mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
"-Synchronized-Data."
This commit is contained in:
parent
1289330470
commit
9e021d49d1
@ -1,90 +1,90 @@
|
||||
{
|
||||
"data_format" : "MITRE",
|
||||
"references" : {
|
||||
"reference_data" : [
|
||||
{
|
||||
"name" : "https://www.ibm.com/support/pages/node/6586142",
|
||||
"url" : "https://www.ibm.com/support/pages/node/6586142",
|
||||
"refsource" : "CONFIRM",
|
||||
"title" : "IBM Security Bulletin 6586142 (Security Identity Governance and Intelligence)"
|
||||
},
|
||||
{
|
||||
"name" : "ibm-svg-cve20204957-info-disc (192208)",
|
||||
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/192208",
|
||||
"refsource" : "XF",
|
||||
"title" : "X-Force Vulnerability Report"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact" : {
|
||||
"cvssv3" : {
|
||||
"BM" : {
|
||||
"I" : "N",
|
||||
"UI" : "N",
|
||||
"S" : "U",
|
||||
"C" : "L",
|
||||
"AC" : "L",
|
||||
"AV" : "N",
|
||||
"A" : "N",
|
||||
"PR" : "N",
|
||||
"SCORE" : "5.300"
|
||||
},
|
||||
"TM" : {
|
||||
"RC" : "C",
|
||||
"RL" : "O",
|
||||
"E" : "U"
|
||||
}
|
||||
}
|
||||
},
|
||||
"description" : {
|
||||
"description_data" : [
|
||||
{
|
||||
"lang" : "eng",
|
||||
"value" : "IBM Security Identity Governance and Intelligence 5.2.6 could disclose sensitive information in URL parameters that could aid in future attacks against the system. IBM X-Force ID: 192208."
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_type" : "CVE",
|
||||
"affects" : {
|
||||
"vendor" : {
|
||||
"vendor_data" : [
|
||||
"data_format": "MITRE",
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"product" : {
|
||||
"product_data" : [
|
||||
{
|
||||
"version" : {
|
||||
"version_data" : [
|
||||
{
|
||||
"version_value" : "5.2.6"
|
||||
}
|
||||
]
|
||||
},
|
||||
"product_name" : "Security Identity Governance and Intelligence"
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name" : "IBM"
|
||||
"name": "https://www.ibm.com/support/pages/node/6586142",
|
||||
"url": "https://www.ibm.com/support/pages/node/6586142",
|
||||
"refsource": "CONFIRM",
|
||||
"title": "IBM Security Bulletin 6586142 (Security Identity Governance and Intelligence)"
|
||||
},
|
||||
{
|
||||
"name": "ibm-svg-cve20204957-info-disc (192208)",
|
||||
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/192208",
|
||||
"refsource": "XF",
|
||||
"title": "X-Force Vulnerability Report"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"CVE_data_meta" : {
|
||||
"STATE" : "PUBLIC",
|
||||
"DATE_PUBLIC" : "2022-05-13T00:00:00",
|
||||
"ID" : "CVE-2020-4957",
|
||||
"ASSIGNER" : "psirt@us.ibm.com"
|
||||
},
|
||||
"problemtype" : {
|
||||
"problemtype_data" : [
|
||||
{
|
||||
"description" : [
|
||||
{
|
||||
"lang" : "eng",
|
||||
"value" : "Obtain Information"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvssv3": {
|
||||
"BM": {
|
||||
"I": "N",
|
||||
"UI": "N",
|
||||
"S": "U",
|
||||
"C": "L",
|
||||
"AC": "L",
|
||||
"AV": "N",
|
||||
"A": "N",
|
||||
"PR": "N",
|
||||
"SCORE": "5.300"
|
||||
},
|
||||
"TM": {
|
||||
"RC": "C",
|
||||
"RL": "O",
|
||||
"E": "U"
|
||||
}
|
||||
}
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "IBM Security Identity Governance and Intelligence 5.2.6 could disclose sensitive information in URL parameters that could aid in future attacks against the system. IBM X-Force ID: 192208."
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_type": "CVE",
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "5.2.6"
|
||||
}
|
||||
]
|
||||
},
|
||||
"product_name": "Security Identity Governance and Intelligence"
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "IBM"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_version" : "4.0"
|
||||
}
|
||||
}
|
||||
},
|
||||
"CVE_data_meta": {
|
||||
"STATE": "PUBLIC",
|
||||
"DATE_PUBLIC": "2022-05-13T00:00:00",
|
||||
"ID": "CVE-2020-4957",
|
||||
"ASSIGNER": "psirt@us.ibm.com"
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Obtain Information"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_version": "4.0"
|
||||
}
|
@ -1,99 +1,99 @@
|
||||
{
|
||||
"data_type" : "CVE",
|
||||
"data_version" : "4.0",
|
||||
"problemtype" : {
|
||||
"problemtype_data" : [
|
||||
{
|
||||
"description" : [
|
||||
{
|
||||
"lang" : "eng",
|
||||
"value" : "Denial of Service"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact" : {
|
||||
"cvssv3" : {
|
||||
"TM" : {
|
||||
"RC" : "C",
|
||||
"RL" : "O",
|
||||
"E" : "U"
|
||||
},
|
||||
"BM" : {
|
||||
"PR" : "N",
|
||||
"A" : "L",
|
||||
"I" : "N",
|
||||
"AV" : "N",
|
||||
"C" : "N",
|
||||
"S" : "U",
|
||||
"UI" : "N",
|
||||
"AC" : "L",
|
||||
"SCORE" : "5.300"
|
||||
}
|
||||
}
|
||||
},
|
||||
"CVE_data_meta" : {
|
||||
"ASSIGNER" : "psirt@us.ibm.com",
|
||||
"DATE_PUBLIC" : "2022-05-16T00:00:00",
|
||||
"ID" : "CVE-2020-4994",
|
||||
"STATE" : "PUBLIC"
|
||||
},
|
||||
"description" : {
|
||||
"description_data" : [
|
||||
{
|
||||
"value" : "IBM DataPower Gateway 10.0.1.0 through 10.0.1.4 and 2018.4.1.0 through 2018.4.1.17 could allow a remote user to cause a temporary denial of service by sending invalid HTTP requests. IBM X-Force ID: 192906.",
|
||||
"lang" : "eng"
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects" : {
|
||||
"vendor" : {
|
||||
"vendor_data" : [
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"vendor_name" : "IBM",
|
||||
"product" : {
|
||||
"product_data" : [
|
||||
{
|
||||
"version" : {
|
||||
"version_data" : [
|
||||
{
|
||||
"version_value" : "2018.4.1.0"
|
||||
},
|
||||
{
|
||||
"version_value" : "10.0.1.0"
|
||||
},
|
||||
{
|
||||
"version_value" : "10.0.1.4"
|
||||
},
|
||||
{
|
||||
"version_value" : "2018.4.1.17"
|
||||
}
|
||||
]
|
||||
},
|
||||
"product_name" : "DataPower Gateway"
|
||||
}
|
||||
]
|
||||
}
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Denial of Service"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format" : "MITRE",
|
||||
"references" : {
|
||||
"reference_data" : [
|
||||
{
|
||||
"url" : "https://www.ibm.com/support/pages/node/6586526",
|
||||
"refsource" : "CONFIRM",
|
||||
"title" : "IBM Security Bulletin 6586526 (DataPower Gateway)",
|
||||
"name" : "https://www.ibm.com/support/pages/node/6586526"
|
||||
},
|
||||
{
|
||||
"name" : "ibm-datapower-cve20204994-dos (192906)",
|
||||
"title" : "X-Force Vulnerability Report",
|
||||
"refsource" : "XF",
|
||||
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/192906"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvssv3": {
|
||||
"TM": {
|
||||
"RC": "C",
|
||||
"RL": "O",
|
||||
"E": "U"
|
||||
},
|
||||
"BM": {
|
||||
"PR": "N",
|
||||
"A": "L",
|
||||
"I": "N",
|
||||
"AV": "N",
|
||||
"C": "N",
|
||||
"S": "U",
|
||||
"UI": "N",
|
||||
"AC": "L",
|
||||
"SCORE": "5.300"
|
||||
}
|
||||
}
|
||||
},
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "psirt@us.ibm.com",
|
||||
"DATE_PUBLIC": "2022-05-16T00:00:00",
|
||||
"ID": "CVE-2020-4994",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"value": "IBM DataPower Gateway 10.0.1.0 through 10.0.1.4 and 2018.4.1.0 through 2018.4.1.17 could allow a remote user to cause a temporary denial of service by sending invalid HTTP requests. IBM X-Force ID: 192906.",
|
||||
"lang": "eng"
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "IBM",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "2018.4.1.0"
|
||||
},
|
||||
{
|
||||
"version_value": "10.0.1.0"
|
||||
},
|
||||
{
|
||||
"version_value": "10.0.1.4"
|
||||
},
|
||||
{
|
||||
"version_value": "2018.4.1.17"
|
||||
}
|
||||
]
|
||||
},
|
||||
"product_name": "DataPower Gateway"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://www.ibm.com/support/pages/node/6586526",
|
||||
"refsource": "CONFIRM",
|
||||
"title": "IBM Security Bulletin 6586526 (DataPower Gateway)",
|
||||
"name": "https://www.ibm.com/support/pages/node/6586526"
|
||||
},
|
||||
{
|
||||
"name": "ibm-datapower-cve20204994-dos (192906)",
|
||||
"title": "X-Force Vulnerability Report",
|
||||
"refsource": "XF",
|
||||
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/192906"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
@ -1,106 +1,106 @@
|
||||
{
|
||||
"problemtype" : {
|
||||
"problemtype_data" : [
|
||||
{
|
||||
"description" : [
|
||||
{
|
||||
"value" : "Bypass Security",
|
||||
"lang" : "eng"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_version" : "4.0",
|
||||
"data_type" : "CVE",
|
||||
"affects" : {
|
||||
"vendor" : {
|
||||
"vendor_data" : [
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"vendor_name" : "IBM",
|
||||
"product" : {
|
||||
"product_data" : [
|
||||
{
|
||||
"version" : {
|
||||
"version_data" : [
|
||||
{
|
||||
"version_value" : "6.0.3"
|
||||
}
|
||||
]
|
||||
},
|
||||
"product_name" : "Secure External Authentication Server"
|
||||
},
|
||||
{
|
||||
"product_name" : "Sterling Secure Proxy",
|
||||
"version" : {
|
||||
"version_data" : [
|
||||
{
|
||||
"version_value" : "6.0.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
"description": [
|
||||
{
|
||||
"value": "Bypass Security",
|
||||
"lang": "eng"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"description" : {
|
||||
"description_data" : [
|
||||
{
|
||||
"value" : "IBM Sterling Secure Proxy 6.0.3 and IBM Secure External Authentication Server 6.0.3 does not properly ensure that a certificate is actually associated with the host due to improper validation of certificates. IBM X-Force ID: 201104.",
|
||||
"lang" : "eng"
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_format" : "MITRE",
|
||||
"references" : {
|
||||
"reference_data" : [
|
||||
{
|
||||
"url" : "https://www.ibm.com/support/pages/node/6586754",
|
||||
"refsource" : "CONFIRM",
|
||||
"title" : "IBM Security Bulletin 6586754 (Sterling Secure Proxy)",
|
||||
"name" : "https://www.ibm.com/support/pages/node/6586754"
|
||||
},
|
||||
{
|
||||
"url" : "https://www.ibm.com/support/pages/node/6586756",
|
||||
"title" : "IBM Security Bulletin 6586756 (Secure External Authentication Server)",
|
||||
"name" : "https://www.ibm.com/support/pages/node/6586756",
|
||||
"refsource" : "CONFIRM"
|
||||
},
|
||||
{
|
||||
"name" : "ibm-sterling-cve202129726-sec-bypass (201104)",
|
||||
"title" : "X-Force Vulnerability Report",
|
||||
"refsource" : "XF",
|
||||
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/201104"
|
||||
}
|
||||
]
|
||||
},
|
||||
"CVE_data_meta" : {
|
||||
"STATE" : "PUBLIC",
|
||||
"DATE_PUBLIC" : "2022-05-16T00:00:00",
|
||||
"ID" : "CVE-2021-29726",
|
||||
"ASSIGNER" : "psirt@us.ibm.com"
|
||||
},
|
||||
"impact" : {
|
||||
"cvssv3" : {
|
||||
"BM" : {
|
||||
"S" : "U",
|
||||
"AC" : "L",
|
||||
"UI" : "N",
|
||||
"SCORE" : "5.300",
|
||||
"PR" : "N",
|
||||
"A" : "N",
|
||||
"AV" : "N",
|
||||
"C" : "N",
|
||||
"I" : "L"
|
||||
},
|
||||
"TM" : {
|
||||
"RC" : "C",
|
||||
"RL" : "O",
|
||||
"E" : "U"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "IBM",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "6.0.3"
|
||||
}
|
||||
]
|
||||
},
|
||||
"product_name": "Secure External Authentication Server"
|
||||
},
|
||||
{
|
||||
"product_name": "Sterling Secure Proxy",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "6.0.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"value": "IBM Sterling Secure Proxy 6.0.3 and IBM Secure External Authentication Server 6.0.3 does not properly ensure that a certificate is actually associated with the host due to improper validation of certificates. IBM X-Force ID: 201104.",
|
||||
"lang": "eng"
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://www.ibm.com/support/pages/node/6586754",
|
||||
"refsource": "CONFIRM",
|
||||
"title": "IBM Security Bulletin 6586754 (Sterling Secure Proxy)",
|
||||
"name": "https://www.ibm.com/support/pages/node/6586754"
|
||||
},
|
||||
{
|
||||
"url": "https://www.ibm.com/support/pages/node/6586756",
|
||||
"title": "IBM Security Bulletin 6586756 (Secure External Authentication Server)",
|
||||
"name": "https://www.ibm.com/support/pages/node/6586756",
|
||||
"refsource": "CONFIRM"
|
||||
},
|
||||
{
|
||||
"name": "ibm-sterling-cve202129726-sec-bypass (201104)",
|
||||
"title": "X-Force Vulnerability Report",
|
||||
"refsource": "XF",
|
||||
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/201104"
|
||||
}
|
||||
]
|
||||
},
|
||||
"CVE_data_meta": {
|
||||
"STATE": "PUBLIC",
|
||||
"DATE_PUBLIC": "2022-05-16T00:00:00",
|
||||
"ID": "CVE-2021-29726",
|
||||
"ASSIGNER": "psirt@us.ibm.com"
|
||||
},
|
||||
"impact": {
|
||||
"cvssv3": {
|
||||
"BM": {
|
||||
"S": "U",
|
||||
"AC": "L",
|
||||
"UI": "N",
|
||||
"SCORE": "5.300",
|
||||
"PR": "N",
|
||||
"A": "N",
|
||||
"AV": "N",
|
||||
"C": "N",
|
||||
"I": "L"
|
||||
},
|
||||
"TM": {
|
||||
"RC": "C",
|
||||
"RL": "O",
|
||||
"E": "U"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
@ -1,105 +1,105 @@
|
||||
{
|
||||
"data_type" : "CVE",
|
||||
"data_version" : "4.0",
|
||||
"problemtype" : {
|
||||
"problemtype_data" : [
|
||||
{
|
||||
"description" : [
|
||||
{
|
||||
"lang" : "eng",
|
||||
"value" : "Denial of Service"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects" : {
|
||||
"vendor" : {
|
||||
"vendor_data" : [
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"product" : {
|
||||
"product_data" : [
|
||||
{
|
||||
"version" : {
|
||||
"version_data" : [
|
||||
{
|
||||
"version_value" : "2018.4.1.0"
|
||||
},
|
||||
{
|
||||
"version_value" : "10.0.1.0"
|
||||
},
|
||||
{
|
||||
"version_value" : "10.0.1.4"
|
||||
},
|
||||
{
|
||||
"version_value" : "10.0.2.0"
|
||||
},
|
||||
{
|
||||
"version_value" : "10.0.3.0"
|
||||
},
|
||||
{
|
||||
"version_value" : "2018.4.1.17"
|
||||
}
|
||||
]
|
||||
},
|
||||
"product_name" : "DataPower Gateway"
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name" : "IBM"
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Denial of Service"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"description" : {
|
||||
"description_data" : [
|
||||
{
|
||||
"lang" : "eng",
|
||||
"value" : "IBM DataPower Gateway 10.0.2.0, 10.0.3.0, 10.0.1.0 through 10.0.1.4, and 2018.4.1.0 through 2018.4.1.17 could allow a remote user to cause a denial of service by consuming resources with multiple requests. IBM X-Force ID: 208348."
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_format" : "MITRE",
|
||||
"references" : {
|
||||
"reference_data" : [
|
||||
{
|
||||
"title" : "IBM Security Bulletin 6586704 (DataPower Gateway)",
|
||||
"name" : "https://www.ibm.com/support/pages/node/6586704",
|
||||
"refsource" : "CONFIRM",
|
||||
"url" : "https://www.ibm.com/support/pages/node/6586704"
|
||||
},
|
||||
{
|
||||
"refsource" : "XF",
|
||||
"title" : "X-Force Vulnerability Report",
|
||||
"name" : "ibm-datapower-cve202138872-dos (208348)",
|
||||
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/208348"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact" : {
|
||||
"cvssv3" : {
|
||||
"BM" : {
|
||||
"PR" : "N",
|
||||
"I" : "N",
|
||||
"C" : "N",
|
||||
"AV" : "N",
|
||||
"A" : "L",
|
||||
"AC" : "L",
|
||||
"UI" : "N",
|
||||
"S" : "U",
|
||||
"SCORE" : "5.300"
|
||||
},
|
||||
"TM" : {
|
||||
"RL" : "O",
|
||||
"E" : "U",
|
||||
"RC" : "C"
|
||||
}
|
||||
}
|
||||
},
|
||||
"CVE_data_meta" : {
|
||||
"ASSIGNER" : "psirt@us.ibm.com",
|
||||
"DATE_PUBLIC" : "2022-05-16T00:00:00",
|
||||
"ID" : "CVE-2021-38872",
|
||||
"STATE" : "PUBLIC"
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "2018.4.1.0"
|
||||
},
|
||||
{
|
||||
"version_value": "10.0.1.0"
|
||||
},
|
||||
{
|
||||
"version_value": "10.0.1.4"
|
||||
},
|
||||
{
|
||||
"version_value": "10.0.2.0"
|
||||
},
|
||||
{
|
||||
"version_value": "10.0.3.0"
|
||||
},
|
||||
{
|
||||
"version_value": "2018.4.1.17"
|
||||
}
|
||||
]
|
||||
},
|
||||
"product_name": "DataPower Gateway"
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "IBM"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "IBM DataPower Gateway 10.0.2.0, 10.0.3.0, 10.0.1.0 through 10.0.1.4, and 2018.4.1.0 through 2018.4.1.17 could allow a remote user to cause a denial of service by consuming resources with multiple requests. IBM X-Force ID: 208348."
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"title": "IBM Security Bulletin 6586704 (DataPower Gateway)",
|
||||
"name": "https://www.ibm.com/support/pages/node/6586704",
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.ibm.com/support/pages/node/6586704"
|
||||
},
|
||||
{
|
||||
"refsource": "XF",
|
||||
"title": "X-Force Vulnerability Report",
|
||||
"name": "ibm-datapower-cve202138872-dos (208348)",
|
||||
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/208348"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvssv3": {
|
||||
"BM": {
|
||||
"PR": "N",
|
||||
"I": "N",
|
||||
"C": "N",
|
||||
"AV": "N",
|
||||
"A": "L",
|
||||
"AC": "L",
|
||||
"UI": "N",
|
||||
"S": "U",
|
||||
"SCORE": "5.300"
|
||||
},
|
||||
"TM": {
|
||||
"RL": "O",
|
||||
"E": "U",
|
||||
"RC": "C"
|
||||
}
|
||||
}
|
||||
},
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "psirt@us.ibm.com",
|
||||
"DATE_PUBLIC": "2022-05-16T00:00:00",
|
||||
"ID": "CVE-2021-38872",
|
||||
"STATE": "PUBLIC"
|
||||
}
|
||||
}
|
@ -45,7 +45,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to cause memory corruption and escalate privileges to root.\nThis issue affects:\nLinux Kernel\nversions prior to 5.4.189;\nversion 5.4.24 and later versions."
|
||||
"value": "Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to cause memory corruption and escalate privileges to root. This issue affects: Linux Kernel versions prior to 5.4.189; version 5.4.24 and later versions."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -83,17 +83,18 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/fs/io_uring.c?h=v5.4.189&id=1a623d361ffe5cecd4244a02f449528416360038"
|
||||
"refsource": "MISC",
|
||||
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/fs/io_uring.c?h=v5.4.189&id=1a623d361ffe5cecd4244a02f449528416360038",
|
||||
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/fs/io_uring.c?h=v5.4.189&id=1a623d361ffe5cecd4244a02f449528416360038"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"url": "https://kernel.dance/#1a623d361ffe5cecd4244a02f449528416360038",
|
||||
"name": ""
|
||||
"refsource": "MISC",
|
||||
"name": "https://kernel.dance/#1a623d361ffe5cecd4244a02f449528416360038",
|
||||
"url": "https://kernel.dance/#1a623d361ffe5cecd4244a02f449528416360038"
|
||||
}
|
||||
]
|
||||
},
|
||||
"source": {
|
||||
"discovery": "EXTERNAL"
|
||||
}
|
||||
}
|
||||
}
|
@ -1,89 +1,89 @@
|
||||
{
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "security@huntr.dev",
|
||||
"ID": "CVE-2022-1769",
|
||||
"STATE": "PUBLIC",
|
||||
"TITLE": "Buffer Over-read in vim/vim"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "vim/vim",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_value": "8.2"
|
||||
}
|
||||
]
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "security@huntr.dev",
|
||||
"ID": "CVE-2022-1769",
|
||||
"STATE": "PUBLIC",
|
||||
"TITLE": "Buffer Over-read in vim/vim"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "vim/vim",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_value": "8.2"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "vim"
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "vim"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Buffer Over-read in GitHub repository vim/vim prior to 8.2."
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": {
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "LOCAL",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 6.6,
|
||||
"baseSeverity": "MEDIUM",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"privilegesRequired": "LOW",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
|
||||
"version": "3.0"
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-126 Buffer Over-read"
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Buffer Over-read in GitHub repository vim/vim prior to 8.2."
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"name": "https://huntr.dev/bounties/522076b2-96cb-4df6-a504-e6e2f64c171c",
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://huntr.dev/bounties/522076b2-96cb-4df6-a504-e6e2f64c171c"
|
||||
},
|
||||
{
|
||||
"name": "https://github.com/vim/vim/commit/4748c4bd64610cf943a431d215bb1aad51f8d0b4",
|
||||
"refsource": "MISC",
|
||||
"url": "https://github.com/vim/vim/commit/4748c4bd64610cf943a431d215bb1aad51f8d0b4"
|
||||
}
|
||||
]
|
||||
},
|
||||
"source": {
|
||||
"advisory": "522076b2-96cb-4df6-a504-e6e2f64c171c",
|
||||
"discovery": "EXTERNAL"
|
||||
}
|
||||
},
|
||||
"impact": {
|
||||
"cvss": {
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "LOCAL",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 6.6,
|
||||
"baseSeverity": "MEDIUM",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"privilegesRequired": "LOW",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
|
||||
"version": "3.0"
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-126 Buffer Over-read"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"name": "https://huntr.dev/bounties/522076b2-96cb-4df6-a504-e6e2f64c171c",
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://huntr.dev/bounties/522076b2-96cb-4df6-a504-e6e2f64c171c"
|
||||
},
|
||||
{
|
||||
"name": "https://github.com/vim/vim/commit/4748c4bd64610cf943a431d215bb1aad51f8d0b4",
|
||||
"refsource": "MISC",
|
||||
"url": "https://github.com/vim/vim/commit/4748c4bd64610cf943a431d215bb1aad51f8d0b4"
|
||||
}
|
||||
]
|
||||
},
|
||||
"source": {
|
||||
"advisory": "522076b2-96cb-4df6-a504-e6e2f64c171c",
|
||||
"discovery": "EXTERNAL"
|
||||
}
|
||||
}
|
@ -1,93 +1,93 @@
|
||||
{
|
||||
"affects" : {
|
||||
"vendor" : {
|
||||
"vendor_data" : [
|
||||
{
|
||||
"product" : {
|
||||
"product_data" : [
|
||||
{
|
||||
"version" : {
|
||||
"version_data" : [
|
||||
{
|
||||
"version_value" : "17.0.0.3"
|
||||
},
|
||||
{
|
||||
"version_value" : "22.0.0.5"
|
||||
}
|
||||
]
|
||||
},
|
||||
"product_name" : "WebSphere Application Server Liberty"
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name" : "IBM"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format" : "MITRE",
|
||||
"description" : {
|
||||
"description_data" : [
|
||||
{
|
||||
"value" : "IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.5 and Open Liberty are vulnerable to identity spoofing by an authenticated user. IBM X-Force ID: 225603.",
|
||||
"lang" : "eng"
|
||||
}
|
||||
]
|
||||
},
|
||||
"references" : {
|
||||
"reference_data" : [
|
||||
{
|
||||
"url" : "https://www.ibm.com/support/pages/node/6586734",
|
||||
"refsource" : "CONFIRM",
|
||||
"title" : "IBM Security Bulletin 6586734 (WebSphere Application Server Liberty)",
|
||||
"name" : "https://www.ibm.com/support/pages/node/6586734"
|
||||
},
|
||||
{
|
||||
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/225603",
|
||||
"refsource" : "XF",
|
||||
"title" : "X-Force Vulnerability Report",
|
||||
"name" : "ibm-websphere-cve202222475-spoofing (225603)"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact" : {
|
||||
"cvssv3" : {
|
||||
"BM" : {
|
||||
"PR" : "L",
|
||||
"C" : "L",
|
||||
"AV" : "N",
|
||||
"I" : "L",
|
||||
"A" : "L",
|
||||
"AC" : "H",
|
||||
"UI" : "N",
|
||||
"S" : "U",
|
||||
"SCORE" : "5.000"
|
||||
},
|
||||
"TM" : {
|
||||
"RC" : "C",
|
||||
"E" : "U",
|
||||
"RL" : "O"
|
||||
}
|
||||
}
|
||||
},
|
||||
"CVE_data_meta" : {
|
||||
"ID" : "CVE-2022-22475",
|
||||
"DATE_PUBLIC" : "2022-05-16T00:00:00",
|
||||
"STATE" : "PUBLIC",
|
||||
"ASSIGNER" : "psirt@us.ibm.com"
|
||||
},
|
||||
"problemtype" : {
|
||||
"problemtype_data" : [
|
||||
{
|
||||
"description" : [
|
||||
{
|
||||
"lang" : "eng",
|
||||
"value" : "Gain Privileges"
|
||||
}
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "17.0.0.3"
|
||||
},
|
||||
{
|
||||
"version_value": "22.0.0.5"
|
||||
}
|
||||
]
|
||||
},
|
||||
"product_name": "WebSphere Application Server Liberty"
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "IBM"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_type" : "CVE",
|
||||
"data_version" : "4.0"
|
||||
}
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"value": "IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.5 and Open Liberty are vulnerable to identity spoofing by an authenticated user. IBM X-Force ID: 225603.",
|
||||
"lang": "eng"
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://www.ibm.com/support/pages/node/6586734",
|
||||
"refsource": "CONFIRM",
|
||||
"title": "IBM Security Bulletin 6586734 (WebSphere Application Server Liberty)",
|
||||
"name": "https://www.ibm.com/support/pages/node/6586734"
|
||||
},
|
||||
{
|
||||
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/225603",
|
||||
"refsource": "XF",
|
||||
"title": "X-Force Vulnerability Report",
|
||||
"name": "ibm-websphere-cve202222475-spoofing (225603)"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvssv3": {
|
||||
"BM": {
|
||||
"PR": "L",
|
||||
"C": "L",
|
||||
"AV": "N",
|
||||
"I": "L",
|
||||
"A": "L",
|
||||
"AC": "H",
|
||||
"UI": "N",
|
||||
"S": "U",
|
||||
"SCORE": "5.000"
|
||||
},
|
||||
"TM": {
|
||||
"RC": "C",
|
||||
"E": "U",
|
||||
"RL": "O"
|
||||
}
|
||||
}
|
||||
},
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-22475",
|
||||
"DATE_PUBLIC": "2022-05-16T00:00:00",
|
||||
"STATE": "PUBLIC",
|
||||
"ASSIGNER": "psirt@us.ibm.com"
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Gain Privileges"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0"
|
||||
}
|
@ -1,99 +1,99 @@
|
||||
{
|
||||
"impact" : {
|
||||
"cvssv3" : {
|
||||
"BM" : {
|
||||
"PR" : "L",
|
||||
"A" : "H",
|
||||
"C" : "N",
|
||||
"AV" : "N",
|
||||
"I" : "N",
|
||||
"S" : "U",
|
||||
"UI" : "N",
|
||||
"AC" : "L",
|
||||
"SCORE" : "6.500"
|
||||
},
|
||||
"TM" : {
|
||||
"RC" : "C",
|
||||
"RL" : "O",
|
||||
"E" : "U"
|
||||
}
|
||||
}
|
||||
},
|
||||
"CVE_data_meta" : {
|
||||
"ASSIGNER" : "psirt@us.ibm.com",
|
||||
"DATE_PUBLIC" : "2022-05-16T00:00:00",
|
||||
"ID" : "CVE-2022-22482",
|
||||
"STATE" : "PUBLIC"
|
||||
},
|
||||
"references" : {
|
||||
"reference_data" : [
|
||||
{
|
||||
"refsource" : "CONFIRM",
|
||||
"title" : "IBM Security Bulletin 6586576 (Sterling B2B Integrator)",
|
||||
"name" : "https://www.ibm.com/support/pages/node/6586576",
|
||||
"url" : "https://www.ibm.com/support/pages/node/6586576"
|
||||
},
|
||||
{
|
||||
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/225977",
|
||||
"name" : "ibm-sterling-cve202222482-dos (225977)",
|
||||
"title" : "X-Force Vulnerability Report",
|
||||
"refsource" : "XF"
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects" : {
|
||||
"vendor" : {
|
||||
"vendor_data" : [
|
||||
{
|
||||
"vendor_name" : "IBM",
|
||||
"product" : {
|
||||
"product_data" : [
|
||||
{
|
||||
"version" : {
|
||||
"version_data" : [
|
||||
{
|
||||
"version_value" : "6.0.0.0"
|
||||
},
|
||||
{
|
||||
"version_value" : "6.1.0.0"
|
||||
},
|
||||
{
|
||||
"version_value" : "6.1.1.0"
|
||||
},
|
||||
{
|
||||
"version_value" : "6.0.3.5"
|
||||
}
|
||||
]
|
||||
},
|
||||
"product_name" : "Sterling B2B Integrator"
|
||||
}
|
||||
]
|
||||
}
|
||||
"impact": {
|
||||
"cvssv3": {
|
||||
"BM": {
|
||||
"PR": "L",
|
||||
"A": "H",
|
||||
"C": "N",
|
||||
"AV": "N",
|
||||
"I": "N",
|
||||
"S": "U",
|
||||
"UI": "N",
|
||||
"AC": "L",
|
||||
"SCORE": "6.500"
|
||||
},
|
||||
"TM": {
|
||||
"RC": "C",
|
||||
"RL": "O",
|
||||
"E": "U"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"description" : {
|
||||
"description_data" : [
|
||||
{
|
||||
"value" : "IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5 and 6.1.0.0 through 6.1.1.0 could allow an authenticated user to upload files that could fill up the filesystem and cause a denial of service. IBM X-Force ID: 225977.",
|
||||
"lang" : "eng"
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_format" : "MITRE",
|
||||
"problemtype" : {
|
||||
"problemtype_data" : [
|
||||
{
|
||||
"description" : [
|
||||
{
|
||||
"lang" : "eng",
|
||||
"value" : "Denial of Service"
|
||||
}
|
||||
}
|
||||
},
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "psirt@us.ibm.com",
|
||||
"DATE_PUBLIC": "2022-05-16T00:00:00",
|
||||
"ID": "CVE-2022-22482",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"title": "IBM Security Bulletin 6586576 (Sterling B2B Integrator)",
|
||||
"name": "https://www.ibm.com/support/pages/node/6586576",
|
||||
"url": "https://www.ibm.com/support/pages/node/6586576"
|
||||
},
|
||||
{
|
||||
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/225977",
|
||||
"name": "ibm-sterling-cve202222482-dos (225977)",
|
||||
"title": "X-Force Vulnerability Report",
|
||||
"refsource": "XF"
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "IBM",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "6.0.0.0"
|
||||
},
|
||||
{
|
||||
"version_value": "6.1.0.0"
|
||||
},
|
||||
{
|
||||
"version_value": "6.1.1.0"
|
||||
},
|
||||
{
|
||||
"version_value": "6.0.3.5"
|
||||
}
|
||||
]
|
||||
},
|
||||
"product_name": "Sterling B2B Integrator"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_type" : "CVE",
|
||||
"data_version" : "4.0"
|
||||
}
|
||||
}
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"value": "IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5 and 6.1.0.0 through 6.1.1.0 could allow an authenticated user to upload files that could fill up the filesystem and cause a denial of service. IBM X-Force ID: 225977.",
|
||||
"lang": "eng"
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Denial of Service"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0"
|
||||
}
|
@ -1,93 +1,93 @@
|
||||
{
|
||||
"data_type" : "CVE",
|
||||
"description" : {
|
||||
"description_data" : [
|
||||
{
|
||||
"lang" : "eng",
|
||||
"value" : "IBM Spectrum Protect Operations Center 8.1.12 and 8.1.13 could allow a local attacker to obtain sensitive information, caused by plain text user account passwords potentially being stored in the browser's application command history. By accessing browser history, an attacker could exploit this vulnerability to obtain other user accounts' passwords. IBM X-Force ID: 226322."
|
||||
}
|
||||
]
|
||||
},
|
||||
"CVE_data_meta" : {
|
||||
"DATE_PUBLIC" : "2022-05-13T00:00:00",
|
||||
"STATE" : "PUBLIC",
|
||||
"ASSIGNER" : "psirt@us.ibm.com",
|
||||
"ID" : "CVE-2022-22484"
|
||||
},
|
||||
"problemtype" : {
|
||||
"problemtype_data" : [
|
||||
{
|
||||
"description" : [
|
||||
{
|
||||
"value" : "Obtain Information",
|
||||
"lang" : "eng"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects" : {
|
||||
"vendor" : {
|
||||
"vendor_data" : [
|
||||
"data_type": "CVE",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"product" : {
|
||||
"product_data" : [
|
||||
{
|
||||
"version" : {
|
||||
"version_data" : [
|
||||
{
|
||||
"version_value" : "8.1.13"
|
||||
},
|
||||
{
|
||||
"version_value" : "8.1.12"
|
||||
}
|
||||
]
|
||||
},
|
||||
"product_name" : "Spectrum Protect Operations Center"
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name" : "IBM"
|
||||
"lang": "eng",
|
||||
"value": "IBM Spectrum Protect Operations Center 8.1.12 and 8.1.13 could allow a local attacker to obtain sensitive information, caused by plain text user account passwords potentially being stored in the browser's application command history. By accessing browser history, an attacker could exploit this vulnerability to obtain other user accounts' passwords. IBM X-Force ID: 226322."
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format" : "MITRE",
|
||||
"impact" : {
|
||||
"cvssv3" : {
|
||||
"BM" : {
|
||||
"SCORE" : "5.100",
|
||||
"AC" : "H",
|
||||
"A" : "N",
|
||||
"AV" : "L",
|
||||
"PR" : "N",
|
||||
"S" : "U",
|
||||
"C" : "H",
|
||||
"I" : "N",
|
||||
"UI" : "N"
|
||||
},
|
||||
"TM" : {
|
||||
"E" : "U",
|
||||
"RL" : "O",
|
||||
"RC" : "C"
|
||||
}
|
||||
}
|
||||
},
|
||||
"references" : {
|
||||
"reference_data" : [
|
||||
{
|
||||
"url" : "https://www.ibm.com/support/pages/node/6586314",
|
||||
"name" : "https://www.ibm.com/support/pages/node/6586314",
|
||||
"title" : "IBM Security Bulletin 6586314 (Spectrum Protect Operations Center)",
|
||||
"refsource" : "CONFIRM"
|
||||
},
|
||||
{
|
||||
"name" : "ibm-spectrum-cve202222484-info-disc (226322)",
|
||||
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/226322",
|
||||
"refsource" : "XF",
|
||||
"title" : "X-Force Vulnerability Report"
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_version" : "4.0"
|
||||
}
|
||||
]
|
||||
},
|
||||
"CVE_data_meta": {
|
||||
"DATE_PUBLIC": "2022-05-13T00:00:00",
|
||||
"STATE": "PUBLIC",
|
||||
"ASSIGNER": "psirt@us.ibm.com",
|
||||
"ID": "CVE-2022-22484"
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"value": "Obtain Information",
|
||||
"lang": "eng"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "8.1.13"
|
||||
},
|
||||
{
|
||||
"version_value": "8.1.12"
|
||||
}
|
||||
]
|
||||
},
|
||||
"product_name": "Spectrum Protect Operations Center"
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "IBM"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"impact": {
|
||||
"cvssv3": {
|
||||
"BM": {
|
||||
"SCORE": "5.100",
|
||||
"AC": "H",
|
||||
"A": "N",
|
||||
"AV": "L",
|
||||
"PR": "N",
|
||||
"S": "U",
|
||||
"C": "H",
|
||||
"I": "N",
|
||||
"UI": "N"
|
||||
},
|
||||
"TM": {
|
||||
"E": "U",
|
||||
"RL": "O",
|
||||
"RC": "C"
|
||||
}
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://www.ibm.com/support/pages/node/6586314",
|
||||
"name": "https://www.ibm.com/support/pages/node/6586314",
|
||||
"title": "IBM Security Bulletin 6586314 (Spectrum Protect Operations Center)",
|
||||
"refsource": "CONFIRM"
|
||||
},
|
||||
{
|
||||
"name": "ibm-spectrum-cve202222484-info-disc (226322)",
|
||||
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/226322",
|
||||
"refsource": "XF",
|
||||
"title": "X-Force Vulnerability Report"
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_version": "4.0"
|
||||
}
|
@ -45,7 +45,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root.\nThis issue affects:\nLinux Kernel\nversions prior to 5.18;\nversion 4.14 and later versions."
|
||||
"value": "Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -83,16 +83,18 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3db09e762dc79584a69c10d74a6b98f89a9979f8"
|
||||
"refsource": "MISC",
|
||||
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3db09e762dc79584a69c10d74a6b98f89a9979f8",
|
||||
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3db09e762dc79584a69c10d74a6b98f89a9979f8"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"url": "https://kernel.dance/#3db09e762dc79584a69c10d74a6b98f89a9979f8"
|
||||
"url": "https://kernel.dance/#3db09e762dc79584a69c10d74a6b98f89a9979f8",
|
||||
"name": "https://kernel.dance/#3db09e762dc79584a69c10d74a6b98f89a9979f8"
|
||||
}
|
||||
]
|
||||
},
|
||||
"source": {
|
||||
"discovery": "EXTERNAL"
|
||||
}
|
||||
}
|
||||
}
|
@ -1,17 +1,61 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-30067",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2022-30067",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a crafted XCF file, the program will allocate for a huge amount of memory, resulting in insufficient memory or program crash."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://gitlab.gnome.org/GNOME/gimp/-/issues/8120",
|
||||
"refsource": "MISC",
|
||||
"name": "https://gitlab.gnome.org/GNOME/gimp/-/issues/8120"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -1,17 +1,71 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-30072",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2022-30072",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "WBCE CMS 1.5.2 is vulnerable to Cross Site Scripting (XSS) via \\admin\\pages\\sections_save.php namesection2 parameters."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://github.com/APTX-4879/CVE",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/APTX-4879/CVE"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/WBCE/WBCE_CMS",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/WBCE/WBCE_CMS"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/APTX-4879/CVE/blob/main/CVE-2022-30072.pdf",
|
||||
"url": "https://github.com/APTX-4879/CVE/blob/main/CVE-2022-30072.pdf"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -65,6 +65,11 @@
|
||||
"name": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2116",
|
||||
"url": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2116",
|
||||
"refsource": "CONFIRM"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20220517 Multiple vulnerabilities in Jenkins plugins",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2022/05/17/8"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -61,6 +61,11 @@
|
||||
"name": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2478",
|
||||
"url": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2478",
|
||||
"refsource": "CONFIRM"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20220517 Multiple vulnerabilities in Jenkins plugins",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2022/05/17/8"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -57,6 +57,11 @@
|
||||
"name": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2478",
|
||||
"url": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2478",
|
||||
"refsource": "CONFIRM"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20220517 Multiple vulnerabilities in Jenkins plugins",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2022/05/17/8"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -61,6 +61,11 @@
|
||||
"name": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-714",
|
||||
"url": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-714",
|
||||
"refsource": "CONFIRM"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20220517 Multiple vulnerabilities in Jenkins plugins",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2022/05/17/8"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -61,6 +61,11 @@
|
||||
"name": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2502",
|
||||
"url": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2502",
|
||||
"refsource": "CONFIRM"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20220517 Multiple vulnerabilities in Jenkins plugins",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2022/05/17/8"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
Loading…
x
Reference in New Issue
Block a user