admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 19:17:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-08-24 06:00:36 +00:00
parent 9eb2bec50e
commit ef47bba637
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
7 changed files with 269 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
2020/36xxx/CVE-2020-36600.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-36600",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/36xxx/CVE-2020-36601.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-36601",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

22
2022/24xxx/CVE-2022-24375.json
View File

@ -48,20 +48,24 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://security.snyk.io/vuln/SNYK-JS-NODEOPCUA-2988725"
"refsource": "MISC",
"url": "https://github.com/node-opcua/node-opcua/commit/7b5044b3f5866fbedc3efabd05e407352c07bd2f",
"name": "https://github.com/node-opcua/node-opcua/commit/7b5044b3f5866fbedc3efabd05e407352c07bd2f"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/node-opcua/node-opcua/commit/3fd46ec156e7718a506be41f3916310b6bdd0407"
"refsource": "MISC",
"url": "https://github.com/node-opcua/node-opcua/pull/1182",
"name": "https://github.com/node-opcua/node-opcua/pull/1182"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/node-opcua/node-opcua/commit/7b5044b3f5866fbedc3efabd05e407352c07bd2f"
"refsource": "MISC",
"url": "https://security.snyk.io/vuln/SNYK-JS-NODEOPCUA-2988725",
"name": "https://security.snyk.io/vuln/SNYK-JS-NODEOPCUA-2988725"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/node-opcua/node-opcua/pull/1182"
"refsource": "MISC",
"url": "https://github.com/node-opcua/node-opcua/commit/3fd46ec156e7718a506be41f3916310b6bdd0407",
"name": "https://github.com/node-opcua/node-opcua/commit/3fd46ec156e7718a506be41f3916310b6bdd0407"
}
]
},
@ -69,7 +73,7 @@
"description_data": [
{
"lang": "eng",
"value": "The package node-opcua before 2.74.0 are vulnerable to Denial of Service (DoS) when bypassing the limitations for excessive memory consumption by sending multiple CloseSession requests with the deleteSubscription parameter equal to False.\n"
"value": "The package node-opcua before 2.74.0 are vulnerable to Denial of Service (DoS) when bypassing the limitations for excessive memory consumption by sending multiple CloseSession requests with the deleteSubscription parameter equal to False."
}
]
},

17
2022/25xxx/CVE-2022-25903.json
View File

@ -48,16 +48,19 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://security.snyk.io/vuln/SNYK-RUST-OPCUA-2988750"
"refsource": "MISC",
"url": "https://github.com/locka99/opcua/pull/216",
"name": "https://github.com/locka99/opcua/pull/216"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/locka99/opcua/pull/216"
"refsource": "MISC",
"url": "https://security.snyk.io/vuln/SNYK-RUST-OPCUA-2988750",
"name": "https://security.snyk.io/vuln/SNYK-RUST-OPCUA-2988750"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/locka99/opcua/pull/216/commits/e75dada28a40c3fefc4aeee4cdc272e1b748f8dd"
"refsource": "MISC",
"url": "https://github.com/locka99/opcua/pull/216/commits/e75dada28a40c3fefc4aeee4cdc272e1b748f8dd",
"name": "https://github.com/locka99/opcua/pull/216/commits/e75dada28a40c3fefc4aeee4cdc272e1b748f8dd"
}
]
},
@ -65,7 +68,7 @@
"description_data": [
{
"lang": "eng",
"value": "The package opcua from 0.0.0 are vulnerable to Denial of Service (DoS) via the ExtensionObjects and Variants objects, when it allows unlimited nesting levels, which could result in a stack overflow even if the message size is less than the maximum allowed.\n"
"value": "The package opcua from 0.0.0 are vulnerable to Denial of Service (DoS) via the ExtensionObjects and Variants objects, when it allows unlimited nesting levels, which could result in a stack overflow even if the message size is less than the maximum allowed."
}
]
},

76
2022/36xxx/CVE-2022-36945.json
View File

@ -1,17 +1,81 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-36945",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-36945",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Remote Keyless Entry (RKE) receiving unit on certain Mazda vehicles through 2020 allows remote attackers to perform unlock operations and force a resynchronization after capturing three consecutive valid key-fob signals over the radio, aka a RollBack attack. The attacker retains the ability to unlock indefinitely."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.blackhat.com/us-22/briefings/schedule/#rollback---a-new-time-agnostic-replay-attack-against-the-automotive-remote-keyless-entry-systems-27185",
"refsource": "MISC",
"name": "https://www.blackhat.com/us-22/briefings/schedule/#rollback---a-new-time-agnostic-replay-attack-against-the-automotive-remote-keyless-entry-systems-27185"
},
{
"refsource": "MISC",
"name": "https://medium.com/codex/rollback-a-new-time-agnostic-replay-attack-against-the-automotive-remote-keyless-entry-systems-df5f99ba9490",
"url": "https://medium.com/codex/rollback-a-new-time-agnostic-replay-attack-against-the-automotive-remote-keyless-entry-systems-df5f99ba9490"
},
{
"refsource": "MISC",
"name": "https://www.youtube.com/playlist?list=PLYodcy84oQL1gxwiuRm13xRXxTQL9cO5t",
"url": "https://www.youtube.com/playlist?list=PLYodcy84oQL1gxwiuRm13xRXxTQL9cO5t"
},
{
"refsource": "MISC",
"name": "https://www.pcmag.com/news/is-your-car-key-fob-vulnerable-to-this-simple-replay-attack",
"url": "https://www.pcmag.com/news/is-your-car-key-fob-vulnerable-to-this-simple-replay-attack"
},
{
"refsource": "MISC",
"name": "https://hackaday.com/2022/08/17/rollback-breaks-into-your-car/",
"url": "https://hackaday.com/2022/08/17/rollback-breaks-into-your-car/"
}
]
}

76
2022/37xxx/CVE-2022-37305.json
View File

@ -1,17 +1,81 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-37305",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-37305",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Remote Keyless Entry (RKE) receiving unit on certain Honda vehicles through 2018 allows remote attackers to perform unlock operations and force a resynchronization after capturing five consecutive valid RKE signals over the radio, aka a RollBack attack. The attacker retains the ability to unlock indefinitely."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.blackhat.com/us-22/briefings/schedule/#rollback---a-new-time-agnostic-replay-attack-against-the-automotive-remote-keyless-entry-systems-27185",
"refsource": "MISC",
"name": "https://www.blackhat.com/us-22/briefings/schedule/#rollback---a-new-time-agnostic-replay-attack-against-the-automotive-remote-keyless-entry-systems-27185"
},
{
"refsource": "MISC",
"name": "https://medium.com/codex/rollback-a-new-time-agnostic-replay-attack-against-the-automotive-remote-keyless-entry-systems-df5f99ba9490",
"url": "https://medium.com/codex/rollback-a-new-time-agnostic-replay-attack-against-the-automotive-remote-keyless-entry-systems-df5f99ba9490"
},
{
"refsource": "MISC",
"name": "https://www.youtube.com/playlist?list=PLYodcy84oQL1gxwiuRm13xRXxTQL9cO5t",
"url": "https://www.youtube.com/playlist?list=PLYodcy84oQL1gxwiuRm13xRXxTQL9cO5t"
},
{
"refsource": "MISC",
"name": "https://www.pcmag.com/news/is-your-car-key-fob-vulnerable-to-this-simple-replay-attack",
"url": "https://www.pcmag.com/news/is-your-car-key-fob-vulnerable-to-this-simple-replay-attack"
},
{
"refsource": "MISC",
"name": "https://hackaday.com/2022/08/17/rollback-breaks-into-your-car/",
"url": "https://hackaday.com/2022/08/17/rollback-breaks-into-your-car/"
}
]
}

76
2022/37xxx/CVE-2022-37418.json
View File

@ -1,17 +1,81 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-37418",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-37418",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Remote Keyless Entry (RKE) receiving unit on certain Nissan, Kia, and Hyundai vehicles through 2017 allows remote attackers to perform unlock operations and force a resynchronization after capturing two consecutive valid key fob signals over the radio, aka a RollBack attack. The attacker retains the ability to unlock indefinitely."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.blackhat.com/us-22/briefings/schedule/#rollback---a-new-time-agnostic-replay-attack-against-the-automotive-remote-keyless-entry-systems-27185",
"refsource": "MISC",
"name": "https://www.blackhat.com/us-22/briefings/schedule/#rollback---a-new-time-agnostic-replay-attack-against-the-automotive-remote-keyless-entry-systems-27185"
},
{
"refsource": "MISC",
"name": "https://medium.com/codex/rollback-a-new-time-agnostic-replay-attack-against-the-automotive-remote-keyless-entry-systems-df5f99ba9490",
"url": "https://medium.com/codex/rollback-a-new-time-agnostic-replay-attack-against-the-automotive-remote-keyless-entry-systems-df5f99ba9490"
},
{
"refsource": "MISC",
"name": "https://www.youtube.com/playlist?list=PLYodcy84oQL1gxwiuRm13xRXxTQL9cO5t",
"url": "https://www.youtube.com/playlist?list=PLYodcy84oQL1gxwiuRm13xRXxTQL9cO5t"
},
{
"refsource": "MISC",
"name": "https://www.pcmag.com/news/is-your-car-key-fob-vulnerable-to-this-simple-replay-attack",
"url": "https://www.pcmag.com/news/is-your-car-key-fob-vulnerable-to-this-simple-replay-attack"
},
{
"refsource": "MISC",
"name": "https://hackaday.com/2022/08/17/rollback-breaks-into-your-car/",
"url": "https://hackaday.com/2022/08/17/rollback-breaks-into-your-car/"
}
]
}