From 813632b575d6b57e73a5f1b9d938a87c930021cd Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 16 Sep 2022 20:00:35 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2017/20xxx/CVE-2017-20047.json | 121 +-------------------------------- 2020/25xxx/CVE-2020-25491.json | 56 +++++++++++++-- 2022/35xxx/CVE-2022-35952.json | 2 +- 2022/38xxx/CVE-2022-38611.json | 56 +++++++++++++-- 4 files changed, 104 insertions(+), 131 deletions(-) diff --git a/2017/20xxx/CVE-2017-20047.json b/2017/20xxx/CVE-2017-20047.json index 17833e08e7c..8d4dcecdea2 100644 --- a/2017/20xxx/CVE-2017-20047.json +++ b/2017/20xxx/CVE-2017-20047.json @@ -4,129 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2017-20047", - "TITLE": "AXIS P1204/P3225/P3367/M3045/M3005/M3007 cross site scripting", - "REQUESTER": "cna@vuldb.com", - "ASSIGNER": "product-security@axis.com", - "STATE": "PUBLIC" - }, - "generator": "vuldb.com", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "AXIS", - "product": { - "product_data": [ - { - "product_name": "P1204", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - }, - { - "product_name": "P3225", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - }, - { - "product_name": "P3367", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - }, - { - "product_name": "M3045", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - }, - { - "product_name": "M3005", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - }, - { - "product_name": "M3007", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-79 Cross Site Scripting" - } - ] - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "A vulnerability classified as problematic was found in AXIS P1204, P3225, P3367, M3045, M3005 and M3007. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component." - } - ] - }, - "credit": "David Wearing", - "impact": { - "cvss": { - "version": "3.1", - "baseScore": "4.3", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" - } - }, - "references": { - "reference_data": [ - { - "url": "http://seclists.org/fulldisclosure/2017/Mar/41", - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2017/Mar/41" - }, - { - "url": "https://seclists.org/fulldisclosure/2017/Mar/41", - "refsource": "MISC", - "name": "https://seclists.org/fulldisclosure/2017/Mar/41" - }, - { - "url": "https://vuldb.com/?id.98911", - "refsource": "MISC", - "name": "https://vuldb.com/?id.98911" + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This CVE has been rejected as out of scope in accordance to the Vulnerability Policy of Axis: https://www.axis.com/dam/public/76/fe/26/axis-vulnerability-management-policy-en-US-375421.pdf. Notes: none." } ] } diff --git a/2020/25xxx/CVE-2020-25491.json b/2020/25xxx/CVE-2020-25491.json index fa3c262b240..a45d0070617 100644 --- a/2020/25xxx/CVE-2020-25491.json +++ b/2020/25xxx/CVE-2020-25491.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-25491", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-25491", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "6Kare Emakin 5.0.341.0 is affected by Cross Site Scripting (XSS) via the /rpc/membership/setProfile DisplayName field, which is mishandled when rendering the Activity Stream page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://gist.github.com/mhmtayberk/969add4b6c77f122a3a3a0cb00e2975b", + "url": "https://gist.github.com/mhmtayberk/969add4b6c77f122a3a3a0cb00e2975b" } ] } diff --git a/2022/35xxx/CVE-2022-35952.json b/2022/35xxx/CVE-2022-35952.json index c1604822bce..5136a0c5e1e 100644 --- a/2022/35xxx/CVE-2022-35952.json +++ b/2022/35xxx/CVE-2022-35952.json @@ -41,7 +41,7 @@ "description_data": [ { "lang": "eng", - "value": "TensorFlow is an open source platform for machine learning. The `UnbatchGradOp` function takes an argument `id` that is assumed to be a scalar. A nonscalar `id` can trigger a `CHECK` failure and crash the program. It also requires its argument `batch_index` to contain three times the number of elements as indicated in its `batch_index.dim_size(0)`. An incorrect `batch_index` can trigger a `CHECK` failure and crash the program. We have patched the issue in GitHub commit 5f945fc6409a3c1e90d6970c9292f805f6e6ddf2. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.\n" + "value": "TensorFlow is an open source platform for machine learning. The `UnbatchGradOp` function takes an argument `id` that is assumed to be a scalar. A nonscalar `id` can trigger a `CHECK` failure and crash the program. It also requires its argument `batch_index` to contain three times the number of elements as indicated in its `batch_index.dim_size(0)`. An incorrect `batch_index` can trigger a `CHECK` failure and crash the program. We have patched the issue in GitHub commit 5f945fc6409a3c1e90d6970c9292f805f6e6ddf2. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue." } ] }, diff --git a/2022/38xxx/CVE-2022-38611.json b/2022/38xxx/CVE-2022-38611.json index 45f8697481d..fd664e6c76a 100644 --- a/2022/38xxx/CVE-2022-38611.json +++ b/2022/38xxx/CVE-2022-38611.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-38611", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-38611", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Incorrect access control in Watchdog Anti-Virus v1.4.158 allows attackers to perform a DLL hijacking attack and execute arbitrary code via a crafted binary." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://gist.github.com/dru1d-foofus/835423de77c3522d53b9e7bdf5a28dfe", + "refsource": "MISC", + "name": "https://gist.github.com/dru1d-foofus/835423de77c3522d53b9e7bdf5a28dfe" } ] }