admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-05-09 17:01:45 +00:00
parent 1c3507c523
commit d0f4095cba
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
8 changed files with 464 additions and 299 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
2020/7xxx/CVE-2020-7248.json
View File

@ -61,6 +61,16 @@
"refsource": "CONFIRM",
"name": "https://openwrt.org/advisory/2020-01-31-2",
"url": "https://openwrt.org/advisory/2020-01-31-2"
},
{
"refsource": "MISC",
"name": "https://openwrt.org/advisory/2020-01-31-2",
"url": "https://openwrt.org/advisory/2020-01-31-2"
},
{
"refsource": "MISC",
"name": "https://nvd.nist.gov/vuln/detail/CVE-2020-7248#range-4512438",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7248#range-4512438"
}
]
}

182
2021/20xxx/CVE-2021-20479.json
View File

@ -1,93 +1,93 @@
{
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"ID" : "CVE-2021-20479",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2022-05-06T00:00:00"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Cloud Pak System",
"version" : {
"version_data" : [
{
"version_value" : "2.3.0"
},
{
"version_value" : "2.3.3.3.Interim.Fix1"
}
]
}
}
]
}
}
]
}
},
"data_type" : "CVE",
"data_format" : "MITRE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
"CVE_data_meta": {
"STATE": "PUBLIC",
"ID": "CVE-2021-20479",
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2022-05-06T00:00:00"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "Cloud Pak System",
"version": {
"version_data": [
{
"version_value": "2.3.0"
},
{
"version_value": "2.3.3.3.Interim.Fix1"
}
]
}
}
]
}
}
]
}
]
},
"data_version" : "4.0",
"impact" : {
"cvssv3" : {
"BM" : {
"SCORE" : "5.900",
"AV" : "N",
"I" : "N",
"UI" : "N",
"PR" : "N",
"AC" : "H",
"S" : "U",
"A" : "N",
"C" : "H"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/6562263",
"title" : "IBM Security Bulletin 6562263 (Cloud Pak System)",
"name" : "https://www.ibm.com/support/pages/node/6562263"
},
{
"title" : "X-Force Vulnerability Report",
"name" : "ibm-cps-cve202120479-info-disc (197498)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/197498",
"refsource" : "XF"
}
]
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Cloud Pak System 2.3.0 through 2.3.3.3 Interim Fix 1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 197498."
}
]
}
}
}
},
"data_type": "CVE",
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Obtain Information",
"lang": "eng"
}
]
}
]
},
"data_version": "4.0",
"impact": {
"cvssv3": {
"BM": {
"SCORE": "5.900",
"AV": "N",
"I": "N",
"UI": "N",
"PR": "N",
"AC": "H",
"S": "U",
"A": "N",
"C": "H"
},
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
}
}
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/pages/node/6562263",
"title": "IBM Security Bulletin 6562263 (Cloud Pak System)",
"name": "https://www.ibm.com/support/pages/node/6562263"
},
{
"title": "X-Force Vulnerability Report",
"name": "ibm-cps-cve202120479-info-disc (197498)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/197498",
"refsource": "XF"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Cloud Pak System 2.3.0 through 2.3.3.3 Interim Fix 1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 197498."
}
]
}
}

18
2022/1xxx/CVE-2022-1632.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-1632",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

206
2022/22xxx/CVE-2022-22319.json
View File

@ -1,106 +1,106 @@
{
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/pages/node/6569203",
"name" : "https://www.ibm.com/support/pages/node/6569203",
"title" : "IBM Security Bulletin 6569203 (Robotic Process Automation)",
"refsource" : "CONFIRM"
},
{
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6583547",
"title" : "IBM Security Bulletin 6583547 (Robotic Process Automation as a Service)",
"url" : "https://www.ibm.com/support/pages/node/6583547"
},
{
"title" : "X-Force Vulnerability Report",
"name" : "ibm-rpa-cve202222319-weak-sec (218366)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/218366",
"refsource" : "XF"
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "L",
"C" : "N",
"AC" : "L",
"S" : "U",
"I" : "L",
"UI" : "N",
"PR" : "L",
"SCORE" : "4.600",
"AV" : "A"
},
"TM" : {
"RC" : "C",
"E" : "U",
"RL" : "O"
}
}
},
"description" : {
"description_data" : [
{
"value" : "IBM Robotic Process Automation 21.0.1 could allow a register user on the system to physically delete a queue that could cause disruption for any scripts dependent on the queue. IBM X-Force ID: 218366.",
"lang" : "eng"
}
]
},
"data_version" : "4.0",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Bypass Security",
"lang" : "eng"
}
]
}
]
},
"data_type" : "CVE",
"data_format" : "MITRE",
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2022-22319",
"DATE_PUBLIC" : "2022-05-06T00:00:00",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"references": {
"reference_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "21.0.1"
}
]
},
"product_name" : "Robotic Process Automation as a Service"
},
{
"product_name" : "Robotic Process Automation",
"version" : {
"version_data" : [
{
"version_value" : "21.0.1"
}
]
}
}
]
}
"url": "https://www.ibm.com/support/pages/node/6569203",
"name": "https://www.ibm.com/support/pages/node/6569203",
"title": "IBM Security Bulletin 6569203 (Robotic Process Automation)",
"refsource": "CONFIRM"
},
{
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/pages/node/6583547",
"title": "IBM Security Bulletin 6583547 (Robotic Process Automation as a Service)",
"url": "https://www.ibm.com/support/pages/node/6583547"
},
{
"title": "X-Force Vulnerability Report",
"name": "ibm-rpa-cve202222319-weak-sec (218366)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/218366",
"refsource": "XF"
}
]
}
}
}
]
},
"impact": {
"cvssv3": {
"BM": {
"A": "L",
"C": "N",
"AC": "L",
"S": "U",
"I": "L",
"UI": "N",
"PR": "L",
"SCORE": "4.600",
"AV": "A"
},
"TM": {
"RC": "C",
"E": "U",
"RL": "O"
}
}
},
"description": {
"description_data": [
{
"value": "IBM Robotic Process Automation 21.0.1 could allow a register user on the system to physically delete a queue that could cause disruption for any scripts dependent on the queue. IBM X-Force ID: 218366.",
"lang": "eng"
}
]
},
"data_version": "4.0",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Bypass Security",
"lang": "eng"
}
]
}
]
},
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2022-22319",
"DATE_PUBLIC": "2022-05-06T00:00:00",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "21.0.1"
}
]
},
"product_name": "Robotic Process Automation as a Service"
},
{
"product_name": "Robotic Process Automation",
"version": {
"version_data": [
{
"version_value": "21.0.1"
}
]
}
}
]
}
}
]
}
}
}

186
2022/22xxx/CVE-2022-22481.json
View File

@ -1,96 +1,96 @@
{
"data_version" : "4.0",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6583553",
"title" : "IBM Security Bulletin 6583553 (i)",
"url" : "https://www.ibm.com/support/pages/node/6583553"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/225899",
"title" : "X-Force Vulnerability Report",
"name" : "ibm-i-cve202222481-info-disc (225899)",
"refsource" : "XF"
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"AC" : "H",
"S" : "U",
"A" : "N",
"C" : "L",
"SCORE" : "3.700",
"AV" : "N",
"I" : "N",
"UI" : "N",
"PR" : "N"
},
"TM" : {
"RC" : "C",
"E" : "U",
"RL" : "O"
}
}
},
"description" : {
"description_data" : [
{
"value" : "IBM Navigator for i 7.2, 7.3, and 7.4 (heritage version) could allow a remote attacker to obtain access to the web interface without valid credentials. By modifying the sign on request, an attacker can gain visibility to the fully qualified domain name of the target system and the navigator tasks page, however they do not gain the ability to perform those tasks on the system or see any specific system data. IBM X-Force ID: 225899.",
"lang" : "eng"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
"data_version": "4.0",
"problemtype": {
"problemtype_data": [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "7.2"
},
{
"version_value" : "7.3"
},
{
"version_value" : "7.4"
}
]
},
"product_name" : "i"
}
]
},
"vendor_name" : "IBM"
"description": [
{
"value": "Obtain Information",
"lang": "eng"
}
]
}
]
}
},
"CVE_data_meta" : {
"DATE_PUBLIC" : "2022-05-06T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2022-22481",
"STATE" : "PUBLIC"
},
"data_type" : "CVE",
"data_format" : "MITRE"
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/pages/node/6583553",
"title": "IBM Security Bulletin 6583553 (i)",
"url": "https://www.ibm.com/support/pages/node/6583553"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/225899",
"title": "X-Force Vulnerability Report",
"name": "ibm-i-cve202222481-info-disc (225899)",
"refsource": "XF"
}
]
},
"impact": {
"cvssv3": {
"BM": {
"AC": "H",
"S": "U",
"A": "N",
"C": "L",
"SCORE": "3.700",
"AV": "N",
"I": "N",
"UI": "N",
"PR": "N"
},
"TM": {
"RC": "C",
"E": "U",
"RL": "O"
}
}
},
"description": {
"description_data": [
{
"value": "IBM Navigator for i 7.2, 7.3, and 7.4 (heritage version) could allow a remote attacker to obtain access to the web interface without valid credentials. By modifying the sign on request, an attacker can gain visibility to the fully qualified domain name of the target system and the navigator tasks page, however they do not gain the ability to perform those tasks on the system or see any specific system data. IBM X-Force ID: 225899.",
"lang": "eng"
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
}
]
},
"product_name": "i"
}
]
},
"vendor_name": "IBM"
}
]
}
},
"CVE_data_meta": {
"DATE_PUBLIC": "2022-05-06T00:00:00",
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2022-22481",
"STATE": "PUBLIC"
},
"data_type": "CVE",
"data_format": "MITRE"
}

61
2022/27xxx/CVE-2022-27114.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-27114",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-27114",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is a vulnerability in htmldoc 1.9.16. In image_load_jpeg function image.cxx when it calls malloc,'img->width' and 'img->height' they are large enough to cause an integer overflow. So, the malloc function may return a heap blosmaller than the expected size, and it will cause a buffer overflow/Address boundary error in the jpeg_read_scanlines function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/michaelrsweet/htmldoc/commit/31f780487e5ddc426888638786cdc47631687275",
"refsource": "MISC",
"name": "https://github.com/michaelrsweet/htmldoc/commit/31f780487e5ddc426888638786cdc47631687275"
},
{
"url": "https://github.com/michaelrsweet/htmldoc/issues/471",
"refsource": "MISC",
"name": "https://github.com/michaelrsweet/htmldoc/issues/471"
}
]
}

50
2022/28xxx/CVE-2022-28161.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-28161",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "sirt@brocade.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Brocade SANNav",
"version": {
"version_data": [
{
"version_value": "Brocade SANNav before 2.2.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Exposure of Sensitive Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-1840",
"url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-1840"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An information exposure through log file vulnerability in Brocade SANNav versions before Brocade SANnav 2.2.0 could allow an authenticated, local attacker to view sensitive information such as ssh passwords in filetansfer.log in debug mode. To exploit this vulnerability, the attacker would need to have valid user credentials and turn on debug mode."
}
]
}

50
2022/28xxx/CVE-2022-28162.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-28162",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "sirt@brocade.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Brocade SANNav",
"version": {
"version_data": [
{
"version_value": "Brocade SANNav before 2.2.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cleartext Transmission of Sensitive Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-1841",
"url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-1841"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Brocade SANnav before version SANnav 2.2.0 logs the REST API Authentication token in plain text."
}
]
}