diff --git a/2020/28xxx/CVE-2020-28246.json b/2020/28xxx/CVE-2020-28246.json index 6112dfd32b4..15f9aa1a8a5 100644 --- a/2020/28xxx/CVE-2020-28246.json +++ b/2020/28xxx/CVE-2020-28246.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-28246", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-28246", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A Server-Side Template Injection (SSTI) was discovered in Form.io 2.0.0. This leads to Remote Code Execution during deletion of the default Email template URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/formio/formio", + "refsource": "MISC", + "name": "https://github.com/formio/formio" + }, + { + "refsource": "MISC", + "name": "https://github.com/formio/enterprise-release/blob/master/API-Server-Change-Log.md", + "url": "https://github.com/formio/enterprise-release/blob/master/API-Server-Change-Log.md" } ] } diff --git a/2021/36xxx/CVE-2021-36866.json b/2021/36xxx/CVE-2021-36866.json index fb6c93bf34a..8ee6a2d4206 100644 --- a/2021/36xxx/CVE-2021-36866.json +++ b/2021/36xxx/CVE-2021-36866.json @@ -1,18 +1,105 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "audit@patchstack.com", + "DATE_PUBLIC": "2022-05-27T13:43:00.000Z", "ID": "CVE-2021-36866", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "WordPress Easy Pricing Tables plugin <= 3.1.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Easy Pricing Tables (WordPress plugin)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "<= 3.1.2", + "version_value": "3.1.2" + } + ] + } + } + ] + }, + "vendor_name": "Fatcat Apps" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "Vulnerability discovered by Ngo Van Thien (Patchstack Alliance)" + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Authenticated (author or higher role) Stored Cross-Site Scripting (XSS) vulnerability in Fatcat Apps Easy Pricing Tables plugin <= 3.1.2 at WordPress." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "HIGH", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-site Scripting (XSS)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://wordpress.org/plugins/easy-pricing-tables/#developers", + "refsource": "CONFIRM", + "url": "https://wordpress.org/plugins/easy-pricing-tables/#developers" + }, + { + "name": "https://patchstack.com/database/vulnerability/easy-pricing-tables/wordpress-easy-pricing-tables-plugin-3-1-2-authenticated-stored-cross-site-scripting-xss-vulnerability", + "refsource": "CONFIRM", + "url": "https://patchstack.com/database/vulnerability/easy-pricing-tables/wordpress-easy-pricing-tables-plugin-3-1-2-authenticated-stored-cross-site-scripting-xss-vulnerability" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "Update to 3.1.3 or higher version." + } + ], + "source": { + "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36890.json b/2021/36xxx/CVE-2021-36890.json index 818545dd17b..cf978ff0836 100644 --- a/2021/36xxx/CVE-2021-36890.json +++ b/2021/36xxx/CVE-2021-36890.json @@ -1,18 +1,105 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "audit@patchstack.com", + "DATE_PUBLIC": "2022-05-27T13:59:00.000Z", "ID": "CVE-2021-36890", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "WordPress Social Share Buttons by Supsystic plugin <= 2.2.2 - Cross-Site Request Forgery (CSRF) vulnerability" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Social Share Buttons by Supsystic (WordPress plugin)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "<= 2.2.2", + "version_value": "2.2.2" + } + ] + } + } + ] + }, + "vendor_name": "supsystic.com" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "Vulnerability discovered by Rasi Afeef (Patchstack Alliance)" + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Social Share Buttons by Supsystic plugin <= 2.2.2 at WordPress." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-352 Cross-Site Request Forgery (CSRF)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://wordpress.org/plugins/social-share-buttons-by-supsystic/", + "refsource": "CONFIRM", + "url": "https://wordpress.org/plugins/social-share-buttons-by-supsystic/" + }, + { + "name": "https://patchstack.com/database/vulnerability/social-share-buttons-by-supsystic/wordpress-social-share-buttons-by-supsystic-plugin-2-2-2-cross-site-request-forgery-csrf-vulnerability", + "refsource": "CONFIRM", + "url": "https://patchstack.com/database/vulnerability/social-share-buttons-by-supsystic/wordpress-social-share-buttons-by-supsystic-plugin-2-2-2-cross-site-request-forgery-csrf-vulnerability" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "Deactivate and delete. No reply from the vendor. Plugin closed, closure is temporary, pending a full review." + } + ], + "source": { + "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2021/37xxx/CVE-2021-37149.json b/2021/37xxx/CVE-2021-37149.json index aabccda69b2..c1ce17a5a71 100644 --- a/2021/37xxx/CVE-2021-37149.json +++ b/2021/37xxx/CVE-2021-37149.json @@ -69,6 +69,11 @@ "refsource": "MISC", "url": "https://lists.apache.org/thread/k01797hyncx53659wr3o72s5cvkc3164", "name": "https://lists.apache.org/thread/k01797hyncx53659wr3o72s5cvkc3164" + }, + { + "refsource": "DEBIAN", + "name": "DSA-5153", + "url": "https://www.debian.org/security/2022/dsa-5153" } ] }, diff --git a/2021/42xxx/CVE-2021-42872.json b/2021/42xxx/CVE-2021-42872.json index b4ea0d763e7..3215748f4c9 100644 --- a/2021/42xxx/CVE-2021-42872.json +++ b/2021/42xxx/CVE-2021-42872.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-42872", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-42872", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "TOTOLINK EX1200T V4.1.2cu.5215 is affected by a command injection vulnerability that can remotely execute arbitrary code." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://totolink.net/", + "refsource": "MISC", + "name": "http://totolink.net/" + }, + { + "url": "http://ex1200t.com", + "refsource": "MISC", + "name": "http://ex1200t.com" + }, + { + "url": "https://github.com/p1Kk/vuln/blob/main/totolink_ex1200t_NoticeUrl_rce4.md", + "refsource": "MISC", + "name": "https://github.com/p1Kk/vuln/blob/main/totolink_ex1200t_NoticeUrl_rce4.md" } ] } diff --git a/2021/43xxx/CVE-2021-43512.json b/2021/43xxx/CVE-2021-43512.json index 83aeab06530..e4009f3bf84 100644 --- a/2021/43xxx/CVE-2021-43512.json +++ b/2021/43xxx/CVE-2021-43512.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-43512", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-43512", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in FlightRadar24 v8.9.0, v8.10.0, v8.10.2, v8.10.3, v8.10.4 for Android, allows attackers to cause unspecified consequences due to being able to decompile a local application and extract their API keys." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.flightradar24.com", + "refsource": "MISC", + "name": "https://www.flightradar24.com" + }, + { + "url": "https://www.flightradar24.com.aa", + "refsource": "MISC", + "name": "https://www.flightradar24.com.aa" + }, + { + "refsource": "MISC", + "name": "https://medium.com/@janmejayaswainofficial/advisory-of-cve-2021-43512-5e54e6a93101", + "url": "https://medium.com/@janmejayaswainofficial/advisory-of-cve-2021-43512-5e54e6a93101" } ] } diff --git a/2021/44xxx/CVE-2021-44040.json b/2021/44xxx/CVE-2021-44040.json index b3f06da794c..4d3fd790634 100644 --- a/2021/44xxx/CVE-2021-44040.json +++ b/2021/44xxx/CVE-2021-44040.json @@ -69,6 +69,11 @@ "refsource": "MISC", "url": "https://lists.apache.org/thread/zblwzcfs9ryhwjr89wz4osw55pxm6dx6", "name": "https://lists.apache.org/thread/zblwzcfs9ryhwjr89wz4osw55pxm6dx6" + }, + { + "refsource": "DEBIAN", + "name": "DSA-5153", + "url": "https://www.debian.org/security/2022/dsa-5153" } ] }, diff --git a/2021/44xxx/CVE-2021-44095.json b/2021/44xxx/CVE-2021-44095.json index 83bb0624b71..7de7ba062e3 100644 --- a/2021/44xxx/CVE-2021-44095.json +++ b/2021/44xxx/CVE-2021-44095.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-44095", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-44095", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Project Worlds Official Hospital Management System in php 1.0 is vulnerable to SQL Injection on login page organization. \u00b6\u00b6 A SQL injection vulnerability exists in ProjectWorlds Hospital Management System in php 1.0 on login page that allows a remote attacker to compromise Application SQL database." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/projectworldsofficial/hospital-management-system-in-php", + "refsource": "MISC", + "name": "https://github.com/projectworldsofficial/hospital-management-system-in-php" + }, + { + "url": "https://github.com/projectworldsofficial/hospital-management-system-in-php/issues/1", + "refsource": "MISC", + "name": "https://github.com/projectworldsofficial/hospital-management-system-in-php/issues/1" + }, + { + "refsource": "MISC", + "name": "https://medium.com/@shubhamvpandey/cve-2021-44095-481059d14470", + "url": "https://medium.com/@shubhamvpandey/cve-2021-44095-481059d14470" } ] } diff --git a/2021/44xxx/CVE-2021-44096.json b/2021/44xxx/CVE-2021-44096.json index 8240087b720..965ea775919 100644 --- a/2021/44xxx/CVE-2021-44096.json +++ b/2021/44xxx/CVE-2021-44096.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-44096", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-44096", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "EGavilan Media User-Registration-and-Login-System-With-Admin-Panel 1.0 is vulnerable to SQL Injection via profile_action - update_user. This allows a remote attacker to compromise Application SQL database." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/EGavilan-Media/User-Registration-and-Login-System-With-Admin-Panel/issues/2", + "refsource": "MISC", + "name": "https://github.com/EGavilan-Media/User-Registration-and-Login-System-With-Admin-Panel/issues/2" + }, + { + "refsource": "MISC", + "name": "https://medium.com/@shubhamvpandey/cve-2021-44096-c8874ee47656", + "url": "https://medium.com/@shubhamvpandey/cve-2021-44096-c8874ee47656" } ] } diff --git a/2021/44xxx/CVE-2021-44097.json b/2021/44xxx/CVE-2021-44097.json index 2a6e46e2e31..d67b6aa24b3 100644 --- a/2021/44xxx/CVE-2021-44097.json +++ b/2021/44xxx/CVE-2021-44097.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-44097", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-44097", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "EGavilan Media Contact-Form-With-Messages-Entry-Management 1.0 is vulnerable to SQL Injection via Addmessage.php. This allows a remote attacker to compromise Application SQL database." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/EGavilan-Media/Contact-Form-With-Messages-Entry-Management/issues/1", + "refsource": "MISC", + "name": "https://github.com/EGavilan-Media/Contact-Form-With-Messages-Entry-Management/issues/1" + }, + { + "refsource": "MISC", + "name": "https://medium.com/@shubhamvpandey/cve-2021-44097-d51c11258571", + "url": "https://medium.com/@shubhamvpandey/cve-2021-44097-d51c11258571" } ] } diff --git a/2021/44xxx/CVE-2021-44098.json b/2021/44xxx/CVE-2021-44098.json index 2eb9a382720..f6abe764f57 100644 --- a/2021/44xxx/CVE-2021-44098.json +++ b/2021/44xxx/CVE-2021-44098.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-44098", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-44098", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "EGavilan Media Expense-Management-System 1.0 is vulnerable to SQL Injection via /expense_action.php. This allows a remote attacker to compromise Application SQL database." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/EGavilan-Media/Expense-Management-System/issues/1", + "refsource": "MISC", + "name": "https://github.com/EGavilan-Media/Expense-Management-System/issues/1" + }, + { + "refsource": "MISC", + "name": "https://medium.com/@shubhamvpandey/cve-2021-44098-8dbaced8b854", + "url": "https://medium.com/@shubhamvpandey/cve-2021-44098-8dbaced8b854" } ] } diff --git a/2022/1xxx/CVE-2022-1215.json b/2022/1xxx/CVE-2022-1215.json index 2ee7fd3162c..3d5f4ec3135 100644 --- a/2022/1xxx/CVE-2022-1215.json +++ b/2022/1xxx/CVE-2022-1215.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-1215", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "libinput", + "version": { + "version_data": [ + { + "version_value": "libinput 1.10 and above" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-134" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://seclists.org/oss-sec/2022/q2/47", + "url": "https://seclists.org/oss-sec/2022/q2/47" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A format string vulnerability was found in libinput" } ] } diff --git a/2022/1xxx/CVE-2022-1660.json b/2022/1xxx/CVE-2022-1660.json index b97d1f19571..bc7d5d5d476 100644 --- a/2022/1xxx/CVE-2022-1660.json +++ b/2022/1xxx/CVE-2022-1660.json @@ -1,18 +1,101 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "DATE_PUBLIC": "2022-05-26T17:11:00.000Z", "ID": "CVE-2022-1660", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Keysight N6854A Geolocation server and N6841A RF Sensor software" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "N6854A Geolocation server and N6841A RF Sensor software", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "all", + "version_value": "2.3.0" + } + ] + } + } + ] + }, + "vendor_name": "Keysight" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "rgod, working with Trend Micro\u2019s Zero Day Initiative, reported these vulnerabilities to CISA." + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The affected products are vulnerable of untrusted data due to deserialization without prior authorization/authentication, which may allow an attacker to remotely execute arbitrary code." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-502 Deserialization of Untrusted Data" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-146-01", + "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-146-01" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "Keysight recommends users update N6854A and N6841A RF to v2.4.0 or later.\n\nKeysight also recommends users take the following actions to help reduce risk:\nBlock incoming connection on TCP port number defined by environment variable KEYSIGHT_SMS_PORT (default: 8080)" + } + ], + "source": { + "advisory": "ICSA-22-146-01", + "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1661.json b/2022/1xxx/CVE-2022-1661.json index 20f78dfb6de..839b5043651 100644 --- a/2022/1xxx/CVE-2022-1661.json +++ b/2022/1xxx/CVE-2022-1661.json @@ -1,18 +1,101 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "DATE_PUBLIC": "2022-05-26T17:11:00.000Z", "ID": "CVE-2022-1661", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Keysight N6854A Geolocation server and N6841A RF Sensor software" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "N6854A Geolocation server and N6841A RF Sensor software", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "all", + "version_value": "2.3.0" + } + ] + } + } + ] + }, + "vendor_name": "Keysight" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "rgod, working with Trend Micro\u2019s Zero Day Initiative, reported these vulnerabilities to CISA." + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The affected products are vulnerable to directory traversal, which may allow an attacker to obtain arbitrary operating system files." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-23 Relative Path Traversal" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-146-01", + "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-146-01" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "Keysight recommends users update N6854A and N6841A RF to v2.4.0 or later.\n\nKeysight also recommends users take the following actions to help reduce risk:\nBlock incoming connection on TCP port number defined by environment variable KEYSIGHT_SMS_PORT (default: 8080)" + } + ], + "source": { + "advisory": "ICSA-22-146-01", + "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1942.json b/2022/1xxx/CVE-2022-1942.json index 36db913de96..a32c045e4ff 100644 --- a/2022/1xxx/CVE-2022-1942.json +++ b/2022/1xxx/CVE-2022-1942.json @@ -1,18 +1,89 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "security@huntr.dev", "ID": "CVE-2022-1942", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Heap-based Buffer Overflow in vim/vim" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "vim/vim", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "8.2" + } + ] + } + } + ] + }, + "vendor_name": "vim" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2." } ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-122 Heap-based Buffer Overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://huntr.dev/bounties/67ca4d3b-9175-43c1-925c-72a7091bc071", + "refsource": "CONFIRM", + "url": "https://huntr.dev/bounties/67ca4d3b-9175-43c1-925c-72a7091bc071" + }, + { + "name": "https://github.com/vim/vim/commit/71223e2db87c2bf3b09aecb46266b56cda26191d", + "refsource": "MISC", + "url": "https://github.com/vim/vim/commit/71223e2db87c2bf3b09aecb46266b56cda26191d" + } + ] + }, + "source": { + "advisory": "67ca4d3b-9175-43c1-925c-72a7091bc071", + "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1952.json b/2022/1xxx/CVE-2022-1952.json new file mode 100644 index 00000000000..0422a624553 --- /dev/null +++ b/2022/1xxx/CVE-2022-1952.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1952", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1953.json b/2022/1xxx/CVE-2022-1953.json new file mode 100644 index 00000000000..41865d80f68 --- /dev/null +++ b/2022/1xxx/CVE-2022-1953.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1953", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1954.json b/2022/1xxx/CVE-2022-1954.json new file mode 100644 index 00000000000..e3fda643b9d --- /dev/null +++ b/2022/1xxx/CVE-2022-1954.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1954", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1955.json b/2022/1xxx/CVE-2022-1955.json new file mode 100644 index 00000000000..2b23acfb677 --- /dev/null +++ b/2022/1xxx/CVE-2022-1955.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1955", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1956.json b/2022/1xxx/CVE-2022-1956.json new file mode 100644 index 00000000000..a4858da3b5d --- /dev/null +++ b/2022/1xxx/CVE-2022-1956.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1956", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1957.json b/2022/1xxx/CVE-2022-1957.json new file mode 100644 index 00000000000..d85baa86877 --- /dev/null +++ b/2022/1xxx/CVE-2022-1957.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1957", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1958.json b/2022/1xxx/CVE-2022-1958.json new file mode 100644 index 00000000000..d0950694e25 --- /dev/null +++ b/2022/1xxx/CVE-2022-1958.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1958", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1959.json b/2022/1xxx/CVE-2022-1959.json new file mode 100644 index 00000000000..32e68a545dc --- /dev/null +++ b/2022/1xxx/CVE-2022-1959.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1959", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1960.json b/2022/1xxx/CVE-2022-1960.json new file mode 100644 index 00000000000..c472d77b529 --- /dev/null +++ b/2022/1xxx/CVE-2022-1960.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1960", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/23xxx/CVE-2022-23082.json b/2022/23xxx/CVE-2022-23082.json index 9dc3fb4cf1f..29138a12e94 100644 --- a/2022/23xxx/CVE-2022-23082.json +++ b/2022/23xxx/CVE-2022-23082.json @@ -1,6 +1,6 @@ { "CVE_data_meta": { - "ASSIGNER": "vulnerabilitylab@mend.io", + "ASSIGNER": "vulnerabilitylab@whitesourcesoftware.com", "DATE_PUBLIC": "2022-05-31T13:20:00.000Z", "ID": "CVE-2022-23082", "STATE": "PUBLIC", @@ -47,7 +47,7 @@ "description_data": [ { "lang": "eng", - "value": "In CureKit versions v1.0.1 through v1.1.3 are vulnerable to path traversal as the function isFileOutsideDir fails to sanitize the user input which may lead to path traversal." + "value": "In CureKit versions v1.0.1 through v1.1.3 are vulnerable to path traversal as the function \u2018isFileOutsideDir\u2019 fails to sanitize the user input which may lead to path traversal." } ] }, @@ -85,12 +85,14 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://github.com/whitesource/CureKit/commit/af35e870ed09411d2f1fae6db1b04598cd1a31b6" + "refsource": "MISC", + "url": "https://github.com/whitesource/CureKit/commit/af35e870ed09411d2f1fae6db1b04598cd1a31b6", + "name": "https://github.com/whitesource/CureKit/commit/af35e870ed09411d2f1fae6db1b04598cd1a31b6" }, { "refsource": "MISC", - "url": "https://www.mend.io/vulnerability-database/CVE-2022-23082" + "url": "https://www.mend.io/vulnerability-database/CVE-2022-23082", + "name": "https://www.mend.io/vulnerability-database/CVE-2022-23082" } ] }, @@ -104,4 +106,4 @@ "advisory": "https://www.mend.io/vulnerability-database/", "discovery": "UNKNOWN" } -} +} \ No newline at end of file diff --git a/2022/26xxx/CVE-2022-26691.json b/2022/26xxx/CVE-2022-26691.json index b9d3b86f8f4..8e790604557 100644 --- a/2022/26xxx/CVE-2022-26691.json +++ b/2022/26xxx/CVE-2022-26691.json @@ -86,6 +86,16 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20220527 [SECURITY] [DLA 3029-1] cups security update", "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00039.html" + }, + { + "refsource": "DEBIAN", + "name": "DSA-5149", + "url": "https://www.debian.org/security/2022/dsa-5149" + }, + { + "refsource": "MISC", + "name": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0026/MNDT-2022-0026.md", + "url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0026/MNDT-2022-0026.md" } ] }, diff --git a/2022/28xxx/CVE-2022-28945.json b/2022/28xxx/CVE-2022-28945.json index b80369c3515..3e5dbc448e4 100644 --- a/2022/28xxx/CVE-2022-28945.json +++ b/2022/28xxx/CVE-2022-28945.json @@ -1,17 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-28945", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-28945", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue in Webbank WeCube v3.2.2 allows attackers to execute a directory traversal via a crafted ZIP file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://webbank.com", + "refsource": "MISC", + "name": "http://webbank.com" + }, + { + "url": "http://wecube.com", + "refsource": "MISC", + "name": "http://wecube.com" + }, + { + "url": "https://github.com/WeBankPartners/wecube-platform/releases/tag/v3.2.2", + "refsource": "MISC", + "name": "https://github.com/WeBankPartners/wecube-platform/releases/tag/v3.2.2" + }, + { + "refsource": "MISC", + "name": "https://github.com/WeBankPartners/wecube-platform/issues/2324", + "url": "https://github.com/WeBankPartners/wecube-platform/issues/2324" } ] } diff --git a/2022/29xxx/CVE-2022-29711.json b/2022/29xxx/CVE-2022-29711.json index f7356ddd64a..35fb9fb5718 100644 --- a/2022/29xxx/CVE-2022-29711.json +++ b/2022/29xxx/CVE-2022-29711.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-29711", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-29711", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "LibreNMS v22.3.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /Table/GraylogController.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/librenms/librenms/pull/13931", + "refsource": "MISC", + "name": "https://github.com/librenms/librenms/pull/13931" + }, + { + "url": "https://github.com/librenms/librenms/commit/cc6112b8fb36039b862b42d86eb79ef7ee89d31b", + "refsource": "MISC", + "name": "https://github.com/librenms/librenms/commit/cc6112b8fb36039b862b42d86eb79ef7ee89d31b" } ] } diff --git a/2022/29xxx/CVE-2022-29712.json b/2022/29xxx/CVE-2022-29712.json index 0a9078eca35..2817ab48bc2 100644 --- a/2022/29xxx/CVE-2022-29712.json +++ b/2022/29xxx/CVE-2022-29712.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-29712", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-29712", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "LibreNMS v22.3.0 was discovered to contain multiple command injection vulnerabilities via the service_ip, hostname, and service_param parameters." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/librenms/librenms/pull/13932", + "refsource": "MISC", + "name": "https://github.com/librenms/librenms/pull/13932" } ] } diff --git a/2022/29xxx/CVE-2022-29725.json b/2022/29xxx/CVE-2022-29725.json index cf0f64a7471..45e58355e75 100644 --- a/2022/29xxx/CVE-2022-29725.json +++ b/2022/29xxx/CVE-2022-29725.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-29725", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-29725", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An arbitrary file upload in the image upload component of wityCMS v0.6.2 allows attackers to execute arbitrary code via a crafted PHP file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/Creatiwity/wityCMS/issues/161", + "refsource": "MISC", + "name": "https://github.com/Creatiwity/wityCMS/issues/161" } ] } diff --git a/2022/30xxx/CVE-2022-30034.json b/2022/30xxx/CVE-2022-30034.json index 8f1d698c590..19b77aec891 100644 --- a/2022/30xxx/CVE-2022-30034.json +++ b/2022/30xxx/CVE-2022-30034.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-30034", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-30034", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Flower, a web UI for the Celery Python RPC framework, all versions as of 05-02-2022 is vulnerable to an OAuth authentication bypass. An attacker could then access the Flower API to discover and invoke arbitrary Celery RPC calls or deny service by shutting down Celery task nodes." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://githubcommherflower.com", + "refsource": "MISC", + "name": "http://githubcommherflower.com" + }, + { + "refsource": "MISC", + "name": "https://tprynn.github.io/2022/05/26/flower-vulns.html", + "url": "https://tprynn.github.io/2022/05/26/flower-vulns.html" } ] } diff --git a/2022/30xxx/CVE-2022-30126.json b/2022/30xxx/CVE-2022-30126.json index 4dae861c25b..9b1c367112f 100644 --- a/2022/30xxx/CVE-2022-30126.json +++ b/2022/30xxx/CVE-2022-30126.json @@ -83,6 +83,11 @@ "refsource": "MLIST", "name": "[oss-security] 20220516 CVE-2022-30126: Apache Tika Regular Expression Denial of Service in Standards Extractor", "url": "http://www.openwall.com/lists/oss-security/2022/05/16/3" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20220531 CVE-2022-30973: Apache Tika: Missing fix for CVE-2022-30126 in 1.28.2", + "url": "http://www.openwall.com/lists/oss-security/2022/05/31/2" } ] }, diff --git a/2022/30xxx/CVE-2022-30973.json b/2022/30xxx/CVE-2022-30973.json index def12901cf1..62f3f58c98e 100644 --- a/2022/30xxx/CVE-2022-30973.json +++ b/2022/30xxx/CVE-2022-30973.json @@ -43,7 +43,7 @@ "description_data": [ { "lang": "eng", - "value": "We failed to apply the fix for CVE-2022-30126 to the 1.x branch in the 1.28.2 release. In Apache Tika, a regular expression in the StandardsText class, used by the StandardsExtractingContentHandler could lead to a denial of service caused by backtracking on a specially crafted file. This only affects users who are running the StandardsExtractingContentHandler, which is a non-standard handler. This is fixed in 1.28.3." + "value": "We failed to apply the fix for CVE-2022-30126 to the 1.x branch in the 1.28.2 release. In Apache Tika, a regular expression in the StandardsText class, used by the StandardsExtractingContentHandler could lead to a denial of service caused by backtracking on a specially crafted file. This only affects users who are running the StandardsExtractingContentHandler, which is a non-standard handler. This is fixed in 1.28.3." } ] }, @@ -68,8 +68,14 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://lists.apache.org/thread/gqvb5t4p7tmdpl0y5bdbf72pgxj04h7p" + "refsource": "MISC", + "url": "https://lists.apache.org/thread/gqvb5t4p7tmdpl0y5bdbf72pgxj04h7p", + "name": "https://lists.apache.org/thread/gqvb5t4p7tmdpl0y5bdbf72pgxj04h7p" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20220531 CVE-2022-30973: Apache Tika: Missing fix for CVE-2022-30126 in 1.28.2", + "url": "http://www.openwall.com/lists/oss-security/2022/05/31/2" } ] }, @@ -82,4 +88,4 @@ "value": "Avoid using the StandardsExtractingContentHandler or upgrade to Tika 1.28.3 or 2.4.0" } ] -} +} \ No newline at end of file diff --git a/2022/30xxx/CVE-2022-30999.json b/2022/30xxx/CVE-2022-30999.json index 41bf4ec8e4b..42fe4f38dab 100644 --- a/2022/30xxx/CVE-2022-30999.json +++ b/2022/30xxx/CVE-2022-30999.json @@ -35,7 +35,7 @@ "description_data": [ { "lang": "eng", - "value": "FriendsofFlarum (FoF) Upload is an extension that handles file uploads intelligently for your forum. If FoF Upload prior to version 1.2.3 is configured to allow the uploading of SVG files (`image/svg+xml`), navigating directly to an SVG file URI could execute arbitrary Javascript code decided by an attacker. This Javascript code could include the execution of HTTP web requests to Flarum, or any other web service. This could allow data to be leaked by an authenticated Flarum user, or, possibly, for data to be modified maliciously. This issue has been patched with v1.2.3, which now sanitizes uploaded SVG files. As a workaround, remove the ability for users to upload SVG files through FoF Upload." + "value": "FriendsofFlarum (FoF) Upload is an extension that handles file uploads intelligently for your forum. If FoF Upload prior to version 1.2.3 is configured to allow the uploading of SVG files ('image/svg+xml'), navigating directly to an SVG file URI could execute arbitrary Javascript code decided by an attacker. This Javascript code could include the execution of HTTP web requests to Flarum, or any other web service. This could allow data to be leaked by an authenticated Flarum user, or, possibly, for data to be modified maliciously. This issue has been patched with v1.2.3, which now sanitizes uploaded SVG files. As a workaround, remove the ability for users to upload SVG files through FoF Upload." } ] }, diff --git a/2022/31xxx/CVE-2022-31004.json b/2022/31xxx/CVE-2022-31004.json index a6c9184adc5..ed4fdb620af 100644 --- a/2022/31xxx/CVE-2022-31004.json +++ b/2022/31xxx/CVE-2022-31004.json @@ -35,7 +35,7 @@ "description_data": [ { "lang": "eng", - "value": "CVEProject/cve-services is an open source project used to operate the CVE services API. A conditional in `data.js` has potential for production secrets to be written to disk. The affected method writes the generated randomKey to disk if the environment is not development. If this method were called in production, it is possible that it would write the plaintext key to disk. A patch is not available as of time of publication but is anticipated as a \"hot fix\" for version 1.1.1 and for the 2.x branch." + "value": "CVEProject/cve-services is an open source project used to operate the CVE services API. A conditional in 'data.js' has potential for production secrets to be written to disk. The affected method writes the generated randomKey to disk if the environment is not development. If this method were called in production, it is possible that it would write the plaintext key to disk. A patch is not available as of time of publication but is anticipated as a \"hot fix\" for version 1.1.1 and for the 2.x branch." } ] }, diff --git a/2022/31xxx/CVE-2022-31005.json b/2022/31xxx/CVE-2022-31005.json index f151a076127..fbd51afcc2e 100644 --- a/2022/31xxx/CVE-2022-31005.json +++ b/2022/31xxx/CVE-2022-31005.json @@ -35,7 +35,7 @@ "description_data": [ { "lang": "eng", - "value": "Vapor is an HTTP web framework for Swift. Users of Vapor prior to version 4.60.3 with FileMiddleware enabled are vulnerable to an integer overflow vulnerability that can crash the application. Version 4.60.3 contains a patch for this issue. As a workaround, disable FileMiddleware and serve via a Content Delivery Network.\n" + "value": "Vapor is an HTTP web framework for Swift. Users of Vapor prior to version 4.60.3 with FileMiddleware enabled are vulnerable to an integer overflow vulnerability that can crash the application. Version 4.60.3 contains a patch for this issue. As a workaround, disable FileMiddleware and serve via a Content Delivery Network." } ] }, diff --git a/2022/31xxx/CVE-2022-31335.json b/2022/31xxx/CVE-2022-31335.json index f1b24f42ccf..ae32e750df2 100644 --- a/2022/31xxx/CVE-2022-31335.json +++ b/2022/31xxx/CVE-2022-31335.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31335", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31335", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Online Ordering System 2.3.2 is vulnerable to SQL Injection via /ordering/admin/stockin/index.php?view=edit&id=." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/online-ordering-system/SQLi-6.md", + "url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/online-ordering-system/SQLi-6.md" } ] } diff --git a/2022/31xxx/CVE-2022-31336.json b/2022/31xxx/CVE-2022-31336.json index 61784149171..6d843809763 100644 --- a/2022/31xxx/CVE-2022-31336.json +++ b/2022/31xxx/CVE-2022-31336.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31336", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31336", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Online Ordering System 2.3.2 is vulnerable to SQL Injection via /ordering/admin/stockin/loaddata.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/online-ordering-system/SQLi-7.md", + "url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/online-ordering-system/SQLi-7.md" } ] } diff --git a/2022/31xxx/CVE-2022-31337.json b/2022/31xxx/CVE-2022-31337.json index 33e850bf5fb..11375d50fdf 100644 --- a/2022/31xxx/CVE-2022-31337.json +++ b/2022/31xxx/CVE-2022-31337.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31337", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31337", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Online Ordering System 2.3.2 is vulnerable to SQL Injection via /ordering/admin/category/index.php?view=edit&id=." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/online-ordering-system/SQLi-10.md", + "url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/online-ordering-system/SQLi-10.md" } ] } diff --git a/2022/31xxx/CVE-2022-31338.json b/2022/31xxx/CVE-2022-31338.json index 31bd3490e3b..4f3a360a085 100644 --- a/2022/31xxx/CVE-2022-31338.json +++ b/2022/31xxx/CVE-2022-31338.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31338", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31338", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Online Ordering System 2.3.2 is vulnerable to SQL Injection via /ordering/admin/user/index.php?view=edit&id=." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/online-ordering-system/SQLi-9.md", + "url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/online-ordering-system/SQLi-9.md" } ] } diff --git a/2022/31xxx/CVE-2022-31500.json b/2022/31xxx/CVE-2022-31500.json index 6433d7db89a..70945576b33 100644 --- a/2022/31xxx/CVE-2022-31500.json +++ b/2022/31xxx/CVE-2022-31500.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31500", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31500", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In KNIME Analytics Platform below 4.6.0, the Windows installer sets improper filesystem permissions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://knime.com", + "refsource": "MISC", + "name": "https://knime.com" + }, + { + "refsource": "MISC", + "name": "https://www.knime.com/security/advisories#CVE-2022-31500", + "url": "https://www.knime.com/security/advisories#CVE-2022-31500" } ] } diff --git a/2022/31xxx/CVE-2022-31908.json b/2022/31xxx/CVE-2022-31908.json new file mode 100644 index 00000000000..85b39da7431 --- /dev/null +++ b/2022/31xxx/CVE-2022-31908.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-31908", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/31xxx/CVE-2022-31909.json b/2022/31xxx/CVE-2022-31909.json new file mode 100644 index 00000000000..af81df88399 --- /dev/null +++ b/2022/31xxx/CVE-2022-31909.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-31909", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/31xxx/CVE-2022-31910.json b/2022/31xxx/CVE-2022-31910.json new file mode 100644 index 00000000000..be257b490f9 --- /dev/null +++ b/2022/31xxx/CVE-2022-31910.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-31910", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/31xxx/CVE-2022-31911.json b/2022/31xxx/CVE-2022-31911.json new file mode 100644 index 00000000000..ac943972d35 --- /dev/null +++ b/2022/31xxx/CVE-2022-31911.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-31911", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/31xxx/CVE-2022-31912.json b/2022/31xxx/CVE-2022-31912.json new file mode 100644 index 00000000000..73478847270 --- /dev/null +++ b/2022/31xxx/CVE-2022-31912.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-31912", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/31xxx/CVE-2022-31913.json b/2022/31xxx/CVE-2022-31913.json new file mode 100644 index 00000000000..ca3a76e2e3a --- /dev/null +++ b/2022/31xxx/CVE-2022-31913.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-31913", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/31xxx/CVE-2022-31914.json b/2022/31xxx/CVE-2022-31914.json new file mode 100644 index 00000000000..70f05990b4c --- /dev/null +++ b/2022/31xxx/CVE-2022-31914.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-31914", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/31xxx/CVE-2022-31915.json b/2022/31xxx/CVE-2022-31915.json new file mode 100644 index 00000000000..fcf77fa0c9e --- /dev/null +++ b/2022/31xxx/CVE-2022-31915.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-31915", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/31xxx/CVE-2022-31916.json b/2022/31xxx/CVE-2022-31916.json new file mode 100644 index 00000000000..1a3fdeeb786 --- /dev/null +++ b/2022/31xxx/CVE-2022-31916.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-31916", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/31xxx/CVE-2022-31917.json b/2022/31xxx/CVE-2022-31917.json new file mode 100644 index 00000000000..a5100af0a98 --- /dev/null +++ b/2022/31xxx/CVE-2022-31917.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-31917", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/31xxx/CVE-2022-31918.json b/2022/31xxx/CVE-2022-31918.json new file mode 100644 index 00000000000..07a0068f372 --- /dev/null +++ b/2022/31xxx/CVE-2022-31918.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-31918", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/31xxx/CVE-2022-31919.json b/2022/31xxx/CVE-2022-31919.json new file mode 100644 index 00000000000..153f8897bbe --- /dev/null +++ b/2022/31xxx/CVE-2022-31919.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-31919", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/31xxx/CVE-2022-31920.json b/2022/31xxx/CVE-2022-31920.json new file mode 100644 index 00000000000..ad6cdfae8ad --- /dev/null +++ b/2022/31xxx/CVE-2022-31920.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-31920", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/31xxx/CVE-2022-31921.json b/2022/31xxx/CVE-2022-31921.json new file mode 100644 index 00000000000..39b7a070b55 --- /dev/null +++ b/2022/31xxx/CVE-2022-31921.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-31921", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/31xxx/CVE-2022-31922.json b/2022/31xxx/CVE-2022-31922.json new file mode 100644 index 00000000000..8212b24f084 --- /dev/null +++ b/2022/31xxx/CVE-2022-31922.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-31922", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/31xxx/CVE-2022-31923.json b/2022/31xxx/CVE-2022-31923.json new file mode 100644 index 00000000000..588b240328b --- /dev/null +++ b/2022/31xxx/CVE-2022-31923.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-31923", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/31xxx/CVE-2022-31924.json b/2022/31xxx/CVE-2022-31924.json new file mode 100644 index 00000000000..ce0106969a8 --- /dev/null +++ b/2022/31xxx/CVE-2022-31924.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-31924", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/31xxx/CVE-2022-31925.json b/2022/31xxx/CVE-2022-31925.json new file mode 100644 index 00000000000..cdde28e38fd --- /dev/null +++ b/2022/31xxx/CVE-2022-31925.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-31925", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/31xxx/CVE-2022-31926.json b/2022/31xxx/CVE-2022-31926.json new file mode 100644 index 00000000000..7e4d903fdaa --- /dev/null +++ b/2022/31xxx/CVE-2022-31926.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-31926", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/31xxx/CVE-2022-31927.json b/2022/31xxx/CVE-2022-31927.json new file mode 100644 index 00000000000..3f0c30cbb00 --- /dev/null +++ b/2022/31xxx/CVE-2022-31927.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-31927", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/31xxx/CVE-2022-31928.json b/2022/31xxx/CVE-2022-31928.json new file mode 100644 index 00000000000..95859c2e01f --- /dev/null +++ b/2022/31xxx/CVE-2022-31928.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-31928", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/31xxx/CVE-2022-31929.json b/2022/31xxx/CVE-2022-31929.json new file mode 100644 index 00000000000..6fb9ee948d2 --- /dev/null +++ b/2022/31xxx/CVE-2022-31929.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-31929", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/31xxx/CVE-2022-31930.json b/2022/31xxx/CVE-2022-31930.json new file mode 100644 index 00000000000..6b42d3995b1 --- /dev/null +++ b/2022/31xxx/CVE-2022-31930.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-31930", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/31xxx/CVE-2022-31931.json b/2022/31xxx/CVE-2022-31931.json new file mode 100644 index 00000000000..130a4679449 --- /dev/null +++ b/2022/31xxx/CVE-2022-31931.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-31931", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/31xxx/CVE-2022-31932.json b/2022/31xxx/CVE-2022-31932.json new file mode 100644 index 00000000000..0240d318ab6 --- /dev/null +++ b/2022/31xxx/CVE-2022-31932.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-31932", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/31xxx/CVE-2022-31933.json b/2022/31xxx/CVE-2022-31933.json new file mode 100644 index 00000000000..df1c8e46776 --- /dev/null +++ b/2022/31xxx/CVE-2022-31933.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-31933", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/31xxx/CVE-2022-31934.json b/2022/31xxx/CVE-2022-31934.json new file mode 100644 index 00000000000..5e0f7b8eea7 --- /dev/null +++ b/2022/31xxx/CVE-2022-31934.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-31934", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/31xxx/CVE-2022-31935.json b/2022/31xxx/CVE-2022-31935.json new file mode 100644 index 00000000000..97da08137c3 --- /dev/null +++ b/2022/31xxx/CVE-2022-31935.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-31935", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/31xxx/CVE-2022-31936.json b/2022/31xxx/CVE-2022-31936.json new file mode 100644 index 00000000000..1fbcc1ee35b --- /dev/null +++ b/2022/31xxx/CVE-2022-31936.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-31936", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/31xxx/CVE-2022-31937.json b/2022/31xxx/CVE-2022-31937.json new file mode 100644 index 00000000000..725671fc4f2 --- /dev/null +++ b/2022/31xxx/CVE-2022-31937.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-31937", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/31xxx/CVE-2022-31938.json b/2022/31xxx/CVE-2022-31938.json new file mode 100644 index 00000000000..e311a022d7d --- /dev/null +++ b/2022/31xxx/CVE-2022-31938.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-31938", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/31xxx/CVE-2022-31939.json b/2022/31xxx/CVE-2022-31939.json new file mode 100644 index 00000000000..10856184ee0 --- /dev/null +++ b/2022/31xxx/CVE-2022-31939.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-31939", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/31xxx/CVE-2022-31940.json b/2022/31xxx/CVE-2022-31940.json new file mode 100644 index 00000000000..ef63e21978e --- /dev/null +++ b/2022/31xxx/CVE-2022-31940.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-31940", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/32xxx/CVE-2022-32145.json b/2022/32xxx/CVE-2022-32145.json new file mode 100644 index 00000000000..1f18ab444d7 --- /dev/null +++ b/2022/32xxx/CVE-2022-32145.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-32145", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file