admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-21 05:40:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-09-13 21:00:37 +00:00
parent 07fc2bfc5f
commit a168ccf69e
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
53 changed files with 1875 additions and 751 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2021/22xxx/CVE-2021-22910.json
View File

@ -48,6 +48,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://hackerone.com/reports/1130874", "name": "https://hackerone.com/reports/1130874",
"url": "https://hackerone.com/reports/1130874" "url": "https://hackerone.com/reports/1130874"
},
{
"refsource": "MISC",
"name": "https://blog.sonarsource.com/nosql-injections-in-rocket-chat/",
"url": "https://blog.sonarsource.com/nosql-injections-in-rocket-chat/"
} }
] ]
}, },

5
2021/43xxx/CVE-2021-43786.json
View File

@ -83,6 +83,11 @@
"name": "https://github.com/NodeBB/NodeBB/commit/04dab1d550cdebf4c1567bca9a51f8b9ca48a500", "name": "https://github.com/NodeBB/NodeBB/commit/04dab1d550cdebf4c1567bca9a51f8b9ca48a500",
"refsource": "MISC", "refsource": "MISC",
"url": "https://github.com/NodeBB/NodeBB/commit/04dab1d550cdebf4c1567bca9a51f8b9ca48a500" "url": "https://github.com/NodeBB/NodeBB/commit/04dab1d550cdebf4c1567bca9a51f8b9ca48a500"
},
{
"refsource": "MISC",
"name": "https://blog.sonarsource.com/nodebb-remote-code-execution-with-one-shot/",
"url": "https://blog.sonarsource.com/nodebb-remote-code-execution-with-one-shot/"
} }
] ]
}, },

5
2021/43xxx/CVE-2021-43788.json
View File

@ -83,6 +83,11 @@
"name": "https://github.com/NodeBB/NodeBB/commit/c8b2fc46dc698db687379106b3f01c71b80f495f", "name": "https://github.com/NodeBB/NodeBB/commit/c8b2fc46dc698db687379106b3f01c71b80f495f",
"refsource": "MISC", "refsource": "MISC",
"url": "https://github.com/NodeBB/NodeBB/commit/c8b2fc46dc698db687379106b3f01c71b80f495f" "url": "https://github.com/NodeBB/NodeBB/commit/c8b2fc46dc698db687379106b3f01c71b80f495f"
},
{
"refsource": "MISC",
"name": "https://blog.sonarsource.com/nodebb-remote-code-execution-with-one-shot/",
"url": "https://blog.sonarsource.com/nodebb-remote-code-execution-with-one-shot/"
} }
] ]
}, },

5
2022/1xxx/CVE-2022-1040.json
View File

@ -78,6 +78,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "http://packetstormsecurity.com/files/168046/Sophos-XG115w-Firewall-17.0.10-MR-10-Authentication-Bypass.html", "name": "http://packetstormsecurity.com/files/168046/Sophos-XG115w-Firewall-17.0.10-MR-10-Authentication-Bypass.html",
"url": "http://packetstormsecurity.com/files/168046/Sophos-XG115w-Firewall-17.0.10-MR-10-Authentication-Bypass.html" "url": "http://packetstormsecurity.com/files/168046/Sophos-XG115w-Firewall-17.0.10-MR-10-Authentication-Bypass.html"
},
{
"refsource": "MISC",
"name": "https://www.exploit-db.com/exploits/51006",
"url": "https://www.exploit-db.com/exploits/51006"
} }
] ]
} }

174
2022/22xxx/CVE-2022-22329.json
View File

@ -1,90 +1,90 @@
{ {
"data_type" : "CVE", "data_type": "CVE",
"CVE_data_meta" : { "CVE_data_meta": {
"STATE" : "PUBLIC", "STATE": "PUBLIC",
"ID" : "CVE-2022-22329", "ID": "CVE-2022-22329",
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC" : "2022-09-12T00:00:00" "DATE_PUBLIC": "2022-09-12T00:00:00"
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{
"url" : "https://www.ibm.com/support/pages/node/6619739",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6619739",
"title" : "IBM Security Bulletin 6619739 (Control Desk)"
},
{
"title" : "X-Force Vulnerability Report",
"name" : "ibm-controldesk-cve202222329-info-disc (219124)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/219124"
}
]
},
"description" : {
"description_data" : [
{
"value" : "IBM Control Desk 7.6.1 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 219124.",
"lang" : "eng"
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"SCORE" : "4.300",
"C" : "L",
"I" : "N",
"S" : "U",
"PR" : "N",
"AC" : "L",
"AV" : "N",
"UI" : "R"
},
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{ {
"product" : { "url": "https://www.ibm.com/support/pages/node/6619739",
"product_data" : [ "refsource": "CONFIRM",
{ "name": "https://www.ibm.com/support/pages/node/6619739",
"version" : { "title": "IBM Security Bulletin 6619739 (Control Desk)"
"version_data" : [ },
{ {
"version_value" : "7.6.1" "title": "X-Force Vulnerability Report",
} "name": "ibm-controldesk-cve202222329-info-disc (219124)",
] "refsource": "XF",
}, "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/219124"
"product_name" : "Control Desk"
}
]
},
"vendor_name" : "IBM"
} }
] ]
} },
}, "description": {
"data_format" : "MITRE", "description_data": [
"data_version" : "4.0" {
} "value": "IBM Control Desk 7.6.1 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 219124.",
"lang": "eng"
}
]
},
"impact": {
"cvssv3": {
"BM": {
"A": "N",
"SCORE": "4.300",
"C": "L",
"I": "N",
"S": "U",
"PR": "N",
"AC": "L",
"AV": "N",
"UI": "R"
},
"TM": {
"RL": "O",
"RC": "C",
"E": "U"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "7.6.1"
}
]
},
"product_name": "Control Desk"
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_version": "4.0"
}

174
2022/22xxx/CVE-2022-22330.json
View File

@ -1,90 +1,90 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"DATE_PUBLIC" : "2022-09-12T00:00:00", "DATE_PUBLIC": "2022-09-12T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2022-22330", "ID": "CVE-2022-22330",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"data_type" : "CVE", "data_type": "CVE",
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"AV" : "N",
"UI" : "N",
"S" : "U",
"AC" : "H",
"PR" : "N",
"SCORE" : "3.700",
"C" : "L",
"A" : "N",
"I" : "N"
},
"TM" : {
"RC" : "C",
"E" : "U",
"RL" : "O"
}
}
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Control Desk 7.6.1 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie. IBM X-Force ID: 219126."
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/pages/node/6619739",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6619739 (Control Desk)",
"name" : "https://www.ibm.com/support/pages/node/6619739"
},
{
"name" : "ibm-controldesk-cve202222330-info-disc (219126)",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/219126",
"refsource" : "XF"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{ {
"product" : { "description": [
"product_data" : [ {
{ "lang": "eng",
"version" : { "value": "Obtain Information"
"version_data" : [ }
{ ]
"version_value" : "7.6.1"
}
]
},
"product_name" : "Control Desk"
}
]
},
"vendor_name" : "IBM"
} }
] ]
} },
}, "impact": {
"data_format" : "MITRE", "cvssv3": {
"data_version" : "4.0" "BM": {
} "AV": "N",
"UI": "N",
"S": "U",
"AC": "H",
"PR": "N",
"SCORE": "3.700",
"C": "L",
"A": "N",
"I": "N"
},
"TM": {
"RC": "C",
"E": "U",
"RL": "O"
}
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Control Desk 7.6.1 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie. IBM X-Force ID: 219126."
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.ibm.com/support/pages/node/6619739",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 6619739 (Control Desk)",
"name": "https://www.ibm.com/support/pages/node/6619739"
},
{
"name": "ibm-controldesk-cve202222330-info-disc (219126)",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/219126",
"refsource": "XF"
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "7.6.1"
}
]
},
"product_name": "Control Desk"
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_version": "4.0"
}

200
2022/22xxx/CVE-2022-22483.json
View File

@ -1,102 +1,102 @@
{ {
"data_format" : "MITRE", "data_format": "MITRE",
"data_version" : "4.0", "data_version": "4.0",
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "10.5" "version_value": "10.5"
}, },
{ {
"version_value" : "10.1" "version_value": "10.1"
}, },
{ {
"version_value" : "9.7" "version_value": "9.7"
}, },
{ {
"version_value" : "11.1" "version_value": "11.1"
}, },
{ {
"version_value" : "11.5" "version_value": "11.5"
} }
] ]
}, },
"product_name" : "DB2 for Linux, UNIX and Windows" "product_name": "DB2 for Linux, UNIX and Windows"
} }
] ]
}, },
"vendor_name" : "IBM" "vendor_name": "IBM"
} }
]
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
] ]
} }
] },
}, "problemtype": {
"impact" : { "problemtype_data": [
"cvssv3" : { {
"BM" : { "description": [
"UI" : "N", {
"AV" : "N", "lang": "eng",
"PR" : "L", "value": "Obtain Information"
"S" : "U", }
"AC" : "L", ]
"SCORE" : "6.500", }
"C" : "H", ]
"A" : "N", },
"I" : "N" "impact": {
}, "cvssv3": {
"TM" : { "BM": {
"RL" : "O", "UI": "N",
"E" : "U", "AV": "N",
"RC" : "C" "PR": "L",
} "S": "U",
} "AC": "L",
}, "SCORE": "6.500",
"description" : { "C": "H",
"description_data" : [ "A": "N",
{ "I": "N"
"lang" : "eng", },
"value" : "IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to an information disclosure in some scenarios due to unauthorized access caused by improper privilege management when CREATE OR REPLACE command is used. IBM X-Force ID: 225979." "TM": {
} "RL": "O",
] "E": "U",
}, "RC": "C"
"references" : { }
"reference_data" : [ }
{ },
"url" : "https://www.ibm.com/support/pages/node/6618779", "description": {
"refsource" : "CONFIRM", "description_data": [
"name" : "https://www.ibm.com/support/pages/node/6618779", {
"title" : "IBM Security Bulletin 6618779 (DB2 for Linux, UNIX and Windows)" "lang": "eng",
}, "value": "IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to an information disclosure in some scenarios due to unauthorized access caused by improper privilege management when CREATE OR REPLACE command is used. IBM X-Force ID: 225979."
{ }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/225979", ]
"refsource" : "XF", },
"name" : "ibm-db2-cve202222483-info-disc (225979)", "references": {
"title" : "X-Force Vulnerability Report" "reference_data": [
} {
] "url": "https://www.ibm.com/support/pages/node/6618779",
}, "refsource": "CONFIRM",
"CVE_data_meta" : { "name": "https://www.ibm.com/support/pages/node/6618779",
"ID" : "CVE-2022-22483", "title": "IBM Security Bulletin 6618779 (DB2 for Linux, UNIX and Windows)"
"STATE" : "PUBLIC", },
"DATE_PUBLIC" : "2022-09-12T00:00:00", {
"ASSIGNER" : "psirt@us.ibm.com" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/225979",
}, "refsource": "XF",
"data_type" : "CVE" "name": "ibm-db2-cve202222483-info-disc (225979)",
} "title": "X-Force Vulnerability Report"
}
]
},
"CVE_data_meta": {
"ID": "CVE-2022-22483",
"STATE": "PUBLIC",
"DATE_PUBLIC": "2022-09-12T00:00:00",
"ASSIGNER": "psirt@us.ibm.com"
},
"data_type": "CVE"
}

194
2022/34xxx/CVE-2022-34336.json
View File

@ -1,99 +1,99 @@
{ {
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "7.0" "version_value": "7.0"
}, },
{ {
"version_value" : "8.0" "version_value": "8.0"
}, },
{ {
"version_value" : "8.5" "version_value": "8.5"
}, },
{ {
"version_value" : "9.0" "version_value": "9.0"
} }
] ]
}, },
"product_name" : "WebSphere Application Server" "product_name": "WebSphere Application Server"
} }
] ]
}, },
"vendor_name" : "IBM" "vendor_name": "IBM"
} }
]
}
},
"data_format" : "MITRE",
"data_version" : "4.0",
"data_type" : "CVE",
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"ID" : "CVE-2022-34336",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2022-09-12T00:00:00"
},
"impact" : {
"cvssv3" : {
"BM" : {
"PR" : "L",
"S" : "C",
"AC" : "L",
"UI" : "R",
"AV" : "N",
"A" : "N",
"C" : "L",
"SCORE" : "5.400",
"I" : "L"
},
"TM" : {
"RL" : "O",
"E" : "H",
"RC" : "C"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_version": "4.0",
"reference_data" : [ "data_type": "CVE",
{ "CVE_data_meta": {
"title" : "IBM Security Bulletin 6619699 (WebSphere Application Server)", "STATE": "PUBLIC",
"name" : "https://www.ibm.com/support/pages/node/6619699", "ID": "CVE-2022-34336",
"refsource" : "CONFIRM", "ASSIGNER": "psirt@us.ibm.com",
"url" : "https://www.ibm.com/support/pages/node/6619699" "DATE_PUBLIC": "2022-09-12T00:00:00"
}, },
{ "impact": {
"name" : "ibm-websphere-cve202234336-xss (229714)", "cvssv3": {
"title" : "X-Force Vulnerability Report", "BM": {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/229714", "PR": "L",
"refsource" : "XF" "S": "C",
} "AC": "L",
] "UI": "R",
}, "AV": "N",
"description" : { "A": "N",
"description_data" : [ "C": "L",
{ "SCORE": "5.400",
"value" : "IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 229714.", "I": "L"
"lang" : "eng" },
} "TM": {
] "RL": "O",
} "E": "H",
} "RC": "C"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"title": "IBM Security Bulletin 6619699 (WebSphere Application Server)",
"name": "https://www.ibm.com/support/pages/node/6619699",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/pages/node/6619699"
},
{
"name": "ibm-websphere-cve202234336-xss (229714)",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/229714",
"refsource": "XF"
}
]
},
"description": {
"description_data": [
{
"value": "IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 229714.",
"lang": "eng"
}
]
}
}

208
2022/34xxx/CVE-2022-34356.json
View File

@ -1,106 +1,106 @@
{ {
"data_format" : "MITRE", "data_format": "MITRE",
"data_version" : "4.0", "data_version": "4.0",
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "3.1" "version_value": "3.1"
} }
] ]
}, },
"product_name" : "VIOS " "product_name": "VIOS "
}, },
{ {
"product_name" : "AIX", "product_name": "AIX",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "7.1" "version_value": "7.1"
}, },
{ {
"version_value" : "7.2" "version_value": "7.2"
}, },
{ {
"version_value" : "7.3" "version_value": "7.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM" "vendor_name": "IBM"
} }
]
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Privileges"
}
] ]
} }
] },
}, "problemtype": {
"impact" : { "problemtype_data": [
"cvssv3" : { {
"TM" : { "description": [
"E" : "U", {
"RC" : "C", "lang": "eng",
"RL" : "O" "value": "Gain Privileges"
}, }
"BM" : { ]
"C" : "H", }
"SCORE" : "8.400", ]
"A" : "H", },
"I" : "H", "impact": {
"AV" : "L", "cvssv3": {
"UI" : "N", "TM": {
"AC" : "L", "E": "U",
"S" : "U", "RC": "C",
"PR" : "N" "RL": "O"
} },
} "BM": {
}, "C": "H",
"description" : { "SCORE": "8.400",
"description_data" : [ "A": "H",
{ "I": "H",
"value" : "IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to obtain root privileges. IBM X-Force ID: 230502.", "AV": "L",
"lang" : "eng" "UI": "N",
} "AC": "L",
] "S": "U",
}, "PR": "N"
"references" : { }
"reference_data" : [ }
{ },
"name" : "https://www.ibm.com/support/pages/node/6619721", "description": {
"title" : "IBM Security Bulletin 6619721 (AIX)", "description_data": [
"url" : "https://www.ibm.com/support/pages/node/6619721", {
"refsource" : "CONFIRM" "value": "IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to obtain root privileges. IBM X-Force ID: 230502.",
}, "lang": "eng"
{ }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/230502", ]
"refsource" : "XF", },
"title" : "X-Force Vulnerability Report", "references": {
"name" : "ibm-aix-cve202234356-priv-escalation (230502)" "reference_data": [
} {
] "name": "https://www.ibm.com/support/pages/node/6619721",
}, "title": "IBM Security Bulletin 6619721 (AIX)",
"CVE_data_meta" : { "url": "https://www.ibm.com/support/pages/node/6619721",
"DATE_PUBLIC" : "2022-09-12T00:00:00", "refsource": "CONFIRM"
"ASSIGNER" : "psirt@us.ibm.com", },
"ID" : "CVE-2022-34356", {
"STATE" : "PUBLIC" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/230502",
}, "refsource": "XF",
"data_type" : "CVE" "title": "X-Force Vulnerability Report",
} "name": "ibm-aix-cve202234356-priv-escalation (230502)"
}
]
},
"CVE_data_meta": {
"DATE_PUBLIC": "2022-09-12T00:00:00",
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2022-34356",
"STATE": "PUBLIC"
},
"data_type": "CVE"
}

188
2022/35xxx/CVE-2022-35637.json
View File

@ -1,96 +1,96 @@
{ {
"data_version" : "4.0", "data_version": "4.0",
"data_format" : "MITRE", "data_format": "MITRE",
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "10.5" "version_value": "10.5"
}, },
{ {
"version_value" : "11.1" "version_value": "11.1"
}, },
{ {
"version_value" : "11.5" "version_value": "11.5"
} }
] ]
}, },
"product_name" : "DB2 for Linux, UNIX and Windows" "product_name": "DB2 for Linux, UNIX and Windows"
} }
] ]
}, },
"vendor_name" : "IBM" "vendor_name": "IBM"
} }
]
}
},
"impact" : {
"cvssv3" : {
"BM" : {
"C" : "N",
"SCORE" : "6.500",
"A" : "H",
"I" : "N",
"AV" : "N",
"UI" : "N",
"S" : "U",
"PR" : "L",
"AC" : "L"
},
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Denial of Service",
"lang" : "eng"
}
] ]
} }
] },
}, "impact": {
"references" : { "cvssv3": {
"reference_data" : [ "BM": {
{ "C": "N",
"url" : "https://www.ibm.com/support/pages/node/6618775", "SCORE": "6.500",
"refsource" : "CONFIRM", "A": "H",
"name" : "https://www.ibm.com/support/pages/node/6618775", "I": "N",
"title" : "IBM Security Bulletin 6618775 (DB2 for Linux, UNIX and Windows)" "AV": "N",
}, "UI": "N",
{ "S": "U",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/230823", "PR": "L",
"refsource" : "XF", "AC": "L"
"title" : "X-Force Vulnerability Report", },
"name" : "ibm-db2-cve202235637-dos (230823)" "TM": {
} "RL": "O",
] "RC": "C",
}, "E": "U"
"description" : { }
"description_data" : [ }
{ },
"lang" : "eng", "problemtype": {
"value" : "IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a denial of service after entering a malformed SQL statement into the Db2expln tool. IBM X-Force ID: 230823." "problemtype_data": [
} {
] "description": [
}, {
"data_type" : "CVE", "value": "Denial of Service",
"CVE_data_meta" : { "lang": "eng"
"DATE_PUBLIC" : "2022-09-12T00:00:00", }
"ASSIGNER" : "psirt@us.ibm.com", ]
"ID" : "CVE-2022-35637", }
"STATE" : "PUBLIC" ]
} },
} "references": {
"reference_data": [
{
"url": "https://www.ibm.com/support/pages/node/6618775",
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/pages/node/6618775",
"title": "IBM Security Bulletin 6618775 (DB2 for Linux, UNIX and Windows)"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/230823",
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"name": "ibm-db2-cve202235637-dos (230823)"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a denial of service after entering a malformed SQL statement into the Db2expln tool. IBM X-Force ID: 230823."
}
]
},
"data_type": "CVE",
"CVE_data_meta": {
"DATE_PUBLIC": "2022-09-12T00:00:00",
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2022-35637",
"STATE": "PUBLIC"
}
}

208
2022/36xxx/CVE-2022-36768.json
View File

@ -1,106 +1,106 @@
{ {
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"vendor_name" : "IBM", "vendor_name": "IBM",
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "AIX", "product_name": "AIX",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "7.1" "version_value": "7.1"
}, },
{ {
"version_value" : "7.2" "version_value": "7.2"
}, },
{ {
"version_value" : "7.3" "version_value": "7.3"
} }
] ]
} }
}, },
{ {
"product_name" : "VIOS ", "product_name": "VIOS ",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "3.1" "version_value": "3.1"
} }
] ]
} }
} }
] ]
} }
} }
]
}
},
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"ID" : "CVE-2022-36768",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2022-09-12T00:00:00"
},
"data_type" : "CVE",
"description" : {
"description_data" : [
{
"value" : "IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the invscout command to obtain root privileges. IBM X-Force ID: 232014.",
"lang" : "eng"
}
]
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6619725 (AIX)",
"name" : "https://www.ibm.com/support/pages/node/6619725",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/6619725"
},
{
"name" : "ibm-aix-cve202236768-priv-escalation (232014)",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/232014"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Gain Privileges",
"lang" : "eng"
}
] ]
} }
] },
}, "data_format": "MITRE",
"impact" : { "data_version": "4.0",
"cvssv3" : { "CVE_data_meta": {
"BM" : { "STATE": "PUBLIC",
"A" : "H", "ID": "CVE-2022-36768",
"SCORE" : "8.400", "ASSIGNER": "psirt@us.ibm.com",
"C" : "H", "DATE_PUBLIC": "2022-09-12T00:00:00"
"I" : "H", },
"AC" : "L", "data_type": "CVE",
"S" : "U", "description": {
"PR" : "N", "description_data": [
"UI" : "N", {
"AV" : "L" "value": "IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the invscout command to obtain root privileges. IBM X-Force ID: 232014.",
}, "lang": "eng"
"TM" : { }
"RL" : "O", ]
"E" : "U", },
"RC" : "C" "references": {
} "reference_data": [
} {
} "title": "IBM Security Bulletin 6619725 (AIX)",
} "name": "https://www.ibm.com/support/pages/node/6619725",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/pages/node/6619725"
},
{
"name": "ibm-aix-cve202236768-priv-escalation (232014)",
"title": "X-Force Vulnerability Report",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/232014"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Gain Privileges",
"lang": "eng"
}
]
}
]
},
"impact": {
"cvssv3": {
"BM": {
"A": "H",
"SCORE": "8.400",
"C": "H",
"I": "H",
"AC": "L",
"S": "U",
"PR": "N",
"UI": "N",
"AV": "L"
},
"TM": {
"RL": "O",
"E": "U",
"RC": "C"
}
}
}
}

56
2022/38xxx/CVE-2022-38306.json
View File

@ -1,17 +1,61 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-38306",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2022-38306",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "LIEF commit 5d1d643 was discovered to contain a heap-buffer overflow in the component /core/CorePrPsInfo.tcc."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/lief-project/LIEF/issues/763",
"refsource": "MISC",
"name": "https://github.com/lief-project/LIEF/issues/763"
} }
] ]
} }

56
2022/38xxx/CVE-2022-38307.json
View File

@ -1,17 +1,61 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-38307",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2022-38307",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "LIEF commit 5d1d643 was discovered to contain a segmentation violation via the function LIEF::MachO::SegmentCommand::file_offset() at /MachO/SegmentCommand.cpp."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/lief-project/LIEF/issues/764",
"refsource": "MISC",
"name": "https://github.com/lief-project/LIEF/issues/764"
} }
] ]
} }

61
2022/38xxx/CVE-2022-38329.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-38329",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2022-38329",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An issue was discovered in Shopxian CMS 3.0.0. There is a CSRF vulnerability that can delete the specified column via index.php/contents-admin_cat-finderdel-model-ContentsCat.html?id=17."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/zhangqiquan/shopxian_cms/issues/4",
"refsource": "MISC",
"name": "https://github.com/zhangqiquan/shopxian_cms/issues/4"
},
{
"refsource": "MISC",
"name": "https://github.com/albert5888/CVE-Issues/blob/main/CVE-2022-38329/file.md",
"url": "https://github.com/albert5888/CVE-Issues/blob/main/CVE-2022-38329/file.md"
} }
] ]
} }

56
2022/38xxx/CVE-2022-38495.json
View File

@ -1,17 +1,61 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-38495",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2022-38495",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "LIEF commit 365a16a was discovered to contain a heap-buffer overflow via the function print_binary at /c/macho_reader.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/lief-project/LIEF/issues/767",
"refsource": "MISC",
"name": "https://github.com/lief-project/LIEF/issues/767"
} }
] ]
} }

56
2022/38xxx/CVE-2022-38496.json
View File

@ -1,17 +1,61 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-38496",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2022-38496",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "LIEF commit 365a16a was discovered to contain a reachable assertion abort via the component BinaryStream.hpp."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/lief-project/LIEF/issues/765",
"refsource": "MISC",
"name": "https://github.com/lief-project/LIEF/issues/765"
} }
] ]
} }

56
2022/38xxx/CVE-2022-38497.json
View File

@ -1,17 +1,61 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-38497",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2022-38497",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "LIEF commit 365a16a was discovered to contain a segmentation violation via the component CoreFile.tcc:69."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/lief-project/LIEF/issues/766",
"refsource": "MISC",
"name": "https://github.com/lief-project/LIEF/issues/766"
} }
] ]
} }

61
2022/38xxx/CVE-2022-38637.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-38637",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2022-38637",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Hospital Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities via the Username and Password parameters on the Login page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://owasp.org/www-community/attacks/SQL_Injection",
"refsource": "MISC",
"name": "https://owasp.org/www-community/attacks/SQL_Injection"
},
{
"url": "https://www.youtube.com/watch?v=m8nW0p69UHU",
"refsource": "MISC",
"name": "https://www.youtube.com/watch?v=m8nW0p69UHU"
} }
] ]
} }

56
2022/39xxx/CVE-2022-39814.json
View File

@ -1,17 +1,61 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-39814",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2022-39814",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "In NOKIA 1350 OMS R14.2, an Open Redirect vulnerability occurs is the login page via next HTTP GET parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.gruppotim.it/it/footer/red-team.html",
"refsource": "MISC",
"name": "https://www.gruppotim.it/it/footer/red-team.html"
} }
] ]
} }

56
2022/39xxx/CVE-2022-39815.json
View File

@ -1,17 +1,61 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-39815",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2022-39815",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "In NOKIA 1350 OMS R14.2, multiple OS Command Injection vulnerabilities occur in /CGI-BIN/OTNE_1-14/runBatch.cgi via the file HTTP POST parameter, /CGI-BIN/OTNE_1-14/getRadioTLs.cgi via the context HTTP POST parameter, /CGI-BIN/OTNE_1-14/runRouteReport.cgi via the file HTTP POST parameter or /CGI-BIN/RemoteCommandManager.cgi via the command HTTP POST parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.gruppotim.it/it/footer/red-team.html",
"refsource": "MISC",
"name": "https://www.gruppotim.it/it/footer/red-team.html"
} }
] ]
} }

56
2022/39xxx/CVE-2022-39816.json
View File

@ -1,17 +1,61 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-39816",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2022-39816",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "In NOKIA 1350 OMS R14.2, Insufficiently Protected Credentials (cleartext password) occur in /cgi-bin/R14.2/cgi-bin/R14.2/host.pl on the edit configuration page. Exploitation requires an authenticated attacker."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.gruppotim.it/it/footer/red-team.html",
"refsource": "MISC",
"name": "https://www.gruppotim.it/it/footer/red-team.html"
} }
] ]
} }

56
2022/39xxx/CVE-2022-39817.json
View File

@ -1,17 +1,61 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-39817",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2022-39817",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "In NOKIA 1350 OMS R14.2, multiple SQL Injection vulnerabilities occur in /cgi-bin/R14.2/easy1350.pl via the id or host HTTP GET parameter, or /cgi-bin/R14.2/cgi-bin/R14.2/host.pl via the host HTTP GET parameter. Exploitation requires an authenticated attacker."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.gruppotim.it/it/footer/red-team.html",
"refsource": "MISC",
"name": "https://www.gruppotim.it/it/footer/red-team.html"
} }
] ]
} }

56
2022/39xxx/CVE-2022-39819.json
View File

@ -1,17 +1,61 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-39819",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2022-39819",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "In NOKIA 1350 OMS R14.2, multiple OS Command Injection vulnerabilities occur in /cgi-bin/R14.2/log.pl via the cmd HTTP GET parameter and /cgi-bin/R14.2/checkping.pl via the addr HTTP GET parameter. This allows authenticated users to execute commands on the operating system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.gruppotim.it/it/footer/red-team.html",
"refsource": "MISC",
"name": "https://www.gruppotim.it/it/footer/red-team.html"
} }
] ]
} }

56
2022/39xxx/CVE-2022-39821.json
View File

@ -1,17 +1,61 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-39821",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2022-39821",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "In NOKIA 1350 OMS R14.2, an Insertion of Sensitive Information into an Application Log File vulnerability occurs under /usr/Systems/OTNE_1_14_Master/maintenance/trace/web/.otn.default.log. The web application stores critical information, such as cleartext user credentials, in world-readable files in the filesystem."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.gruppotim.it/it/footer/red-team.html",
"refsource": "MISC",
"name": "https://www.gruppotim.it/it/footer/red-team.html"
} }
] ]
} }

18
2022/40xxx/CVE-2022-40636.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40636",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/40xxx/CVE-2022-40637.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40637",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/40xxx/CVE-2022-40638.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40638",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/40xxx/CVE-2022-40639.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40639",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/40xxx/CVE-2022-40640.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40640",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/40xxx/CVE-2022-40641.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40641",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/40xxx/CVE-2022-40642.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40642",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/40xxx/CVE-2022-40643.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40643",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/40xxx/CVE-2022-40644.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40644",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/40xxx/CVE-2022-40645.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40645",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/40xxx/CVE-2022-40646.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40646",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/40xxx/CVE-2022-40647.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40647",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/40xxx/CVE-2022-40648.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40648",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/40xxx/CVE-2022-40649.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40649",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/40xxx/CVE-2022-40650.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40650",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/40xxx/CVE-2022-40651.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40651",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/40xxx/CVE-2022-40652.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40652",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/40xxx/CVE-2022-40653.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40653",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/40xxx/CVE-2022-40654.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40654",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/40xxx/CVE-2022-40655.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40655",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/40xxx/CVE-2022-40656.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40656",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/40xxx/CVE-2022-40657.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40657",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/40xxx/CVE-2022-40658.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40658",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/40xxx/CVE-2022-40659.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40659",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/40xxx/CVE-2022-40660.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40660",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/40xxx/CVE-2022-40661.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40661",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/40xxx/CVE-2022-40662.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40662",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/40xxx/CVE-2022-40663.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40663",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/40xxx/CVE-2022-40664.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40664",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}