From a81fb294de7413f0b1244b4143eff672557d0c9e Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 6 Sep 2022 19:00:35 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2020/21xxx/CVE-2020-21516.json | 56 +++++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31789.json | 56 +++++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31791.json | 56 +++++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31792.json | 56 +++++++++++++++++++++++++++---- 2022/36xxx/CVE-2022-36670.json | 56 +++++++++++++++++++++++++++---- 2022/37xxx/CVE-2022-37771.json | 61 ++++++++++++++++++++++++++++++---- 2022/40xxx/CVE-2022-40138.json | 18 ++++++++++ 2022/40xxx/CVE-2022-40139.json | 18 ++++++++++ 2022/40xxx/CVE-2022-40140.json | 18 ++++++++++ 2022/40xxx/CVE-2022-40141.json | 18 ++++++++++ 2022/40xxx/CVE-2022-40142.json | 18 ++++++++++ 2022/40xxx/CVE-2022-40143.json | 18 ++++++++++ 2022/40xxx/CVE-2022-40144.json | 18 ++++++++++ 13 files changed, 431 insertions(+), 36 deletions(-) create mode 100644 2022/40xxx/CVE-2022-40138.json create mode 100644 2022/40xxx/CVE-2022-40139.json create mode 100644 2022/40xxx/CVE-2022-40140.json create mode 100644 2022/40xxx/CVE-2022-40141.json create mode 100644 2022/40xxx/CVE-2022-40142.json create mode 100644 2022/40xxx/CVE-2022-40143.json create mode 100644 2022/40xxx/CVE-2022-40144.json diff --git a/2020/21xxx/CVE-2020-21516.json b/2020/21xxx/CVE-2020-21516.json index 1927c5c6318..bc0377ad98a 100644 --- a/2020/21xxx/CVE-2020-21516.json +++ b/2020/21xxx/CVE-2020-21516.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-21516", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-21516", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "There is an arbitrary file upload vulnerability in FeehiCMS 2.0.8 at the head image upload, that allows attackers to execute relevant PHP code." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/liufee/cms/issues/46", + "refsource": "MISC", + "name": "https://github.com/liufee/cms/issues/46" } ] } diff --git a/2022/31xxx/CVE-2022-31789.json b/2022/31xxx/CVE-2022-31789.json index 75bd75d638a..2c9ce7d3d72 100644 --- a/2022/31xxx/CVE-2022-31789.json +++ b/2022/31xxx/CVE-2022-31789.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31789", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31789", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An integer overflow in WatchGuard Firebox and XTM appliances allows an unauthenticated remote attacker to trigger a buffer overflow and potentially execute arbitrary code by sending a malicious request to exposed management ports. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00015", + "url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00015" } ] } diff --git a/2022/31xxx/CVE-2022-31791.json b/2022/31xxx/CVE-2022-31791.json index d5c89df9064..d3dcb476989 100644 --- a/2022/31xxx/CVE-2022-31791.json +++ b/2022/31xxx/CVE-2022-31791.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31791", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31791", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "WatchGuard Firebox and XTM appliances allow a local attacker (that has already obtained shell access) to elevate their privileges and execute code with root permissions. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00018", + "url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00018" } ] } diff --git a/2022/31xxx/CVE-2022-31792.json b/2022/31xxx/CVE-2022-31792.json index 9110af49a64..813c1c146da 100644 --- a/2022/31xxx/CVE-2022-31792.json +++ b/2022/31xxx/CVE-2022-31792.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31792", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31792", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A stored cross-site scripting (XSS) vulnerability exists in the management web interface of WatchGuard Firebox and XTM appliances. A remote attacker can potentially execute arbitrary JavaScript code in the management web interface by sending crafted requests to exposed management ports. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00014", + "url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00014" } ] } diff --git a/2022/36xxx/CVE-2022-36670.json b/2022/36xxx/CVE-2022-36670.json index d2ed7c9efc4..f9ecef96608 100644 --- a/2022/36xxx/CVE-2022-36670.json +++ b/2022/36xxx/CVE-2022-36670.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-36670", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-36670", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "PCProtect Endpoint prior to v5.17.470 for Microsoft Windows lacks tamper protection, allowing authenticated attackers with Administrator privileges to modify processes within the application and escalate privileges to SYSTEM via a crafted executable." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://mrvar0x.com/2022/07/21/pcprotect-endpoint-tampering-exploit/", + "refsource": "MISC", + "name": "https://mrvar0x.com/2022/07/21/pcprotect-endpoint-tampering-exploit/" } ] } diff --git a/2022/37xxx/CVE-2022-37771.json b/2022/37xxx/CVE-2022-37771.json index ea0288e4bb2..4a115a14254 100644 --- a/2022/37xxx/CVE-2022-37771.json +++ b/2022/37xxx/CVE-2022-37771.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-37771", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-37771", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "IObit Malware Fighter v9.2 for Microsoft Windows lacks tamper protection, allowing authenticated attackers with Administrator privileges to modify processes within the application and escalate privileges to SYSTEM via a crafted executable." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://packetstormsecurity.com/files/167913/IObit-Malware-Fighter-9.2-Tampering-Privilege-Escalation.html", + "refsource": "MISC", + "name": "https://packetstormsecurity.com/files/167913/IObit-Malware-Fighter-9.2-Tampering-Privilege-Escalation.html" + }, + { + "url": "https://mrvar0x.com/2022/08/02/multiple-endpoints-security-tampering-exploit/", + "refsource": "MISC", + "name": "https://mrvar0x.com/2022/08/02/multiple-endpoints-security-tampering-exploit/" } ] } diff --git a/2022/40xxx/CVE-2022-40138.json b/2022/40xxx/CVE-2022-40138.json new file mode 100644 index 00000000000..61852add491 --- /dev/null +++ b/2022/40xxx/CVE-2022-40138.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-40138", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/40xxx/CVE-2022-40139.json b/2022/40xxx/CVE-2022-40139.json new file mode 100644 index 00000000000..3f502a0fb18 --- /dev/null +++ b/2022/40xxx/CVE-2022-40139.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-40139", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/40xxx/CVE-2022-40140.json b/2022/40xxx/CVE-2022-40140.json new file mode 100644 index 00000000000..f196eb0a6e4 --- /dev/null +++ b/2022/40xxx/CVE-2022-40140.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-40140", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/40xxx/CVE-2022-40141.json b/2022/40xxx/CVE-2022-40141.json new file mode 100644 index 00000000000..2b464befdc4 --- /dev/null +++ b/2022/40xxx/CVE-2022-40141.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-40141", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/40xxx/CVE-2022-40142.json b/2022/40xxx/CVE-2022-40142.json new file mode 100644 index 00000000000..603b8b53675 --- /dev/null +++ b/2022/40xxx/CVE-2022-40142.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-40142", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/40xxx/CVE-2022-40143.json b/2022/40xxx/CVE-2022-40143.json new file mode 100644 index 00000000000..e8a2b421985 --- /dev/null +++ b/2022/40xxx/CVE-2022-40143.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-40143", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/40xxx/CVE-2022-40144.json b/2022/40xxx/CVE-2022-40144.json new file mode 100644 index 00000000000..3d49cb924a7 --- /dev/null +++ b/2022/40xxx/CVE-2022-40144.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-40144", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file