diff --git a/2022/3xxx/CVE-2022-3921.json b/2022/3xxx/CVE-2022-3921.json index add49efe78b..34bd2177c31 100644 --- a/2022/3xxx/CVE-2022-3921.json +++ b/2022/3xxx/CVE-2022-3921.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "The does not validate files to be uploaded via an AJAX action available to unauthenticated users, which could allow them to upload arbitrary files and lead to RCE" + "value": "The Listingo WordPress theme before 3.2.7 does not validate files to be uploaded via an AJAX action available to unauthenticated users, which could allow them to upload arbitrary files and lead to RCE" } ] }, diff --git a/2022/41xxx/CVE-2022-41215.json b/2022/41xxx/CVE-2022-41215.json index eb32d2db4eb..94bd80cc25e 100644 --- a/2022/41xxx/CVE-2022-41215.json +++ b/2022/41xxx/CVE-2022-41215.json @@ -1,12 +1,33 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-41215", "ASSIGNER": "cna@sap.com", "STATE": "PUBLIC" }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SAP NetWeaver ABAP Server and ABAP Platform allows an unauthenticated attacker to redirect users to a malicious site due to insufficient URL validation. This could lead to the user being tricked to disclose personal information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-601", + "cweId": "CWE-601" + } + ] + } + ] + }, "affects": { "vendor": { "vendor_data": [ @@ -19,24 +40,64 @@ "version": { "version_data": [ { - "version_name": "=", - "version_value": "700" + "version_value": "= 700", + "version_affected": "=" }, { - "version_name": "=", - "version_value": "731" + "version_value": "= 731", + "version_affected": "=" }, { - "version_name": "=", - "version_value": "740" + "version_value": "= 740", + "version_affected": "=" }, { - "version_name": "=", - "version_value": "750" + "version_value": "= 750", + "version_affected": "=" }, { - "version_name": "=", - "version_value": "789" + "version_value": "= 789", + "version_affected": "=" + }, + { + "version_value": "= 701", + "version_affected": "=" + }, + { + "version_value": "= 702", + "version_affected": "=" + }, + { + "version_value": "= 751", + "version_affected": "=" + }, + { + "version_value": "= 752", + "version_affected": "=" + }, + { + "version_value": "= 753", + "version_affected": "=" + }, + { + "version_value": "= 754", + "version_affected": "=" + }, + { + "version_value": "= 755", + "version_affected": "=" + }, + { + "version_value": "= 756", + "version_affected": "=" + }, + { + "version_value": "= 757", + "version_affected": "=" + }, + { + "version_value": "= 790", + "version_affected": "=" } ] } @@ -47,33 +108,6 @@ ] } }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "SAP NetWeaver ABAP Server and ABAP Platform allows an unauthenticated attacker to redirect users to a malicious site due to insufficient URL validation. This could lead to the user being tricked to disclose personal information." - } - ] - }, - "impact": { - "cvss": { - "baseScore": "4.7", - "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N", - "version": "3.0" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-601" - } - ] - } - ] - }, "references": { "reference_data": [ { @@ -87,5 +121,29 @@ "name": "https://launchpad.support.sap.com/#/notes/3251202" } ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 4.7, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N", + "version": "3.1" + } + ] } } \ No newline at end of file diff --git a/2022/42xxx/CVE-2022-42716.json b/2022/42xxx/CVE-2022-42716.json index ad7a4d23191..a322fd3afef 100644 --- a/2022/42xxx/CVE-2022-42716.json +++ b/2022/42xxx/CVE-2022-42716.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-42716", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-42716", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in the Arm Mali GPU Kernel Driver. There is a use-after-free. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r4p0 through r32p0, Bifrost r1p0 through r40p0, and Valhall r19p0 through r40P0." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", + "refsource": "MISC", + "name": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities" } ] } diff --git a/2022/45xxx/CVE-2022-45275.json b/2022/45xxx/CVE-2022-45275.json index 12ad760e85e..7f128b43354 100644 --- a/2022/45xxx/CVE-2022-45275.json +++ b/2022/45xxx/CVE-2022-45275.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-45275", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-45275", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An arbitrary file upload vulnerability in /queuing/admin/ajax.php?action=save_settings of Dynamic Transaction Queuing System v1.0 allows attackers to execute arbitrary code via a crafted PHP file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/ATKF/bug_report/blob/main/vendors/oretnom23/dynamic-transaction-queuing-system/RCE-1.md", + "url": "https://github.com/ATKF/bug_report/blob/main/vendors/oretnom23/dynamic-transaction-queuing-system/RCE-1.md" } ] } diff --git a/2022/47xxx/CVE-2022-47194.json b/2022/47xxx/CVE-2022-47194.json new file mode 100644 index 00000000000..a4576a3b2d4 --- /dev/null +++ b/2022/47xxx/CVE-2022-47194.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-47194", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/47xxx/CVE-2022-47195.json b/2022/47xxx/CVE-2022-47195.json new file mode 100644 index 00000000000..379c769c589 --- /dev/null +++ b/2022/47xxx/CVE-2022-47195.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-47195", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/47xxx/CVE-2022-47196.json b/2022/47xxx/CVE-2022-47196.json new file mode 100644 index 00000000000..bf128db272f --- /dev/null +++ b/2022/47xxx/CVE-2022-47196.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-47196", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/47xxx/CVE-2022-47197.json b/2022/47xxx/CVE-2022-47197.json new file mode 100644 index 00000000000..a538607f7e9 --- /dev/null +++ b/2022/47xxx/CVE-2022-47197.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-47197", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file