diff --git a/2020/10xxx/CVE-2020-10735.json b/2020/10xxx/CVE-2020-10735.json index c6355d6d802..4605135e2b8 100644 --- a/2020/10xxx/CVE-2020-10735.json +++ b/2020/10xxx/CVE-2020-10735.json @@ -88,6 +88,26 @@ "refsource": "FEDORA", "name": "FEDORA-2022-f330bbfda2", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XL6E5A3I36TRR73VNBOXNIQP4AMZDFZ/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-29d436596f", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/32AAQKABEKFCB5DDV5OONRZK6BS23HPW/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-b01214472e", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U4ZZV4CDFRMTPDBI7C5L43RFL3XLIGUY/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-dd5032bedf", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZYJSGLSCQOKXXFVJVJQAXLEOJBIWGEL/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-8535093cba", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT5WQB7Z3CXOWVBD2AFAHYPA5ONYFFZ4/" } ] }, diff --git a/2021/46xxx/CVE-2021-46838.json b/2021/46xxx/CVE-2021-46838.json new file mode 100644 index 00000000000..edb844bff86 --- /dev/null +++ b/2021/46xxx/CVE-2021-46838.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-46838", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/2xxx/CVE-2022-2845.json b/2022/2xxx/CVE-2022-2845.json index 3f6a7d669d4..f479238481d 100644 --- a/2022/2xxx/CVE-2022-2845.json +++ b/2022/2xxx/CVE-2022-2845.json @@ -84,6 +84,11 @@ "refsource": "FEDORA", "name": "FEDORA-2022-3b33d04743", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C72HDIMR3KTTAO7QGTXWUMPBNFUFIBRD/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-b9edf60581", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XWOJOA7PZZAMBI5GFTL6PWHXMWSDLUXL/" } ] }, diff --git a/2022/2xxx/CVE-2022-2849.json b/2022/2xxx/CVE-2022-2849.json index 0e2d8f224ae..8cd9e6e4cd2 100644 --- a/2022/2xxx/CVE-2022-2849.json +++ b/2022/2xxx/CVE-2022-2849.json @@ -1,89 +1,94 @@ { - "CVE_data_meta": { - "ASSIGNER": "security@huntr.dev", - "ID": "CVE-2022-2849", - "STATE": "PUBLIC", - "TITLE": "Heap-based Buffer Overflow in vim/vim" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "vim/vim", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_value": "9.0.0220" - } - ] + "CVE_data_meta": { + "ASSIGNER": "security@huntr.dev", + "ID": "CVE-2022-2849", + "STATE": "PUBLIC", + "TITLE": "Heap-based Buffer Overflow in vim/vim" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "vim/vim", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "9.0.0220" + } + ] + } + } + ] + }, + "vendor_name": "vim" } - } ] - }, - "vendor_name": "vim" } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0220." - } - ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", - "version": "3.0" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-122 Heap-based Buffer Overflow" - } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0220." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://huntr.dev/bounties/389aeccd-deb9-49ae-9b6a-24c12d79b02e", - "refsource": "CONFIRM", - "url": "https://huntr.dev/bounties/389aeccd-deb9-49ae-9b6a-24c12d79b02e" - }, - { - "name": "https://github.com/vim/vim/commit/f6d39c31d2177549a986d170e192d8351bd571e2", - "refsource": "MISC", - "url": "https://github.com/vim/vim/commit/f6d39c31d2177549a986d170e192d8351bd571e2" - } - ] - }, - "source": { - "advisory": "389aeccd-deb9-49ae-9b6a-24c12d79b02e", - "discovery": "EXTERNAL" - } + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-122 Heap-based Buffer Overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://huntr.dev/bounties/389aeccd-deb9-49ae-9b6a-24c12d79b02e", + "refsource": "CONFIRM", + "url": "https://huntr.dev/bounties/389aeccd-deb9-49ae-9b6a-24c12d79b02e" + }, + { + "name": "https://github.com/vim/vim/commit/f6d39c31d2177549a986d170e192d8351bd571e2", + "refsource": "MISC", + "url": "https://github.com/vim/vim/commit/f6d39c31d2177549a986d170e192d8351bd571e2" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-b9edf60581", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XWOJOA7PZZAMBI5GFTL6PWHXMWSDLUXL/" + } + ] + }, + "source": { + "advisory": "389aeccd-deb9-49ae-9b6a-24c12d79b02e", + "discovery": "EXTERNAL" + } } \ No newline at end of file diff --git a/2022/2xxx/CVE-2022-2862.json b/2022/2xxx/CVE-2022-2862.json index 3a8b39782ae..08e800d2e3e 100644 --- a/2022/2xxx/CVE-2022-2862.json +++ b/2022/2xxx/CVE-2022-2862.json @@ -1,89 +1,94 @@ { - "CVE_data_meta": { - "ASSIGNER": "security@huntr.dev", - "ID": "CVE-2022-2862", - "STATE": "PUBLIC", - "TITLE": "Use After Free in vim/vim" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "vim/vim", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_value": "9.0.0221" - } - ] + "CVE_data_meta": { + "ASSIGNER": "security@huntr.dev", + "ID": "CVE-2022-2862", + "STATE": "PUBLIC", + "TITLE": "Use After Free in vim/vim" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "vim/vim", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "9.0.0221" + } + ] + } + } + ] + }, + "vendor_name": "vim" } - } ] - }, - "vendor_name": "vim" } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Use After Free in GitHub repository vim/vim prior to 9.0.0221." - } - ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "HIGH", - "baseScore": 7.6, - "baseSeverity": "HIGH", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H", - "version": "3.0" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-416 Use After Free" - } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use After Free in GitHub repository vim/vim prior to 9.0.0221." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://huntr.dev/bounties/71180988-1ab6-4311-bca8-e9a879b06765", - "refsource": "CONFIRM", - "url": "https://huntr.dev/bounties/71180988-1ab6-4311-bca8-e9a879b06765" - }, - { - "name": "https://github.com/vim/vim/commit/1889f499a4f248cd84e0e0bf6d0d820016774494", - "refsource": "MISC", - "url": "https://github.com/vim/vim/commit/1889f499a4f248cd84e0e0bf6d0d820016774494" - } - ] - }, - "source": { - "advisory": "71180988-1ab6-4311-bca8-e9a879b06765", - "discovery": "EXTERNAL" - } + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.6, + "baseSeverity": "HIGH", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416 Use After Free" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://huntr.dev/bounties/71180988-1ab6-4311-bca8-e9a879b06765", + "refsource": "CONFIRM", + "url": "https://huntr.dev/bounties/71180988-1ab6-4311-bca8-e9a879b06765" + }, + { + "name": "https://github.com/vim/vim/commit/1889f499a4f248cd84e0e0bf6d0d820016774494", + "refsource": "MISC", + "url": "https://github.com/vim/vim/commit/1889f499a4f248cd84e0e0bf6d0d820016774494" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-b9edf60581", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XWOJOA7PZZAMBI5GFTL6PWHXMWSDLUXL/" + } + ] + }, + "source": { + "advisory": "71180988-1ab6-4311-bca8-e9a879b06765", + "discovery": "EXTERNAL" + } } \ No newline at end of file diff --git a/2022/2xxx/CVE-2022-2980.json b/2022/2xxx/CVE-2022-2980.json index 734779b5f21..4aaf47b36c0 100644 --- a/2022/2xxx/CVE-2022-2980.json +++ b/2022/2xxx/CVE-2022-2980.json @@ -1,89 +1,94 @@ { - "CVE_data_meta": { - "ASSIGNER": "security@huntr.dev", - "ID": "CVE-2022-2980", - "STATE": "PUBLIC", - "TITLE": "NULL Pointer Dereference in vim/vim" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "vim/vim", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_value": "9.0.0259" - } - ] + "CVE_data_meta": { + "ASSIGNER": "security@huntr.dev", + "ID": "CVE-2022-2980", + "STATE": "PUBLIC", + "TITLE": "NULL Pointer Dereference in vim/vim" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "vim/vim", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "9.0.0259" + } + ] + } + } + ] + }, + "vendor_name": "vim" } - } ] - }, - "vendor_name": "vim" } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0259." - } - ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "LOW", - "baseScore": 6.3, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", - "version": "3.0" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-476 NULL Pointer Dereference" - } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0259." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://huntr.dev/bounties/6e7b12a5-242c-453d-b39e-9625d563b0ea", - "refsource": "CONFIRM", - "url": "https://huntr.dev/bounties/6e7b12a5-242c-453d-b39e-9625d563b0ea" - }, - { - "name": "https://github.com/vim/vim/commit/80525751c5ce9ed82c41d83faf9ef38667bf61b1", - "refsource": "MISC", - "url": "https://github.com/vim/vim/commit/80525751c5ce9ed82c41d83faf9ef38667bf61b1" - } - ] - }, - "source": { - "advisory": "6e7b12a5-242c-453d-b39e-9625d563b0ea", - "discovery": "EXTERNAL" - } -} + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-476 NULL Pointer Dereference" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://huntr.dev/bounties/6e7b12a5-242c-453d-b39e-9625d563b0ea", + "refsource": "CONFIRM", + "url": "https://huntr.dev/bounties/6e7b12a5-242c-453d-b39e-9625d563b0ea" + }, + { + "name": "https://github.com/vim/vim/commit/80525751c5ce9ed82c41d83faf9ef38667bf61b1", + "refsource": "MISC", + "url": "https://github.com/vim/vim/commit/80525751c5ce9ed82c41d83faf9ef38667bf61b1" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-b9edf60581", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XWOJOA7PZZAMBI5GFTL6PWHXMWSDLUXL/" + } + ] + }, + "source": { + "advisory": "6e7b12a5-242c-453d-b39e-9625d563b0ea", + "discovery": "EXTERNAL" + } +} \ No newline at end of file diff --git a/2022/2xxx/CVE-2022-2982.json b/2022/2xxx/CVE-2022-2982.json index acb4c87fbdf..e2474c229e9 100644 --- a/2022/2xxx/CVE-2022-2982.json +++ b/2022/2xxx/CVE-2022-2982.json @@ -1,89 +1,94 @@ { - "CVE_data_meta": { - "ASSIGNER": "security@huntr.dev", - "ID": "CVE-2022-2982", - "STATE": "PUBLIC", - "TITLE": "Use After Free in vim/vim" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "vim/vim", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_value": "9.0.0260" - } - ] + "CVE_data_meta": { + "ASSIGNER": "security@huntr.dev", + "ID": "CVE-2022-2982", + "STATE": "PUBLIC", + "TITLE": "Use After Free in vim/vim" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "vim/vim", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "9.0.0260" + } + ] + } + } + ] + }, + "vendor_name": "vim" } - } ] - }, - "vendor_name": "vim" } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Use After Free in GitHub repository vim/vim prior to 9.0.0260." - } - ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "LOW", - "baseScore": 7.6, - "baseSeverity": "HIGH", - "confidentialityImpact": "LOW", - "integrityImpact": "HIGH", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L", - "version": "3.0" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-416 Use After Free" - } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use After Free in GitHub repository vim/vim prior to 9.0.0260." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://huntr.dev/bounties/53f53d9a-ba8a-4985-b7ba-23efbe6833be", - "refsource": "CONFIRM", - "url": "https://huntr.dev/bounties/53f53d9a-ba8a-4985-b7ba-23efbe6833be" - }, - { - "name": "https://github.com/vim/vim/commit/d6c67629ed05aae436164eec474832daf8ba7420", - "refsource": "MISC", - "url": "https://github.com/vim/vim/commit/d6c67629ed05aae436164eec474832daf8ba7420" - } - ] - }, - "source": { - "advisory": "53f53d9a-ba8a-4985-b7ba-23efbe6833be", - "discovery": "EXTERNAL" - } -} + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 7.6, + "baseSeverity": "HIGH", + "confidentialityImpact": "LOW", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416 Use After Free" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://huntr.dev/bounties/53f53d9a-ba8a-4985-b7ba-23efbe6833be", + "refsource": "CONFIRM", + "url": "https://huntr.dev/bounties/53f53d9a-ba8a-4985-b7ba-23efbe6833be" + }, + { + "name": "https://github.com/vim/vim/commit/d6c67629ed05aae436164eec474832daf8ba7420", + "refsource": "MISC", + "url": "https://github.com/vim/vim/commit/d6c67629ed05aae436164eec474832daf8ba7420" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-b9edf60581", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XWOJOA7PZZAMBI5GFTL6PWHXMWSDLUXL/" + } + ] + }, + "source": { + "advisory": "53f53d9a-ba8a-4985-b7ba-23efbe6833be", + "discovery": "EXTERNAL" + } +} \ No newline at end of file diff --git a/2022/31xxx/CVE-2022-31214.json b/2022/31xxx/CVE-2022-31214.json index d2deed7a212..eae1323b906 100644 --- a/2022/31xxx/CVE-2022-31214.json +++ b/2022/31xxx/CVE-2022-31214.json @@ -71,6 +71,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20220629 [SECURITY] [DLA 3061-1] firejail security update", "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00023.html" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-7ecd36b131", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SIBEBE3KFINMGJATBQQS7D2VQQ62ZVMF/" } ] } diff --git a/2022/31xxx/CVE-2022-31676.json b/2022/31xxx/CVE-2022-31676.json index bd18777992a..ebaba645354 100644 --- a/2022/31xxx/CVE-2022-31676.json +++ b/2022/31xxx/CVE-2022-31676.json @@ -68,6 +68,11 @@ "refsource": "FEDORA", "name": "FEDORA-2022-cd23eac6f4", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O4TZF6QRJIDECGMEGBPXJCHZ6YC3VZ6Z/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-1b8d3b2845", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C5VV2R4LV4T3SNQJYRLFD4C75HBDVV76/" } ] }, diff --git a/2022/36xxx/CVE-2022-36436.json b/2022/36xxx/CVE-2022-36436.json index f229dda1dfe..aa6ba34b967 100644 --- a/2022/36xxx/CVE-2022-36436.json +++ b/2022/36xxx/CVE-2022-36436.json @@ -1,17 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-36436", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-36436", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "OSU Open Source Lab VNCAuthProxy through 1.1.1 is affected by an vncap/vnc/protocol.py VNCServerAuthenticator authentication-bypass vulnerability that could allow a malicious actor to gain unauthorized access to a VNC session or to disconnect a legitimate user from a VNC session. A remote attacker with network access to the proxy server could leverage this vulnerability to connect to VNC servers protected by the proxy server without providing any authentication credentials. Exploitation of this issue requires that the proxy server is currently accepting connections for the target VNC server." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/osuosl/twisted_vncauthproxy/tree/release/1.1.1", + "refsource": "MISC", + "name": "https://github.com/osuosl/twisted_vncauthproxy/tree/release/1.1.1" + }, + { + "url": "https://pypi.org/project/VNCAuthProxy/", + "refsource": "MISC", + "name": "https://pypi.org/project/VNCAuthProxy/" + }, + { + "refsource": "MISC", + "name": "https://github.com/osuosl/twisted_vncauthproxy/commit/edc149af29242178091b2d6fcd42c3ef0851644b", + "url": "https://github.com/osuosl/twisted_vncauthproxy/commit/edc149af29242178091b2d6fcd42c3ef0851644b" + }, + { + "refsource": "MISC", + "name": "https://cert.grnet.gr/en/blog/cve-2022-36436-twisted-vnc-authentication-proxy-authentication-bypass/", + "url": "https://cert.grnet.gr/en/blog/cve-2022-36436-twisted-vnc-authentication-proxy-authentication-bypass/" } ] } diff --git a/2022/36xxx/CVE-2022-36667.json b/2022/36xxx/CVE-2022-36667.json index 9ac6842380a..a3f805367f1 100644 --- a/2022/36xxx/CVE-2022-36667.json +++ b/2022/36xxx/CVE-2022-36667.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-36667", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-36667", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Garage Management System 1.0 is vulnerable to the Remote Code Execution (RCE) due to the lack of filtering from the file upload function. The vulnerability exist during adding parts and from the upload function, the attacker can upload PHP Reverse Shell straight away to gain RCE." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.sourcecodester.com/php/15485/garage-management-system-using-phpmysql-source-code.html", + "refsource": "MISC", + "name": "https://www.sourcecodester.com/php/15485/garage-management-system-using-phpmysql-source-code.html" + }, + { + "refsource": "MISC", + "name": "https://github.com/saitamang/POC-DUMP/blob/main/Garage%20Management%20System/README.md", + "url": "https://github.com/saitamang/POC-DUMP/blob/main/Garage%20Management%20System/README.md" } ] } diff --git a/2022/36xxx/CVE-2022-36668.json b/2022/36xxx/CVE-2022-36668.json index 76826372018..9845313fad2 100644 --- a/2022/36xxx/CVE-2022-36668.json +++ b/2022/36xxx/CVE-2022-36668.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-36668", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-36668", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Garage Management System 1.0 is vulnerable to Stored Cross Site Scripting (XSS) on several parameters. The vulnerabilities exist during creating or editing the parts under parameters. Using the XSS payload, the Stored XSS triggered and can be used for further attack vector." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.sourcecodester.com/php/15485/garage-management-system-using-phpmysql-source-code.html", + "refsource": "MISC", + "name": "https://www.sourcecodester.com/php/15485/garage-management-system-using-phpmysql-source-code.html" + }, + { + "refsource": "MISC", + "name": "https://github.com/saitamang/POC-DUMP/blob/main/Garage%20Management%20System/README.md", + "url": "https://github.com/saitamang/POC-DUMP/blob/main/Garage%20Management%20System/README.md" } ] } diff --git a/2022/36xxx/CVE-2022-36669.json b/2022/36xxx/CVE-2022-36669.json index 6f70a7cccc8..da833769ff5 100644 --- a/2022/36xxx/CVE-2022-36669.json +++ b/2022/36xxx/CVE-2022-36669.json @@ -1,17 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-36669", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-36669", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Hospital Information System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://code-projects.org/hospital-information-system-in-php-with-source-code/", + "refsource": "MISC", + "name": "https://code-projects.org/hospital-information-system-in-php-with-source-code/" + }, + { + "url": "https://github.com/saitamang/POC-DUMP/blob/main/Hospital%20Information%20System/README.md", + "refsource": "MISC", + "name": "https://github.com/saitamang/POC-DUMP/blob/main/Hospital%20Information%20System/README.md" + }, + { + "refsource": "MISC", + "name": "https://github.com/saitamang/POC-DUMP/tree/main/Hospital%20Information%20System", + "url": "https://github.com/saitamang/POC-DUMP/tree/main/Hospital%20Information%20System" + }, + { + "refsource": "MISC", + "name": "https://packetstormsecurity.com/files/167803/Hospital-Information-System-1.0-SQL-Injection.html", + "url": "https://packetstormsecurity.com/files/167803/Hospital-Information-System-1.0-SQL-Injection.html" } ] } diff --git a/2022/37xxx/CVE-2022-37137.json b/2022/37xxx/CVE-2022-37137.json index 9ad48feb98b..32b308c75b5 100644 --- a/2022/37xxx/CVE-2022-37137.json +++ b/2022/37xxx/CVE-2022-37137.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-37137", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-37137", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "PayMoney 3.3 is vulnerable to Stored Cross-Site Scripting (XSS) during replying the ticket. The XSS can be obtain from injecting under \"Message\" field with \"description\" parameter with the specially crafted payload to gain Stored XSS. The XSS then will prompt after that or can be access from the view ticket function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://paymoney.techvill.org/", + "refsource": "MISC", + "name": "https://paymoney.techvill.org/" + }, + { + "refsource": "MISC", + "name": "https://github.com/saitamang/POC-DUMP/tree/main/PayMoney", + "url": "https://github.com/saitamang/POC-DUMP/tree/main/PayMoney" } ] } diff --git a/2022/37xxx/CVE-2022-37138.json b/2022/37xxx/CVE-2022-37138.json index 0530b6aea4f..f6ac1305c6b 100644 --- a/2022/37xxx/CVE-2022-37138.json +++ b/2022/37xxx/CVE-2022-37138.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-37138", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-37138", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Loan Management System 1.0 is vulnerable to SQL Injection at the login page, which allows unauthorized users to login as Administrator after injecting username form." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.sourcecodester.com/php/15529/loan-management-system-oop-php-mysqlijquery-free-source-code.html", + "refsource": "MISC", + "name": "https://www.sourcecodester.com/php/15529/loan-management-system-oop-php-mysqlijquery-free-source-code.html" + }, + { + "refsource": "MISC", + "name": "https://github.com/saitamang/POC-DUMP/blob/main/Loan%20Management%20System/README.md", + "url": "https://github.com/saitamang/POC-DUMP/blob/main/Loan%20Management%20System/README.md" } ] } diff --git a/2022/37xxx/CVE-2022-37139.json b/2022/37xxx/CVE-2022-37139.json index 5a675e260ea..fd05e38e14d 100644 --- a/2022/37xxx/CVE-2022-37139.json +++ b/2022/37xxx/CVE-2022-37139.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-37139", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-37139", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Loan Management System version 1.0 suffers from a persistent cross site scripting vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.sourcecodester.com/php/15529/loan-management-system-oop-php-mysqlijquery-free-source-code.html", + "refsource": "MISC", + "name": "https://www.sourcecodester.com/php/15529/loan-management-system-oop-php-mysqlijquery-free-source-code.html" + }, + { + "refsource": "MISC", + "name": "https://github.com/saitamang/POC-DUMP/blob/main/Loan%20Management%20System/README.md", + "url": "https://github.com/saitamang/POC-DUMP/blob/main/Loan%20Management%20System/README.md" } ] } diff --git a/2022/37xxx/CVE-2022-37140.json b/2022/37xxx/CVE-2022-37140.json index 4df70902262..a709ddf485e 100644 --- a/2022/37xxx/CVE-2022-37140.json +++ b/2022/37xxx/CVE-2022-37140.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-37140", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-37140", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "PayMoney 3.3 is vulnerable to Client Side Remote Code Execution (RCE). The vulnerability exists on the reply ticket function and upload the malicious file. A calculator will open when the victim who download the file open the RTF file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://paymoney.techvill.org", + "refsource": "MISC", + "name": "https://paymoney.techvill.org" + }, + { + "refsource": "MISC", + "name": "https://github.com/saitamang/POC-DUMP/tree/main/PayMoney", + "url": "https://github.com/saitamang/POC-DUMP/tree/main/PayMoney" } ] } diff --git a/2022/37xxx/CVE-2022-37434.json b/2022/37xxx/CVE-2022-37434.json index 0f21cbe0054..b8a35239bff 100644 --- a/2022/37xxx/CVE-2022-37434.json +++ b/2022/37xxx/CVE-2022-37434.json @@ -116,6 +116,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20220912 [SECURITY] [DLA 3103-1] zlib security update", "url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-3c28ae0cd8", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/" } ] } diff --git a/2022/39xxx/CVE-2022-39831.json b/2022/39xxx/CVE-2022-39831.json index 0685873da26..51fd6d99c33 100644 --- a/2022/39xxx/CVE-2022-39831.json +++ b/2022/39xxx/CVE-2022-39831.json @@ -56,6 +56,11 @@ "url": "https://savannah.gnu.org/bugs/?62977", "refsource": "MISC", "name": "https://savannah.gnu.org/bugs/?62977" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-629b1e8b81", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VQKWIVW5WJ5ZQNNQFRKTRKD7J3LRLUYW/" } ] } diff --git a/2022/39xxx/CVE-2022-39832.json b/2022/39xxx/CVE-2022-39832.json index 5f68eef066b..a9041a6ba6d 100644 --- a/2022/39xxx/CVE-2022-39832.json +++ b/2022/39xxx/CVE-2022-39832.json @@ -56,6 +56,11 @@ "url": "https://savannah.gnu.org/bugs/index.php?63000", "refsource": "MISC", "name": "https://savannah.gnu.org/bugs/index.php?63000" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-629b1e8b81", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VQKWIVW5WJ5ZQNNQFRKTRKD7J3LRLUYW/" } ] } diff --git a/2022/3xxx/CVE-2022-3016.json b/2022/3xxx/CVE-2022-3016.json index 85819a03d48..05ec01e86e1 100644 --- a/2022/3xxx/CVE-2022-3016.json +++ b/2022/3xxx/CVE-2022-3016.json @@ -1,89 +1,94 @@ { - "CVE_data_meta": { - "ASSIGNER": "security@huntr.dev", - "ID": "CVE-2022-3016", - "STATE": "PUBLIC", - "TITLE": "Use After Free in vim/vim" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "vim/vim", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_value": "9.0.0286" - } - ] + "CVE_data_meta": { + "ASSIGNER": "security@huntr.dev", + "ID": "CVE-2022-3016", + "STATE": "PUBLIC", + "TITLE": "Use After Free in vim/vim" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "vim/vim", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "9.0.0286" + } + ] + } + } + ] + }, + "vendor_name": "vim" } - } ] - }, - "vendor_name": "vim" } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Use After Free in GitHub repository vim/vim prior to 9.0.0286." - } - ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", - "version": "3.0" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-416 Use After Free" - } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use After Free in GitHub repository vim/vim prior to 9.0.0286." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://huntr.dev/bounties/260516c2-5c4a-4b7f-a01c-04b1aeeea371", - "refsource": "CONFIRM", - "url": "https://huntr.dev/bounties/260516c2-5c4a-4b7f-a01c-04b1aeeea371" - }, - { - "name": "https://github.com/vim/vim/commit/6d24a51b94beb1991cddce221f90b455e2d50db7", - "refsource": "MISC", - "url": "https://github.com/vim/vim/commit/6d24a51b94beb1991cddce221f90b455e2d50db7" - } - ] - }, - "source": { - "advisory": "260516c2-5c4a-4b7f-a01c-04b1aeeea371", - "discovery": "EXTERNAL" - } -} + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416 Use After Free" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://huntr.dev/bounties/260516c2-5c4a-4b7f-a01c-04b1aeeea371", + "refsource": "CONFIRM", + "url": "https://huntr.dev/bounties/260516c2-5c4a-4b7f-a01c-04b1aeeea371" + }, + { + "name": "https://github.com/vim/vim/commit/6d24a51b94beb1991cddce221f90b455e2d50db7", + "refsource": "MISC", + "url": "https://github.com/vim/vim/commit/6d24a51b94beb1991cddce221f90b455e2d50db7" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-b9edf60581", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XWOJOA7PZZAMBI5GFTL6PWHXMWSDLUXL/" + } + ] + }, + "source": { + "advisory": "260516c2-5c4a-4b7f-a01c-04b1aeeea371", + "discovery": "EXTERNAL" + } +} \ No newline at end of file diff --git a/2022/3xxx/CVE-2022-3037.json b/2022/3xxx/CVE-2022-3037.json index 5348e78f934..12def99420b 100644 --- a/2022/3xxx/CVE-2022-3037.json +++ b/2022/3xxx/CVE-2022-3037.json @@ -89,6 +89,11 @@ "refsource": "FEDORA", "name": "FEDORA-2022-35d9bdb7dc", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHJ6LCLHGGVI2U6ZHXHTZ2PYP4STC23N/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-b9edf60581", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XWOJOA7PZZAMBI5GFTL6PWHXMWSDLUXL/" } ] }, diff --git a/2022/3xxx/CVE-2022-3099.json b/2022/3xxx/CVE-2022-3099.json index 20d118b85e4..14f5dd8f487 100644 --- a/2022/3xxx/CVE-2022-3099.json +++ b/2022/3xxx/CVE-2022-3099.json @@ -1,89 +1,104 @@ { - "CVE_data_meta": { - "ASSIGNER": "security@huntr.dev", - "ID": "CVE-2022-3099", - "STATE": "PUBLIC", - "TITLE": "Use After Free in vim/vim" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "vim/vim", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_value": "9.0.0360" - } - ] + "CVE_data_meta": { + "ASSIGNER": "security@huntr.dev", + "ID": "CVE-2022-3099", + "STATE": "PUBLIC", + "TITLE": "Use After Free in vim/vim" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "vim/vim", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "9.0.0360" + } + ] + } + } + ] + }, + "vendor_name": "vim" } - } ] - }, - "vendor_name": "vim" } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Use After Free in GitHub repository vim/vim prior to 9.0.0360." - } - ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", - "version": "3.0" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-416 Use After Free" - } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use After Free in GitHub repository vim/vim prior to 9.0.0360." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://huntr.dev/bounties/403210c7-6cc7-4874-8934-b57f88bd4f5e", - "refsource": "CONFIRM", - "url": "https://huntr.dev/bounties/403210c7-6cc7-4874-8934-b57f88bd4f5e" - }, - { - "name": "https://github.com/vim/vim/commit/35d21c6830fc2d68aca838424a0e786821c5891c", - "refsource": "MISC", - "url": "https://github.com/vim/vim/commit/35d21c6830fc2d68aca838424a0e786821c5891c" - } - ] - }, - "source": { - "advisory": "403210c7-6cc7-4874-8934-b57f88bd4f5e", - "discovery": "EXTERNAL" - } -} + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416 Use After Free" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://huntr.dev/bounties/403210c7-6cc7-4874-8934-b57f88bd4f5e", + "refsource": "CONFIRM", + "url": "https://huntr.dev/bounties/403210c7-6cc7-4874-8934-b57f88bd4f5e" + }, + { + "name": "https://github.com/vim/vim/commit/35d21c6830fc2d68aca838424a0e786821c5891c", + "refsource": "MISC", + "url": "https://github.com/vim/vim/commit/35d21c6830fc2d68aca838424a0e786821c5891c" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-b9edf60581", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XWOJOA7PZZAMBI5GFTL6PWHXMWSDLUXL/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-3f5099bcc9", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DVWBI4BVTBUMNW4NMB3WZZDQJBKIGXI3/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-c28b637883", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LLK2RMZEECKKWUQK7J46D2FQZOXFQLTC/" + } + ] + }, + "source": { + "advisory": "403210c7-6cc7-4874-8934-b57f88bd4f5e", + "discovery": "EXTERNAL" + } +} \ No newline at end of file diff --git a/2022/40xxx/CVE-2022-40670.json b/2022/40xxx/CVE-2022-40670.json new file mode 100644 index 00000000000..c6d48dee353 --- /dev/null +++ b/2022/40xxx/CVE-2022-40670.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-40670", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file