admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-21 05:40:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-08-30 05:00:39 +00:00
parent feb762467f
commit b513b8e7fd
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
7 changed files with 94 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2022/25xxx/CVE-2022-25635.json
View File

@ -76,8 +76,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.twcert.org.tw/tw/cp-132-6456-fc6c5-1.html"
"refsource": "MISC",
"url": "https://www.twcert.org.tw/tw/cp-132-6456-fc6c5-1.html",
"name": "https://www.twcert.org.tw/tw/cp-132-6456-fc6c5-1.html"
}
]
},

7
2022/26xxx/CVE-2022-26527.json
View File

@ -38,7 +38,7 @@
"description_data": [
{
"lang": "eng",
"value": "Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for the size of segmented packets reference parameter. An unauthenticated attacker in the adjacent network can exploit this vulnerability to cause buffer overflow and disrupt service."
"value": "Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for the size of segmented packets\u2019 reference parameter. An unauthenticated attacker in the adjacent network can exploit this vulnerability to cause buffer overflow and disrupt service."
}
]
},
@ -76,8 +76,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.twcert.org.tw/tw/cp-132-6457-66bc9-1.html"
"refsource": "MISC",
"url": "https://www.twcert.org.tw/tw/cp-132-6457-66bc9-1.html",
"name": "https://www.twcert.org.tw/tw/cp-132-6457-66bc9-1.html"
}
]
},

7
2022/26xxx/CVE-2022-26528.json
View File

@ -38,7 +38,7 @@
"description_data": [
{
"lang": "eng",
"value": "Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for the length of segmented packets shift parameter. An unauthenticated attacker in the adjacent network can exploit this vulnerability to cause buffer overflow and disrupt service."
"value": "Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for the length of segmented packets\u2019 shift parameter. An unauthenticated attacker in the adjacent network can exploit this vulnerability to cause buffer overflow and disrupt service."
}
]
},
@ -76,8 +76,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.twcert.org.tw/tw/cp-132-6458-5052f-1.html"
"refsource": "MISC",
"url": "https://www.twcert.org.tw/tw/cp-132-6458-5052f-1.html",
"name": "https://www.twcert.org.tw/tw/cp-132-6458-5052f-1.html"
}
]
},

7
2022/26xxx/CVE-2022-26529.json
View File

@ -38,7 +38,7 @@
"description_data": [
{
"lang": "eng",
"value": "Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for segmented packets link parameter. An unauthenticated attacker in the adjacent network can exploit this vulnerability to cause buffer overflow and disrupt service."
"value": "Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for segmented packets\u2019 link parameter. An unauthenticated attacker in the adjacent network can exploit this vulnerability to cause buffer overflow and disrupt service."
}
]
},
@ -76,8 +76,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.twcert.org.tw/tw/cp-132-6459-09c82-1.html"
"refsource": "MISC",
"url": "https://www.twcert.org.tw/tw/cp-132-6459-09c82-1.html",
"name": "https://www.twcert.org.tw/tw/cp-132-6459-09c82-1.html"
}
]
},

5
2022/38xxx/CVE-2022-38116.json
View File

@ -76,8 +76,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.twcert.org.tw/tw/cp-132-6460-2bb02-1.html"
"refsource": "MISC",
"url": "https://www.twcert.org.tw/tw/cp-132-6460-2bb02-1.html",
"name": "https://www.twcert.org.tw/tw/cp-132-6460-2bb02-1.html"
}
]
},

7
2022/38xxx/CVE-2022-38118.json
View File

@ -44,7 +44,7 @@
"description_data": [
{
"lang": "eng",
"value": "OAKlouds Portal websites Meeting Room has insufficient validation for user input. A remote attacker with general user privilege can perform SQL-injection to access, modify, delete database, perform system operations and disrupt service."
"value": "OAKlouds Portal website\u2019s Meeting Room has insufficient validation for user input. A remote attacker with general user privilege can perform SQL-injection to access, modify, delete database, perform system operations and disrupt service."
}
]
},
@ -82,8 +82,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.twcert.org.tw/tw/cp-132-6461-25c4b-1.html"
"refsource": "MISC",
"url": "https://www.twcert.org.tw/tw/cp-132-6461-25c4b-1.html",
"name": "https://www.twcert.org.tw/tw/cp-132-6461-25c4b-1.html"
}
]
},

72
2022/39xxx/CVE-2022-39028.json Normal file
View File

@ -0,0 +1,72 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-39028",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. In a typical installation, the telnetd application would crash but the telnet service would remain available through inetd. However, if the telnetd application has many crashes within a short time interval, the telnet service would become unavailable after inetd logs a \"telnet/tcp server failing (looping), service terminated\" error. NOTE: MIT krb5-appl is not supported upstream but is shipped by a few Linux distributions. The affected code was removed from the supported MIT Kerberos 5 (aka krb5) product many years ago, at version 1.8."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://lists.gnu.org/archive/html/bug-inetutils/2022-08/msg00002.html",
"refsource": "MISC",
"name": "https://lists.gnu.org/archive/html/bug-inetutils/2022-08/msg00002.html"
},
{
"url": "https://pierrekim.github.io/blog/2022-08-24-2-byte-dos-freebsd-netbsd-telnetd-netkit-telnetd-inetutils-telnetd-kerberos-telnetd.html",
"refsource": "MISC",
"name": "https://pierrekim.github.io/blog/2022-08-24-2-byte-dos-freebsd-netbsd-telnetd-netkit-telnetd-inetutils-telnetd-kerberos-telnetd.html"
},
{
"url": "https://git.hadrons.org/cgit/debian/pkgs/inetutils.git/commit/?id=113da8021710d871c7dd72d2a4d5615d42d64289",
"refsource": "MISC",
"name": "https://git.hadrons.org/cgit/debian/pkgs/inetutils.git/commit/?id=113da8021710d871c7dd72d2a4d5615d42d64289"
}
]
}
}