (All versions), SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 MF HF (All versions), SIMATIC ET200SP IM155-6 PN HA (incl. SIPLUS variants) (All versions), SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 PN/2 HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 PN/3 HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200ecoPN, CM 8x IO-Link, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DI 16x24VDC, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DI 8x24VDC, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DIQ 16x24VDC/2A, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DQ 8x24VDC/0,5A, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DQ 8x24VDC/2A, M12-L (All versions >= V5.1.1), SIMATIC PN/MF Coupler (All versions), SIMATIC PN/PN Coupler (All versions >= 4.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.0.0), SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.10), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants) (All versions < V8.2.3), SIMATIC TDC CP51M1 (All versions), SIMATIC TDC CPU555 (All versions), SIMATIC WinAC RTX (All versions), SIMIT Simulation Platform (All versions), SINAMICS DCM (All versions with Ethernet interface), SINAMICS G110M (All versions with Ethernet interface), SINAMICS G115D (All versions with Ethernet interface), SINAMICS G120 (incl. SIPLUS variants) (All versions with Ethernet interface), SINAMICS G130 (All versions), SINAMICS G150 (All versions), SINAMICS S110 (All versions with Ethernet interface), SINAMICS S120 (incl. SIPLUS variants) (All versions), SINAMICS S150 (All versions), SINAMICS S210 (All versions), SINAMICS V90 (All versions with Ethernet interface), SIPLUS HCS4200 CIM4210 (All versions), SIPLUS HCS4200 CIM4210C (All versions), SIPLUS HCS4300 CIM4310 (All versions), SIPLUS NET PN/PN Coupler (All versions >= 4.2). The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, improperly handles internal resources for TCP segments where the minimum TCP-Header length is less than defined. This could allow an attacker to create a denial of service condition for TCP services on affected devices by sending specially crafted TCP segments."
"value": "A vulnerability has been identified in SIMATIC CFU DIQ, SIMATIC CFU PA, SIMATIC ET 200S IM151-8 PN/DP CPU, SIMATIC ET 200S IM151-8F PN/DP CPU, SIMATIC ET 200pro IM154-8 PN/DP CPU, SIMATIC ET 200pro IM154-8F PN/DP CPU, SIMATIC ET 200pro IM154-8FX PN/DP CPU, SIMATIC ET200AL IM157-1 PN, SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 MF HF, SIMATIC ET200SP IM155-6 PN HA (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN/2 HF (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN/3 HF (incl. SIPLUS variants), SIMATIC ET200ecoPN, CM 8x IO-Link, M12-L, SIMATIC ET200ecoPN, DI 16x24VDC, M12-L, SIMATIC ET200ecoPN, DI 8x24VDC, M12-L, SIMATIC ET200ecoPN, DIQ 16x24VDC/2A, M12-L, SIMATIC ET200ecoPN, DQ 8x24VDC/0,5A, M12-L, SIMATIC ET200ecoPN, DQ 8x24VDC/2A, M12-L, SIMATIC PN/MF Coupler, SIMATIC PN/PN Coupler, SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants), SIMATIC S7-300 CPU 314C-2 PN/DP, SIMATIC S7-300 CPU 315-2 PN/DP, SIMATIC S7-300 CPU 315F-2 PN/DP, SIMATIC S7-300 CPU 315T-3 PN/DP, SIMATIC S7-300 CPU 317-2 PN/DP, SIMATIC S7-300 CPU 317F-2 PN/DP, SIMATIC S7-300 CPU 317T-3 PN/DP, SIMATIC S7-300 CPU 317TF-3 PN/DP, SIMATIC S7-300 CPU 319-3 PN/DP, SIMATIC S7-300 CPU 319F-3 PN/DP, SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants), SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants), SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants), SIMATIC TDC CP51M1, SIMATIC TDC CPU555, SIMATIC WinAC RTX, SIMIT Simulation Platform, SINAMICS DCM, SINAMICS G110M, SINAMICS G115D, SINAMICS G120 (incl. SIPLUS variants), SINAMICS G130, SINAMICS G150, SINAMICS S110, SINAMICS S120 (incl. SIPLUS variants), SINAMICS S150, SINAMICS S210, SINAMICS V90, SIPLUS ET 200S IM151-8 PN/DP CPU, SIPLUS ET 200S IM151-8F PN/DP CPU, SIPLUS HCS4200 CIM4210, SIPLUS HCS4200 CIM4210C, SIPLUS HCS4300 CIM4310, SIPLUS NET PN/PN Coupler, SIPLUS S7-300 CPU 314C-2 PN/DP, SIPLUS S7-300 CPU 315-2 PN/DP, SIPLUS S7-300 CPU 315F-2 PN/DP, SIPLUS S7-300 CPU 317-2 PN/DP, SIPLUS S7-300 CPU 317F-2 PN/DP. The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, improperly handles internal resources for TCP segments where the minimum TCP-Header length is less than defined. This could allow an attacker to create a denial of service condition for TCP services on affected devices by sending specially crafted TCP segments."
}
]
},

10
2022/25xxx/CVE-2022-25765.json
View File

@ -61,6 +61,16 @@
"refsource": "MISC",
"url": "https://github.com/pdfkit/pdfkit/blob/46cdf53ec540da1a1a2e4da979e3e5fe2f92a257/lib/pdfkit/pdfkit.rb%23L55-L58",
"name": "https://github.com/pdfkit/pdfkit/blob/46cdf53ec540da1a1a2e4da979e3e5fe2f92a257/lib/pdfkit/pdfkit.rb%23L55-L58"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2022-6da143f1a2",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JFB2BFKH5SUGRKXMY6PWRQNGKZML7GDT/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2022-3ec8272e72",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ESWB6SX7HYWQ54UGBGQOZ7G24O6RAOKD/"
}
]
},

10
2022/25xxx/CVE-2022-25795.json
View File

@ -11,21 +11,21 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "Revit, Navisworks, Autodesk\u00ae Advance Steel, AutoCAD\u00ae, AutoCAD\u00ae Architecture, AutoCAD\u00ae Electrical, AutoCAD\u00ae Map 3D, AutoCAD\u00ae Mechanical, AutoCAD\u00ae MEP, AutoCAD\u00ae Plant 3D, AutoCAD\u00ae LT, Autodesk\u00ae Civil 3D, AutoCAD\u00ae Mac, AutoCAD\u00ae LT for Mac",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "prior to 9.0.7"
}
]
}
}
]
},
"vendor_name": "n/a"
}
}
]
}
@ -36,7 +36,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Out-of-bound Write"
}
]
}

15
2022/27xxx/CVE-2022-27810.json
View File

@ -9,21 +9,26 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Facebook",
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "Hermes",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_affected": "!>=",
"version_value": "0.12.0"
},
{
"version_affected": "<",
"version_value": "0.12.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
}
]
}
@ -45,7 +50,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-674: Uncontrolled Recursion"
}
]
}

95
2022/2xxx/CVE-2022-2350.json
View File

@ -1,18 +1,83 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-2350",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2022-2350",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Disable User Login <= 1.0.1 - Unauthenticated Settings Update"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Disable User Login",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "1.0.1",
"version_value": "1.0.1"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Disable User Login WordPress plugin through 1.0.1 does not have authorisation and CSRF checks when updating its settings, allowing unauthenticated attackers to block (or unblock) users at will."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/de28543b-c110-4a9f-bfe9-febccfba3a96",
"name": "https://wpscan.com/vulnerability/de28543b-c110-4a9f-bfe9-febccfba3a96"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-862 Missing Authorization",
"lang": "eng"
}
]
},
{
"description": [
{
"value": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Rafshanzani Suhada"
}
],
"source": {
"discovery": "EXTERNAL"
}
}

89
2022/2xxx/CVE-2022-2448.json
View File

@ -1,18 +1,75 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-2448",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2022-2448",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "reSmush.it Image Optimizer < 0.4.6 - Admin+ Cross-Site Scripting"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "reSmush.it : the only free Image Optimizer & compress plugin",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0.4.6",
"version_value": "0.4.6"
}
]
}
}
]
}
}
]
}
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The reSmush.it WordPress plugin before 0.4.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when unfiltered_html is disallowed."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/a4599942-2878-4da4-b55d-077775323b61",
"name": "https://wpscan.com/vulnerability/a4599942-2878-4da4-b55d-077775323b61"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Raad Haddad of Cloudyrion GmbH"
}
],
"source": {
"discovery": "EXTERNAL"
}
}

10
2022/2xxx/CVE-2022-2553.json
View File

@ -11,21 +11,21 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "Booth",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "Booth versions after v1.0-85-gda79b8b are vulnerable. Resolved in booth v1.0-263-g35bf0b7."
}
]
}
}
]
},
"vendor_name": "n/a"
}
}
]
}
@ -36,7 +36,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-287"
}
]
}

87
2022/2xxx/CVE-2022-2554.json
View File

@ -1,18 +1,75 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-2554",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2022-2554",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Enable Media Replace < 4.0.0 - Admin+ Path Traversal"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Enable Media Replace",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.0.0",
"version_value": "4.0.0"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Enable Media Replace WordPress plugin before 4.0.0 does not ensure that renamed files are moved to the Upload folder, which could allow high privilege users such as admin to move them outside to the web root directory via a path traversal attack for example"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/5872f4bf-f423-4ace-b8b6-d4cc4f6ca8d9",
"name": "https://wpscan.com/vulnerability/5872f4bf-f423-4ace-b8b6-d4cc4f6ca8d9"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Raad Haddad of Cloudyrion GmbH"
}
],
"source": {
"discovery": "EXTERNAL"
}
}

87
2022/2xxx/CVE-2022-2629.json
View File

@ -1,18 +1,75 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-2629",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2022-2629",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Top Bar < 3.0.4 - Admin+ Stored Cross-Site Scripting"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Top Bar",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3.0.4",
"version_value": "3.0.4"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Top Bar WordPress plugin before 3.0.4 does not sanitise and escape some of its settings before outputting them in frontend pages, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/25a0d41f-3b6f-4d18-b4d5-767ac60ee8a8",
"name": "https://wpscan.com/vulnerability/25a0d41f-3b6f-4d18-b4d5-767ac60ee8a8"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Asif Nawaz Minhas"
}
],
"source": {
"discovery": "EXTERNAL"
}
}

9
2022/2xxx/CVE-2022-2637.json
View File

@ -12,18 +12,19 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "Hitachi Storage Plug-in for VMware vCenter",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_affected": "=",
"version_value": "04.8.0"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "Hitachi"
}
]
}
@ -64,7 +65,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-266 Incorrect Privilege Assignment"
}
]
}

31
2022/2xxx/CVE-2022-2781.json
View File

@ -11,21 +11,42 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Octopus Deploy",
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "Octopus Server",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "3.2.10",
"version_affected": ">="
},
{
"version_value": "2022.1.3154",
"version_affected": "<"
},
{
"version_value": "2022.2.6729",
"version_affected": ">="
},
{
"version_value": "2022.2.7897",
"version_affected": "<"
},
{
"version_value": "2022.3.348",
"version_affected": ">="
},
{
"version_value": "2022.3.10586",
"version_affected": "<"
}
]
}
}
]
},
"vendor_name": "n/a"
}
}
]
}
@ -36,7 +57,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Encryption"
}
]
}

31
2022/2xxx/CVE-2022-2783.json
View File

@ -11,21 +11,42 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Octopus Deploy",
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "Octopus Server",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "3.12.0",
"version_affected": ">="
},
{
"version_value": "2022.1.3154",
"version_affected": "<"
},
{
"version_value": "2022.2.6729",
"version_affected": ">="
},
{
"version_value": "2022.2.7897",
"version_affected": "<"
},
{
"version_value": "2022.3.348",
"version_affected": ">="
},
{
"version_value": "2022.3.10586",
"version_affected": "<"
}
]
}
}
]
},
"vendor_name": "n/a"
}
}
]
}
@ -36,7 +57,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CSRF"
}
]
}

87
2022/2xxx/CVE-2022-2823.json
View File

@ -1,18 +1,75 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-2823",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2022-2823",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Slider, Gallery, and Carousel by MetaSlider < 3.27.9 - Admin+ Stored Cross Site Scripting"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Slider, Gallery, and Carousel by MetaSlider Responsive WordPress Plugin",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3.27.9",
"version_value": "3.27.9"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Slider, Gallery, and Carousel by MetaSlider WordPress plugin before 3.27.9 does not sanitise and escape some of its Gallery Image parameters, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/c88c85b3-2830-4354-99fd-af6bce6bb4ef",
"name": "https://wpscan.com/vulnerability/c88c85b3-2830-4354-99fd-af6bce6bb4ef"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Anurag Bhoir"
}
],
"source": {
"discovery": "EXTERNAL"
}
}

87
2022/2xxx/CVE-2022-2891.json
View File

@ -1,18 +1,75 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-2891",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2022-2891",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "WP 2FA < 2.3.0 - Time-Based Side-Channel Attack"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "WP 2FA Two-factor authentication for WordPress",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.3.0",
"version_value": "2.3.0"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WP 2FA WordPress plugin before 2.3.0 uses comparison operators that don't mitigate time-based attacks, which could be abused to leak information about the authentication codes being compared."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/301b3dce-2584-46ec-92ed-1c0626522120",
"name": "https://wpscan.com/vulnerability/301b3dce-2584-46ec-92ed-1c0626522120"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-200 Information Exposure",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Calvin Alkan"
}
],
"source": {
"discovery": "EXTERNAL"
}
}

13
2022/2xxx/CVE-2022-2928.json
View File

@ -16,18 +16,23 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "ISC DHCP",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_name": "4.4",
"version_value": "4.4.0 through versions before 4.4.3-P1"
},
{
"version_name": "4.1 ESV",
"version_value": "4.1-ESV-R1 through versions before 4.1-ESV-R16-P1"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "ISC"
}
]
}
@ -74,7 +79,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "A DHCP server configured with allow leasequery;, a remote machine with access to the server can send lease queries for the same lease multiple times, leading to the add_option() function being repeatedly called. This could cause an option's refcount field to overflow and the server to abort. Internally, reference counters are integers and thus overflow at 2^31 references, so even at 1000 lease query responses per second, it would take more than three weeks to crash the server. Affects In ISC DHCP 4.4.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1"
}
]
}

13
2022/2xxx/CVE-2022-2929.json
View File

@ -16,18 +16,23 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "ISC DHCP",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_name": "1.0",
"version_value": "1.0 through versions before 4.1-ESV-R16-P2"
},
{
"version_name": "4.2",
"version_value": "4.2 through versions before 4.4.3.-P1"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "ISC"
}
]
}
@ -74,7 +79,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "The function fqdn_universe_decode() allocates buffer space for the contents of option 81 (fqdn) data received in a DHCP packet. The maximum length of a DNS label is 63 bytes. The function tests the length byte of each label contained in the fqdn; if it finds a label whose length byte value is larger than 63, it returns without dereferencing the buffer space. This will cause a memory leak. Affects In ISC DHCP 1.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1"
}
]
}

15
2022/2xxx/CVE-2022-2975.json
View File

@ -12,18 +12,25 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "Avaya Aura Application Enablement Services",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_affected": "<=",
"version_name": "10.1.x",
"version_value": "10.1.0.1"
},
{
"version_affected": "<=",
"version_name": "8.x",
"version_value": "8.1.3.4"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "Avaya"
}
]
}
@ -64,7 +71,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-269 Improper Privilege Management"
}
]
}

87
2022/2xxx/CVE-2022-2981.json
View File

@ -1,18 +1,75 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-2981",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2022-2981",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Download Monitor < 4.5.98 - Admin+ Arbitrary File Download"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Download Monitor",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.5.98",
"version_value": "4.5.98"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Download Monitor WordPress plugin before 4.5.98 does not ensure that files to be downloaded are inside the blog folders, and not sensitive, allowing high privilege users such as admin to download the wp-config.php or /etc/passwd even in an hardened environment or multisite setup."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/30ce32ce-161c-4388-8d22-751350b7b305",
"name": "https://wpscan.com/vulnerability/30ce32ce-161c-4388-8d22-751350b7b305"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-552 Files or Directories Accessible to External Parties",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Raad Haddad of Cloudyrion GmbH"
}
],
"source": {
"discovery": "EXTERNAL"
}
}

10
2022/2xxx/CVE-2022-2986.json
View File

@ -11,21 +11,21 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "moodle",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "moodle 4.0.3 and moodle 3.11.9"
}
]
}
}
]
},
"vendor_name": "n/a"
}
}
]
}
@ -36,7 +36,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CSRF"
}
]
}

2
2022/30xxx/CVE-2022-30952.json
View File

@ -49,7 +49,7 @@
"description": [
{
"lang": "eng",
"value": "CWE-668: Exposure of Resource to Wrong Sphere"
"value": "CWE-522: Insufficiently Protected Credentials"
}
]
}

14
2022/31xxx/CVE-2022-31008.json
View File

@ -12,18 +12,24 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "rabbitmq-server",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "< 3.8.32"
},
{
"version_value": ">= 3.9.0, < 3.9.18"
},
{
"version_value": ">= 3.10.0, < 3.10.2"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "rabbitmq"
}
]
}
@ -61,7 +67,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-330: Use of Insufficiently Random Values"
}
]
}

53
2022/31xxx/CVE-2022-31252.json
View File

@ -13,18 +13,63 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "SUSE Linux Enterprise Server 12-SP5",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_affected": "<",
"version_name": "permissions",
"version_value": "20170707"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "SUSE"
},
{
"product": {
"product_data": [
{
"product_name": "openSUSE Leap 15.3",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "permissions",
"version_value": "20200127"
}
]
}
},
{
"product_name": "openSUSE Leap 15.4",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "permissions",
"version_value": "20201225"
}
]
}
},
{
"product_name": "openSUSE Leap Micro 5.2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "permissions",
"version_value": "20181225"
}
]
}
}
]
},
"vendor_name": "openSUSE"
}
]
}
@ -71,7 +116,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-863: Incorrect Authorization"
}
]
}

1906
2022/31xxx/CVE-2022-31765.json
View File

File diff suppressed because it is too large Load Diff

346
2022/31xxx/CVE-2022-31766.json
View File

@ -1,17 +1,351 @@
{
"data_type": "CVE",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-31766",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-31766",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "RUGGEDCOM RM1224 LTE(4G) EU",
"version": {
"version_data": [
{
"version_value": "All versions < V7.1.2"
}
]
}
},
{
"product_name": "RUGGEDCOM RM1224 LTE(4G) NAM",
"version": {
"version_data": [
{
"version_value": "All versions < V7.1.2"
}
]
}
},
{
"product_name": "SCALANCE M804PB",
"version": {
"version_data": [
{
"version_value": "All versions < V7.1.2"
}
]
}
},
{
"product_name": "SCALANCE M812-1 ADSL-Router (Annex A)",
"version": {
"version_data": [
{
"version_value": "All versions < V7.1.2"
}
]
}
},
{
"product_name": "SCALANCE M812-1 ADSL-Router (Annex B)",
"version": {
"version_data": [
{
"version_value": "All versions < V7.1.2"
}
]
}
},
{
"product_name": "SCALANCE M816-1 ADSL-Router (Annex A)",
"version": {
"version_data": [
{
"version_value": "All versions < V7.1.2"
}
]
}
},
{
"product_name": "SCALANCE M816-1 ADSL-Router (Annex B)",
"version": {
"version_data": [
{
"version_value": "All versions < V7.1.2"
}
]
}
},
{
"product_name": "SCALANCE M826-2 SHDSL-Router",
"version": {
"version_data": [
{
"version_value": "All versions < V7.1.2"
}
]
}
},
{
"product_name": "SCALANCE M874-2",
"version": {
"version_data": [
{
"version_value": "All versions < V7.1.2"
}
]
}
},
{
"product_name": "SCALANCE M874-3",
"version": {
"version_data": [
{
"version_value": "All versions < V7.1.2"
}
]
}
},
{
"product_name": "SCALANCE M876-3 (EVDO)",
"version": {
"version_data": [
{
"version_value": "All versions < V7.1.2"
}
]
}
},
{
"product_name": "SCALANCE M876-3 (ROK)",
"version": {
"version_data": [
{
"version_value": "All versions < V7.1.2"
}
]
}
},
{
"product_name": "SCALANCE M876-4 (EU)",
"version": {
"version_data": [
{
"version_value": "All versions < V7.1.2"
}
]
}
},
{
"product_name": "SCALANCE M876-4 (NAM)",
"version": {
"version_data": [
{
"version_value": "All versions < V7.1.2"
}
]
}
},
{
"product_name": "SCALANCE MUM853-1 (EU)",
"version": {
"version_data": [
{
"version_value": "All versions < V7.1.2"
}
]
}
},
{
"product_name": "SCALANCE MUM856-1 (EU)",
"version": {
"version_data": [
{
"version_value": "All versions < V7.1.2"
}
]
}
},
{
"product_name": "SCALANCE MUM856-1 (RoW)",
"version": {
"version_data": [
{
"version_value": "All versions < V7.1.2"
}
]
}
},
{
"product_name": "SCALANCE S615",
"version": {
"version_data": [
{
"version_value": "All versions < V7.1.2"
}
]
}
},
{
"product_name": "SCALANCE WAM763-1",
"version": {
"version_data": [
{
"version_value": "All versions >= V1.1.0"
}
]
}
},
{
"product_name": "SCALANCE WAM766-1",
"version": {
"version_data": [
{
"version_value": "All versions >= V1.1.0"
}
]
}
},
{
"product_name": "SCALANCE WAM766-1",
"version": {
"version_data": [
{
"version_value": "All versions >= V1.1.0"
}
]
}
},
{
"product_name": "SCALANCE WAM766-1 6GHz",
"version": {
"version_data": [
{
"version_value": "All versions >= V1.1.0"
}
]
}
},
{
"product_name": "SCALANCE WAM766-1 EEC",
"version": {
"version_data": [
{
"version_value": "All versions >= V1.1.0"
}
]
}
},
{
"product_name": "SCALANCE WAM766-1 EEC",
"version": {
"version_data": [
{
"version_value": "All versions >= V1.1.0"
}
]
}
},
{
"product_name": "SCALANCE WAM766-1 EEC 6GHz",
"version": {
"version_data": [
{
"version_value": "All versions >= V1.1.0"
}
]
}
},
{
"product_name": "SCALANCE WUM763-1",
"version": {
"version_data": [
{
"version_value": "All versions >= V1.1.0"
}
]
}
},
{
"product_name": "SCALANCE WUM763-1",
"version": {
"version_data": [
{
"version_value": "All versions >= V1.1.0"
}
]
}
},
{
"product_name": "SCALANCE WUM766-1",
"version": {
"version_data": [
{
"version_value": "All versions >= V1.1.0"
}
]
}
},
{
"product_name": "SCALANCE WUM766-1",
"version": {
"version_data": [
{
"version_value": "All versions >= V1.1.0"
}
]
}
},
{
"product_name": "SCALANCE WUM766-1 6GHz",
"version": {
"version_data": [
{
"version_value": "All versions >= V1.1.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions < V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions < V7.1.2), SCALANCE M804PB (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions < V7.1.2), SCALANCE M826-2 SHDSL-Router (All versions < V7.1.2), SCALANCE M874-2 (All versions < V7.1.2), SCALANCE M874-3 (All versions < V7.1.2), SCALANCE M876-3 (EVDO) (All versions < V7.1.2), SCALANCE M876-3 (ROK) (All versions < V7.1.2), SCALANCE M876-4 (EU) (All versions < V7.1.2), SCALANCE M876-4 (NAM) (All versions < V7.1.2), SCALANCE MUM853-1 (EU) (All versions < V7.1.2), SCALANCE MUM856-1 (EU) (All versions < V7.1.2), SCALANCE MUM856-1 (RoW) (All versions < V7.1.2), SCALANCE S615 (All versions < V7.1.2), SCALANCE WAM763-1 (All versions >= V1.1.0), SCALANCE WAM766-1 (All versions >= V1.1.0), SCALANCE WAM766-1 (All versions >= V1.1.0), SCALANCE WAM766-1 6GHz (All versions >= V1.1.0), SCALANCE WAM766-1 EEC (All versions >= V1.1.0), SCALANCE WAM766-1 EEC (All versions >= V1.1.0), SCALANCE WAM766-1 EEC 6GHz (All versions >= V1.1.0), SCALANCE WUM763-1 (All versions >= V1.1.0), SCALANCE WUM763-1 (All versions >= V1.1.0), SCALANCE WUM766-1 (All versions >= V1.1.0), SCALANCE WUM766-1 (All versions >= V1.1.0), SCALANCE WUM766-1 6GHz (All versions >= V1.1.0). Affected devices with TCP Event service enabled do not properly handle malformed packets. This could allow an unauthenticated remote attacker to cause a denial of service and reboot the device thus possibly affecting other network resources."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf"
}
]
}

15
2022/32xxx/CVE-2022-32171.json
View File

@ -10,21 +10,26 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "zinc",
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "zinc",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "v0.1.9",
"version_affected": ">="
},
{
"version_value": "v0.3.1",
"version_affected": "<="
}
]
}
}
]
},
"vendor_name": "n/a"
}
}
]
}
@ -85,7 +90,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
}
]
}

15
2022/32xxx/CVE-2022-32172.json
View File

@ -10,21 +10,26 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "zinc",
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "zinc",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "v0.1.9",
"version_affected": ">="
},
{
"version_value": "v0.3.1",
"version_affected": "<="
}
]
}
}
]
},
"vendor_name": "n/a"
}
}
]
}
@ -85,7 +90,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
}
]
}

97
2022/32xxx/CVE-2022-32174.json
View File

@ -1,18 +1,103 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "vulnerabilitylab@whitesourcesoftware.com",
"ID": "CVE-2022-32174",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"DATE_PUBLIC": "Oct 6, 2022, 12:00:00 AM",
"TITLE": "Gogs - XSS"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "gogs",
"product": {
"product_data": [
{
"product_name": "gogs",
"version": {
"version_data": [
{
"version_value": "v0.6.5",
"version_affected": ">="
},
{
"version_value": "v0.12.10",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Mend Vulnerability Research Team (MVR)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In Gogs, versions v0.6.5 through v0.12.10 are vulnerable to Stored Cross-Site Scripting (XSS) that leads to an account takeover."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"version": 3.1,
"baseScore": 9.0,
"baseSeverity": "CRITICAL"
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://www.mend.io/vulnerability-database/CVE-2022-32174",
"name": "https://www.mend.io/vulnerability-database/CVE-2022-32174"
},
{
"refsource": "MISC",
"url": "https://github.com/gogs/gogs/blob/v0.12.10/public/js/gogs.js#L263",
"name": "https://github.com/gogs/gogs/blob/v0.12.10/public/js/gogs.js#L263"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
}
]
}
]
},
"source": {
"advisory": "https://www.mend.io/vulnerability-database/",
"discovery": "UNKNOWN"
}
}

97
2022/32xxx/CVE-2022-32175.json
View File

@ -1,18 +1,103 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "vulnerabilitylab@whitesourcesoftware.com",
"ID": "CVE-2022-32175",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"DATE_PUBLIC": "Oct 11, 2022, 12:00:00 AM",
"TITLE": "AdGuardHome - CSRF"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "AdguardHome",
"product": {
"product_data": [
{
"product_name": "AdguardHome",
"version": {
"version_data": [
{
"version_value": "v0.99.0",
"version_affected": ">="
},
{
"version_value": "v0.108.0-b.9",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Mend Vulnerability Research Team (MVR)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In AdGuardHome, versions v0.95 through v0.108.0-b.13 are vulnerable to Cross-Site Request Forgery (CSRF), in the custom filtering rules functionality. An attacker can persuade an authorized user to follow a malicious link, resulting in deleting/modifying the custom filtering rules."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"version": 3.1,
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://www.mend.io/vulnerability-database/CVE-2022-32175",
"name": "https://www.mend.io/vulnerability-database/CVE-2022-32175"
},
{
"refsource": "MISC",
"url": "https://github.com/AdguardTeam/AdGuardHome/blob/v0.108.0-b.13/internal/home/controlfiltering.go#L265",
"name": "https://github.com/AdguardTeam/AdGuardHome/blob/v0.108.0-b.13/internal/home/controlfiltering.go#L265"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"source": {
"advisory": "https://www.mend.io/vulnerability-database/",
"discovery": "UNKNOWN"
}
}

63
2022/32xxx/CVE-2022-32234.json
View File

@ -1,17 +1,68 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "cve-assign@fb.com",
"DATE_ASSIGNED": "2022-06-02",
"ID": "CVE-2022-32234",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Facebook",
"product": {
"product_data": [
{
"product_name": "Hermes",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "prior to commit 06eaec767e376bfdb883d912cb15e987ddf2bda1"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An out of bounds write in hermes, while handling large arrays, prior to commit 06eaec767e376bfdb883d912cb15e987ddf2bda1 allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted JavaScript. Hence, most React Native applications are not affected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787: Out-of-Bounds Write"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://github.com/facebook/hermes/commit/06eaec767e376bfdb883d912cb15e987ddf2bda1",
"url": "https://github.com/facebook/hermes/commit/06eaec767e376bfdb883d912cb15e987ddf2bda1"
},
{
"refsource": "CONFIRM",
"name": "https://www.facebook.com/security/advisories/CVE-2022-32234",
"url": "https://www.facebook.com/security/advisories/CVE-2022-32234"
}
]
}

37
2022/33xxx/CVE-2022-33139.json
View File

@ -14,6 +14,36 @@
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Cerberus DMS",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "Desigo CC",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "Desigo CC Compact",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC WinCC OA V3.16",
"version": {
@ -66,7 +96,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC WinCC OA V3.16 (All versions in default configuration), SIMATIC WinCC OA V3.17 (All versions in non-default configuration), SIMATIC WinCC OA V3.18 (All versions in non-default configuration). Affected applications use client-side only authentication, when neither server-side authentication (SSA) nor Kerberos authentication is enabled. In this configuration, attackers could impersonate other users or exploit the client-server protocol without being authenticated."
"value": "A vulnerability has been identified in Cerberus DMS (All versions), Desigo CC (All versions), Desigo CC Compact (All versions), SIMATIC WinCC OA V3.16 (All versions in default configuration), SIMATIC WinCC OA V3.17 (All versions in non-default configuration), SIMATIC WinCC OA V3.18 (All versions in non-default configuration). Affected applications use client-side only authentication, when neither server-side authentication (SSA) nor Kerberos authentication is enabled. In this configuration, attackers could impersonate other users or exploit the client-server protocol without being authenticated."
}
]
},
@ -76,6 +106,11 @@
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-111512.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-111512.pdf"
},
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-836027.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-836027.pdf"
}
]
}

115
2022/33xxx/CVE-2022-33746.json
View File

@ -1,18 +1,121 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "security@xen.org",
"ID": "CVE-2022-33746",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "xen",
"version": {
"version_data": [
{
"version_affected": "?",
"version_value": "consult Xen advisory XSA-410"
}
]
}
}
]
},
"vendor_name": "Xen"
}
]
}
},
"configuration": {
"configuration_data": {
"description": {
"description_data": [
{
"lang": "eng",
"value": "All Xen versions are vulnerable.\n\nx86 HVM and PVH guests as well as Arm guests can trigger the\nvulnerability. x86 PV guests cannot trigger the vulnerability."
}
]
}
}
},
"credit": {
"credit_data": {
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue was discovered by Julien Grall of Amazon."
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "P2M pool freeing may take excessively long The P2M pool backing second level address translation for guests may be of significant size. Therefore its freeing may take more time than is reasonable without intermediate preemption checks. Such checking for the need to preempt was so far missing."
}
]
},
"impact": {
"impact_data": {
"description": {
"description_data": [
{
"lang": "eng",
"value": "A group of collaborating guests can cause the temporary locking up of a\nCPU, potentially leading to a Denial of Service (DoS) affecting the\nentire host."
}
]
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "unknown"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://xenbits.xenproject.org/xsa/advisory-410.txt",
"refsource": "MISC",
"name": "https://xenbits.xenproject.org/xsa/advisory-410.txt"
},
{
"refsource": "CONFIRM",
"name": "http://xenbits.xen.org/xsa/advisory-410.html",
"url": "http://xenbits.xen.org/xsa/advisory-410.html"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20221011 Xen Security Advisory 410 v3 (CVE-2022-33746) - P2M pool freeing may take excessively long",
"url": "http://www.openwall.com/lists/oss-security/2022/10/11/3"
}
]
},
"workaround": {
"workaround_data": {
"description": {
"description_data": [
{
"lang": "eng",
"value": "Running only PV guests will avoid the vulnerability."
}
]
}
}
}
}

103
2022/33xxx/CVE-2022-33747.json
View File

@ -1,18 +1,109 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "security@xen.org",
"ID": "CVE-2022-33747",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "xen",
"version": {
"version_data": [
{
"version_affected": "?",
"version_value": "consult Xen advisory XSA-409"
}
]
}
}
]
},
"vendor_name": "Xen"
}
]
}
},
"configuration": {
"configuration_data": {
"description": {
"description_data": [
{
"lang": "eng",
"value": "All versions of Xen are affected.\n\nOnly Arm systems are vulnerable. x86 systems are not vulnerable."
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Arm: unbounded memory consumption for 2nd-level page tables Certain actions require e.g. removing pages from a guest's P2M (Physical-to-Machine) mapping. When large pages are in use to map guest pages in the 2nd-stage page tables, such a removal operation may incur a memory allocation (to replace a large mapping with individual smaller ones). These memory allocations are taken from the global memory pool. A malicious guest might be able to cause the global memory pool to be exhausted by manipulating its own P2M mappings."
}
]
},
"impact": {
"impact_data": {
"description": {
"description_data": [
{
"lang": "eng",
"value": "A malicious guest could cause a Denial of Service, preventing any system\noperation requiring further allocation of Xen memory, including creating\nnew guests. NB however that memory exhaustion by itself shouldn\u2019t cause\neither Xen or properly-written guests to crash."
}
]
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "unknown"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://xenbits.xenproject.org/xsa/advisory-409.txt",
"refsource": "MISC",
"name": "https://xenbits.xenproject.org/xsa/advisory-409.txt"
},
{
"refsource": "CONFIRM",
"name": "http://xenbits.xen.org/xsa/advisory-409.html",
"url": "http://xenbits.xen.org/xsa/advisory-409.html"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20221011 Xen Security Advisory 409 v3 (CVE-2022-33747) - Arm: unbounded memory consumption for 2nd-level page tables",
"url": "http://www.openwall.com/lists/oss-security/2022/10/11/5"
}
]
},
"workaround": {
"workaround_data": {
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is no known mitigation."
}
]
}
}
}
}

115
2022/33xxx/CVE-2022-33748.json
View File

@ -1,18 +1,121 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "security@xen.org",
"ID": "CVE-2022-33748",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "xen",
"version": {
"version_data": [
{
"version_affected": "?",
"version_value": "consult Xen advisory XSA-411"
}
]
}
}
]
},
"vendor_name": "Xen"
}
]
}
},
"configuration": {
"configuration_data": {
"description": {
"description_data": [
{
"lang": "eng",
"value": "Xen versions 4.0 and newer are vulnerable. Xen versions 3.4 and older\nare not vulnerable.\n\nOnly guests with access to transitive grants can exploit the\nvulnerability. In particular, this means that:\n\n * ARM systems which have taken the XSA-268 fix are not vulnerable, as\n Grant Table v2 was disabled for other security reasons.\n\n * All systems with the XSA-226 fixes, and booted with\n `gnttab=max-ver:1` or `gnttab=no-transitive` are not vulnerable.\n\n * From Xen 4.16, the maximum grant table version can be controlled on a\n per-domain basis. For the xl toolstack, the vulnerability does not\n manifest if either:\n\n 1) Every guest has `max_grant_version=1` in their configuration file,\n or\n\n 2) The global xl.conf has `max_grant_version=1`, and no guests have\n the default overridden by selecting `max_grant_version=2`.\n\nOnly multiple cooperating guests can exploit the vulnerability."
}
]
}
}
},
"credit": {
"credit_data": {
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue was discovered by Jan Beulich of SUSE."
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "lock order inversion in transitive grant copy handling As part of XSA-226 a missing cleanup call was inserted on an error handling path. While doing so, locking requirements were not paid attention to. As a result two cooperating guests granting each other transitive grants can cause locks to be acquired nested within one another, but in respectively opposite order. With suitable timing between the involved grant copy operations this may result in the locking up of a CPU."
}
]
},
"impact": {
"impact_data": {
"description": {
"description_data": [
{
"lang": "eng",
"value": "Malicious or buggy guest kernels may be able to mount a Denial of\nService (DoS) attack affecting the entire system."
}
]
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "unknown"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://xenbits.xenproject.org/xsa/advisory-411.txt",
"refsource": "MISC",
"name": "https://xenbits.xenproject.org/xsa/advisory-411.txt"
},
{
"refsource": "CONFIRM",
"name": "http://xenbits.xen.org/xsa/advisory-411.html",
"url": "http://xenbits.xen.org/xsa/advisory-411.html"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20221011 Xen Security Advisory 411 v3 (CVE-2022-33748) - lock order inversion in transitive grant copy handling",
"url": "http://www.openwall.com/lists/oss-security/2022/10/11/2"
}
]
},
"workaround": {
"workaround_data": {
"description": {
"description_data": [
{
"lang": "eng",
"value": "Disallowing the use of transitive grants either via the\n`gnttab=no-transitive` Xen command line option, or by disabling grant\ninterface version 2 altogether via the `gnttab=max-ver:1` Xen command\nline option or the xl controls as mentioned above will avoid the\nvulnerability."
}
]
}
}
}
}

103
2022/33xxx/CVE-2022-33749.json
View File

@ -1,18 +1,109 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "security@xen.org",
"ID": "CVE-2022-33749",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Xapi",
"version": {
"version_data": [
{
"version_affected": "?",
"version_value": "consult Xen advisory XSA-413"
}
]
}
}
]
},
"vendor_name": "Xapi"
}
]
}
},
"configuration": {
"configuration_data": {
"description": {
"description_data": [
{
"lang": "eng",
"value": "All versions of XAPI are vulnerable.\n\nSystems which are not using the XAPI toolstack are not vulnerable."
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "XAPI open file limit DoS It is possible for an unauthenticated client on the network to cause XAPI to hit its file-descriptor limit. This causes XAPI to be unable to accept new requests for other (trusted) clients, and blocks XAPI from carrying out any tasks that require the opening of file descriptors."
}
]
},
"impact": {
"impact_data": {
"description": {
"description_data": [
{
"lang": "eng",
"value": "An attacker is capable of blocking connections to the XAPI HTTP\ninterface, and also interrupt ongoing operations, causing a XAPI\ntoolstack Denial of Service. Such DoS would also affect any guests\nthat require toolstack actions."
}
]
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "unknown"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://xenbits.xenproject.org/xsa/advisory-413.txt",
"refsource": "MISC",
"name": "https://xenbits.xenproject.org/xsa/advisory-413.txt"
},
{
"refsource": "CONFIRM",
"name": "http://xenbits.xen.org/xsa/advisory-413.html",
"url": "http://xenbits.xen.org/xsa/advisory-413.html"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20221011 Xen Security Advisory 413 v2 (CVE-2022-33749) - XAPI open file limit DoS",
"url": "http://www.openwall.com/lists/oss-security/2022/10/11/4"
}
]
},
"workaround": {
"workaround_data": {
"description": {
"description_data": [
{
"lang": "eng",
"value": "Not exposing to untrusted clients the network interface XAPI is\nlistening on will prevent the issue."
}
]
}
}
}
}

89
2022/34xxx/CVE-2022-34334.json
View File

@ -1,17 +1,92 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-34334",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2022-10-08T00:00:00",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"impact": {
"cvssv3": {
"TM": {
"RL": "O",
"E": "U",
"RC": "C"
},
"BM": {
"I": "L",
"UI": "N",
"AC": "L",
"C": "L",
"A": "L",
"PR": "L",
"AV": "N",
"S": "U",
"SCORE": "6.300"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Gain Privileges",
"lang": "eng"
}
]
}
]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "Sterling Partner Engagement Manager",
"version": {
"version_data": [
{
"version_value": "6.1"
},
{
"version_value": "2.0"
}
]
}
}
]
}
}
]
}
},
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://www.ibm.com/support/pages/node/6828097",
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/pages/node/6828097",
"title": "IBM Security Bulletin 6828097 (Sterling Partner Engagement Manager)"
},
{
"name": "ibm-sterling-cve202234334-session-fixation (229704)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/229704",
"title": "X-Force Vulnerability Report"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "IBM Sterling Partner Engagement Manager 2.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 229704.",
"lang": "eng"
}
]
}

66
2022/34xxx/CVE-2022-34402.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2022-09-14",
"ID": "CVE-2022-34402",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Wyse Proprietary OS (Modern ThinOS)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "ThinOS 2208"
}
]
}
}
]
},
"vendor_name": "Dell"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Dell Wyse ThinOS 2205 contains a Regular Expression Denial of Service Vulnerability in UI. An admin privilege attacker could potentially exploit this vulnerability, leading to denial-of-service."
}
]
},
"impact": {
"cvss": {
"baseScore": 6.8,
"baseSeverity": "Medium",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-1333: Inefficient Regular Expression Complexity"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://www.dell.com/support/kbdoc/en-us/000203376/dsa-2022-247-dell-wyse-thinos-security-update-for-a-regular-expression-vulnerability",
"name": "https://www.dell.com/support/kbdoc/en-us/000203376/dsa-2022-247-dell-wyse-thinos-security-update-for-a-regular-expression-vulnerability"
}
]
}

66
2022/34xxx/CVE-2022-34425.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2022-09-15",
"ID": "CVE-2022-34425",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Enterprise SONiC OS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "4.0.2"
}
]
}
}
]
},
"vendor_name": "Dell"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Dell Enterprise SONiC OS, 4.0.0, 4.0.1, contain a cryptographic key vulnerability in SSH. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to unauthorized access to communication."
}
]
},
"impact": {
"cvss": {
"baseScore": 7.5,
"baseSeverity": "High",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-321: Use of Hard-coded Cryptographic Key"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://www.dell.com/support/kbdoc/en-us/000203395/dsa-2022-257-dell-emc-enterprise-sonic-security-update-for-ssh-cryptographic-key-vulnerability",
"name": "https://www.dell.com/support/kbdoc/en-us/000203395/dsa-2022-257-dell-emc-enterprise-sonic-security-update-for-ssh-cryptographic-key-vulnerability"
}
]
}

63
2022/35xxx/CVE-2022-35289.json
View File

@ -1,17 +1,68 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "cve-assign@fb.com",
"DATE_ASSIGNED": "2022-07-06",
"ID": "CVE-2022-35289",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Facebook",
"product": {
"product_data": [
{
"product_name": "Hermes",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "prior to commit 5b6255ae049fa4641791e47fad994e8e8c4da374"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A write-what-where condition in hermes caused by an integer overflow, prior to commit 5b6255ae049fa4641791e47fad994e8e8c4da374 allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted JavaScript. Hence, most React Native applications are not affected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-680: Integer Overflow to Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://github.com/facebook/hermes/commit/5b6255ae049fa4641791e47fad994e8e8c4da374",
"url": "https://github.com/facebook/hermes/commit/5b6255ae049fa4641791e47fad994e8e8c4da374"
},
{
"refsource": "CONFIRM",
"name": "https://www.facebook.com/security/advisories/CVE-2022-35289",
"url": "https://www.facebook.com/security/advisories/CVE-2022-35289"
}
]
}

95
2022/36xxx/CVE-2022-36063.json
View File

@ -1,18 +1,101 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-36063",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "USBX Host CDC ECM integer underflow with buffer overflow"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "usbx",
"version": {
"version_data": [
{
"version_value": "< 6.1.12"
}
]
}
}
]
},
"vendor_name": "azure-rtos"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Azure RTOS USBx is a USB host, device, and on-the-go (OTG) embedded stack, fully integrated with Azure RTOS ThreadX and available for all Azure RTOS ThreadX\u2013supported processors. Azure RTOS USBX implementation of host support for USB CDC ECM includes an integer underflow and a buffer overflow in the `_ux_host_class_cdc_ecm_mac_address_get` function which may be potentially exploited to achieve remote code execution or denial of service. Setting mac address string descriptor length to a `0` or `1` allows an attacker to introduce an integer underflow followed (string_length) by a buffer overflow of the `cdc_ecm -> ux_host_class_cdc_ecm_node_id` array. This may allow one to redirect the code execution flow or introduce a denial of service. The fix has been included in USBX release [6.1.12](https://github.com/azure-rtos/usbx/releases/tag/v6.1.12_rel). Improved mac address string descriptor length validation to check for unexpectedly small values may be used as a workaround."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121: Stack-based Buffer Overflow"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-191: Integer Underflow (Wrap or Wraparound)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/azure-rtos/usbx/security/advisories/GHSA-chpp-5fv9-6368",
"refsource": "CONFIRM",
"url": "https://github.com/azure-rtos/usbx/security/advisories/GHSA-chpp-5fv9-6368"
},
{
"name": "https://github.com/azure-rtos/usbx/blob/master/common/usbx_host_classes/src/ux_host_class_cdc_ecm_mac_address_get.c#L264",
"refsource": "MISC",
"url": "https://github.com/azure-rtos/usbx/blob/master/common/usbx_host_classes/src/ux_host_class_cdc_ecm_mac_address_get.c#L264"
},
{
"name": "https://github.com/azure-rtos/usbx/releases/tag/v6.1.12_rel",
"refsource": "MISC",
"url": "https://github.com/azure-rtos/usbx/releases/tag/v6.1.12_rel"
}
]
},
"source": {
"advisory": "GHSA-chpp-5fv9-6368",
"discovery": "UNKNOWN"
}
}

56
2022/36xxx/CVE-2022-36360.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-36360",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-36360",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "LOGO! 8 BM (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions < V8.3"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-345: Insufficient Verification of Data Authenticity"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). Affected devices load firmware updates without checking the authenticity. Furthermore the integrity of the unencrypted firmware is only verified by a non-cryptographic method. This could allow an attacker to manipulate a firmware update and flash it to the device."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-928782.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-928782.pdf"
}
]
}

56
2022/36xxx/CVE-2022-36361.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-36361",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-36361",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "LOGO! 8 BM (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions). Affected devices do not properly validate the structure of TCP packets in several methods. This could allow an attacker to cause buffer overflows, get control over the instruction counter and run custom code."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-955858.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-955858.pdf"
}
]
}

56
2022/36xxx/CVE-2022-36362.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-36362",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-36362",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "LOGO! 8 BM (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions). Affected devices do not conduct certain validations when interacting with them. This could allow an unauthenticated remote attacker to manipulate the devices IP address, which means the device would not be reachable and could only be recovered by power cycling the device."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-955858.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-955858.pdf"
}
]
}

56
2022/36xxx/CVE-2022-36363.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-36363",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-36363",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "LOGO! 8 BM (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-1285: Improper Validation of Specified Index, Position, or Offset in Input"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions). Affected devices do not properly validate an offset value which can be defined in TCP packets when calling a method. This could allow an attacker to retrieve parts of the content of the memory."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-955858.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-955858.pdf"
}
]
}

66
2022/37xxx/CVE-2022-37616.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-37616",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-37616",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A prototype pollution vulnerability exists in the function copy in dom.js in the xmldom (published as @xmldom/xmldom) package before 0.8.3 for Node.js via the p variable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/xmldom/xmldom/blob/bc36efddf9948aba15618f85dc1addfc2ac9d7b2/lib/dom.js#L1",
"refsource": "MISC",
"name": "https://github.com/xmldom/xmldom/blob/bc36efddf9948aba15618f85dc1addfc2ac9d7b2/lib/dom.js#L1"
},
{
"url": "https://github.com/xmldom/xmldom/blob/bc36efddf9948aba15618f85dc1addfc2ac9d7b2/lib/dom.js#L3",
"refsource": "MISC",
"name": "https://github.com/xmldom/xmldom/blob/bc36efddf9948aba15618f85dc1addfc2ac9d7b2/lib/dom.js#L3"
},
{
"refsource": "MISC",
"name": "https://github.com/xmldom/xmldom/issues/436",
"url": "https://github.com/xmldom/xmldom/issues/436"
}
]
}

56
2022/37xxx/CVE-2022-37864.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-37864",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-37864",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Solid Edge",
"version": {
"version_data": [
{
"version_value": "All Versions < SE2022MP9"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-122: Heap-based Buffer Overflow"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Solid Edge (All Versions < SE2022MP9). The affected application contains an out of bounds write past the fixed-length heap-based buffer while parsing specially crafted DWG files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17627)"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-258115.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-258115.pdf"
}
]
}

25
2022/37xxx/CVE-2022-37888.json
View File

@ -11,21 +11,36 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "Aruba Access Points: 100 Series; 103 Series; 110 Series; 120 Series; 130 Series; 200 Series; 207 Series; 210 Series; 220 Series; 260 Series; 300 Series; 303 Series; 310 Series; 318 Series Hardened Access Points; 320 Series; 330 Series; 340 Series; 370 Series; 500 Series; 510 Series; 530 Series; 550 Series; 630 Series; 650 Series;",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below"
},
{
"version_value": "Aruba InstantOS 6.5.x: 6.5.4.23 and below"
},
{
"version_value": "Aruba InstantOS 8.6.x: 8.6.0.18 and below"
},
{
"version_value": "Aruba InstantOS 8.7.x: 8.7.1.9 and below"
},
{
"version_value": "Aruba InstantOS 8.10.x: 8.10.0.1 and below"
},
{
"version_value": "ArubaOS 10.3.x: 10.3.1.0 and below"
}
]
}
}
]
},
"vendor_name": "n/a"
}
}
]
}
@ -36,7 +51,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Buffer Overflow Vulnerability"
}
]
}

81
2022/38xxx/CVE-2022-38371.json
View File

@ -1,17 +1,86 @@
{
"data_type": "CVE",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-38371",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-38371",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Nucleus NET",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "Nucleus ReadyStart V3",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "Nucleus Source Code",
"version": {
"version_data": [
{
"version_value": "Versions including affected FTP server"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400: Uncontrolled Resource Consumption"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions), Nucleus Source Code (Versions including affected FTP server). The FTP server does not properly release memory resources that were reserved for incomplete connection attempts by FTP clients. This could allow a remote attacker to generate a denial of service condition on devices that incorporate a vulnerable version of the FTP server."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-935500.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-935500.pdf"
},
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-313313.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-313313.pdf"
}
]
}

116
2022/38xxx/CVE-2022-38465.json
View File

@ -1,17 +1,121 @@
{
"data_type": "CVE",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-38465",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-38465",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "SIMATIC Drive Controller family",
"version": {
"version_data": [
{
"version_value": "All versions < V2.9.2"
}
]
}
},
{
"product_name": "SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions < V21.9"
}
]
}
},
{
"product_name": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions < V4.5.0"
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions < V2.9.2"
}
]
}
},
{
"product_name": "SIMATIC S7-1500 Software Controller",
"version": {
"version_data": [
{
"version_value": "All versions < V21.9"
}
]
}
},
{
"product_name": "SIMATIC S7-PLCSIM Advanced",
"version": {
"version_data": [
{
"version_value": "All versions < V4.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-522: Insufficiently Protected Credentials"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.5.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.9.2), SIMATIC S7-1500 Software Controller (All versions < V21.9), SIMATIC S7-PLCSIM Advanced (All versions < V4.0). Affected products protect the built-in global private key in a way that cannot be considered sufficient any longer. The key is used for the legacy protection of confidential configuration data and the legacy PG/PC and HMI communication. This could allow attackers to discover the private key of a CPU product family by an offline attack against a single CPU of the family. Attackers could then use this knowledge to extract confidential configuration data from projects that are protected by that key or to perform attacks against legacy PG/PC and HMI communication."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-568427.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-568427.pdf"
}
]
}

8
2022/39xxx/CVE-2022-39222.json
View File

@ -12,18 +12,18 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "dex",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "< 2.35.0"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "dexidp"
}
]
}
@ -61,7 +61,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
}
]
}

8
2022/39xxx/CVE-2022-39237.json
View File

@ -12,18 +12,18 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "sif",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "< 2.8.1"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "sylabs"
}
]
}
@ -61,7 +61,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-347: Improper Verification of Cryptographic Signature"
}
]
}

8
2022/39xxx/CVE-2022-39244.json
View File

@ -12,18 +12,18 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "pjproject",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "< 2.13"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "pjsip"
}
]
}
@ -61,7 +61,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"
}
]
}

8
2022/39xxx/CVE-2022-39265.json
View File

@ -12,18 +12,18 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "mybb",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "< 1.8.31"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "mybb"
}
]
}
@ -61,7 +61,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')"
}
]
}

8
2022/39xxx/CVE-2022-39269.json
View File

@ -12,18 +12,18 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "pjproject",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": ">= 2.11, < 2.13"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "pjsip"
}
]
}
@ -61,7 +61,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-319: Cleartext Transmission of Sensitive Information"
}
]
}

8
2022/39xxx/CVE-2022-39270.json
View File

@ -12,18 +12,18 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "DiscoTOC",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "< 2.1.0"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "discourse"
}
]
}
@ -61,7 +61,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
}
]
}

90
2022/39xxx/CVE-2022-39271.json
View File

@ -1,18 +1,96 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-39271",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Traefik HTTP/2 connections management could cause a denial of service"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "traefik",
"version": {
"version_data": [
{
"version_value": " < 2.8.8"
},
{
"version_value": ">= 2.9.0-rc1, < 2.9.0-rc5"
}
]
}
}
]
},
"vendor_name": "traefik"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Traefik (pronounced traffic) is a modern HTTP reverse proxy and load balancer that assists in deploying microservices. There is a potential vulnerability in Traefik managing HTTP/2 connections. A closing HTTP/2 server connection could hang forever because of a subsequent fatal error. This failure mode could be exploited to cause a denial of service. There has been a patch released in versions 2.8.8 and 2.9.0-rc5. There are currently no known workarounds."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400: Uncontrolled Resource Consumption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/traefik/traefik/security/advisories/GHSA-c6hx-pjc3-7fqr",
"refsource": "CONFIRM",
"url": "https://github.com/traefik/traefik/security/advisories/GHSA-c6hx-pjc3-7fqr"
},
{
"name": "https://github.com/traefik/traefik/releases/tag/v2.8.8",
"refsource": "MISC",
"url": "https://github.com/traefik/traefik/releases/tag/v2.8.8"
},
{
"name": "https://github.com/traefik/traefik/releases/tag/v2.9.0-rc5",
"refsource": "MISC",
"url": "https://github.com/traefik/traefik/releases/tag/v2.9.0-rc5"
}
]
},
"source": {
"advisory": "GHSA-c6hx-pjc3-7fqr",
"discovery": "UNKNOWN"
}
}

8
2022/39xxx/CVE-2022-39273.json
View File

@ -12,18 +12,18 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "flyteadmin",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "< 1.1.44"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "flyteorg"
}
]
}
@ -61,7 +61,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-798: Use of Hard-coded Credentials"
}
]
}

8
2022/39xxx/CVE-2022-39274.json
View File

@ -12,18 +12,18 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "LoRaMac-node",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "< 4.7.0"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "Lora-net"
}
]
}
@ -61,7 +61,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"
}
]
}

26
2022/39xxx/CVE-2022-39275.json
View File

@ -12,18 +12,36 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "saleor",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": ">= 2.0.0, < 3.1.24"
},
{
"version_value": ">= 3.2.0, < 3.2.14"
},
{
"version_value": ">= 3.3.0, < 3.3.26"
},
{
"version_value": ">= 3.4.0, < 3.4.24"
},
{
"version_value": ">= 3.5.0, < 3.5.23"
},
{
"version_value": ">= 3.6.0, < 3.6.18"
},
{
"version_value": ">= 3.7.0, < 3.7.17"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "saleor"
}
]
}
@ -61,7 +79,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-863: Incorrect Authorization"
}
]
}

8
2022/39xxx/CVE-2022-39279.json
View File

@ -12,18 +12,18 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "discourse-chat",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "< 0.9"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "discourse"
}
]
}
@ -61,7 +61,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
}
]
}

8
2022/39xxx/CVE-2022-39280.json
View File

@ -12,18 +12,18 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "dparse",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "< 0.5.2"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "pyupio"
}
]
}
@ -61,7 +61,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-400: Uncontrolled Resource Consumption"
}
]
}

8
2022/39xxx/CVE-2022-39284.json
View File

@ -12,18 +12,18 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "CodeIgniter4",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "< 4.2.7"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "codeigniter4"
}
]
}
@ -61,7 +61,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-665: Improper Initialization"
}
]
}

87
2022/39xxx/CVE-2022-39288.json
View File

@ -1,18 +1,93 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-39288",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Denial of service in Fastify via Content-Type header"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "fastify",
"version": {
"version_data": [
{
"version_value": ">= 4.0.0, < 4.8.1"
}
]
}
}
]
},
"vendor_name": "fastify"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "fastify is a fast and low overhead web framework, for Node.js. Affected versions of fastify are subject to a denial of service via malicious use of the Content-Type header. An attacker can send an invalid Content-Type header that can cause the application to crash. This issue has been addressed in commit `fbb07e8d` and will be included in release version 4.8.1. Users are advised to upgrade. Users unable to upgrade may manually filter out http content with malicious Content-Type headers."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-754: Improper Check for Unusual or Exceptional Conditions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/fastify/fastify/security/advisories/GHSA-455w-c45v-86rg",
"refsource": "CONFIRM",
"url": "https://github.com/fastify/fastify/security/advisories/GHSA-455w-c45v-86rg"
},
{
"name": "https://github.com/fastify/fastify/commit/fbb07e8dfad74c69cd4cd2211aedab87194618e3",
"refsource": "MISC",
"url": "https://github.com/fastify/fastify/commit/fbb07e8dfad74c69cd4cd2211aedab87194618e3"
},
{
"name": "https://github.com/fastify/fastify/security/policy",
"refsource": "MISC",
"url": "https://github.com/fastify/fastify/security/policy"
}
]
},
"source": {
"advisory": "GHSA-455w-c45v-86rg",
"discovery": "UNKNOWN"
}
}

8
2022/39xxx/CVE-2022-39292.json
View File

@ -12,18 +12,18 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "slack-morphism-rust",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "<= 1.3.0"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "abdolence"
}
]
}
@ -61,7 +61,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-1258: Exposure of Sensitive System Information Due to Uncleared Debug Information"
}
]
}

9
2022/3xxx/CVE-2022-3002.json
View File

@ -12,18 +12,19 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "yetiforcecompany/yetiforcecrm",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_affected": "<",
"version_value": "6.4.0"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "yetiforcecompany"
}
]
}
@ -61,7 +62,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
}
]
}

87
2022/3xxx/CVE-2022-3136.json
View File

@ -1,18 +1,75 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-3136",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2022-3136",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Social Rocket < 1.3.3 - Admin+ Stored Cross-Site Scripting"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Social Rocket Social Sharing Plugin",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.3.3",
"version_value": "1.3.3"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Social Rocket WordPress plugin before 1.3.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/913d7e78-23f6-4b0d-aca3-17051a2dc649",
"name": "https://wpscan.com/vulnerability/913d7e78-23f6-4b0d-aca3-17051a2dc649"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Asif Nawaz Minhas"
}
],
"source": {
"discovery": "EXTERNAL"
}
}

87
2022/3xxx/CVE-2022-3137.json
View File

@ -1,18 +1,75 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-3137",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2022-3137",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "TaskBuilder < 1.0.8 - Subscriber+ Stored XSS via SVG file upload"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Taskbuilder WordPress Project & Task Management plugin",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.0.8",
"version_value": "1.0.8"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Taskbuilder WordPress plugin before 1.0.8 does not validate and sanitise task's attachments, which could allow any authenticated user (such as subscriber) creating a task to perform Stored Cross-Site Scripting by attaching a malicious SVG file"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/524928d6-d4e9-4a2f-b410-46958da549d8",
"name": "https://wpscan.com/vulnerability/524928d6-d4e9-4a2f-b410-46958da549d8"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Rizacan Tufan"
}
],
"source": {
"discovery": "EXTERNAL"
}
}

111
2022/3xxx/CVE-2022-3154.json
View File

@ -1,18 +1,99 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-3154",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2022-3154",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Multiple Plugins from Viszt Peter - Multiple CSRF"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "TODO",
"product": {
"product_data": [
{
"product_name": "Woo Billingo Plus",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.4.5.4",
"version_value": "4.4.5.4"
}
]
}
},
{
"product_name": "Integration for Billingo & Gravity Forms",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.0.4",
"version_value": "1.0.4"
}
]
}
},
{
"product_name": "Integration for Szamlazz.hu & Gravity Forms",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.2.7",
"version_value": "1.2.7"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Woo Billingo Plus WordPress plugin before 4.4.5.4, Integration for Billingo & Gravity Forms WordPress plugin before 1.0.4, Integration for Szamlazz.hu & Gravity Forms WordPress plugin before 1.2.7 are lacking CSRF checks in various AJAX actions, which could allow attackers to make logged in Shop Managers and above perform unwanted actions, such as deactivate the plugin's license"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/cda978b2-b31f-495d-8601-0aaa3e4b45cd",
"name": "https://wpscan.com/vulnerability/cda978b2-b31f-495d-8601-0aaa3e4b45cd"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Lana Codes"
}
],
"source": {
"discovery": "EXTERNAL"
}
}

87
2022/3xxx/CVE-2022-3207.json
View File

@ -1,18 +1,75 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-3207",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2022-3207",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Simple File List < 4.4.12 - Admin+ Stored Cross-Site Scripting"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Simple File List",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.4.12",
"version_value": "4.4.12"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Simple File List WordPress plugin before 4.4.12 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/b57272ea-9a8a-482a-bbaa-5f202ca5b9aa",
"name": "https://wpscan.com/vulnerability/b57272ea-9a8a-482a-bbaa-5f202ca5b9aa"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Raad Haddad of Cloudyrion GmbH"
}
],
"source": {
"discovery": "EXTERNAL"
}
}

87
2022/3xxx/CVE-2022-3208.json
View File

@ -1,18 +1,75 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-3208",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2022-3208",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Simple File List < 4.4.13 - Page Creation via CSRF"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Simple File List",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.4.12",
"version_value": "4.4.12"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Simple File List WordPress plugin before 4.4.12 does not implement nonce checks, which could allow attackers to make a logged in admin create new page and change it's content via a CSRF attack."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/80d475ca-b475-4789-8eef-9c4d880853b7",
"name": "https://wpscan.com/vulnerability/80d475ca-b475-4789-8eef-9c4d880853b7"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Raad Haddad of Cloudyrion GmbH"
}
],
"source": {
"discovery": "EXTERNAL"
}
}

87
2022/3xxx/CVE-2022-3209.json
View File

@ -1,18 +1,75 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-3209",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2022-3209",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Soledad < 8.2.5 - Reflected Cross-site Scripting"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "soledad",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "8.2.5",
"version_value": "8.2.5"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The soledad WordPress theme before 8.2.5 does not sanitise the {id,datafilter[type],...} parameters in its penci_more_slist_post_ajax AJAX action, leading to a Reflected Cross-Site Scripting (XSS) vulnerability."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/7a244fb1-fa0b-4294-9b51-588bf5d673a2",
"name": "https://wpscan.com/vulnerability/7a244fb1-fa0b-4294-9b51-588bf5d673a2"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Truoc Phan"
}
],
"source": {
"discovery": "EXTERNAL"
}
}

87
2022/3xxx/CVE-2022-3220.json
View File

@ -1,18 +1,75 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-3220",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"CVE_data_meta": {
"ID": "CVE-2022-3220",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Advanced Comment Form < 1.2.1 - Admin+ Authenticated Stored XSS"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Advanced Comment Form",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.2.1",
"version_value": "1.2.1"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Advanced Comment Form WordPress plugin before 1.2.1 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/cb6f4953-e68b-48f3-a821-a1d77e5476ef",
"name": "https://wpscan.com/vulnerability/cb6f4953-e68b-48f3-a821-a1d77e5476ef"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Asif Nawaz Minhas"
}
],
"source": {
"discovery": "EXTERNAL"
}
}

76
2022/3xxx/CVE-2022-3358.json
View File

@ -1,17 +1,81 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "openssl-security@openssl.org",
"DATE_PUBLIC": "2022-09-29",
"ID": "CVE-2022-3358",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Using a Custom Cipher with NID_undef may lead to NULL encryption"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OpenSSL",
"version": {
"version_data": [
{
"version_value": "Fixed in OpenSSL 3.0.6 (Affected 3.0.0-3.0.5)"
}
]
}
}
]
},
"vendor_name": "OpenSSL"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Chris Rapier (Pittsburgh Supercomputing Center)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "OpenSSL supports creating a custom cipher via the legacy EVP_CIPHER_meth_new() function and associated function calls. This function was deprecated in OpenSSL 3.0 and application authors are instead encouraged to use the new provider mechanism in order to implement custom ciphers. OpenSSL versions 3.0.0 to 3.0.5 incorrectly handle legacy custom ciphers passed to the EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2() and EVP_CipherInit_ex2() functions (as well as other similarly named encryption and decryption initialisation functions). Instead of using the custom cipher directly it incorrectly tries to fetch an equivalent cipher from the available providers. An equivalent cipher is found based on the NID passed to EVP_CIPHER_meth_new(). This NID is supposed to represent the unique NID for a given cipher. However it is possible for an application to incorrectly pass NID_undef as this value in the call to EVP_CIPHER_meth_new(). When NID_undef is used in this way the OpenSSL encryption/decryption initialisation function will match the NULL cipher as being equivalent and will fetch this from the available providers. This will succeed if the default provider has been loaded (or if a third party provider has been loaded that offers this cipher). Using the NULL cipher means that the plaintext is emitted as the ciphertext. Applications are only affected by this issue if they call EVP_CIPHER_meth_new() using NID_undef and subsequently use it in a call to an encryption/decryption initialisation function. Applications that only use SSL/TLS are not impacted by this issue. Fixed in OpenSSL 3.0.6 (Affected 3.0.0-3.0.5)."
}
]
},
"impact": [
{
"lang": "eng",
"url": "https://www.openssl.org/policies/secpolicy.html#Low",
"value": "Low"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NULL encryption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openssl.org/news/secadv/20221011.txt",
"refsource": "CONFIRM",
"url": "https://www.openssl.org/news/secadv/20221011.txt"
},
{
"name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=5485c56679d7c49b96e8fc8ca708b0b7e7c03c4b",
"refsource": "CONFIRM",
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=5485c56679d7c49b96e8fc8ca708b0b7e7c03c4b"
}
]
}

50
2022/3xxx/CVE-2022-3433.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-3433",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "aeson",
"version": {
"version_data": [
{
"version_value": "Fixed in 2.0.1.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-328->CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://cs-syd.eu/posts/2021-09-11-json-vulnerability",
"url": "https://cs-syd.eu/posts/2021-09-11-json-vulnerability"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The aeson library is not safe to use to consume untrusted JSON input. A remote user could abuse this flaw to produce a hash collision in the underlying unordered-containers library by sending specially crafted JSON data, resulting in a denial of service."
}
]
}

18
2022/3xxx/CVE-2022-3445.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-3445",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/3xxx/CVE-2022-3446.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-3446",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/3xxx/CVE-2022-3447.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-3447",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/3xxx/CVE-2022-3448.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-3448",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/3xxx/CVE-2022-3449.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-3449",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/3xxx/CVE-2022-3450.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-3450",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/3xxx/CVE-2022-3451.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-3451",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/3xxx/CVE-2022-3452.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-3452",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/3xxx/CVE-2022-3453.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-3453",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

63
2022/40xxx/CVE-2022-40138.json
View File

@ -1,17 +1,68 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "cve-assign@fb.com",
"DATE_ASSIGNED": "2022-09-06",
"ID": "CVE-2022-40138",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Facebook",
"product": {
"product_data": [
{
"product_name": "Hermes",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "commit prior to 6aa825e480d48127b480b08d13adf70033237097"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An integer conversion error in Hermes bytecode generation, prior to commit 6aa825e480d48127b480b08d13adf70033237097, could have been used to perform Out-Of-Bounds operations and subsequently execute arbitrary code. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-681: Incorrect Conversion between Numeric Types"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://github.com/facebook/hermes/commit/6aa825e480d48127b480b08d13adf70033237097",
"url": "https://github.com/facebook/hermes/commit/6aa825e480d48127b480b08d13adf70033237097"
},
{
"refsource": "CONFIRM",
"name": "https://www.facebook.com/security/advisories/CVE-2022-40138",
"url": "https://www.facebook.com/security/advisories/CVE-2022-40138"
}
]
}

56
2022/40xxx/CVE-2022-40147.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-40147",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40147",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Industrial Edge Management",
"version": {
"version_data": [
{
"version_value": "All versions < V1.5.1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-295: Improper Certificate Validation"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Industrial Edge Management (All versions < V1.5.1). The affected software does not properly validate the server certificate when initiating a TLS connection. This could allow an attacker to spoof a trusted entity by interfering in the communication path between the client and the intended server."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-649853.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-649853.pdf"
}
]
}

146
2022/40xxx/CVE-2022-40176.json
View File

@ -1,17 +1,151 @@
{
"data_type": "CVE",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-40176",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40176",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Desigo PXM30-1",
"version": {
"version_data": [
{
"version_value": "All versions < V02.20.126.11-41"
}
]
}
},
{
"product_name": "Desigo PXM30.E",
"version": {
"version_data": [
{
"version_value": "All versions < V02.20.126.11-41"
}
]
}
},
{
"product_name": "Desigo PXM40-1",
"version": {
"version_data": [
{
"version_value": "All versions < V02.20.126.11-41"
}
]
}
},
{
"product_name": "Desigo PXM40.E",
"version": {
"version_data": [
{
"version_value": "All versions < V02.20.126.11-41"
}
]
}
},
{
"product_name": "Desigo PXM50-1",
"version": {
"version_data": [
{
"version_value": "All versions < V02.20.126.11-41"
}
]
}
},
{
"product_name": "Desigo PXM50.E",
"version": {
"version_data": [
{
"version_value": "All versions < V02.20.126.11-41"
}
]
}
},
{
"product_name": "PXG3.W100-1",
"version": {
"version_data": [
{
"version_value": "All versions < V02.20.126.11-37"
}
]
}
},
{
"product_name": "PXG3.W100-2",
"version": {
"version_data": [
{
"version_value": "All versions < V02.20.126.11-41"
}
]
}
},
{
"product_name": "PXG3.W200-1",
"version": {
"version_data": [
{
"version_value": "All versions < V02.20.126.11-37"
}
]
}
},
{
"product_name": "PXG3.W200-2",
"version": {
"version_data": [
{
"version_value": "All versions < V02.20.126.11-41"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Desigo PXM30-1 (All versions < V02.20.126.11-41), Desigo PXM30.E (All versions < V02.20.126.11-41), Desigo PXM40-1 (All versions < V02.20.126.11-41), Desigo PXM40.E (All versions < V02.20.126.11-41), Desigo PXM50-1 (All versions < V02.20.126.11-41), Desigo PXM50.E (All versions < V02.20.126.11-41), PXG3.W100-1 (All versions < V02.20.126.11-37), PXG3.W100-2 (All versions < V02.20.126.11-41), PXG3.W200-1 (All versions < V02.20.126.11-37), PXG3.W200-2 (All versions < V02.20.126.11-41). There exists an Improper Neutralization of Special Elements used in an OS Command with root privileges during a restore operation due to the missing validation of the names of files included in the input package. By restoring a specifically crafted package, a remote low-privileged attacker can execute arbitrary system commands with root privileges on the device, leading to a full compromise."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf"
}
]
}

146
2022/40xxx/CVE-2022-40177.json
View File

@ -1,17 +1,151 @@
{
"data_type": "CVE",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-40177",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40177",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Desigo PXM30-1",
"version": {
"version_data": [
{
"version_value": "All versions < V02.20.126.11-41"
}
]
}
},
{
"product_name": "Desigo PXM30.E",
"version": {
"version_data": [
{
"version_value": "All versions < V02.20.126.11-41"
}
]
}
},
{
"product_name": "Desigo PXM40-1",
"version": {
"version_data": [
{
"version_value": "All versions < V02.20.126.11-41"
}
]
}
},
{
"product_name": "Desigo PXM40.E",
"version": {
"version_data": [
{
"version_value": "All versions < V02.20.126.11-41"
}
]
}
},
{
"product_name": "Desigo PXM50-1",
"version": {
"version_data": [
{
"version_value": "All versions < V02.20.126.11-41"
}
]
}
},
{
"product_name": "Desigo PXM50.E",
"version": {
"version_data": [
{
"version_value": "All versions < V02.20.126.11-41"
}
]
}
},
{
"product_name": "PXG3.W100-1",
"version": {
"version_data": [
{
"version_value": "All versions < V02.20.126.11-37"
}
]
}
},
{
"product_name": "PXG3.W100-2",
"version": {
"version_data": [
{
"version_value": "All versions < V02.20.126.11-41"
}
]
}
},
{
"product_name": "PXG3.W200-1",
"version": {
"version_data": [
{
"version_value": "All versions < V02.20.126.11-37"
}
]
}
},
{
"product_name": "PXG3.W200-2",
"version": {
"version_data": [
{
"version_value": "All versions < V02.20.126.11-41"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Desigo PXM30-1 (All versions < V02.20.126.11-41), Desigo PXM30.E (All versions < V02.20.126.11-41), Desigo PXM40-1 (All versions < V02.20.126.11-41), Desigo PXM40.E (All versions < V02.20.126.11-41), Desigo PXM50-1 (All versions < V02.20.126.11-41), Desigo PXM50.E (All versions < V02.20.126.11-41), PXG3.W100-1 (All versions < V02.20.126.11-37), PXG3.W100-2 (All versions < V02.20.126.11-41), PXG3.W200-1 (All versions < V02.20.126.11-37), PXG3.W200-2 (All versions < V02.20.126.11-41). Endpoints of the \u201cOperation\u201d web application that interpret and execute Axon language queries allow file read access to the device file system with root privileges. By supplying specific I/O related Axon queries, a remote low-privileged attacker can read sensitive files on the device."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf"
}
]
}

Some files were not shown because too many files have changed in this diff Show More