admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 11:07:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-11-14T21:00:19.187923+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-11-14 21:00:23 +00:00
parent fa0070eb6d
commit 8f028466b1
270 changed files with 38897 additions and 831 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CVE-2020/CVE-2020-24xx/CVE-2020-2494.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-2494",
"sourceIdentifier": "security@qnapsecurity.com.tw",
"published": "2020-12-10T04:15:11.783",
"lastModified": "2021-06-21T16:57:36.830",
"lastModified": "2023-11-14T19:26:49.173",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -139,8 +139,8 @@
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:a:qnap:qts:4.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EC41D3D7-5EB2-4DE2-B4B7-027E8F046C04"
"criteria": "cpe:2.3:o:qnap:qts:4.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "15C20B26-BAD3-4563-8018-CE06E3A52E73"
}
]
}

22
CVE-2020/CVE-2020-24xx/CVE-2020-2498.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-2498",
"sourceIdentifier": "security@qnapsecurity.com.tw",
"published": "2020-12-10T04:15:12.047",
"lastModified": "2021-06-21T16:57:36.830",
"lastModified": "2023-11-14T19:26:49.173",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -130,9 +130,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.4.3.1354",
"matchCriteriaId": "7D264A57-2504-468E-A463-3D9251865466"
"matchCriteriaId": "5C993531-A910-4F15-ABD3-31261D560C76"
}
]
}
@ -146,9 +146,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.3.6.1333",
"matchCriteriaId": "E0A9BDB9-4E37-47B6-849E-D0FB07FB5FE3"
"matchCriteriaId": "CED08145-C2CF-484B-B66D-5469591040E8"
}
]
}
@ -162,9 +162,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.3.4.1368",
"matchCriteriaId": "8EFFCC22-0292-4ED2-879B-77C222BBEECF"
"matchCriteriaId": "BA15CC08-00FA-4682-8DD9-0B1AF10E40E7"
}
]
}
@ -178,9 +178,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.3.3.1315",
"matchCriteriaId": "C45239EE-A7EC-4D4A-BDC9-F816C1AFF0CB"
"matchCriteriaId": "87533C7A-38F8-4487-A753-EBB911F2A76C"
}
]
}
@ -194,9 +194,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2.6",
"matchCriteriaId": "19889961-BF73-4428-AF00-D615E9393550"
"matchCriteriaId": "3777F6CC-9189-4BC0-B336-62BA1EFB91A7"
}
]
}

6
CVE-2020/CVE-2020-254xx/CVE-2020-25487.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-25487",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-09-22T17:15:12.460",
"lastModified": "2020-09-30T15:01:03.447",
"lastModified": "2023-11-14T20:19:32.323",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,8 +84,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zoo_management_system_project:zoo_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB5048EF-9BCF-456C-A8E6-06CC975D752A"
"criteria": "cpe:2.3:a:phpgurukul:zoo_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "541460D0-FA92-4BC4-A965-28C723E93736"
}
]
}

102
CVE-2020/CVE-2020-25xx/CVE-2020-2509.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-2509",
"sourceIdentifier": "security@qnapsecurity.com.tw",
"published": "2021-04-17T04:15:11.327",
"lastModified": "2021-06-21T16:56:35.063",
"lastModified": "2023-11-14T19:26:49.173",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2022-04-11",
"cisaActionDue": "2022-05-02",
@ -100,56 +100,6 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.3.3.0174:*:*:*:*:*:*:*",
"matchCriteriaId": "732F1DCB-FC88-4362-BD1B-B5248F39609A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.3.3.0868:*:*:*:*:*:*:*",
"matchCriteriaId": "B6AC6B95-0818-404B-8926-1335FFD9A233"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.3.3.0998:*:*:*:*:*:*:*",
"matchCriteriaId": "B963C41C-5E94-426B-B730-21F2DEA31E6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.3.3.1051:*:*:*:*:*:*:*",
"matchCriteriaId": "ACD5FE22-17EE-414C-868D-4D81C68BD7A5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.3.3.1098:*:*:*:*:*:*:*",
"matchCriteriaId": "0D22923A-54BB-4FE4-9D27-DB85D144FB52"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.3.3.1161:*:*:*:*:*:*:*",
"matchCriteriaId": "5BDE7943-255D-4F9E-933D-C43B91675DD2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.3.3.1252:*:*:*:*:*:*:*",
"matchCriteriaId": "4A18A748-CE02-41A7-A930-E8EB318A8CC7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.3.3.1315:*:*:*:*:*:*:*",
"matchCriteriaId": "D9BBE20A-8106-4C0D-B022-B878F0B4AF84"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.3.3.1386:*:*:*:*:*:*:*",
"matchCriteriaId": "0E312EB3-14C9-409C-A725-1B4BB07B30F8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.3.3.1432:*:*:*:*:*:*:*",
"matchCriteriaId": "2245B3A8-C377-4E03-89B2-4E1548E417B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*",
@ -220,6 +170,56 @@
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20200821:*:*:*:*:*:*",
"matchCriteriaId": "886A71D1-9615-47A5-B3C2-CBC6F02961A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:4.3.3.0174:*:*:*:*:*:*:*",
"matchCriteriaId": "DB10F6C0-7CB4-49D2-A1F7-9F3387CD1271"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:4.3.3.0868:*:*:*:*:*:*:*",
"matchCriteriaId": "1931A1D6-C1E6-410A-9F9E-9FD949D42C58"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:4.3.3.0998:*:*:*:*:*:*:*",
"matchCriteriaId": "77FFA90F-FDFA-4B73-960F-BEE7A92DB6BA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:4.3.3.1051:*:*:*:*:*:*:*",
"matchCriteriaId": "491E9EA6-45FC-4D65-9C4E-AB62095DC861"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:4.3.3.1098:*:*:*:*:*:*:*",
"matchCriteriaId": "264B823B-E086-464E-A740-68BFB0AB8650"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:4.3.3.1161:*:*:*:*:*:*:*",
"matchCriteriaId": "A5675D7E-1332-445B-BE5A-0506E765E99A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:4.3.3.1252:*:*:*:*:*:*:*",
"matchCriteriaId": "DC246E80-7A88-4D91-989B-2922C70B1378"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:4.3.3.1315:*:*:*:*:*:*:*",
"matchCriteriaId": "C8D69E0D-84C1-4988-9D73-2D3F511748D0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:4.3.3.1386:*:*:*:*:*:*:*",
"matchCriteriaId": "6F583384-38B8-4BB8-A957-BC6DBC145AEE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:4.3.3.1432:*:*:*:*:*:*:*",
"matchCriteriaId": "D7D05B71-CAF6-416F-BF92-AB4934474F26"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:4.3.4.0358:*:*:*:*:*:*:*",

20
CVE-2021/CVE-2021-263xx/CVE-2021-26345.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2021-26345",
"sourceIdentifier": "psirt@amd.com",
"published": "2023-11-14T19:15:10.190",
"lastModified": "2023-11-14T19:30:45.127",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Failure to validate the value in APCB may allow a privileged attacker to tamper with the APCB token to force an out-of-bounds memory read potentially resulting in a denial of service.\n\n\n\n\n\n\n\n\n\n\n\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002",
"source": "psirt@amd.com"
}
]
}

6
CVE-2021/CVE-2021-268xx/CVE-2021-26822.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-26822",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-02-15T21:15:13.467",
"lastModified": "2021-11-30T22:14:22.910",
"lastModified": "2023-11-14T20:49:00.700",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,8 +84,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:teachers_record_management_system_project:teachers_record_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7CCA65-44E8-48AF-A39E-C814655080A9"
"criteria": "cpe:2.3:a:phpgurukul:teachers_record_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF4AD3BB-B100-46A6-8DA8-DC4BFC2F79C0"
}
]
}

6
CVE-2021/CVE-2021-284xx/CVE-2021-28423.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-28423",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-07-01T15:15:08.153",
"lastModified": "2021-07-07T12:36:22.380",
"lastModified": "2023-11-14T20:49:00.700",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,8 +84,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:teachers_record_management_system_project:teachers_record_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7CCA65-44E8-48AF-A39E-C814655080A9"
"criteria": "cpe:2.3:a:phpgurukul:teachers_record_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF4AD3BB-B100-46A6-8DA8-DC4BFC2F79C0"
}
]
}

6
CVE-2021/CVE-2021-284xx/CVE-2021-28424.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-28424",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-07-01T15:15:08.193",
"lastModified": "2021-07-07T19:13:21.497",
"lastModified": "2023-11-14T20:49:00.700",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,8 +84,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:teachers_record_management_system_project:teachers_record_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7CCA65-44E8-48AF-A39E-C814655080A9"
"criteria": "cpe:2.3:a:phpgurukul:teachers_record_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF4AD3BB-B100-46A6-8DA8-DC4BFC2F79C0"
}
]
}

6
CVE-2021/CVE-2021-287xx/CVE-2021-28799.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-28799",
"sourceIdentifier": "security@qnapsecurity.com.tw",
"published": "2021-05-13T03:15:06.843",
"lastModified": "2022-07-14T15:42:37.947",
"lastModified": "2023-11-14T19:26:49.173",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2022-03-31",
"cisaActionDue": "2022-04-21",
@ -159,8 +159,8 @@
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:a:qnap:qts:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1832D55C-F4AE-4AD3-87E1-4C2E9B42D91D"
"criteria": "cpe:2.3:o:qnap:qts:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FE9FAC96-AA2A-4CA5-A170-8C0E6BD47391"
}
]
}

6
CVE-2021/CVE-2021-422xx/CVE-2021-42223.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-42223",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-10-13T18:15:08.113",
"lastModified": "2021-10-19T18:31:34.507",
"lastModified": "2023-11-14T20:33:15.740",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,8 +84,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_dj_booking_management_system_project:online_dj_booking_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F2E0703C-D14D-4350-8FBE-B5BF474A68C6"
"criteria": "cpe:2.3:a:phpgurukul:online_dj_booking_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A314B412-48F1-4847-9805-0E7503F46C44"
}
]
}

6
CVE-2021/CVE-2021-42xx/CVE-2021-4232.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-4232",
"sourceIdentifier": "cna@vuldb.com",
"published": "2022-05-26T17:15:08.700",
"lastModified": "2022-06-03T12:32:36.387",
"lastModified": "2023-11-14T20:19:32.323",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -114,8 +114,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zoo_management_system_project:zoo_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB5048EF-9BCF-456C-A8E6-06CC975D752A"
"criteria": "cpe:2.3:a:phpgurukul:zoo_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "541460D0-FA92-4BC4-A965-28C723E93736"
}
]
}

102
CVE-2021/CVE-2021-440xx/CVE-2021-44051.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-44051",
"sourceIdentifier": "security@qnapsecurity.com.tw",
"published": "2022-05-05T17:15:10.160",
"lastModified": "2022-05-13T20:17:32.500",
"lastModified": "2023-11-14T19:26:49.173",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -112,34 +112,6 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.3.3.0174",
"versionEndExcluding": "4.3.3.1945",
"matchCriteriaId": "620EA4EB-01B8-415F-B33B-0E2028E08D7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.3.4.0899",
"versionEndExcluding": "4.3.4.1976",
"matchCriteriaId": "255F3533-9116-45F1-AD34-2769C5EA6DA2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.3.6.0895",
"versionEndExcluding": "4.3.6.1965",
"matchCriteriaId": "F7D3A073-09DB-441D-8529-2EADA3E8AB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.4.0.0883",
"versionEndExcluding": "4.5.4.1991",
"matchCriteriaId": "59F7612F-0CA4-4AD7-884A-9964BC71A83F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:*:*:*:*:*:*:*:*",
@ -149,58 +121,86 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20170517:*:*:*:*:*:*",
"matchCriteriaId": "31940475-E069-4EDE-9E6F-2B75E1808722"
"criteria": "cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.3.3.0174",
"versionEndExcluding": "4.3.3.1945",
"matchCriteriaId": "9E5D1B6F-854F-4D93-B78C-5BAEC46EE64B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20190322:*:*:*:*:*:*",
"matchCriteriaId": "E7D10D72-1DD7-42B3-A0AA-6BB3FA894520"
"criteria": "cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.3.4.0899",
"versionEndExcluding": "4.3.4.1976",
"matchCriteriaId": "C2AFDF21-2B1F-49BE-9120-FA2A574B565A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20190730:*:*:*:*:*:*",
"matchCriteriaId": "0F1994A5-92FB-4A9A-8D56-0CB9B5551866"
"criteria": "cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.3.6.0895",
"versionEndExcluding": "4.3.6.1965",
"matchCriteriaId": "41D108D1-72B7-4503-8438-64C486E85256"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20190921:*:*:*:*:*:*",
"matchCriteriaId": "8E409EC3-9B5C-4FE8-97A6-3C5D06A07E6D"
"criteria": "cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.4.0.0883",
"versionEndExcluding": "4.5.4.1991",
"matchCriteriaId": "ACBE4C2B-CA91-43F4-9BCC-9C8FA83306C2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20191107:*:*:*:*:*:*",
"matchCriteriaId": "A6F3599A-F5B7-4FA4-B6C5-A777FC5F770D"
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20170517:*:*:*:*:*:*",
"matchCriteriaId": "8F523E9F-D101-4C29-A624-74E1F3F8CB7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20200109:*:*:*:*:*:*",
"matchCriteriaId": "17CC61B6-FB7B-4817-BF62-0EF34B38E6E2"
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20190322:*:*:*:*:*:*",
"matchCriteriaId": "1388DBE0-F6BB-44AB-81AC-BFB4E70BE820"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20200421:*:*:*:*:*:*",
"matchCriteriaId": "86B62CD3-1416-410B-9283-37E5BB483055"
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20190730:*:*:*:*:*:*",
"matchCriteriaId": "CF3C4461-C1B6-43A1-BA5E-D6658EFD06EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20200611:*:*:*:*:*:*",
"matchCriteriaId": "5805CE0F-4C5F-4A5A-A3B3-620E7AAC2C56"
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20190921:*:*:*:*:*:*",
"matchCriteriaId": "A1F11848-6FED-4D58-A177-36D280C0347C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20200821:*:*:*:*:*:*",
"matchCriteriaId": "09D3EECA-5CB8-41CD-AD72-92817EF41A87"
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20191107:*:*:*:*:*:*",
"matchCriteriaId": "F6259C86-FFDA-40E8-AF0C-33CC8C108DC9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20210327:*:*:*:*:*:*",
"matchCriteriaId": "5E231271-1F46-412E-9CC5-B17605A6A067"
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20200109:*:*:*:*:*:*",
"matchCriteriaId": "9E01E157-BDF1-4B00-BA9B-6887C0C7DFF2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20211215:*:*:*:*:*:*",
"matchCriteriaId": "DB161BDC-A3E5-4CFD-A86E-24985BC2B795"
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20200421:*:*:*:*:*:*",
"matchCriteriaId": "1D1E5368-9587-4E0A-BB65-D88069CA8490"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20200611:*:*:*:*:*:*",
"matchCriteriaId": "B63CE419-871C-4866-8AB1-4BB6461E1D74"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20200821:*:*:*:*:*:*",
"matchCriteriaId": "886A71D1-9615-47A5-B3C2-CBC6F02961A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20210327:*:*:*:*:*:*",
"matchCriteriaId": "9B7A506C-1F53-4CEC-9828-9327352DE153"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20211215:*:*:*:*:*:*",
"matchCriteriaId": "060D81A5-599A-4329-99C8-D69725C65AF3"
},
{
"vulnerable": true,

102
CVE-2021/CVE-2021-440xx/CVE-2021-44052.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-44052",
"sourceIdentifier": "security@qnapsecurity.com.tw",
"published": "2022-05-05T17:15:10.220",
"lastModified": "2022-05-13T20:18:22.837",
"lastModified": "2023-11-14T19:26:49.173",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -112,34 +112,6 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.3.3.0174",
"versionEndExcluding": "4.3.3.1945",
"matchCriteriaId": "620EA4EB-01B8-415F-B33B-0E2028E08D7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.3.4.0899",
"versionEndExcluding": "4.3.4.1976",
"matchCriteriaId": "255F3533-9116-45F1-AD34-2769C5EA6DA2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.3.6.0895",
"versionEndExcluding": "4.3.6.1965",
"matchCriteriaId": "F7D3A073-09DB-441D-8529-2EADA3E8AB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.4.0.0883",
"versionEndExcluding": "4.5.4.1991",
"matchCriteriaId": "59F7612F-0CA4-4AD7-884A-9964BC71A83F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:*:*:*:*:*:*:*:*",
@ -149,58 +121,86 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20170517:*:*:*:*:*:*",
"matchCriteriaId": "31940475-E069-4EDE-9E6F-2B75E1808722"
"criteria": "cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.3.3.0174",
"versionEndExcluding": "4.3.3.1945",
"matchCriteriaId": "9E5D1B6F-854F-4D93-B78C-5BAEC46EE64B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20190322:*:*:*:*:*:*",
"matchCriteriaId": "E7D10D72-1DD7-42B3-A0AA-6BB3FA894520"
"criteria": "cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.3.4.0899",
"versionEndExcluding": "4.3.4.1976",
"matchCriteriaId": "C2AFDF21-2B1F-49BE-9120-FA2A574B565A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20190730:*:*:*:*:*:*",
"matchCriteriaId": "0F1994A5-92FB-4A9A-8D56-0CB9B5551866"
"criteria": "cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.3.6.0895",
"versionEndExcluding": "4.3.6.1965",
"matchCriteriaId": "41D108D1-72B7-4503-8438-64C486E85256"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20190921:*:*:*:*:*:*",
"matchCriteriaId": "8E409EC3-9B5C-4FE8-97A6-3C5D06A07E6D"
"criteria": "cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.4.0.0883",
"versionEndExcluding": "4.5.4.1991",
"matchCriteriaId": "ACBE4C2B-CA91-43F4-9BCC-9C8FA83306C2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20191107:*:*:*:*:*:*",
"matchCriteriaId": "A6F3599A-F5B7-4FA4-B6C5-A777FC5F770D"
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20170517:*:*:*:*:*:*",
"matchCriteriaId": "8F523E9F-D101-4C29-A624-74E1F3F8CB7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20200109:*:*:*:*:*:*",
"matchCriteriaId": "17CC61B6-FB7B-4817-BF62-0EF34B38E6E2"
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20190322:*:*:*:*:*:*",
"matchCriteriaId": "1388DBE0-F6BB-44AB-81AC-BFB4E70BE820"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20200421:*:*:*:*:*:*",
"matchCriteriaId": "86B62CD3-1416-410B-9283-37E5BB483055"
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20190730:*:*:*:*:*:*",
"matchCriteriaId": "CF3C4461-C1B6-43A1-BA5E-D6658EFD06EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20200611:*:*:*:*:*:*",
"matchCriteriaId": "5805CE0F-4C5F-4A5A-A3B3-620E7AAC2C56"
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20190921:*:*:*:*:*:*",
"matchCriteriaId": "A1F11848-6FED-4D58-A177-36D280C0347C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20200821:*:*:*:*:*:*",
"matchCriteriaId": "09D3EECA-5CB8-41CD-AD72-92817EF41A87"
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20191107:*:*:*:*:*:*",
"matchCriteriaId": "F6259C86-FFDA-40E8-AF0C-33CC8C108DC9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20210327:*:*:*:*:*:*",
"matchCriteriaId": "5E231271-1F46-412E-9CC5-B17605A6A067"
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20200109:*:*:*:*:*:*",
"matchCriteriaId": "9E01E157-BDF1-4B00-BA9B-6887C0C7DFF2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20211215:*:*:*:*:*:*",
"matchCriteriaId": "DB161BDC-A3E5-4CFD-A86E-24985BC2B795"
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20200421:*:*:*:*:*:*",
"matchCriteriaId": "1D1E5368-9587-4E0A-BB65-D88069CA8490"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20200611:*:*:*:*:*:*",
"matchCriteriaId": "B63CE419-871C-4866-8AB1-4BB6461E1D74"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20200821:*:*:*:*:*:*",
"matchCriteriaId": "886A71D1-9615-47A5-B3C2-CBC6F02961A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20210327:*:*:*:*:*:*",
"matchCriteriaId": "9B7A506C-1F53-4CEC-9828-9327352DE153"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20211215:*:*:*:*:*:*",
"matchCriteriaId": "060D81A5-599A-4329-99C8-D69725C65AF3"
},
{
"vulnerable": true,

102
CVE-2021/CVE-2021-440xx/CVE-2021-44053.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-44053",
"sourceIdentifier": "security@qnapsecurity.com.tw",
"published": "2022-05-05T17:15:10.277",
"lastModified": "2022-05-13T20:15:29.537",
"lastModified": "2023-11-14T19:26:49.173",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -112,34 +112,6 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.3.3.0174",
"versionEndExcluding": "4.3.3.1945",
"matchCriteriaId": "620EA4EB-01B8-415F-B33B-0E2028E08D7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.3.4.0899",
"versionEndExcluding": "4.3.4.1976",
"matchCriteriaId": "255F3533-9116-45F1-AD34-2769C5EA6DA2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.3.6.0895",
"versionEndExcluding": "4.3.6.1965",
"matchCriteriaId": "F7D3A073-09DB-441D-8529-2EADA3E8AB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.4.0.0883",
"versionEndExcluding": "4.5.4.1991",
"matchCriteriaId": "59F7612F-0CA4-4AD7-884A-9964BC71A83F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:*:*:*:*:*:*:*:*",
@ -149,58 +121,86 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20170517:*:*:*:*:*:*",
"matchCriteriaId": "31940475-E069-4EDE-9E6F-2B75E1808722"
"criteria": "cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.3.3.0174",
"versionEndExcluding": "4.3.3.1945",
"matchCriteriaId": "9E5D1B6F-854F-4D93-B78C-5BAEC46EE64B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20190322:*:*:*:*:*:*",
"matchCriteriaId": "E7D10D72-1DD7-42B3-A0AA-6BB3FA894520"
"criteria": "cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.3.4.0899",
"versionEndExcluding": "4.3.4.1976",
"matchCriteriaId": "C2AFDF21-2B1F-49BE-9120-FA2A574B565A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20190730:*:*:*:*:*:*",
"matchCriteriaId": "0F1994A5-92FB-4A9A-8D56-0CB9B5551866"
"criteria": "cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.3.6.0895",
"versionEndExcluding": "4.3.6.1965",
"matchCriteriaId": "41D108D1-72B7-4503-8438-64C486E85256"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20190921:*:*:*:*:*:*",
"matchCriteriaId": "8E409EC3-9B5C-4FE8-97A6-3C5D06A07E6D"
"criteria": "cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.4.0.0883",
"versionEndExcluding": "4.5.4.1991",
"matchCriteriaId": "ACBE4C2B-CA91-43F4-9BCC-9C8FA83306C2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20191107:*:*:*:*:*:*",
"matchCriteriaId": "A6F3599A-F5B7-4FA4-B6C5-A777FC5F770D"
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20170517:*:*:*:*:*:*",
"matchCriteriaId": "8F523E9F-D101-4C29-A624-74E1F3F8CB7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20200109:*:*:*:*:*:*",
"matchCriteriaId": "17CC61B6-FB7B-4817-BF62-0EF34B38E6E2"
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20190322:*:*:*:*:*:*",
"matchCriteriaId": "1388DBE0-F6BB-44AB-81AC-BFB4E70BE820"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20200421:*:*:*:*:*:*",
"matchCriteriaId": "86B62CD3-1416-410B-9283-37E5BB483055"
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20190730:*:*:*:*:*:*",
"matchCriteriaId": "CF3C4461-C1B6-43A1-BA5E-D6658EFD06EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20200611:*:*:*:*:*:*",
"matchCriteriaId": "5805CE0F-4C5F-4A5A-A3B3-620E7AAC2C56"
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20190921:*:*:*:*:*:*",
"matchCriteriaId": "A1F11848-6FED-4D58-A177-36D280C0347C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20200821:*:*:*:*:*:*",
"matchCriteriaId": "09D3EECA-5CB8-41CD-AD72-92817EF41A87"
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20191107:*:*:*:*:*:*",
"matchCriteriaId": "F6259C86-FFDA-40E8-AF0C-33CC8C108DC9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20210327:*:*:*:*:*:*",
"matchCriteriaId": "5E231271-1F46-412E-9CC5-B17605A6A067"
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20200109:*:*:*:*:*:*",
"matchCriteriaId": "9E01E157-BDF1-4B00-BA9B-6887C0C7DFF2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20211215:*:*:*:*:*:*",
"matchCriteriaId": "DB161BDC-A3E5-4CFD-A86E-24985BC2B795"
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20200421:*:*:*:*:*:*",
"matchCriteriaId": "1D1E5368-9587-4E0A-BB65-D88069CA8490"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20200611:*:*:*:*:*:*",
"matchCriteriaId": "B63CE419-871C-4866-8AB1-4BB6461E1D74"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20200821:*:*:*:*:*:*",
"matchCriteriaId": "886A71D1-9615-47A5-B3C2-CBC6F02961A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20210327:*:*:*:*:*:*",
"matchCriteriaId": "9B7A506C-1F53-4CEC-9828-9327352DE153"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20211215:*:*:*:*:*:*",
"matchCriteriaId": "060D81A5-599A-4329-99C8-D69725C65AF3"
},
{
"vulnerable": true,

102
CVE-2021/CVE-2021-440xx/CVE-2021-44054.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-44054",
"sourceIdentifier": "security@qnapsecurity.com.tw",
"published": "2022-05-05T17:15:10.333",
"lastModified": "2022-05-13T20:18:48.483",
"lastModified": "2023-11-14T19:26:49.173",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -112,34 +112,6 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.3.3.0174",
"versionEndExcluding": "4.3.3.1945",
"matchCriteriaId": "620EA4EB-01B8-415F-B33B-0E2028E08D7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.3.4.0899",
"versionEndExcluding": "4.3.4.1976",
"matchCriteriaId": "255F3533-9116-45F1-AD34-2769C5EA6DA2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.3.6.0895",
"versionEndExcluding": "4.3.6.1965",
"matchCriteriaId": "F7D3A073-09DB-441D-8529-2EADA3E8AB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.4.0.0883",
"versionEndExcluding": "4.5.4.1991",
"matchCriteriaId": "59F7612F-0CA4-4AD7-884A-9964BC71A83F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:*:*:*:*:*:*:*:*",
@ -149,58 +121,86 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20170517:*:*:*:*:*:*",
"matchCriteriaId": "31940475-E069-4EDE-9E6F-2B75E1808722"
"criteria": "cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.3.3.0174",
"versionEndExcluding": "4.3.3.1945",
"matchCriteriaId": "9E5D1B6F-854F-4D93-B78C-5BAEC46EE64B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20190322:*:*:*:*:*:*",
"matchCriteriaId": "E7D10D72-1DD7-42B3-A0AA-6BB3FA894520"
"criteria": "cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.3.4.0899",
"versionEndExcluding": "4.3.4.1976",
"matchCriteriaId": "C2AFDF21-2B1F-49BE-9120-FA2A574B565A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20190730:*:*:*:*:*:*",
"matchCriteriaId": "0F1994A5-92FB-4A9A-8D56-0CB9B5551866"
"criteria": "cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.3.6.0895",
"versionEndExcluding": "4.3.6.1965",
"matchCriteriaId": "41D108D1-72B7-4503-8438-64C486E85256"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20190921:*:*:*:*:*:*",
"matchCriteriaId": "8E409EC3-9B5C-4FE8-97A6-3C5D06A07E6D"
"criteria": "cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.4.0.0883",
"versionEndExcluding": "4.5.4.1991",
"matchCriteriaId": "ACBE4C2B-CA91-43F4-9BCC-9C8FA83306C2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20191107:*:*:*:*:*:*",
"matchCriteriaId": "A6F3599A-F5B7-4FA4-B6C5-A777FC5F770D"
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20170517:*:*:*:*:*:*",
"matchCriteriaId": "8F523E9F-D101-4C29-A624-74E1F3F8CB7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20200109:*:*:*:*:*:*",
"matchCriteriaId": "17CC61B6-FB7B-4817-BF62-0EF34B38E6E2"
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20190322:*:*:*:*:*:*",
"matchCriteriaId": "1388DBE0-F6BB-44AB-81AC-BFB4E70BE820"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20200421:*:*:*:*:*:*",
"matchCriteriaId": "86B62CD3-1416-410B-9283-37E5BB483055"
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20190730:*:*:*:*:*:*",
"matchCriteriaId": "CF3C4461-C1B6-43A1-BA5E-D6658EFD06EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20200611:*:*:*:*:*:*",
"matchCriteriaId": "5805CE0F-4C5F-4A5A-A3B3-620E7AAC2C56"
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20190921:*:*:*:*:*:*",
"matchCriteriaId": "A1F11848-6FED-4D58-A177-36D280C0347C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20200821:*:*:*:*:*:*",
"matchCriteriaId": "09D3EECA-5CB8-41CD-AD72-92817EF41A87"
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20191107:*:*:*:*:*:*",
"matchCriteriaId": "F6259C86-FFDA-40E8-AF0C-33CC8C108DC9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20210327:*:*:*:*:*:*",
"matchCriteriaId": "5E231271-1F46-412E-9CC5-B17605A6A067"
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20200109:*:*:*:*:*:*",
"matchCriteriaId": "9E01E157-BDF1-4B00-BA9B-6887C0C7DFF2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:qts:4.2.6:build_20211215:*:*:*:*:*:*",
"matchCriteriaId": "DB161BDC-A3E5-4CFD-A86E-24985BC2B795"
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20200421:*:*:*:*:*:*",
"matchCriteriaId": "1D1E5368-9587-4E0A-BB65-D88069CA8490"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20200611:*:*:*:*:*:*",
"matchCriteriaId": "B63CE419-871C-4866-8AB1-4BB6461E1D74"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20200821:*:*:*:*:*:*",
"matchCriteriaId": "886A71D1-9615-47A5-B3C2-CBC6F02961A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20210327:*:*:*:*:*:*",
"matchCriteriaId": "9B7A506C-1F53-4CEC-9828-9327352DE153"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20211215:*:*:*:*:*:*",
"matchCriteriaId": "060D81A5-599A-4329-99C8-D69725C65AF3"
},
{
"vulnerable": true,

6
CVE-2021/CVE-2021-443xx/CVE-2021-44315.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-44315",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-12-16T19:15:08.470",
"lastModified": "2021-12-22T02:48:34.407",
"lastModified": "2023-11-14T20:37:14.673",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,8 +84,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bus_pass_management_system_project:bus_pass_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "319EFCC0-2A4B-474A-B436-ECAC10AFD079"
"criteria": "cpe:2.3:a:phpgurukul:bus_pass_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2E4D3314-CB15-4EAB-B63F-2017C012C330"
}
]
}

6
CVE-2021/CVE-2021-443xx/CVE-2021-44317.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-44317",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-12-16T19:15:08.510",
"lastModified": "2021-12-22T02:50:04.323",
"lastModified": "2023-11-14T20:37:14.673",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,8 +84,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bus_pass_management_system_project:bus_pass_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "319EFCC0-2A4B-474A-B436-ECAC10AFD079"
"criteria": "cpe:2.3:a:phpgurukul:bus_pass_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2E4D3314-CB15-4EAB-B63F-2017C012C330"
}
]
}

82
CVE-2021/CVE-2021-44xx/CVE-2021-4431.json
View File

@ -2,18 +2,42 @@
"id": "CVE-2021-4431",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-11-07T11:15:10.070",
"lastModified": "2023-11-07T12:14:36.923",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-14T19:57:53.390",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic has been found in msyk FMDataAPI up to 22. Affected is an unknown function of the file FMDataAPI_Sample.php. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 23 is able to address this issue. The patch is identified as 3bd1709a8f7b1720529bf5dfc9855ad609f436cf. It is recommended to upgrade the affected component. VDB-244494 is the identifier assigned to this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad ha sido encontrada en msyk FMDataAPI hasta 22 y clasificada como problem\u00e1tica. Una funci\u00f3n desconocida del archivo FMDataAPI_Sample.php es afectada por esta vulnerabilidad. La manipulaci\u00f3n conduce a Cross-Site Scripting (XSS). Es posible lanzar el ataque de forma remota. La actualizaci\u00f3n a la versi\u00f3n 23 puede solucionar este problema. El parche se identifica como 3bd1709a8f7b1720529bf5dfc9855ad609f436cf. Se recomienda actualizar el componente afectado. VDB-244494 es el identificador asignado a esta vulnerabilidad."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -35,7 +59,7 @@
],
"cvssMetricV2": [
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
@ -61,7 +85,7 @@
},
"weaknesses": [
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
@ -71,26 +95,64 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:msyk:fmdataapi:*:*:*:*:*:*:*:*",
"versionEndIncluding": "22",
"matchCriteriaId": "20B1C398-1089-4235-8982-FFBEBC3A3CDA"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/msyk/FMDataAPI/commit/3bd1709a8f7b1720529bf5dfc9855ad609f436cf",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/msyk/FMDataAPI/pull/54",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://github.com/msyk/FMDataAPI/releases/tag/23",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://vuldb.com/?ctiid.244494",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.244494",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

24
CVE-2021/CVE-2021-467xx/CVE-2021-46748.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2021-46748",
"sourceIdentifier": "psirt@amd.com",
"published": "2023-11-14T19:15:10.267",
"lastModified": "2023-11-14T19:30:45.127",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Insufficient bounds checking in the ASP (AMD Secure Processor) may allow an attacker to access memory outside the bounds of what is permissible to a TA (Trusted Application) resulting in a potential denial of service.\n\n\n\n\n\n\n\n\n\n\n\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-6003",
"source": "psirt@amd.com"
},
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00971.html",
"source": "psirt@amd.com"
}
]
}

20
CVE-2021/CVE-2021-467xx/CVE-2021-46758.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2021-46758",
"sourceIdentifier": "psirt@amd.com",
"published": "2023-11-14T19:15:10.310",
"lastModified": "2023-11-14T19:30:45.127",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Insufficient validation of SPI flash addresses in the ASP (AMD Secure Processor) bootloader may allow an attacker to read data in memory mapped beyond SPI flash resulting in a potential loss of availability and integrity.\n\n\n\n\n\n\n\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002",
"source": "psirt@amd.com"
}
]
}

24
CVE-2021/CVE-2021-467xx/CVE-2021-46766.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2021-46766",
"sourceIdentifier": "psirt@amd.com",
"published": "2023-11-14T19:15:10.360",
"lastModified": "2023-11-14T19:30:45.127",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality.\n"
}
],
"metrics": {},
"references": [
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002",
"source": "psirt@amd.com"
},
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002",
"source": "psirt@amd.com"
}
]
}

24
CVE-2021/CVE-2021-467xx/CVE-2021-46774.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2021-46774",
"sourceIdentifier": "psirt@amd.com",
"published": "2023-11-14T19:15:10.407",
"lastModified": "2023-11-14T19:30:45.127",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Insufficient DRAM address validation in System\nManagement Unit (SMU) may allow an attacker to read/write from/to an invalid\nDRAM address, potentially resulting in denial-of-service.\n\n\n\n\n\n\n\n\n\n\n\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002",
"source": "psirt@amd.com"
},
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002",
"source": "psirt@amd.com"
}
]
}

10
CVE-2022/CVE-2022-18xx/CVE-2022-1816.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-1816",
"sourceIdentifier": "cna@vuldb.com",
"published": "2022-05-23T12:16:16.553",
"lastModified": "2023-11-07T03:42:12.733",
"lastModified": "2023-11-14T20:19:32.323",
"vulnStatus": "Modified",
"descriptions": [
{
@ -37,7 +37,7 @@
"impactScore": 2.7
},
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -95,7 +95,7 @@
]
},
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
@ -114,8 +114,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zoo_management_system_project:zoo_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB5048EF-9BCF-456C-A8E6-06CC975D752A"
"criteria": "cpe:2.3:a:phpgurukul:zoo_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "541460D0-FA92-4BC4-A965-28C723E93736"
}
]
}

24
CVE-2022/CVE-2022-238xx/CVE-2022-23820.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2022-23820",
"sourceIdentifier": "psirt@amd.com",
"published": "2023-11-14T19:15:10.473",
"lastModified": "2023-11-14T19:30:45.127",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Failure to validate the AMD SMM communication buffer\nmay allow an attacker to corrupt the SMRAM potentially leading to arbitrary\ncode execution.\n\n\n\n\n\n\n\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002",
"source": "psirt@amd.com"
},
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002",
"source": "psirt@amd.com"
}
]
}

20
CVE-2022/CVE-2022-238xx/CVE-2022-23821.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2022-23821",
"sourceIdentifier": "psirt@amd.com",
"published": "2023-11-14T19:15:10.520",
"lastModified": "2023-11-14T19:30:45.127",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper access control in System Management Mode (SMM) may allow an attacker to write to SPI ROM potentially leading to arbitrary code execution.\n\n\n\n\n\n\n\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002",
"source": "psirt@amd.com"
}
]
}

20
CVE-2022/CVE-2022-238xx/CVE-2022-23830.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2022-23830",
"sourceIdentifier": "psirt@amd.com",
"published": "2023-11-14T19:15:10.570",
"lastModified": "2023-11-14T19:30:45.127",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "SMM configuration may not be immutable, as intended, when SNP is enabled resulting in a potential limited loss of guest memory integrity.\n\n\n\n\n\n\n\n\n\n\n\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002",
"source": "psirt@amd.com"
}
]
}

55
CVE-2022/CVE-2022-243xx/CVE-2022-24379.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2022-24379",
"sourceIdentifier": "secure@intel.com",
"published": "2023-11-14T19:15:10.620",
"lastModified": "2023-11-14T19:30:41.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in some Intel(R) Server System M70KLP Family BIOS firmware before version 01.04.0029 may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@intel.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "secure@intel.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00719.html",
"source": "secure@intel.com"
}
]
}

55
CVE-2022/CVE-2022-272xx/CVE-2022-27229.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2022-27229",
"sourceIdentifier": "secure@intel.com",
"published": "2023-11-14T19:15:10.813",
"lastModified": "2023-11-14T19:30:41.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Path transversal in some Intel(R) NUC Kits NUC7i3DN, NUC7i5DN, NUC7i7DN HDMI firmware update tool software before version 1.79.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@intel.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@intel.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-249"
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00908.html",
"source": "secure@intel.com"
}
]
}

6
CVE-2022/CVE-2022-273xx/CVE-2022-27351.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-27351",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-04-08T09:15:11.790",
"lastModified": "2022-04-14T17:58:49.063",
"lastModified": "2023-11-14T20:19:32.323",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,8 +84,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zoo_management_system_project:zoo_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB5048EF-9BCF-456C-A8E6-06CC975D752A"
"criteria": "cpe:2.3:a:phpgurukul:zoo_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "541460D0-FA92-4BC4-A965-28C723E93736"
}
]
}

6
CVE-2022/CVE-2022-279xx/CVE-2022-27992.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-27992",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-04-08T09:15:11.960",
"lastModified": "2022-04-14T16:30:16.410",
"lastModified": "2023-11-14T20:19:32.323",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,8 +84,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zoo_management_system_project:zoo_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB5048EF-9BCF-456C-A8E6-06CC975D752A"
"criteria": "cpe:2.3:a:phpgurukul:zoo_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "541460D0-FA92-4BC4-A965-28C723E93736"
}
]
}

6
CVE-2022/CVE-2022-28xx/CVE-2022-2803.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-2803",
"sourceIdentifier": "cna@vuldb.com",
"published": "2022-08-12T20:15:09.727",
"lastModified": "2022-08-16T15:41:44.873",
"lastModified": "2023-11-14T20:19:32.323",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -79,8 +79,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zoo_management_system_project:zoo_management_system:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D81C8CAA-DBA1-4EF2-BB3E-2A59658A8999"
"criteria": "cpe:2.3:a:phpgurukul:zoo_management_system:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05FD542A-9D7F-48F7-8823-6232A80DE6E3"
}
]
}

6
CVE-2022/CVE-2022-28xx/CVE-2022-2804.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-2804",
"sourceIdentifier": "cna@vuldb.com",
"published": "2022-08-12T20:15:09.787",
"lastModified": "2022-08-16T15:43:46.457",
"lastModified": "2023-11-14T20:19:32.323",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -79,8 +79,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zoo_management_system_project:zoo_management_system:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D81C8CAA-DBA1-4EF2-BB3E-2A59658A8999"
"criteria": "cpe:2.3:a:phpgurukul:zoo_management_system:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05FD542A-9D7F-48F7-8823-6232A80DE6E3"
}
]
}

6
CVE-2022/CVE-2022-290xx/CVE-2022-29005.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-29005",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-05-23T16:16:07.737",
"lastModified": "2022-05-30T00:38:31.757",
"lastModified": "2023-11-14T20:12:29.930",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,8 +84,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_birth_certificate_system_project:online_birth_certificate_system:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D585AB55-D784-422F-9ABC-939DF71CE1EE"
"criteria": "cpe:2.3:a:phpgurukul:online_birth_certificate_system:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "55001D10-170E-4CBE-B727-8F1788211BA8"
}
]
}

6
CVE-2022/CVE-2022-290xx/CVE-2022-29008.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-29008",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-05-11T14:15:08.030",
"lastModified": "2022-10-06T18:02:09.270",
"lastModified": "2023-11-14T20:37:14.673",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,8 +84,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bus_pass_management_system_project:bus_pass_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "319EFCC0-2A4B-474A-B436-ECAC10AFD079"
"criteria": "cpe:2.3:a:phpgurukul:bus_pass_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2E4D3314-CB15-4EAB-B63F-2017C012C330"
}
]
}

55
CVE-2022/CVE-2022-292xx/CVE-2022-29262.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2022-29262",
"sourceIdentifier": "secure@intel.com",
"published": "2023-11-14T19:15:11.020",
"lastModified": "2023-11-14T19:30:41.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper buffer restrictions in some Intel(R) Server Board BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@intel.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.9,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.5,
"impactScore": 5.8
}
]
},
"weaknesses": [
{
"source": "secure@intel.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-92"
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00719.html",
"source": "secure@intel.com"
}
]
}

55
CVE-2022/CVE-2022-295xx/CVE-2022-29510.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2022-29510",
"sourceIdentifier": "secure@intel.com",
"published": "2023-11-14T19:15:11.250",
"lastModified": "2023-11-14T19:30:41.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper buffer restrictions in some Intel(R) Server Board M10JNP2SB BIOS firmware before version 7.219 may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@intel.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "secure@intel.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-92"
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00719.html",
"source": "secure@intel.com"
}
]
}

6
CVE-2022/CVE-2022-318xx/CVE-2022-31897.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-31897",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-06-29T01:15:07.637",
"lastModified": "2022-07-07T19:50:04.327",
"lastModified": "2023-11-14T20:19:32.323",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,8 +84,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zoo_management_system_project:zoo_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB5048EF-9BCF-456C-A8E6-06CC975D752A"
"criteria": "cpe:2.3:a:phpgurukul:zoo_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "541460D0-FA92-4BC4-A965-28C723E93736"
}
]
}

6
CVE-2022/CVE-2022-319xx/CVE-2022-31914.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-31914",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-06-16T16:15:09.183",
"lastModified": "2022-06-27T17:15:23.863",
"lastModified": "2023-11-14T20:19:32.323",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,8 +84,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zoo_management_system_project:zoo_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB5048EF-9BCF-456C-A8E6-06CC975D752A"
"criteria": "cpe:2.3:a:phpgurukul:zoo_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "541460D0-FA92-4BC4-A965-28C723E93736"
}
]
}

6
CVE-2022/CVE-2022-330xx/CVE-2022-33075.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-33075",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-07-05T18:15:08.150",
"lastModified": "2022-07-13T02:32:44.857",
"lastModified": "2023-11-14T20:19:32.323",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,8 +84,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zoo_management_system_project:zoo_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB5048EF-9BCF-456C-A8E6-06CC975D752A"
"criteria": "cpe:2.3:a:phpgurukul:zoo_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "541460D0-FA92-4BC4-A965-28C723E93736"
}
]
}

55
CVE-2022/CVE-2022-338xx/CVE-2022-33898.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2022-33898",
"sourceIdentifier": "secure@intel.com",
"published": "2023-11-14T19:15:11.437",
"lastModified": "2023-11-14T19:30:41.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Insecure inherited permissions in some Intel(R) NUC Watchdog Timer installation software before version 2.0.21.0 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@intel.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@intel.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-277"
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00908.html",
"source": "secure@intel.com"
}
]
}

55
CVE-2022/CVE-2022-339xx/CVE-2022-33945.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2022-33945",
"sourceIdentifier": "secure@intel.com",
"published": "2023-11-14T19:15:11.617",
"lastModified": "2023-11-14T19:30:41.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in some Intel(R) Server board and Intel(R) Server System BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@intel.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "secure@intel.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00719.html",
"source": "secure@intel.com"
}
]
}

8
CVE-2022/CVE-2022-343xx/CVE-2022-34301.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-34301",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-08-26T18:15:09.003",
"lastModified": "2022-09-01T19:13:22.100",
"vulnStatus": "Analyzed",
"lastModified": "2023-11-14T19:15:11.827",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -186,6 +186,10 @@
"Third Party Advisory"
]
},
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01001.html",
"source": "cve@mitre.org"
},
{
"url": "https://www.kb.cert.org/vuls/id/309662",
"source": "cve@mitre.org",

8
CVE-2022/CVE-2022-343xx/CVE-2022-34302.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-34302",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-08-26T18:15:09.047",
"lastModified": "2022-09-01T19:15:42.080",
"vulnStatus": "Analyzed",
"lastModified": "2023-11-14T19:15:11.930",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -186,6 +186,10 @@
"Third Party Advisory"
]
},
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01001.html",
"source": "cve@mitre.org"
},
{
"url": "https://www.kb.cert.org/vuls/id/309662",
"source": "cve@mitre.org",

8
CVE-2022/CVE-2022-343xx/CVE-2022-34303.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-34303",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-08-26T18:15:09.087",
"lastModified": "2022-09-01T19:16:23.963",
"vulnStatus": "Analyzed",
"lastModified": "2023-11-14T19:15:11.997",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -186,6 +186,10 @@
"Third Party Advisory"
]
},
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01001.html",
"source": "cve@mitre.org"
},
{
"url": "https://www.kb.cert.org/vuls/id/309662",
"source": "cve@mitre.org",

6
CVE-2022/CVE-2022-351xx/CVE-2022-35155.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-35155",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-09-30T19:15:15.407",
"lastModified": "2022-10-05T15:52:19.450",
"lastModified": "2023-11-14T20:37:14.673",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -59,8 +59,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bus_pass_management_system_project:bus_pass_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "319EFCC0-2A4B-474A-B436-ECAC10AFD079"
"criteria": "cpe:2.3:a:phpgurukul:bus_pass_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2E4D3314-CB15-4EAB-B63F-2017C012C330"
}
]
}

6
CVE-2022/CVE-2022-351xx/CVE-2022-35156.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-35156",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-09-30T19:15:15.510",
"lastModified": "2022-10-05T15:51:26.693",
"lastModified": "2023-11-14T20:37:14.673",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -59,8 +59,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bus_pass_management_system_project:bus_pass_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "319EFCC0-2A4B-474A-B436-ECAC10AFD079"
"criteria": "cpe:2.3:a:phpgurukul:bus_pass_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2E4D3314-CB15-4EAB-B63F-2017C012C330"
}
]
}

6
CVE-2022/CVE-2022-361xx/CVE-2022-36198.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-36198",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-08-22T01:15:12.693",
"lastModified": "2022-08-23T16:28:23.400",
"lastModified": "2023-11-14T20:37:14.673",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -59,8 +59,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bus_pass_management_system_project:bus_pass_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "319EFCC0-2A4B-474A-B436-ECAC10AFD079"
"criteria": "cpe:2.3:a:phpgurukul:bus_pass_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2E4D3314-CB15-4EAB-B63F-2017C012C330"
}
]
}

55
CVE-2022/CVE-2022-363xx/CVE-2022-36374.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2022-36374",
"sourceIdentifier": "secure@intel.com",
"published": "2023-11-14T19:15:12.077",
"lastModified": "2023-11-14T19:30:41.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper access control in some Intel(R) Aptio* V UEFI Firmware Integrator Tools before version iDmi Windows 5.27.03.0003 may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@intel.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "secure@intel.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00908.html",
"source": "secure@intel.com"
}
]
}

27
CVE-2022/CVE-2022-363xx/CVE-2022-36377.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2022-36377",
"sourceIdentifier": "secure@intel.com",
"published": "2022-11-11T16:15:15.700",
"lastModified": "2022-11-16T16:27:32.097",
"vulnStatus": "Analyzed",
"lastModified": "2023-11-14T19:15:12.280",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Incorrect default permissions in the installer software for some Intel(r) NUC Kit Wireless Adapter drivers for Windows 10 before version 22.40 may allow an authenticated user to potentially enable escalation of privilege via local access."
"value": "Insecure inherited permissions in some Intel(R) Wireless Adapter Driver installation software for Intel(R) NUC Kits & Mini PCs before version 22.190.0.3 for Windows may allow an authenticated user to potentially enable escalation of privilege via local access."
},
{
"lang": "es",
"value": "Los permisos predeterminados incorrectos en el software de instalaci\u00f3n para Intel(r) NUC Kit Wireless Adapter drivers para Windows 10 antes de la versi\u00f3n 22.40 pueden permitir que un usuario autenticado habilite potencialmente la escalada de privilegios a trav\u00e9s del acceso local."
}
],
"metrics": {
@ -64,6 +68,16 @@
"value": "CWE-276"
}
]
},
{
"source": "secure@intel.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-277"
}
]
}
],
"configurations": [
@ -123,11 +137,8 @@
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00747.html",
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
]
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00908.html",
"source": "secure@intel.com"
}
]
}

55
CVE-2022/CVE-2022-363xx/CVE-2022-36396.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2022-36396",
"sourceIdentifier": "secure@intel.com",
"published": "2023-11-14T19:15:12.420",
"lastModified": "2023-11-14T19:30:41.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper access control in some Intel(R) Aptio* V UEFI Firmware Integrator Tools before version iDmiEdit-Linux-5.27.06.0017 may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@intel.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "secure@intel.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00908.html",
"source": "secure@intel.com"
}
]
}

55
CVE-2022/CVE-2022-387xx/CVE-2022-38786.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2022-38786",
"sourceIdentifier": "secure@intel.com",
"published": "2023-11-14T19:15:12.607",
"lastModified": "2023-11-14T19:30:41.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper access control in some Intel Battery Life Diagnostic Tool software before version 2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@intel.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@intel.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00843.html",
"source": "secure@intel.com"
}
]
}

55
CVE-2022/CVE-2022-406xx/CVE-2022-40681.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2022-40681",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2023-11-14T19:15:12.803",
"lastModified": "2023-11-14T19:30:41.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A incorrect authorization in Fortinet FortiClient (Windows) 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 - 6.2.9 and 6.0.0 - 6.0.10 allows an attacker to cause denial of service via sending a crafted request to a specific named pipe."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"references": [
{
"url": "https://fortiguard.com/psirt/FG-IR-22-299",
"source": "psirt@fortinet.com"
}
]
}

6
CVE-2022/CVE-2022-409xx/CVE-2022-40924.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-40924",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-09-26T13:15:11.643",
"lastModified": "2022-09-28T14:14:05.060",
"lastModified": "2023-11-14T20:19:32.323",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -59,8 +59,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zoo_management_system_project:zoo_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB5048EF-9BCF-456C-A8E6-06CC975D752A"
"criteria": "cpe:2.3:a:phpgurukul:zoo_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "541460D0-FA92-4BC4-A965-28C723E93736"
}
]
}

6
CVE-2022/CVE-2022-409xx/CVE-2022-40925.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-40925",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-09-26T13:15:11.687",
"lastModified": "2022-09-28T14:11:11.833",
"lastModified": "2023-11-14T20:19:32.323",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -59,8 +59,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zoo_management_system_project:zoo_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB5048EF-9BCF-456C-A8E6-06CC975D752A"
"criteria": "cpe:2.3:a:phpgurukul:zoo_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "541460D0-FA92-4BC4-A965-28C723E93736"
}
]
}

6
CVE-2022/CVE-2022-409xx/CVE-2022-40932.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-40932",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-09-22T16:15:09.687",
"lastModified": "2022-09-23T19:08:09.290",
"lastModified": "2023-11-14T20:19:32.323",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -59,8 +59,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zoo_management_system_project:zoo_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB5048EF-9BCF-456C-A8E6-06CC975D752A"
"criteria": "cpe:2.3:a:phpgurukul:zoo_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "541460D0-FA92-4BC4-A965-28C723E93736"
}
]
}

55
CVE-2022/CVE-2022-416xx/CVE-2022-41659.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2022-41659",
"sourceIdentifier": "secure@intel.com",
"published": "2023-11-14T19:15:12.990",
"lastModified": "2023-11-14T19:30:41.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper access control for some Intel Unison software may allow a privileged user to potentially enable denial of service via local access."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@intel.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 1.9,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.5,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "secure@intel.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00963.html",
"source": "secure@intel.com"
}
]
}

55
CVE-2022/CVE-2022-416xx/CVE-2022-41689.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2022-41689",
"sourceIdentifier": "secure@intel.com",
"published": "2023-11-14T19:15:13.177",
"lastModified": "2023-11-14T19:30:41.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper access control in some Intel In-Band Manageability software before version 3.0.14 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@intel.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@intel.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00968.html",
"source": "secure@intel.com"
}
]
}

55
CVE-2022/CVE-2022-417xx/CVE-2022-41700.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2022-41700",
"sourceIdentifier": "secure@intel.com",
"published": "2023-11-14T19:15:13.353",
"lastModified": "2023-11-14T19:30:41.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Insecure inherited permissions in some Intel(R) NUC Pro Software Suite installation software before version 2.0.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@intel.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@intel.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-277"
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00908.html",
"source": "secure@intel.com"
}
]
}

9
CVE-2022/CVE-2022-41xx/CVE-2022-4170.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-4170",
"sourceIdentifier": "patrick@puiterwijk.org",
"published": "2022-12-09T18:15:20.327",
"lastModified": "2023-10-30T12:15:09.027",
"vulnStatus": "Modified",
"lastModified": "2023-11-14T19:22:09.713",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -109,7 +109,10 @@
},
{
"url": "https://security.gentoo.org/glsa/202310-20",
"source": "patrick@puiterwijk.org"
"source": "patrick@puiterwijk.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.openwall.com/lists/oss-security/2022/12/05/1",

55
CVE-2022/CVE-2022-428xx/CVE-2022-42879.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2022-42879",
"sourceIdentifier": "secure@intel.com",
"published": "2023-11-14T19:15:13.530",
"lastModified": "2023-11-14T19:30:41.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "NULL pointer dereference in some Intel(R) Arc(TM) & Iris(R) Xe Graphics - WHQL - Windows drivers before version 31.0.101.4255 may allow an authenticated user to potentially enable denial of service via local access."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@intel.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 4.2
}
]
},
"weaknesses": [
{
"source": "secure@intel.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-395"
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00864.html",
"source": "secure@intel.com"
}
]
}

55
CVE-2022/CVE-2022-434xx/CVE-2022-43477.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2022-43477",
"sourceIdentifier": "secure@intel.com",
"published": "2023-11-14T19:15:13.813",
"lastModified": "2023-11-14T19:30:41.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Incomplete cleanup for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@intel.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "secure@intel.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-459"
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00963.html",
"source": "secure@intel.com"
}
]
}

55
CVE-2022/CVE-2022-436xx/CVE-2022-43666.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2022-43666",
"sourceIdentifier": "secure@intel.com",
"published": "2023-11-14T19:15:14.037",
"lastModified": "2023-11-14T19:30:41.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Exposure of sensitive system information due to uncleared debug information for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@intel.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "secure@intel.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1258"
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00963.html",
"source": "secure@intel.com"
}
]
}

55
CVE-2022/CVE-2022-451xx/CVE-2022-45109.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2022-45109",
"sourceIdentifier": "secure@intel.com",
"published": "2023-11-14T19:15:14.220",
"lastModified": "2023-11-14T19:30:41.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper initialization for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@intel.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "secure@intel.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-665"
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00963.html",
"source": "secure@intel.com"
}
]
}

55
CVE-2022/CVE-2022-454xx/CVE-2022-45469.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2022-45469",
"sourceIdentifier": "secure@intel.com",
"published": "2023-11-14T19:15:14.420",
"lastModified": "2023-11-14T19:30:41.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper input validation for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@intel.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 2.2,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "secure@intel.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00963.html",
"source": "secure@intel.com"
}
]
}

6
CVE-2022/CVE-2022-457xx/CVE-2022-45728.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45728",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-01-12T22:15:09.407",
"lastModified": "2023-01-20T07:55:56.660",
"lastModified": "2023-11-14T20:28:42.417",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -55,8 +55,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:doctor_appointment_management_system_project:doctor_appointment_management_system:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D8752320-43CC-420E-967F-09C7B7A6927D"
"criteria": "cpe:2.3:a:phpgurukul:doctor_appointment_management_system:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B58B52DB-32F7-4AE0-80A4-9CEA7433587F"
}
]
}

6
CVE-2022/CVE-2022-457xx/CVE-2022-45729.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45729",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-01-12T22:15:09.463",
"lastModified": "2023-01-20T07:56:02.947",
"lastModified": "2023-11-14T20:28:42.417",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -55,8 +55,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:doctor_appointment_management_system_project:doctor_appointment_management_system:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D8752320-43CC-420E-967F-09C7B7A6927D"
"criteria": "cpe:2.3:a:phpgurukul:doctor_appointment_management_system:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B58B52DB-32F7-4AE0-80A4-9CEA7433587F"
}
]
}

6
CVE-2022/CVE-2022-457xx/CVE-2022-45730.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45730",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-01-26T21:17:53.790",
"lastModified": "2023-02-01T15:17:19.317",
"lastModified": "2023-11-14T20:28:42.417",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -55,8 +55,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:doctor_appointment_management_system_project:doctor_appointment_management_system:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D8752320-43CC-420E-967F-09C7B7A6927D"
"criteria": "cpe:2.3:a:phpgurukul:doctor_appointment_management_system:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B58B52DB-32F7-4AE0-80A4-9CEA7433587F"
}
]
}

56
CVE-2022/CVE-2022-458xx/CVE-2022-45810.json
View File

@ -2,15 +2,42 @@
"id": "CVE-2022-45810",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-07T17:15:08.537",
"lastModified": "2023-11-07T19:07:44.230",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-14T20:05:15.673",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Formula Elements in a CSV File vulnerability in Icegram Icegram Express \u2013 Email Marketing, Newsletters and Automation for WordPress & WooCommerce.This issue affects Icegram Express \u2013 Email Marketing, Newsletters and Automation for WordPress & WooCommerce: from n/a through 5.5.2.\n\n"
},
{
"lang": "es",
"value": "Neutralizaci\u00f3n inadecuada de elementos de f\u00f3rmula en una vulnerabilidad de CSV File en Icegram Icegram Express \u2013 Email Marketing, Newsletters and Automation for WordPress & WooCommerce. Este problema afecta a Icegram Express \u2013 Email Marketing, Newsletters and Automation for WordPress & WooCommerce: desde n/a hasta 5.5. 2."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
@ -23,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:icegram:icegram_express:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "5.5.2",
"matchCriteriaId": "44C8215A-938C-4A37-969D-EF436FDCCC7F"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/email-subscribers/wordpress-icegram-express-email-subscribers-newsletters-and-marketing-automation-plugin-plugin-5-5-2-csv-injection?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

6
CVE-2022/CVE-2022-461xx/CVE-2022-46128.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-46128",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-01-26T21:18:00.733",
"lastModified": "2023-02-01T15:53:30.897",
"lastModified": "2023-11-14T20:28:42.417",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -55,8 +55,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:doctor_appointment_management_system_project:doctor_appointment_management_system:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D8752320-43CC-420E-967F-09C7B7A6927D"
"criteria": "cpe:2.3:a:phpgurukul:doctor_appointment_management_system:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B58B52DB-32F7-4AE0-80A4-9CEA7433587F"
}
]
}

55
CVE-2022/CVE-2022-462xx/CVE-2022-46298.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2022-46298",
"sourceIdentifier": "secure@intel.com",
"published": "2023-11-14T19:15:14.597",
"lastModified": "2023-11-14T19:30:41.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Incomplete cleanup for some Intel Unison software may allow a privileged user to potentially enable denial of service via local access."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@intel.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 1.9,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.5,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "secure@intel.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-459"
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00963.html",
"source": "secure@intel.com"
}
]
}

55
CVE-2022/CVE-2022-462xx/CVE-2022-46299.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2022-46299",
"sourceIdentifier": "secure@intel.com",
"published": "2023-11-14T19:15:14.790",
"lastModified": "2023-11-14T19:30:41.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Insufficient control flow management for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@intel.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "secure@intel.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-691"
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00963.html",
"source": "secure@intel.com"
}
]
}

55
CVE-2022/CVE-2022-463xx/CVE-2022-46301.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2022-46301",
"sourceIdentifier": "secure@intel.com",
"published": "2023-11-14T19:15:14.973",
"lastModified": "2023-11-14T19:30:36.547",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper Initialization for some Intel Unison software may allow a privileged user to potentially enable denial of service via local access."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@intel.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 1.9,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.5,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "secure@intel.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-665"
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00963.html",
"source": "secure@intel.com"
}
]
}

55
CVE-2022/CVE-2022-466xx/CVE-2022-46646.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2022-46646",
"sourceIdentifier": "secure@intel.com",
"published": "2023-11-14T19:15:15.157",
"lastModified": "2023-11-14T19:30:36.547",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Exposure of sensitive information to an unauthorized actor for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@intel.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.2,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "secure@intel.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00963.html",
"source": "secure@intel.com"
}
]
}

55
CVE-2022/CVE-2022-466xx/CVE-2022-46647.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2022-46647",
"sourceIdentifier": "secure@intel.com",
"published": "2023-11-14T19:15:15.340",
"lastModified": "2023-11-14T19:30:36.547",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Insertion of sensitive information into log file for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@intel.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.2,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "secure@intel.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-532"
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00963.html",
"source": "secure@intel.com"
}
]
}

56
CVE-2022/CVE-2022-468xx/CVE-2022-46801.json
View File

@ -2,15 +2,42 @@
"id": "CVE-2022-46801",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-07T17:15:08.693",
"lastModified": "2023-11-07T19:07:44.230",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-14T20:04:46.950",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Formula Elements in a CSV File vulnerability in Paul Ryley Site Reviews.This issue affects Site Reviews: from n/a through 6.2.0.\n\n"
},
{
"lang": "es",
"value": "Neutralizaci\u00f3n inadecuada de elementos de f\u00f3rmula en una vulnerabilidad de CSV File en Paul Ryley Site Reviews. Este problema afecta a Site Reviews: desde n/a hasta 6.2.0."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
@ -23,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geminilabs:site_reviews:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "6.2.0",
"matchCriteriaId": "BED46780-0693-4921-9AD1-770ADB2D0092"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/site-reviews/wordpress-site-reviews-plugin-6-2-0-unauth-csv-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

56
CVE-2022/CVE-2022-468xx/CVE-2022-46803.json
View File

@ -2,15 +2,42 @@
"id": "CVE-2022-46803",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-07T17:15:08.833",
"lastModified": "2023-11-07T19:07:44.230",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-14T20:04:35.113",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Formula Elements in a CSV File vulnerability in Noptin Newsletter Simple Newsletter Plugin \u2013 Noptin.This issue affects Simple Newsletter Plugin \u2013 Noptin: from n/a through 1.9.5.\n\n"
},
{
"lang": "es",
"value": "Neutralizaci\u00f3n inadecuada de elementos de f\u00f3rmula en una vulnerabilidad de CSV File en Noptin Newsletter Simple Newsletter Plugin \u2013 Noptin. Este problema afecta al Simple Newsletter Plugin \u2013 Noptin: desde n/a hasta 1.9.5."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
@ -23,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:noptin:noptin:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.9.5",
"matchCriteriaId": "0600A7EB-BADB-41A7-B408-72D72A188FBF"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/newsletter-optin-box/wordpress-simple-newsletter-plugin-noptin-plugin-1-9-5-unauth-csv-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

66
CVE-2022/CVE-2022-468xx/CVE-2022-46804.json
View File

@ -2,16 +2,53 @@
"id": "CVE-2022-46804",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-07T17:15:08.987",
"lastModified": "2023-11-07T19:07:44.230",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-14T20:03:28.507",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Formula Elements in a CSV File vulnerability in Narola Infotech Solutions LLP Export Users Data Distinct.This issue affects Export Users Data Distinct: from n/a through 1.3.\n\n"
},
{
"lang": "es",
"value": "Neutralizaci\u00f3n inadecuada de elementos de f\u00f3rmula en una vulnerabilidad de CSV File en Narola Infotech Solutions LLP Export Users Data Distinct. Este problema afecta a Export Users Data Distinct: desde n/a hasta 1.3."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1236"
}
]
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -23,10 +60,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:narolainfotech:export_users_data_distinct:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.3",
"matchCriteriaId": "1C0481F8-9AD9-472D-B650-9111A56BDF5F"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/export-users-data-distinct/wordpress-export-users-data-distinct-plugin-1-3-csv-injection?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

56
CVE-2022/CVE-2022-468xx/CVE-2022-46809.json
View File

@ -2,15 +2,42 @@
"id": "CVE-2022-46809",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-07T17:15:09.123",
"lastModified": "2023-11-07T19:07:44.230",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-14T20:01:40.617",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Formula Elements in a CSV File vulnerability in WPDeveloper ReviewX \u2013 Multi-criteria Rating & Reviews for WooCommerce.This issue affects ReviewX \u2013 Multi-criteria Rating & Reviews for WooCommerce: from n/a through 1.6.7.\n\n"
},
{
"lang": "es",
"value": "Neutralizaci\u00f3n inadecuada de elementos de f\u00f3rmula en una vulnerabilidad de CSV File en WPDeveloper ReviewX \u2013 Multi-criteria Rating & Reviews for WooCommerce. Este problema afecta ReviewX \u2013 Multi-criteria Rating & Reviews for WooCommerce: desde n/a hasta 1.6.7."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
@ -23,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpdeveloper:reviewx:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.6.7",
"matchCriteriaId": "53957A59-95D8-4575-A034-0EA858DF50AD"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/reviewx/wordpress-reviewx-plugin-1-6-6-csv-injection?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

68
CVE-2022/CVE-2022-481xx/CVE-2022-48192.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2022-48192",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-06T20:15:07.650",
"lastModified": "2023-11-07T12:14:36.923",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-14T19:29:47.370",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-site Scripting vulnerability in Softing smartLink SW-HT before 1.30, which allows an attacker to execute a dynamic script (JavaScript, VBScript) in the context of the application."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Scripting (XSS) en Softing smartLink SW-HT anterior a la 1.30, que permite a un atacante ejecutar un script din\u00e1mico (JavaScript, VBScript) en el contexto de la aplicaci\u00f3n."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "cve@mitre.org",
"type": "Secondary",
@ -34,14 +58,50 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:softing:smartlink_sw-ht:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.30",
"matchCriteriaId": "F6408B61-39B2-46C6-BEDB-7D076C013984"
}
]
}
]
}
],
"references": [
{
"url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-11.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-11.json",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

68
CVE-2022/CVE-2022-481xx/CVE-2022-48193.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2022-48193",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-06T20:15:07.723",
"lastModified": "2023-11-07T12:14:36.923",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-14T19:29:35.100",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Weak ciphers in Softing smartLink SW-HT before 1.30 are enabled during secure communication (SSL)."
},
{
"lang": "es",
"value": "Los cifrados d\u00e9biles en Softing smartLink SW-HT anteriores a la 1.30 se habilitan durante la comunicaci\u00f3n segura (SSL)."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cve@mitre.org",
"type": "Secondary",
@ -34,14 +58,50 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-326"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:softing:smartlink_sw-ht:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.30",
"matchCriteriaId": "F6408B61-39B2-46C6-BEDB-7D076C013984"
}
]
}
]
}
],
"references": [
{
"url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-11.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-11.json",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

85
CVE-2022/CVE-2022-486xx/CVE-2022-48613.json
View File

@ -2,16 +2,53 @@
"id": "CVE-2022-48613",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-11-08T10:15:08.400",
"lastModified": "2023-11-08T14:00:53.167",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-14T20:05:24.217",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Race condition vulnerability in the kernel module. Successful exploitation of this vulnerability may cause variable values to be read with the condition evaluation bypassed."
},
{
"lang": "es",
"value": "Vulnerabilidad de condici\u00f3n de ejecuci\u00f3n en el m\u00f3dulo del kernel. La explotaci\u00f3n exitosa de esta vulnerabilidad puede causar que los valores de las variables se lean sin pasar omitiendo la evaluaci\u00f3n de la condici\u00f3n."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
},
{
"source": "psirt@huawei.com",
"type": "Secondary",
@ -23,14 +60,52 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "353AEAF2-AF46-4835-93E1-4F942D5E2810"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20112231-B840-44D3-A061-B9B9F80EE378"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3751C1-7729-41D3-AE50-80B5AF601135"
}
]
}
]
}
],
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2023/11/",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202311-0000001729189597",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
}
]
}

70
CVE-2023/CVE-2023-04xx/CVE-2023-0436.json
View File

@ -2,18 +2,42 @@
"id": "CVE-2023-0436",
"sourceIdentifier": "cna@mongodb.com",
"published": "2023-11-07T12:15:08.067",
"lastModified": "2023-11-07T13:58:18.837",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-14T19:56:05.983",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The affected versions of MongoDB Atlas Kubernetes Operator may print sensitive information like GCP service account keys and API integration secrets while DEBUG mode logging is enabled. This issue affects MongoDB Atlas Kubernetes Operator versions: 1.5.0, 1.6.0, 1.6.1, 1.7.0.\n\nPlease note that this is reported on an EOL version of the product, and users are advised to upgrade to the latest supported version.\nRequired Configuration:\u00a0\n\nDEBUG logging is not enabled by default, and must be configured by the end-user. To check the log-level of the Operator, review the flags passed in your deployment configuration (eg. https://github.com/mongodb/mongodb-atlas-kubernetes/blob/main/config/manager/manager.yaml#L27 https://github.com/mongodb/mongodb-atlas-kubernetes/blob/main/config/manager/manager.yaml#L27 )\n\n"
},
{
"lang": "es",
"value": "Las versiones afectadas de MongoDB Atlas Kubernetes Operator pueden imprimir informaci\u00f3n confidencial, como claves de cuenta de servicio de GCP y secretos de integraci\u00f3n de API, mientras el registro en modo DEBUG est\u00e1 habilitado. Este problema afecta a las versiones de MongoDB Atlas Kubernetes Operador: 1.5.0, 1.6.0, 1.6.1, 1.7.0. Tenga en cuenta que esto se informa en una versi\u00f3n EOL del producto y se recomienda a los usuarios que actualicen a la \u00faltima versi\u00f3n compatible. Configuraci\u00f3n requerida: el registro DEBUG no est\u00e1 habilitado de forma predeterminada y debe configurarlo el usuario final. Para verificar el nivel de registro del Operador, revise los indicadores pasados en su configuraci\u00f3n de implementaci\u00f3n (por ejemplo, https://github.com/mongodb/mongodb-atlas-kubernetes/blob/main/config/manager/manager.yaml#L27 https://github.com/mongodb/mongodb-atlas-kubernetes/blob/main/config/manager/manager.yaml#L27)"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cna@mongodb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-532"
}
]
},
{
"source": "cna@mongodb.com",
"type": "Secondary",
@ -46,10 +80,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mongodb:atlas_kubernetes_operator:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.6.0",
"versionEndExcluding": "1.7.1",
"matchCriteriaId": "BC863EEC-521C-492B-9391-1F05490E6772"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mongodb:atlas_kubernetes_operator:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "252CFC4D-4CF4-439D-935B-5D7A16E17FAF"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/mongodb/mongodb-atlas-kubernetes/releases/tag/v1.7.1",
"source": "cna@mongodb.com"
"source": "cna@mongodb.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

61
CVE-2023/CVE-2023-08xx/CVE-2023-0898.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-0898",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-11-07T17:15:09.413",
"lastModified": "2023-11-07T19:07:44.230",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-14T20:01:08.487",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "\nGeneral Electric MiCOM S1 Agile is vulnerable to an attacker achieving code execution by placing malicious DLL files in the directory of the application.\n\n\n\n\n"
},
{
"lang": "es",
"value": "General Electric MiCOM S1 Agile es vulnerable a que un atacante logre la ejecuci\u00f3n de c\u00f3digo colocando archivos DLL maliciosos en el directorio de la aplicaci\u00f3n."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -46,10 +80,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ge:micom_s1_agile:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F047616F-BABF-464B-A146-030336BD0440"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-311-23",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
}
]
}

202
CVE-2023/CVE-2023-201xx/CVE-2023-20195.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-20195",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-11-01T17:15:11.357",
"lastModified": "2023-11-01T17:16:31.677",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-14T19:19:08.147",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Two vulnerabilities in Cisco ISE could allow an authenticated, remote attacker to upload arbitrary files to an affected device. To exploit these vulnerabilities, an attacker must have valid Administrator credentials on the affected device. These vulnerabilities are due to improper validation of files that are uploaded to the web-based management interface. An attacker could exploit these vulnerabilities by uploading a crafted file to an affected device. A successful exploit could allow the attacker to store malicious files in specific directories on the device. The attacker could later use those files to conduct additional attacks, including executing arbitrary code on the affected device with root privileges."
},
{
"lang": "es",
"value": "Dos vulnerabilidades en Cisco ISE podr\u00edan permitir que un atacante remoto autenticado cargue archivos arbitrarios en un dispositivo afectado. Para aprovechar estas vulnerabilidades, un atacante debe tener credenciales de administrador v\u00e1lidas en el dispositivo afectado. Estas vulnerabilidades se deben a una validaci\u00f3n inadecuada de los archivos que se cargan en la interfaz de administraci\u00f3n basada en web. Un atacante podr\u00eda aprovechar estas vulnerabilidades cargando un archivo manipulado en un dispositivo afectado. Un exploit exitoso podr\u00eda permitir al atacante almacenar archivos maliciosos en directorios espec\u00edficos del dispositivo. Posteriormente, el atacante podr\u00eda utilizar esos archivos para realizar ataques adicionales, incluida la ejecuci\u00f3n de c\u00f3digo arbitrario en el dispositivo afectado con privilegios de root."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
@ -34,10 +58,182 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:2.7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "1F22FABF-2831-4895-B0A9-283B98398F43"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:2.7.0:patch1:*:*:*:*:*:*",
"matchCriteriaId": "B83D0F20-5A43-4583-AFAF-CD9D20352437"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:2.7.0:patch2:*:*:*:*:*:*",
"matchCriteriaId": "2887A2C0-BADA-41D3-AA6A-F10BC58AA7F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:2.7.0:patch3:*:*:*:*:*:*",
"matchCriteriaId": "5ADE32BD-C500-47D8-86D6-B08F55F1BBDF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:2.7.0:patch4:*:*:*:*:*:*",
"matchCriteriaId": "22F23314-96BE-42F6-AE07-CC13F8856029"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:2.7.0:patch5:*:*:*:*:*:*",
"matchCriteriaId": "76265489-E5DC-46F1-9475-2FDFCEE32CF4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:2.7.0:patch6:*:*:*:*:*:*",
"matchCriteriaId": "9517A1B4-45BA-44DD-9122-C86BF9075EFE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:2.7.0:patch7:*:*:*:*:*:*",
"matchCriteriaId": "1BC35A24-68DB-43C5-A817-9B35018F5990"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:2.7.0:patch8:*:*:*:*:*:*",
"matchCriteriaId": "DC94625A-6ED0-439B-A2DA-15A49B2FED93"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:2.7.0:patch9:*:*:*:*:*:*",
"matchCriteriaId": "2392609B-AFEA-4BBD-99FA-E90AD4C2AE8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "A1063044-BCD7-487F-9880-141C30547E36"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch1:*:*:*:*:*:*",
"matchCriteriaId": "DA42E65A-7207-48B8-BE1B-0B352201BC09"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch2:*:*:*:*:*:*",
"matchCriteriaId": "75DDAF38-4D5F-4EE4-A428-68D28FC0DA96"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch3:*:*:*:*:*:*",
"matchCriteriaId": "C5FB6AA6-F8C9-48A6-BDDA-1D25C43564EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch4:*:*:*:*:*:*",
"matchCriteriaId": "2B3A267A-5FEA-426D-903E-BD3F4F94A1A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch5:*:*:*:*:*:*",
"matchCriteriaId": "B1B3207B-1B9C-41AA-8EF6-8478458462E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch6:*:*:*:*:*:*",
"matchCriteriaId": "C5B9E7F3-B0F2-4A6A-B939-A62E9B12CCEB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch7:*:*:*:*:*:*",
"matchCriteriaId": "EF4C5A58-D0AE-48D6-9757-18C1D5BE5070"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:-:*:*:*:*:*:*",
"matchCriteriaId": "C4DB9726-532F-45CE-81FD-45F2F6C7CE51"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch1:*:*:*:*:*:*",
"matchCriteriaId": "2E8F0066-0EC0-41FD-80BE-55C4ED5F6B0E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch2:*:*:*:*:*:*",
"matchCriteriaId": "A1E81F86-7ED6-4D6C-8DAF-09EB2A7BC496"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch3:*:*:*:*:*:*",
"matchCriteriaId": "5D1765DB-1BEF-4CE9-8B86-B91F709600EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch4:*:*:*:*:*:*",
"matchCriteriaId": "3D1E80EF-C3FD-4F7A-B63D-0EAA5C878B11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch5:*:*:*:*:*:*",
"matchCriteriaId": "095F27EC-5713-4D4F-AD06-57D3DF068B90"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch6:*:*:*:*:*:*",
"matchCriteriaId": "FEA5210C-E674-4C4B-9EB3-C681C70005B6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch7:*:*:*:*:*:*",
"matchCriteriaId": "C95F2367-A1A0-46B5-AFC0-9929FC899EE2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.2:-:*:*:*:*:*:*",
"matchCriteriaId": "36722B6C-64A5-4D00-94E1-442878C37A35"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.2:patch1:*:*:*:*:*:*",
"matchCriteriaId": "7EEEA06A-AD58-48D3-8975-B21A961985B3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.2:patch2:*:*:*:*:*:*",
"matchCriteriaId": "ED937BCD-60F7-4555-99D8-B6229214FA73"
}
]
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-file-upload-FceLP4xs",
"source": "ykramarz@cisco.com"
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
]
}
]
}

182
CVE-2023/CVE-2023-202xx/CVE-2023-20213.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-20213",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-11-01T17:15:11.500",
"lastModified": "2023-11-01T17:16:31.677",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-14T19:26:45.017",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CDP processing feature of Cisco ISE could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of the CDP process on an affected device. This vulnerability is due to insufficient bounds checking when an affected device processes CDP traffic. An attacker could exploit this vulnerability by sending crafted CDP traffic to the device. A successful exploit could cause the CDP process to crash, impacting neighbor discovery and the ability of Cisco ISE to determine the reachability of remote devices. After a crash, the CDP process must be manually restarted using the cdp enable command in interface configuration mode."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funci\u00f3n de procesamiento CDP de Cisco ISE podr\u00eda permitir que un atacante adyacente no autenticado cause una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS) del proceso CDP en un dispositivo afectado. Esta vulnerabilidad se debe a una verificaci\u00f3n de los l\u00edmites insuficiente cuando un dispositivo afectado procesa el tr\u00e1fico CDP. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando tr\u00e1fico CDP manipulado al dispositivo. Un exploit exitoso podr\u00eda provocar que el proceso CDP falle, lo que afectar\u00eda el descubrimiento de vecinos y la capacidad de Cisco ISE para determinar la accesibilidad de los dispositivos remotos. Despu\u00e9s de una falla, el proceso CDP se debe reiniciar manualmente usando el comando cdp enable en el modo de configuraci\u00f3n de interfaz."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
@ -34,10 +58,162 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:2.7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "1F22FABF-2831-4895-B0A9-283B98398F43"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:2.7.0:patch1:*:*:*:*:*:*",
"matchCriteriaId": "B83D0F20-5A43-4583-AFAF-CD9D20352437"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:2.7.0:patch2:*:*:*:*:*:*",
"matchCriteriaId": "2887A2C0-BADA-41D3-AA6A-F10BC58AA7F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:2.7.0:patch3:*:*:*:*:*:*",
"matchCriteriaId": "5ADE32BD-C500-47D8-86D6-B08F55F1BBDF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:2.7.0:patch4:*:*:*:*:*:*",
"matchCriteriaId": "22F23314-96BE-42F6-AE07-CC13F8856029"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:2.7.0:patch5:*:*:*:*:*:*",
"matchCriteriaId": "76265489-E5DC-46F1-9475-2FDFCEE32CF4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:2.7.0:patch6:*:*:*:*:*:*",
"matchCriteriaId": "9517A1B4-45BA-44DD-9122-C86BF9075EFE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:2.7.0:patch7:*:*:*:*:*:*",
"matchCriteriaId": "1BC35A24-68DB-43C5-A817-9B35018F5990"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:2.7.0:patch8:*:*:*:*:*:*",
"matchCriteriaId": "DC94625A-6ED0-439B-A2DA-15A49B2FED93"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:2.7.0:patch9:*:*:*:*:*:*",
"matchCriteriaId": "2392609B-AFEA-4BBD-99FA-E90AD4C2AE8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "A1063044-BCD7-487F-9880-141C30547E36"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch1:*:*:*:*:*:*",
"matchCriteriaId": "DA42E65A-7207-48B8-BE1B-0B352201BC09"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch2:*:*:*:*:*:*",
"matchCriteriaId": "75DDAF38-4D5F-4EE4-A428-68D28FC0DA96"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch3:*:*:*:*:*:*",
"matchCriteriaId": "C5FB6AA6-F8C9-48A6-BDDA-1D25C43564EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch4:*:*:*:*:*:*",
"matchCriteriaId": "2B3A267A-5FEA-426D-903E-BD3F4F94A1A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch5:*:*:*:*:*:*",
"matchCriteriaId": "B1B3207B-1B9C-41AA-8EF6-8478458462E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch6:*:*:*:*:*:*",
"matchCriteriaId": "C5B9E7F3-B0F2-4A6A-B939-A62E9B12CCEB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:-:*:*:*:*:*:*",
"matchCriteriaId": "C4DB9726-532F-45CE-81FD-45F2F6C7CE51"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch1:*:*:*:*:*:*",
"matchCriteriaId": "2E8F0066-0EC0-41FD-80BE-55C4ED5F6B0E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch2:*:*:*:*:*:*",
"matchCriteriaId": "A1E81F86-7ED6-4D6C-8DAF-09EB2A7BC496"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch3:*:*:*:*:*:*",
"matchCriteriaId": "5D1765DB-1BEF-4CE9-8B86-B91F709600EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch4:*:*:*:*:*:*",
"matchCriteriaId": "3D1E80EF-C3FD-4F7A-B63D-0EAA5C878B11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch5:*:*:*:*:*:*",
"matchCriteriaId": "095F27EC-5713-4D4F-AD06-57D3DF068B90"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.2:-:*:*:*:*:*:*",
"matchCriteriaId": "36722B6C-64A5-4D00-94E1-442878C37A35"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.2:patch1:*:*:*:*:*:*",
"matchCriteriaId": "7EEEA06A-AD58-48D3-8975-B21A961985B3"
}
]
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-file-upload-FceLP4xs",
"source": "ykramarz@cisco.com"
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
]
}
]
}

86
CVE-2023/CVE-2023-202xx/CVE-2023-20264.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-20264",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-11-01T18:15:09.757",
"lastModified": "2023-11-01T18:17:40.607",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-14T19:03:56.497",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 single sign-on (SSO) for remote access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to intercept the SAML assertion of a user who is authenticating to a remote access VPN session. This vulnerability is due to insufficient validation of the login URL. An attacker could exploit this vulnerability by persuading a user to access a site that is under the control of the attacker, allowing the attacker to modify the login URL. A successful exploit could allow the attacker to intercept a successful SAML assertion and use that assertion to establish a remote access VPN session toward the affected device with the identity and permissions of the hijacked user, resulting in access to the protected network."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la implementaci\u00f3n de Security Assertion Markup Language (SAML) 2.0 de Single Sign-oOn (SSO) para VPN de acceso remoto en el software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado intercepte la aserci\u00f3n SAML de un usuario que se est\u00e1 autenticando en una sesi\u00f3n VPN de acceso remoto. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de la URL de inicio de sesi\u00f3n. Un atacante podr\u00eda aprovechar esta vulnerabilidad persuadiendo a un usuario para que acceda a un sitio que est\u00e1 bajo el control del atacante, permiti\u00e9ndole modificar la URL de inicio de sesi\u00f3n. Un exploit exitoso podr\u00eda permitir al atacante interceptar una aserci\u00f3n SAML exitosa y usar esa aserci\u00f3n para establecer una sesi\u00f3n VPN de acceso remoto hacia el dispositivo afectado con la identidad y los permisos del usuario secuestrado, lo que resultar\u00eda en acceso a la red protegida."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
@ -34,10 +58,66 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.18.1",
"versionEndIncluding": "9.18.3.46",
"matchCriteriaId": "F33C25A4-E475-4F23-978A-5BCE83C38AB2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.19.1.5",
"versionEndIncluding": "9.19.1.12",
"matchCriteriaId": "D246D5B2-7764-4631-88F0-1B8A60B77DF8"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F6826018-5620-4924-BE92-6A245378F610"
}
]
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-saml-hijack-ttuQfyz",
"source": "ykramarz@cisco.com"
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
]
}
]
}

20
CVE-2023/CVE-2023-205xx/CVE-2023-20519.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-20519",
"sourceIdentifier": "psirt@amd.com",
"published": "2023-11-14T19:15:15.533",
"lastModified": "2023-11-14T19:30:36.547",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A Use-After-Free vulnerability in the management of an SNP guest context page may allow a malicious hypervisor to masquerade as the guest's migration agent resulting in a potential loss of guest integrity.\n\n\n\n\n\n\n\n\n\n\n\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002",
"source": "psirt@amd.com"
}
]
}

24
CVE-2023/CVE-2023-205xx/CVE-2023-20521.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-20521",
"sourceIdentifier": "psirt@amd.com",
"published": "2023-11-14T19:15:15.580",
"lastModified": "2023-11-14T19:30:36.547",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service.\n\n\n\n\n\n\n\n\n\n\n\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002",
"source": "psirt@amd.com"
},
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002",
"source": "psirt@amd.com"
}
]
}

24
CVE-2023/CVE-2023-205xx/CVE-2023-20526.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-20526",
"sourceIdentifier": "psirt@amd.com",
"published": "2023-11-14T19:15:15.627",
"lastModified": "2023-11-14T19:30:36.547",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Insufficient input validation in the ASP Bootloader may enable a privileged attacker with physical access to expose the contents of ASP memory potentially leading to a loss of confidentiality.\n"
}
],
"metrics": {},
"references": [
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002",
"source": "psirt@amd.com"
},
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002",
"source": "psirt@amd.com"
}
]
}

24
CVE-2023/CVE-2023-205xx/CVE-2023-20533.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-20533",
"sourceIdentifier": "psirt@amd.com",
"published": "2023-11-14T19:15:15.687",
"lastModified": "2023-11-14T19:30:36.547",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Insufficient DRAM address validation in System\nManagement Unit (SMU) may allow an attacker to read/write from/to an invalid\nDRAM address, potentially resulting in denial-of-service.\n\n\n\n\n\n\n\n\n\n\n\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002",
"source": "psirt@amd.com"
},
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002",
"source": "psirt@amd.com"
}
]
}

20
CVE-2023/CVE-2023-205xx/CVE-2023-20563.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-20563",
"sourceIdentifier": "psirt@amd.com",
"published": "2023-11-14T19:15:15.733",
"lastModified": "2023-11-14T19:30:36.547",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.\n\n\n\n\n\n\n\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002",
"source": "psirt@amd.com"
}
]
}

20
CVE-2023/CVE-2023-205xx/CVE-2023-20565.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-20565",
"sourceIdentifier": "psirt@amd.com",
"published": "2023-11-14T19:15:15.783",
"lastModified": "2023-11-14T19:30:36.547",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.\n\n\n\n\n\n\n\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002",
"source": "psirt@amd.com"
}
]
}

20
CVE-2023/CVE-2023-205xx/CVE-2023-20566.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-20566",
"sourceIdentifier": "psirt@amd.com",
"published": "2023-11-14T19:15:15.837",
"lastModified": "2023-11-14T19:30:36.547",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity.\n\n\n\n\n\n\n\n\n\n\n\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002",
"source": "psirt@amd.com"
}
]
}

24
CVE-2023/CVE-2023-205xx/CVE-2023-20567.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-20567",
"sourceIdentifier": "psirt@amd.com",
"published": "2023-11-14T19:15:15.880",
"lastModified": "2023-11-14T19:30:36.547",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch AMDSoftwareInstaller.exe without validating the file signature potentially leading to arbitrary code execution.\n\n\n\n\n\n\n\n\n\n\n\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-6003",
"source": "psirt@amd.com"
},
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00971.html",
"source": "psirt@amd.com"
}
]
}

24
CVE-2023/CVE-2023-205xx/CVE-2023-20568.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-20568",
"sourceIdentifier": "psirt@amd.com",
"published": "2023-11-14T19:15:15.930",
"lastModified": "2023-11-14T19:30:36.547",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch RadeonInstaller.exe without validating the file signature potentially leading to arbitrary code execution.\n\n\n\n\n\n\n\n\n\n\n\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-6003",
"source": "psirt@amd.com"
},
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00971.html",
"source": "psirt@amd.com"
}
]
}

20
CVE-2023/CVE-2023-205xx/CVE-2023-20571.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-20571",
"sourceIdentifier": "psirt@amd.com",
"published": "2023-11-14T19:15:15.977",
"lastModified": "2023-11-14T19:30:36.547",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A race condition in System Management Mode (SMM) code may allow an attacker using a compromised user space to leverage CVE-2018-8897 potentially resulting in privilege escalation.\n\n\n\n\n\n\n\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002",
"source": "psirt@amd.com"
}
]
}

20
CVE-2023/CVE-2023-205xx/CVE-2023-20592.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-20592",
"sourceIdentifier": "psirt@amd.com",
"published": "2023-11-14T19:15:16.030",
"lastModified": "2023-11-14T19:30:36.547",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine (VM) memory integrity.\n\n\n\n\n\n\n\n\n\n\n\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3005",
"source": "psirt@amd.com"
}
]
}

20
CVE-2023/CVE-2023-205xx/CVE-2023-20596.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-20596",
"sourceIdentifier": "psirt@amd.com",
"published": "2023-11-14T19:15:16.083",
"lastModified": "2023-11-14T19:30:36.547",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leading to arbitrary code execution.\n\n\n\n\n\n\n\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7011",
"source": "psirt@amd.com"
}
]
}

55
CVE-2023/CVE-2023-222xx/CVE-2023-22285.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-22285",
"sourceIdentifier": "secure@intel.com",
"published": "2023-11-14T19:15:16.130",
"lastModified": "2023-11-14T19:30:36.547",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper access control for some Intel Unison software may allow an unauthenticated user to potentially enable denial of service via network access."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@intel.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "secure@intel.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00963.html",
"source": "secure@intel.com"
}
]
}

55
CVE-2023/CVE-2023-222xx/CVE-2023-22290.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-22290",
"sourceIdentifier": "secure@intel.com",
"published": "2023-11-14T19:15:16.313",
"lastModified": "2023-11-14T19:30:36.547",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Uncaught exception for some Intel Unison software may allow an authenticated user to potentially enable denial of service via network access."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@intel.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "secure@intel.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-248"
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00963.html",
"source": "secure@intel.com"
}
]
}

Some files were not shown because too many files have changed in this diff Show More