diff --git a/2021/36xxx/CVE-2021-36338.json b/2021/36xxx/CVE-2021-36338.json index f56382b692a..6f7ceb923a8 100644 --- a/2021/36xxx/CVE-2021-36338.json +++ b/2021/36xxx/CVE-2021-36338.json @@ -63,8 +63,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://www.dell.com/support/kbdoc/000194640" + "refsource": "MISC", + "url": "https://www.dell.com/support/kbdoc/000194640", + "name": "https://www.dell.com/support/kbdoc/000194640" } ] } diff --git a/2022/2xxx/CVE-2022-2892.json b/2022/2xxx/CVE-2022-2892.json index 96827df3824..a9cef735a9e 100644 --- a/2022/2xxx/CVE-2022-2892.json +++ b/2022/2xxx/CVE-2022-2892.json @@ -1,18 +1,88 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "DATE_PUBLIC": "2022-08-23T18:30:00.000Z", "ID": "CVE-2022-2892", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Measuresoft ScadaPro Server Out-of-bounds Write" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "ScadaPro Server", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "All", + "version_value": "6.8.0.1" + } + ] + } + } + ] + }, + "vendor_name": "Measuresoft " + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Measuresoft ScadaPro Server (Versions prior to 6.8.0.1) uses an unmaintained ActiveX control, which may allow an out-of-bounds write condition while processing a specific project file." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-787 Out-of-bounds Write" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-235-05", + "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-235-05" + } + ] + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2022/2xxx/CVE-2022-2894.json b/2022/2xxx/CVE-2022-2894.json index f7f73f6c6ca..30f3c8a2de2 100644 --- a/2022/2xxx/CVE-2022-2894.json +++ b/2022/2xxx/CVE-2022-2894.json @@ -1,18 +1,87 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "DATE_PUBLIC": "2022-08-23T18:30:00.000Z", "ID": "CVE-2022-2894", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Measuresoft ScadaPro Server Untrusted Pointer Dereference" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "ScadaPro Server", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "All Versions" + } + ] + } + } + ] + }, + "vendor_name": "Measuresoft " + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Measuresoft ScadaPro Server (All Versions) uses unmaintained ActiveX controls. The controls may allow seven untrusted pointer deference instances while processing a specific project file." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-822 Untrusted Pointer Dereference" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-235-06", + "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-235-06" + } + ] + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2022/2xxx/CVE-2022-2895.json b/2022/2xxx/CVE-2022-2895.json index 41bb06790b6..5136244316f 100644 --- a/2022/2xxx/CVE-2022-2895.json +++ b/2022/2xxx/CVE-2022-2895.json @@ -1,18 +1,87 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "DATE_PUBLIC": "2022-08-23T18:30:00.000Z", "ID": "CVE-2022-2895", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Measuresoft ScadaPro Server Stack-based Buffer Overflow" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "ScadaPro Server", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "All Versions" + } + ] + } + } + ] + }, + "vendor_name": "Measuresoft " + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Measuresoft ScadaPro Server (All Versions) uses unmaintained ActiveX controls. These controls may allow two stack-based buffer overflow instances while processing a specific project file." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-121 Stack-based Buffer Overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-235-06", + "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-235-06" + } + ] + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2022/2xxx/CVE-2022-2896.json b/2022/2xxx/CVE-2022-2896.json index ee25323eee9..162c88cecec 100644 --- a/2022/2xxx/CVE-2022-2896.json +++ b/2022/2xxx/CVE-2022-2896.json @@ -1,18 +1,87 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "DATE_PUBLIC": "2022-08-23T18:30:00.000Z", "ID": "CVE-2022-2896", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Measuresoft ScadaPro Server Use After Free" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "ScadaPro Server", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "All Versions" + } + ] + } + } + ] + }, + "vendor_name": "Measuresoft " + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Measuresoft ScadaPro Server (All Versions) allows use after free while processing a specific project file." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-121 Stack-based Buffer Overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-235-06", + "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-235-06" + } + ] + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2022/2xxx/CVE-2022-2897.json b/2022/2xxx/CVE-2022-2897.json index 63c8a04a190..e6787768dc8 100644 --- a/2022/2xxx/CVE-2022-2897.json +++ b/2022/2xxx/CVE-2022-2897.json @@ -1,18 +1,87 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "DATE_PUBLIC": "2022-08-23T18:30:00.000Z", "ID": "CVE-2022-2897", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Measuresoft ScadaPro Server and Client Link Following" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "ScadaPro Server and Client ", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "All Versions" + } + ] + } + } + ] + }, + "vendor_name": "Measuresoft " + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Measuresoft ScadaPro Server and Client (All Versions) do not properly resolve links before file access; this could allow privilege escalation.." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-59 Improper Link Resolution Before File Access ('Link Following')" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-235-06", + "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-235-06" + } + ] + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2022/2xxx/CVE-2022-2898.json b/2022/2xxx/CVE-2022-2898.json index 59bc93c88c0..942f989699c 100644 --- a/2022/2xxx/CVE-2022-2898.json +++ b/2022/2xxx/CVE-2022-2898.json @@ -1,18 +1,87 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "DATE_PUBLIC": "2022-08-23T18:30:00.000Z", "ID": "CVE-2022-2898", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Measuresoft ScadaPro Server and Client Link Following" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "ScadaPro Server and Client ", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "All Versions" + } + ] + } + } + ] + }, + "vendor_name": "Measuresoft " + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Measuresoft ScadaPro Server and Client (All Versions) do not properly resolve links before file access; this could allow a denial-of-service condition." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-59 Improper Link Resolution Before File Access ('Link Following')" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-235-06", + "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-235-06" + } + ] + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2022/31xxx/CVE-2022-31233.json b/2022/31xxx/CVE-2022-31233.json index 2d2109b8beb..41cd4e77d3b 100644 --- a/2022/31xxx/CVE-2022-31233.json +++ b/2022/31xxx/CVE-2022-31233.json @@ -63,8 +63,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://www.dell.com/support/kbdoc/000200975" + "refsource": "MISC", + "url": "https://www.dell.com/support/kbdoc/000200975", + "name": "https://www.dell.com/support/kbdoc/000200975" } ] } diff --git a/2022/34xxx/CVE-2022-34373.json b/2022/34xxx/CVE-2022-34373.json index ae7c8a81b39..99f8e71bfac 100644 --- a/2022/34xxx/CVE-2022-34373.json +++ b/2022/34xxx/CVE-2022-34373.json @@ -63,8 +63,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://www.dell.com/support/kbdoc/000201877" + "refsource": "MISC", + "url": "https://www.dell.com/support/kbdoc/000201877", + "name": "https://www.dell.com/support/kbdoc/000201877" } ] } diff --git a/2022/34xxx/CVE-2022-34383.json b/2022/34xxx/CVE-2022-34383.json index 91d0788fba2..dc3b90ff02c 100644 --- a/2022/34xxx/CVE-2022-34383.json +++ b/2022/34xxx/CVE-2022-34383.json @@ -63,8 +63,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://www.dell.com/support/kbdoc/en-us/000202711" + "refsource": "MISC", + "url": "https://www.dell.com/support/kbdoc/en-us/000202711", + "name": "https://www.dell.com/support/kbdoc/en-us/000202711" } ] } diff --git a/2022/36xxx/CVE-2022-36201.json b/2022/36xxx/CVE-2022-36201.json index 890071d9190..8fe1368b1aa 100644 --- a/2022/36xxx/CVE-2022-36201.json +++ b/2022/36xxx/CVE-2022-36201.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-36201", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-36201", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Doctor's Appointment System 1.0 is vulnerable to SQL Injection via booking.php has ?id=." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.sourcecodester.com/hashenudara/simple-doctors-appointment-project.html", + "refsource": "MISC", + "name": "https://www.sourcecodester.com/hashenudara/simple-doctors-appointment-project.html" + }, + { + "refsource": "MISC", + "name": "https://github.com/aznull/CVEs", + "url": "https://github.com/aznull/CVEs" } ] } diff --git a/2022/36xxx/CVE-2022-36202.json b/2022/36xxx/CVE-2022-36202.json index 58276790708..e5bd2716059 100644 --- a/2022/36xxx/CVE-2022-36202.json +++ b/2022/36xxx/CVE-2022-36202.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-36202", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-36202", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Doctor's Appointment System1.0 is vulnerable to Incorrect Access Control via edoc/patient/settings.php. The settings.php is affected by Broken Access Control (IDOR) via id= parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://hshnudr.com", + "refsource": "MISC", + "name": "http://hshnudr.com" + }, + { + "url": "https://www.sourcecodester.com/hashenudara/simple-doctors-appointment-project.html", + "refsource": "MISC", + "name": "https://www.sourcecodester.com/hashenudara/simple-doctors-appointment-project.html" + }, + { + "refsource": "MISC", + "name": "https://github.com/aznull/CVEs", + "url": "https://github.com/aznull/CVEs" } ] } diff --git a/2022/36xxx/CVE-2022-36203.json b/2022/36xxx/CVE-2022-36203.json index 699415fbe12..d0f0edb7da1 100644 --- a/2022/36xxx/CVE-2022-36203.json +++ b/2022/36xxx/CVE-2022-36203.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-36203", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-36203", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Doctor's Appointment System 1.0 is vulnerable to Cross Site Scripting (XSS) via the admin panel. In addition, it leads to takeover the administrator account by stealing the cookie via XSS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.sourcecodester.com/hashenudara/simple-doctors-appointment-project.html", + "refsource": "MISC", + "name": "https://www.sourcecodester.com/hashenudara/simple-doctors-appointment-project.html" + }, + { + "refsource": "MISC", + "name": "https://github.com/aznull/CVEs", + "url": "https://github.com/aznull/CVEs" } ] } diff --git a/2022/36xxx/CVE-2022-36620.json b/2022/36xxx/CVE-2022-36620.json index d767bcbc564..e4a0a78ef80 100644 --- a/2022/36xxx/CVE-2022-36620.json +++ b/2022/36xxx/CVE-2022-36620.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-36620", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-36620", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Buffer Overflow via /goform/addRouting." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.dlink.com/en/security-bulletin/", + "refsource": "MISC", + "name": "https://www.dlink.com/en/security-bulletin/" + }, + { + "url": "https://github.com/z1r00/IOT_Vul/blob/main/dlink/Dir816/addRouting/readme.md", + "refsource": "MISC", + "name": "https://github.com/z1r00/IOT_Vul/blob/main/dlink/Dir816/addRouting/readme.md" } ] }