admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-06-29T04:00:26.718571+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-06-29 04:00:30 +00:00
parent 9e2a90e4c3
commit 949298f841
81 changed files with 1069 additions and 1146 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
CVE-2022/CVE-2022-219xx/CVE-2022-21967.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-21967",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:09.917",
"lastModified": "2022-03-14T13:49:46.740",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:09.427",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Xbox Live Auth Manager for Windows Elevation of Privilege Vulnerability."
"value": "Xbox Live Auth Manager for Windows Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -154,12 +154,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21967",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21967",
"source": "secure@microsoft.com"
}
]
}

18
CVE-2022/CVE-2022-219xx/CVE-2022-21973.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-21973",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:10.020",
"lastModified": "2022-03-14T13:52:02.110",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:09.550",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Media Center Update Denial of Service Vulnerability."
"value": "Windows Media Center Update Denial of Service Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,7 +37,7 @@
"impactScore": 3.6
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -134,12 +134,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21973",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21973",
"source": "secure@microsoft.com"
}
]
}

18
CVE-2022/CVE-2022-219xx/CVE-2022-21975.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-21975",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:10.113",
"lastModified": "2022-05-23T17:29:19.050",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:09.633",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Hyper-V Denial of Service Vulnerability."
"value": "Windows Hyper-V Denial of Service Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,7 +37,7 @@
"impactScore": 3.6
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -174,12 +174,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21975",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21975",
"source": "secure@microsoft.com"
}
]
}

18
CVE-2022/CVE-2022-219xx/CVE-2022-21977.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-21977",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:10.207",
"lastModified": "2022-05-23T17:29:19.063",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:09.723",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Media Foundation Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-22010."
"value": "Media Foundation Information Disclosure Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,7 +37,7 @@
"impactScore": 1.4
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -189,12 +189,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21977",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21977",
"source": "secure@microsoft.com"
}
]
}

18
CVE-2022/CVE-2022-219xx/CVE-2022-21990.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-21990",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:10.300",
"lastModified": "2022-05-23T17:29:19.077",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:09.813",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Remote Desktop Client Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-23285."
"value": "Remote Desktop Client Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -209,12 +209,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21990",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21990",
"source": "secure@microsoft.com"
}
]
}

25
CVE-2022/CVE-2022-220xx/CVE-2022-22006.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-22006",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:10.390",
"lastModified": "2022-03-14T15:54:55.790",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:09.897",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22007, CVE-2022-23301, CVE-2022-24452, CVE-2022-24453, CVE-2022-24456."
"value": "HEVC Video Extensions Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -115,19 +115,8 @@
],
"references": [
{
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0012/MNDT-2022-0012.md",
"source": "secure@microsoft.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22006",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22006",
"source": "secure@microsoft.com"
}
]
}

25
CVE-2022/CVE-2022-220xx/CVE-2022-22007.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-22007",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:10.477",
"lastModified": "2022-03-14T16:03:32.487",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:09.983",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22006, CVE-2022-23301, CVE-2022-24452, CVE-2022-24453, CVE-2022-24456."
"value": "HEVC Video Extensions Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -115,19 +115,8 @@
],
"references": [
{
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0013/MNDT-2022-0013.md",
"source": "secure@microsoft.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22007",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22007",
"source": "secure@microsoft.com"
}
]
}

56
CVE-2022/CVE-2022-220xx/CVE-2022-22010.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-22010",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:10.667",
"lastModified": "2022-05-23T17:29:19.093",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:10.067",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Media Foundation Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-21977."
"value": "Media Foundation Information Disclosure Vulnerability"
},
{
"lang": "es",
@ -16,29 +16,9 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
@ -55,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 2.5
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [
@ -194,12 +194,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22010",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22010",
"source": "secure@microsoft.com"
}
]
}

18
CVE-2022/CVE-2022-232xx/CVE-2022-23253.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-23253",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:10.837",
"lastModified": "2022-05-23T17:29:19.110",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:10.163",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Point-to-Point Tunneling Protocol Denial of Service Vulnerability."
"value": "Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,7 +37,7 @@
"impactScore": 3.6
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -204,12 +204,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23253",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23253",
"source": "secure@microsoft.com"
}
]
}

56
CVE-2022/CVE-2022-232xx/CVE-2022-23265.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-23265",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:10.933",
"lastModified": "2022-03-14T16:12:57.360",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:10.243",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Defender for IoT Remote Code Execution Vulnerability."
"value": "Microsoft Defender for IoT Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -16,29 +16,9 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
@ -55,6 +35,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -115,12 +115,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23265",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23265",
"source": "secure@microsoft.com"
}
]
}

18
CVE-2022/CVE-2022-232xx/CVE-2022-23266.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-23266",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:11.030",
"lastModified": "2022-03-14T16:16:26.387",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:10.320",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Defender for IoT Elevation of Privilege Vulnerability."
"value": "Microsoft Defender for IoT Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -115,12 +115,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23266",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23266",
"source": "secure@microsoft.com"
}
]
}

23
CVE-2022/CVE-2022-232xx/CVE-2022-23277.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-23277",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:11.113",
"lastModified": "2022-08-26T19:15:13.573",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:10.393",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Exchange Server Remote Code Execution Vulnerability."
"value": "Microsoft Exchange Server Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -134,21 +134,8 @@
],
"references": [
{
"url": "http://packetstormsecurity.com/files/168131/Microsoft-Exchange-Server-ChainedSerializationBinder-Remote-Code-Execution.html",
"source": "secure@microsoft.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23277",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23277",
"source": "secure@microsoft.com"
}
]
}

18
CVE-2022/CVE-2022-232xx/CVE-2022-23278.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-23278",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:11.210",
"lastModified": "2022-05-23T17:29:19.123",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:10.480",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Defender for Endpoint Spoofing Vulnerability."
"value": "Microsoft Defender for Endpoint Spoofing Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,7 +37,7 @@
"impactScore": 3.6
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -241,12 +241,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23278",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23278",
"source": "secure@microsoft.com"
}
]
}

18
CVE-2022/CVE-2022-232xx/CVE-2022-23281.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-23281",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:11.323",
"lastModified": "2022-05-23T17:29:19.137",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:10.590",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Common Log File System Driver Information Disclosure Vulnerability."
"value": "Windows Common Log File System Driver Information Disclosure Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,7 +37,7 @@
"impactScore": 3.6
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -209,12 +209,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23281",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23281",
"source": "secure@microsoft.com"
}
]
}

18
CVE-2022/CVE-2022-232xx/CVE-2022-23282.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-23282",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:11.427",
"lastModified": "2022-03-14T16:44:59.667",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:10.667",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Paint 3D Remote Code Execution Vulnerability."
"value": "Paint 3D Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -114,12 +114,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23282",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23282",
"source": "secure@microsoft.com"
}
]
}

18
CVE-2022/CVE-2022-232xx/CVE-2022-23283.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-23283",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:11.530",
"lastModified": "2022-05-23T17:29:19.160",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:10.747",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows ALPC Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-23287, CVE-2022-24505."
"value": "Windows ALPC Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -209,12 +209,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23283",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23283",
"source": "secure@microsoft.com"
}
]
}

18
CVE-2022/CVE-2022-232xx/CVE-2022-23284.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-23284",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:11.667",
"lastModified": "2022-05-23T17:29:19.180",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:10.827",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Print Spooler Elevation of Privilege Vulnerability."
"value": "Windows Print Spooler Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -194,12 +194,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23284",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23284",
"source": "secure@microsoft.com"
}
]
}

18
CVE-2022/CVE-2022-232xx/CVE-2022-23285.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-23285",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:11.770",
"lastModified": "2022-03-14T16:55:44.697",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:10.917",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Remote Desktop Client Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21990."
"value": "Remote Desktop Client Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -189,12 +189,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23285",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23285",
"source": "secure@microsoft.com"
}
]
}

18
CVE-2022/CVE-2022-232xx/CVE-2022-23286.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-23286",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:11.893",
"lastModified": "2022-05-23T17:29:19.197",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:11.000",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability."
"value": "Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -159,12 +159,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23286",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23286",
"source": "secure@microsoft.com"
}
]
}

18
CVE-2022/CVE-2022-232xx/CVE-2022-23287.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-23287",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:11.993",
"lastModified": "2022-05-23T17:29:19.210",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:11.087",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows ALPC Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-23283, CVE-2022-24505."
"value": "Windows ALPC Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -174,12 +174,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23287",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23287",
"source": "secure@microsoft.com"
}
]
}

18
CVE-2022/CVE-2022-232xx/CVE-2022-23288.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-23288",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:12.100",
"lastModified": "2022-05-23T17:29:19.220",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:11.167",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows DWM Core Library Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-23291."
"value": "Windows DWM Core Library Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -153,12 +153,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23288",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23288",
"source": "secure@microsoft.com"
}
]
}

18
CVE-2022/CVE-2022-232xx/CVE-2022-23290.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-23290",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:12.197",
"lastModified": "2022-05-23T17:29:19.230",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:11.243",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Inking COM Elevation of Privilege Vulnerability."
"value": "Windows Inking COM Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -209,12 +209,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23290",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23290",
"source": "secure@microsoft.com"
}
]
}

18
CVE-2022/CVE-2022-232xx/CVE-2022-23291.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-23291",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:12.283",
"lastModified": "2022-05-23T17:29:19.250",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:11.330",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows DWM Core Library Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-23288."
"value": "Windows DWM Core Library Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -159,12 +159,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23291",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23291",
"source": "secure@microsoft.com"
}
]
}

18
CVE-2022/CVE-2022-232xx/CVE-2022-23293.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-23293",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:12.380",
"lastModified": "2022-05-23T17:29:19.260",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:11.417",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Fast FAT File System Driver Elevation of Privilege Vulnerability."
"value": "Windows Fast FAT File System Driver Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -209,12 +209,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23293",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23293",
"source": "secure@microsoft.com"
}
]
}

18
CVE-2022/CVE-2022-232xx/CVE-2022-23294.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-23294",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:12.463",
"lastModified": "2022-05-23T17:29:19.290",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:11.500",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Event Tracing Remote Code Execution Vulnerability."
"value": "Windows Event Tracing Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -194,12 +194,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23294",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23294",
"source": "secure@microsoft.com"
}
]
}

18
CVE-2022/CVE-2022-232xx/CVE-2022-23295.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-23295",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:12.550",
"lastModified": "2022-03-14T17:59:14.877",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:11.583",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Raw Image Extension Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-23300."
"value": "Raw Image Extension Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -115,12 +115,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23295",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23295",
"source": "secure@microsoft.com"
}
]
}

21
CVE-2022/CVE-2022-232xx/CVE-2022-23296.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-23296",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:12.640",
"lastModified": "2022-05-23T17:29:19.300",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:11.663",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Installer Elevation of Privilege Vulnerability."
"value": "Windows Installer Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -209,19 +209,8 @@
],
"references": [
{
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0017/MNDT-2022-0017.md",
"source": "secure@microsoft.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23296",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23296",
"source": "secure@microsoft.com"
}
]
}

18
CVE-2022/CVE-2022-232xx/CVE-2022-23297.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-23297",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:12.740",
"lastModified": "2022-05-23T17:29:19.330",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:11.747",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability."
"value": "Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,7 +37,7 @@
"impactScore": 3.6
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -209,12 +209,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23297",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23297",
"source": "secure@microsoft.com"
}
]
}

18
CVE-2022/CVE-2022-232xx/CVE-2022-23298.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-23298",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:12.830",
"lastModified": "2022-05-23T17:29:19.350",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:11.833",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows NT OS Kernel Elevation of Privilege Vulnerability."
"value": "Windows NT OS Kernel Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -213,12 +213,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23298",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23298",
"source": "secure@microsoft.com"
}
]
}

18
CVE-2022/CVE-2022-232xx/CVE-2022-23299.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-23299",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:12.923",
"lastModified": "2022-05-23T17:29:19.370",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:11.923",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows PDEV Elevation of Privilege Vulnerability."
"value": "Windows PDEV Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -209,12 +209,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23299",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23299",
"source": "secure@microsoft.com"
}
]
}

18
CVE-2022/CVE-2022-233xx/CVE-2022-23300.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-23300",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:13.023",
"lastModified": "2022-03-14T18:22:27.540",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:12.017",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Raw Image Extension Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-23295."
"value": "Raw Image Extension Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -115,12 +115,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23300",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23300",
"source": "secure@microsoft.com"
}
]
}

18
CVE-2022/CVE-2022-233xx/CVE-2022-23301.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-23301",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:13.113",
"lastModified": "2022-03-14T18:23:21.120",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:12.107",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22006, CVE-2022-22007, CVE-2022-24452, CVE-2022-24453, CVE-2022-24456."
"value": "HEVC Video Extensions Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -115,12 +115,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23301",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23301",
"source": "secure@microsoft.com"
}
]
}

18
CVE-2022/CVE-2022-244xx/CVE-2022-24451.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-24451",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:13.210",
"lastModified": "2022-03-14T18:26:58.170",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:12.187",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "VP9 Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24501."
"value": "VP9 Video Extensions Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -115,12 +115,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24451",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24451",
"source": "secure@microsoft.com"
}
]
}

18
CVE-2022/CVE-2022-244xx/CVE-2022-24452.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-24452",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:13.297",
"lastModified": "2022-03-14T18:28:38.043",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:12.267",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22006, CVE-2022-22007, CVE-2022-23301, CVE-2022-24453, CVE-2022-24456."
"value": "HEVC Video Extensions Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -115,12 +115,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24452",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24452",
"source": "secure@microsoft.com"
}
]
}

21
CVE-2022/CVE-2022-244xx/CVE-2022-24453.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-24453",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:13.397",
"lastModified": "2022-03-14T18:29:46.547",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:12.350",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22006, CVE-2022-22007, CVE-2022-23301, CVE-2022-24452, CVE-2022-24456."
"value": "HEVC Video Extensions Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -115,19 +115,8 @@
],
"references": [
{
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0014/MNDT-2022-0014.md",
"source": "secure@microsoft.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24453",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24453",
"source": "secure@microsoft.com"
}
]
}

18
CVE-2022/CVE-2022-244xx/CVE-2022-24454.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-24454",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:13.497",
"lastModified": "2022-05-23T17:29:19.393",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:12.420",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Security Support Provider Interface Elevation of Privilege Vulnerability."
"value": "Windows Security Support Provider Interface Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -204,12 +204,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24454",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24454",
"source": "secure@microsoft.com"
}
]
}

18
CVE-2022/CVE-2022-244xx/CVE-2022-24455.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-24455",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:13.587",
"lastModified": "2022-03-14T18:41:00.733",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:12.503",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows CD-ROM Driver Elevation of Privilege Vulnerability."
"value": "Windows CD-ROM Driver Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -159,12 +159,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24455",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24455",
"source": "secure@microsoft.com"
}
]
}

21
CVE-2022/CVE-2022-244xx/CVE-2022-24456.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-24456",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:13.673",
"lastModified": "2022-03-14T18:44:13.907",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:12.580",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22006, CVE-2022-22007, CVE-2022-23301, CVE-2022-24452, CVE-2022-24453."
"value": "HEVC Video Extensions Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -115,19 +115,8 @@
],
"references": [
{
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0015/MNDT-2022-0015.md",
"source": "secure@microsoft.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24456",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24456",
"source": "secure@microsoft.com"
}
]
}

21
CVE-2022/CVE-2022-244xx/CVE-2022-24457.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-24457",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:13.770",
"lastModified": "2022-03-14T18:45:11.247",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:12.663",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "HEIF Image Extensions Remote Code Execution Vulnerability."
"value": "HEIF Image Extensions Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -115,19 +115,8 @@
],
"references": [
{
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0016/MNDT-2022-0016.md",
"source": "secure@microsoft.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24457",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24457",
"source": "secure@microsoft.com"
}
]
}

18
CVE-2022/CVE-2022-244xx/CVE-2022-24459.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-24459",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:13.867",
"lastModified": "2022-05-23T17:29:19.410",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:12.767",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Fax and Scan Service Elevation of Privilege Vulnerability."
"value": "Windows Fax and Scan Service Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -209,12 +209,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24459",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24459",
"source": "secure@microsoft.com"
}
]
}

18
CVE-2022/CVE-2022-244xx/CVE-2022-24460.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-24460",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:13.950",
"lastModified": "2022-05-23T17:29:19.430",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:12.843",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Tablet Windows User Interface Application Elevation of Privilege Vulnerability."
"value": "Tablet Windows User Interface Application Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -178,12 +178,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24460",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24460",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-244xx/CVE-2022-24461.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-24461",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:14.037",
"lastModified": "2022-03-14T18:52:23.793",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:12.927",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Office Visio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24509, CVE-2022-24510."
"value": "Microsoft Office Visio Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -104,12 +104,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24461",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24461",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-244xx/CVE-2022-24462.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-24462",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:14.127",
"lastModified": "2022-03-14T18:53:09.590",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:13.013",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Word Security Feature Bypass Vulnerability."
"value": "Microsoft Word Security Feature Bypass Vulnerability"
},
{
"lang": "es",
@ -104,12 +104,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24462",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24462",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-244xx/CVE-2022-24463.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-24463",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:14.200",
"lastModified": "2022-03-14T18:54:39.350",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:13.107",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Exchange Server Spoofing Vulnerability."
"value": "Microsoft Exchange Server Spoofing Vulnerability"
},
{
"lang": "es",
@ -109,12 +109,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24463",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24463",
"source": "secure@microsoft.com"
}
]
}

62
CVE-2022/CVE-2022-244xx/CVE-2022-24464.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-24464",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:14.277",
"lastModified": "2022-05-12T16:26:56.323",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:13.200",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": ".NET and Visual Studio Denial of Service Vulnerability."
"value": ".NET and Visual Studio Denial of Service Vulnerability"
},
{
"lang": "es",
@ -184,60 +184,8 @@
],
"references": [
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/",
"source": "secure@microsoft.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/",
"source": "secure@microsoft.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/",
"source": "secure@microsoft.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/",
"source": "secure@microsoft.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/",
"source": "secure@microsoft.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/",
"source": "secure@microsoft.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24464",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24464",
"source": "secure@microsoft.com"
}
]
}

56
CVE-2022/CVE-2022-244xx/CVE-2022-24465.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-24465",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:14.377",
"lastModified": "2022-03-14T19:00:03.473",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:13.323",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Intune Portal for iOS Security Feature Bypass Vulnerability."
"value": "Microsoft Intune Portal for iOS Security Feature Bypass Vulnerability"
},
{
"lang": "es",
@ -16,29 +16,9 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
@ -55,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [
@ -114,12 +114,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24465",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24465",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-244xx/CVE-2022-24467.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-24467",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:14.477",
"lastModified": "2022-03-14T17:37:59.113",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:13.437",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24468, CVE-2022-24470, CVE-2022-24471, CVE-2022-24517, CVE-2022-24520."
"value": "Azure Site Recovery Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -95,12 +95,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24467",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24467",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-244xx/CVE-2022-24468.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-24468",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:14.560",
"lastModified": "2022-03-14T17:38:27.087",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:13.513",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24467, CVE-2022-24470, CVE-2022-24471, CVE-2022-24517, CVE-2022-24520."
"value": "Azure Site Recovery Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -95,12 +95,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24468",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24468",
"source": "secure@microsoft.com"
}
]
}

56
CVE-2022/CVE-2022-244xx/CVE-2022-24469.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-24469",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:14.637",
"lastModified": "2022-03-14T17:39:36.880",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:13.587",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24506, CVE-2022-24515, CVE-2022-24518, CVE-2022-24519."
"value": "Azure Site Recovery Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -16,29 +16,9 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
@ -55,6 +35,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -115,12 +115,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24469",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24469",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-244xx/CVE-2022-24470.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-24470",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:14.723",
"lastModified": "2022-03-14T17:40:18.880",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:13.673",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24467, CVE-2022-24468, CVE-2022-24471, CVE-2022-24517, CVE-2022-24520."
"value": "Azure Site Recovery Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -95,12 +95,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24470",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24470",
"source": "secure@microsoft.com"
}
]
}

18
CVE-2022/CVE-2022-244xx/CVE-2022-24471.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-24471",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:14.803",
"lastModified": "2022-03-14T17:42:30.853",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:13.770",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24467, CVE-2022-24468, CVE-2022-24470, CVE-2022-24517, CVE-2022-24520."
"value": "Azure Site Recovery Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -115,12 +115,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24471",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24471",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-245xx/CVE-2022-24501.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-24501",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:14.880",
"lastModified": "2022-03-14T19:01:26.063",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:13.857",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "VP9 Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24451."
"value": "VP9 Video Extensions Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -94,12 +94,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24501",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24501",
"source": "secure@microsoft.com"
}
]
}

56
CVE-2022/CVE-2022-245xx/CVE-2022-24502.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-24502",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:14.957",
"lastModified": "2022-05-23T17:29:19.443",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:13.947",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows HTML Platforms Security Feature Bypass Vulnerability."
"value": "Windows HTML Platforms Security Feature Bypass Vulnerability"
},
{
"lang": "es",
@ -16,29 +16,9 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
@ -55,6 +35,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [
@ -209,12 +209,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24502",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24502",
"source": "secure@microsoft.com"
}
]
}

56
CVE-2022/CVE-2022-245xx/CVE-2022-24503.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-24503",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:15.043",
"lastModified": "2022-05-23T17:29:19.480",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:14.030",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Remote Desktop Protocol Client Information Disclosure Vulnerability."
"value": "Remote Desktop Protocol Client Information Disclosure Vulnerability"
},
{
"lang": "es",
@ -16,29 +16,9 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
@ -55,6 +35,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
@ -210,12 +210,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24503",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24503",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-245xx/CVE-2022-24505.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-24505",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:15.127",
"lastModified": "2022-05-23T17:29:19.500",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:14.133",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows ALPC Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-23283, CVE-2022-23287."
"value": "Windows ALPC Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -154,12 +154,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24505",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24505",
"source": "secure@microsoft.com"
}
]
}

56
CVE-2022/CVE-2022-245xx/CVE-2022-24506.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-24506",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:15.210",
"lastModified": "2022-03-16T00:27:51.847",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:14.257",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24469, CVE-2022-24515, CVE-2022-24518, CVE-2022-24519."
"value": "Azure Site Recovery Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -16,29 +16,9 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
@ -55,6 +35,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 5.2
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -115,12 +115,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24506",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24506",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-245xx/CVE-2022-24507.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-24507",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:15.293",
"lastModified": "2022-05-23T17:29:19.517",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:14.337",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability."
"value": "Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -144,12 +144,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24507",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24507",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-245xx/CVE-2022-24508.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-24508",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:15.387",
"lastModified": "2022-05-23T17:29:19.527",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:14.417",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows SMBv3 Client/Server Remote Code Execution Vulnerability."
"value": "Win32 File Enumeration Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -119,12 +119,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24508",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24508",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-245xx/CVE-2022-24509.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-24509",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:15.473",
"lastModified": "2022-03-16T00:24:06.540",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:14.510",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Office Visio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24461, CVE-2022-24510."
"value": "Microsoft Office Visio Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -104,12 +104,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24509",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24509",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-245xx/CVE-2022-24510.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-24510",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:15.563",
"lastModified": "2022-03-16T00:21:48.440",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:14.597",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Office Visio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24461, CVE-2022-24509."
"value": "Microsoft Office Visio Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -104,12 +104,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24510",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24510",
"source": "secure@microsoft.com"
}
]
}

56
CVE-2022/CVE-2022-245xx/CVE-2022-24511.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-24511",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:15.650",
"lastModified": "2022-03-16T00:15:43.370",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:14.683",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Office Word Tampering Vulnerability."
"value": "Microsoft Office Word Tampering Vulnerability"
},
{
"lang": "es",
@ -16,29 +16,9 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
@ -55,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [
@ -134,12 +134,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24511",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24511",
"source": "secure@microsoft.com"
}
]
}

62
CVE-2022/CVE-2022-245xx/CVE-2022-24512.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-24512",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:15.737",
"lastModified": "2023-04-17T18:52:38.160",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:14.777",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": ".NET and Visual Studio Remote Code Execution Vulnerability."
"value": ".NET and Visual Studio Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -219,60 +219,8 @@
],
"references": [
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/",
"source": "secure@microsoft.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/",
"source": "secure@microsoft.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/",
"source": "secure@microsoft.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/",
"source": "secure@microsoft.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/",
"source": "secure@microsoft.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/",
"source": "secure@microsoft.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24512",
"source": "secure@microsoft.com"
}
]
}

56
CVE-2022/CVE-2022-245xx/CVE-2022-24515.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-24515",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:15.807",
"lastModified": "2022-05-26T16:31:56.463",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:14.877",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24469, CVE-2022-24506, CVE-2022-24518, CVE-2022-24519."
"value": "Azure Site Recovery Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -16,29 +16,9 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
@ -55,6 +35,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 5.2
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -115,12 +115,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24515",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24515",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-245xx/CVE-2022-24517.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-24517",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:15.897",
"lastModified": "2022-03-14T17:57:02.870",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:14.997",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24467, CVE-2022-24468, CVE-2022-24470, CVE-2022-24471, CVE-2022-24520."
"value": "Azure Site Recovery Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -95,12 +95,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24517",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24517",
"source": "secure@microsoft.com"
}
]
}

56
CVE-2022/CVE-2022-245xx/CVE-2022-24518.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-24518",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:15.983",
"lastModified": "2022-03-14T17:56:30.730",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:15.077",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24469, CVE-2022-24506, CVE-2022-24515, CVE-2022-24519."
"value": "Azure Site Recovery Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -16,29 +16,9 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
@ -55,6 +35,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 5.2
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
],
"cvssMetricV2": [
@ -115,12 +115,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24518",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24518",
"source": "secure@microsoft.com"
}
]
}

56
CVE-2022/CVE-2022-245xx/CVE-2022-24519.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-24519",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:16.070",
"lastModified": "2022-03-14T17:44:12.617",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:15.167",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24469, CVE-2022-24506, CVE-2022-24515, CVE-2022-24518."
"value": "Azure Site Recovery Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -16,29 +16,9 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
@ -55,6 +35,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 5.2
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
],
"cvssMetricV2": [
@ -115,12 +115,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24519",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24519",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-245xx/CVE-2022-24520.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-24520",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:16.157",
"lastModified": "2022-03-14T17:43:03.027",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:15.267",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24467, CVE-2022-24468, CVE-2022-24470, CVE-2022-24471, CVE-2022-24517."
"value": "Azure Site Recovery Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -95,12 +95,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24520",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24520",
"source": "secure@microsoft.com"
}
]
}

28
CVE-2022/CVE-2022-245xx/CVE-2022-24522.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-24522",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:16.237",
"lastModified": "2022-03-15T15:53:09.720",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:15.360",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Skype Extension for Chrome Information Disclosure Vulnerability."
"value": "Skype Extension for Chrome Information Disclosure Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,23 +37,23 @@
"impactScore": 3.6
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
],
@ -115,12 +115,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24522",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24522",
"source": "secure@microsoft.com"
}
]
}

18
CVE-2022/CVE-2022-245xx/CVE-2022-24525.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-24525",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:16.290",
"lastModified": "2022-05-23T17:29:19.533",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:15.457",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Update Stack Elevation of Privilege Vulnerability."
"value": "Windows Update Stack Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -144,12 +144,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24525",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24525",
"source": "secure@microsoft.com"
}
]
}

56
CVE-2022/CVE-2022-245xx/CVE-2022-24526.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-24526",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-03-09T17:15:16.350",
"lastModified": "2022-03-15T15:42:56.767",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-29T02:15:15.557",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Visual Studio Code Spoofing Vulnerability."
"value": "Visual Studio Code Spoofing Vulnerability"
},
{
"lang": "es",
@ -16,29 +16,9 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
@ -55,6 +35,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [
@ -115,12 +115,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24526",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24526",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2022/CVE-2022-268xx/CVE-2022-26899.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2022-26899",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-06-29T02:15:15.657",
"lastModified": "2023-06-29T02:15:15.657",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26899",
"source": "secure@microsoft.com"
}
]
}

20
CVE-2022/CVE-2022-464xx/CVE-2022-46407.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2022-46407",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-29T02:15:15.827",
"lastModified": "2023-06-29T02:15:15.827",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Ericsson Network Manager (ENM), versions prior to 22.2, contains a vulnerability in the REST endpoint \u201ceditprofile\u201d where Open Redirect HTTP Header Injection can lead to redirection of the submitted request to domain out of control of ENM deployment. The attacker would need admin/elevated access to exploit the vulnerability"
}
],
"metrics": {},
"references": [
{
"url": "https://www.gruppotim.it/it/footer/red-team.html",
"source": "cve@mitre.org"
}
]
}

20
CVE-2022/CVE-2022-464xx/CVE-2022-46408.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2022-46408",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-29T03:15:09.357",
"lastModified": "2023-06-29T03:15:09.357",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Ericsson Network Manager (ENM), versions prior to 22.1, contains a vulnerability in the application Network Connectivity Manager (NCM) where improper Neutralization of Formula Elements in a CSV File can lead to remote code execution or data leakage via maliciously injected hyperlinks. The attacker would need admin/elevated access to exploit the vulnerability."
}
],
"metrics": {},
"references": [
{
"url": "https://www.gruppotim.it/it/footer/red-team.html",
"source": "cve@mitre.org"
}
]
}

63
CVE-2023/CVE-2023-16xx/CVE-2023-1602.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-1602",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-29T02:15:15.937",
"lastModified": "2023-06-29T02:15:15.937",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Short URL plugin for WordPress is vulnerable to stored Cross-Site Scripting via the 'comment' parameter due to insufficient input sanitization and output escaping in versions up to, and including, 1.6.4. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/2931815/shorten-url/trunk/shorten-url.php",
"source": "security@wordfence.com"
},
{
"url": "https://wordpress.org/plugins/shorten-url/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a5f29f35-da79-4389-a0a5-a1be0b0b8996?source=cve",
"source": "security@wordfence.com"
}
]
}

71
CVE-2023/CVE-2023-29xx/CVE-2023-2982.json Normal file
View File

@ -0,0 +1,71 @@
{
"id": "CVE-2023-2982",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-29T02:15:16.103",
"lastModified": "2023-06-29T02:15:16.103",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 7.6.4. This is due to insufficient encryption on the user being supplied during a login validated through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they know the email address associated with that user. This was partially patched in version 7.6.4 and fully patched in version 7.6.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-288"
}
]
}
],
"references": [
{
"url": "https://lana.codes/lanavdb/2326f41f-a39f-4fde-8627-9d29fff91443/",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/miniorange-login-openid/trunk/mo-openid-social-login-functions.php#L107",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2924863/miniorange-login-openid",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2925914/miniorange-login-openid",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/08ca186a-2486-4a58-9c53-03e9eba13e66?source=cve",
"source": "security@wordfence.com"
}
]
}

20
CVE-2023/CVE-2023-346xx/CVE-2023-34648.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-34648",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-29T03:15:09.423",
"lastModified": "2023-06-29T03:15:09.423",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A Cross Site Scripting vulnerability in PHPgurukl User Registration Login and User Management System with admin panel v.1.0 allows a local attacker to execute arbitrary code via a crafted script to the signup.php."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/ckalnarayan/Common-Vulnerabilities-and-Exposures/blob/main/CVE-2023-34648",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-347xx/CVE-2023-34734.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-34734",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-29T03:15:09.470",
"lastModified": "2023-06-29T03:15:09.470",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Annet AC Centralized Management Platform 1.02.040 is vulnerable to Stored Cross-Site Scripting (XSS) ."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/prismbreak/vulnerabilities/issues/3",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-348xx/CVE-2023-34831.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-34831",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-29T03:15:09.517",
"lastModified": "2023-06-29T03:15:09.517",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The \"Submission Web Form\" of Turnitin LTI tool/plugin version 1.3 is affected by HTML Injection attacks. The security issue affects the submission web form (\"id\" and \"title\" HTTP POST parameters) where the students submit their reports for similarity/plagiarism checks."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/IthacaLabs/Turnitin/blob/main/Turnitin_LTI_1.3_HTMLi_CVE-2023-34831/Turnitin_LTI_1.3_HTMLi_CVE-2023-34831.txt",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/IthacaLabs/Turnitin/blob/main/Turnitin_Submission_Web_Form/",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-348xx/CVE-2023-34834.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-34834",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-29T03:15:09.563",
"lastModified": "2023-06-29T03:15:09.563",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A Directory Browsing vulnerability in MCL-Net version 4.3.5.8788 webserver running on default port 5080, allows attackers to gain sensitive information about the configured databases via the \"/file\" endpoint."
}
],
"metrics": {},
"references": [
{
"url": "http://www.mclv4.mcl-collection.com/index.php",
"source": "cve@mitre.org"
},
{
"url": "https://www.exploit-db.com/exploits/51542",
"source": "cve@mitre.org"
}
]
}

43
CVE-2023/CVE-2023-372xx/CVE-2023-37237.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-37237",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-29T02:15:16.207",
"lastModified": "2023-06-29T02:15:16.207",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In Veritas NetBackup Appliance before 4.1.0.1 MR3, insecure permissions may allow an authenticated Admin to bypass shell restrictions and execute arbitrary operating system commands via SSH."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2
}
]
},
"references": [
{
"url": "https://www.veritas.com/content/support/en_US/security/VTS23-004",
"source": "cve@mitre.org"
}
]
}

78
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-06-29T02:00:31.226986+00:00
2023-06-29T04:00:26.718571+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-06-29T01:15:51.267000+00:00
2023-06-29T03:15:09.563000+00:00
```
### Last Data Feed Release
@ -29,52 +29,54 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
218856
218866
```
### CVEs added in the last Commit
Recently added CVEs: `8`
Recently added CVEs: `10`
* [CVE-2022-29144](CVE-2022/CVE-2022-291xx/CVE-2022-29144.json) (`2023-06-29T01:15:49.663`)
* [CVE-2022-29146](CVE-2022/CVE-2022-291xx/CVE-2022-29146.json) (`2023-06-29T01:15:50.000`)
* [CVE-2022-29147](CVE-2022/CVE-2022-291xx/CVE-2022-29147.json) (`2023-06-29T01:15:50.450`)
* [CVE-2023-33661](CVE-2023/CVE-2023-336xx/CVE-2023-33661.json) (`2023-06-29T00:15:09.567`)
* [CVE-2023-34738](CVE-2023/CVE-2023-347xx/CVE-2023-34738.json) (`2023-06-29T00:15:09.620`)
* [CVE-2023-34843](CVE-2023/CVE-2023-348xx/CVE-2023-34843.json) (`2023-06-29T00:15:09.670`)
* [CVE-2023-32610](CVE-2023/CVE-2023-326xx/CVE-2023-32610.json) (`2023-06-29T01:15:50.913`)
* [CVE-2023-36476](CVE-2023/CVE-2023-364xx/CVE-2023-36476.json) (`2023-06-29T01:15:51.267`)
* [CVE-2022-26899](CVE-2022/CVE-2022-268xx/CVE-2022-26899.json) (`2023-06-29T02:15:15.657`)
* [CVE-2022-46407](CVE-2022/CVE-2022-464xx/CVE-2022-46407.json) (`2023-06-29T02:15:15.827`)
* [CVE-2022-46408](CVE-2022/CVE-2022-464xx/CVE-2022-46408.json) (`2023-06-29T03:15:09.357`)
* [CVE-2023-1602](CVE-2023/CVE-2023-16xx/CVE-2023-1602.json) (`2023-06-29T02:15:15.937`)
* [CVE-2023-2982](CVE-2023/CVE-2023-29xx/CVE-2023-2982.json) (`2023-06-29T02:15:16.103`)
* [CVE-2023-37237](CVE-2023/CVE-2023-372xx/CVE-2023-37237.json) (`2023-06-29T02:15:16.207`)
* [CVE-2023-34648](CVE-2023/CVE-2023-346xx/CVE-2023-34648.json) (`2023-06-29T03:15:09.423`)
* [CVE-2023-34734](CVE-2023/CVE-2023-347xx/CVE-2023-34734.json) (`2023-06-29T03:15:09.470`)
* [CVE-2023-34831](CVE-2023/CVE-2023-348xx/CVE-2023-34831.json) (`2023-06-29T03:15:09.517`)
* [CVE-2023-34834](CVE-2023/CVE-2023-348xx/CVE-2023-34834.json) (`2023-06-29T03:15:09.563`)
### CVEs modified in the last Commit
Recently modified CVEs: `124`
Recently modified CVEs: `70`
* [CVE-2022-26891](CVE-2022/CVE-2022-268xx/CVE-2022-26891.json) (`2023-06-29T01:15:42.250`)
* [CVE-2022-26894](CVE-2022/CVE-2022-268xx/CVE-2022-26894.json) (`2023-06-29T01:15:42.607`)
* [CVE-2022-26895](CVE-2022/CVE-2022-268xx/CVE-2022-26895.json) (`2023-06-29T01:15:43.007`)
* [CVE-2022-26896](CVE-2022/CVE-2022-268xx/CVE-2022-26896.json) (`2023-06-29T01:15:43.333`)
* [CVE-2022-26897](CVE-2022/CVE-2022-268xx/CVE-2022-26897.json) (`2023-06-29T01:15:43.587`)
* [CVE-2022-26898](CVE-2022/CVE-2022-268xx/CVE-2022-26898.json) (`2023-06-29T01:15:43.880`)
* [CVE-2022-26900](CVE-2022/CVE-2022-269xx/CVE-2022-26900.json) (`2023-06-29T01:15:44.453`)
* [CVE-2022-26901](CVE-2022/CVE-2022-269xx/CVE-2022-26901.json) (`2023-06-29T01:15:44.737`)
* [CVE-2022-26903](CVE-2022/CVE-2022-269xx/CVE-2022-26903.json) (`2023-06-29T01:15:45.140`)
* [CVE-2022-26904](CVE-2022/CVE-2022-269xx/CVE-2022-26904.json) (`2023-06-29T01:15:45.370`)
* [CVE-2022-26907](CVE-2022/CVE-2022-269xx/CVE-2022-26907.json) (`2023-06-29T01:15:45.540`)
* [CVE-2022-26908](CVE-2022/CVE-2022-269xx/CVE-2022-26908.json) (`2023-06-29T01:15:45.777`)
* [CVE-2022-26909](CVE-2022/CVE-2022-269xx/CVE-2022-26909.json) (`2023-06-29T01:15:46.053`)
* [CVE-2022-26910](CVE-2022/CVE-2022-269xx/CVE-2022-26910.json) (`2023-06-29T01:15:46.310`)
* [CVE-2022-26911](CVE-2022/CVE-2022-269xx/CVE-2022-26911.json) (`2023-06-29T01:15:46.623`)
* [CVE-2022-26912](CVE-2022/CVE-2022-269xx/CVE-2022-26912.json) (`2023-06-29T01:15:46.863`)
* [CVE-2022-26914](CVE-2022/CVE-2022-269xx/CVE-2022-26914.json) (`2023-06-29T01:15:47.143`)
* [CVE-2022-26915](CVE-2022/CVE-2022-269xx/CVE-2022-26915.json) (`2023-06-29T01:15:47.453`)
* [CVE-2022-26916](CVE-2022/CVE-2022-269xx/CVE-2022-26916.json) (`2023-06-29T01:15:47.683`)
* [CVE-2022-26917](CVE-2022/CVE-2022-269xx/CVE-2022-26917.json) (`2023-06-29T01:15:47.850`)
* [CVE-2022-26918](CVE-2022/CVE-2022-269xx/CVE-2022-26918.json) (`2023-06-29T01:15:48.103`)
* [CVE-2022-26919](CVE-2022/CVE-2022-269xx/CVE-2022-26919.json) (`2023-06-29T01:15:48.303`)
* [CVE-2022-26920](CVE-2022/CVE-2022-269xx/CVE-2022-26920.json) (`2023-06-29T01:15:48.537`)
* [CVE-2022-26921](CVE-2022/CVE-2022-269xx/CVE-2022-26921.json) (`2023-06-29T01:15:48.897`)
* [CVE-2022-26924](CVE-2022/CVE-2022-269xx/CVE-2022-26924.json) (`2023-06-29T01:15:49.313`)
* [CVE-2022-24465](CVE-2022/CVE-2022-244xx/CVE-2022-24465.json) (`2023-06-29T02:15:13.323`)
* [CVE-2022-24467](CVE-2022/CVE-2022-244xx/CVE-2022-24467.json) (`2023-06-29T02:15:13.437`)
* [CVE-2022-24468](CVE-2022/CVE-2022-244xx/CVE-2022-24468.json) (`2023-06-29T02:15:13.513`)
* [CVE-2022-24469](CVE-2022/CVE-2022-244xx/CVE-2022-24469.json) (`2023-06-29T02:15:13.587`)
* [CVE-2022-24470](CVE-2022/CVE-2022-244xx/CVE-2022-24470.json) (`2023-06-29T02:15:13.673`)
* [CVE-2022-24471](CVE-2022/CVE-2022-244xx/CVE-2022-24471.json) (`2023-06-29T02:15:13.770`)
* [CVE-2022-24501](CVE-2022/CVE-2022-245xx/CVE-2022-24501.json) (`2023-06-29T02:15:13.857`)
* [CVE-2022-24502](CVE-2022/CVE-2022-245xx/CVE-2022-24502.json) (`2023-06-29T02:15:13.947`)
* [CVE-2022-24503](CVE-2022/CVE-2022-245xx/CVE-2022-24503.json) (`2023-06-29T02:15:14.030`)
* [CVE-2022-24505](CVE-2022/CVE-2022-245xx/CVE-2022-24505.json) (`2023-06-29T02:15:14.133`)
* [CVE-2022-24506](CVE-2022/CVE-2022-245xx/CVE-2022-24506.json) (`2023-06-29T02:15:14.257`)
* [CVE-2022-24507](CVE-2022/CVE-2022-245xx/CVE-2022-24507.json) (`2023-06-29T02:15:14.337`)
* [CVE-2022-24508](CVE-2022/CVE-2022-245xx/CVE-2022-24508.json) (`2023-06-29T02:15:14.417`)
* [CVE-2022-24509](CVE-2022/CVE-2022-245xx/CVE-2022-24509.json) (`2023-06-29T02:15:14.510`)
* [CVE-2022-24510](CVE-2022/CVE-2022-245xx/CVE-2022-24510.json) (`2023-06-29T02:15:14.597`)
* [CVE-2022-24511](CVE-2022/CVE-2022-245xx/CVE-2022-24511.json) (`2023-06-29T02:15:14.683`)
* [CVE-2022-24512](CVE-2022/CVE-2022-245xx/CVE-2022-24512.json) (`2023-06-29T02:15:14.777`)
* [CVE-2022-24515](CVE-2022/CVE-2022-245xx/CVE-2022-24515.json) (`2023-06-29T02:15:14.877`)
* [CVE-2022-24517](CVE-2022/CVE-2022-245xx/CVE-2022-24517.json) (`2023-06-29T02:15:14.997`)
* [CVE-2022-24518](CVE-2022/CVE-2022-245xx/CVE-2022-24518.json) (`2023-06-29T02:15:15.077`)
* [CVE-2022-24519](CVE-2022/CVE-2022-245xx/CVE-2022-24519.json) (`2023-06-29T02:15:15.167`)
* [CVE-2022-24520](CVE-2022/CVE-2022-245xx/CVE-2022-24520.json) (`2023-06-29T02:15:15.267`)
* [CVE-2022-24522](CVE-2022/CVE-2022-245xx/CVE-2022-24522.json) (`2023-06-29T02:15:15.360`)
* [CVE-2022-24525](CVE-2022/CVE-2022-245xx/CVE-2022-24525.json) (`2023-06-29T02:15:15.457`)
* [CVE-2022-24526](CVE-2022/CVE-2022-245xx/CVE-2022-24526.json) (`2023-06-29T02:15:15.557`)
## Download and Usage