diff --git a/CVE-2022/CVE-2022-219xx/CVE-2022-21967.json b/CVE-2022/CVE-2022-219xx/CVE-2022-21967.json index f0351122bf8..63a7d7665f7 100644 --- a/CVE-2022/CVE-2022-219xx/CVE-2022-21967.json +++ b/CVE-2022/CVE-2022-219xx/CVE-2022-21967.json @@ -2,12 +2,12 @@ "id": "CVE-2022-21967", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:09.917", - "lastModified": "2022-03-14T13:49:46.740", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:09.427", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Xbox Live Auth Manager for Windows Elevation of Privilege Vulnerability." + "value": "Xbox Live Auth Manager for Windows Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,7 +37,7 @@ "impactScore": 5.9 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -154,12 +154,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21967", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21967", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-219xx/CVE-2022-21973.json b/CVE-2022/CVE-2022-219xx/CVE-2022-21973.json index ecff3db1e79..b1f4670d03b 100644 --- a/CVE-2022/CVE-2022-219xx/CVE-2022-21973.json +++ b/CVE-2022/CVE-2022-219xx/CVE-2022-21973.json @@ -2,12 +2,12 @@ "id": "CVE-2022-21973", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:10.020", - "lastModified": "2022-03-14T13:52:02.110", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:09.550", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Media Center Update Denial of Service Vulnerability." + "value": "Windows Media Center Update Denial of Service Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,7 +37,7 @@ "impactScore": 3.6 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -134,12 +134,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21973", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21973", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-219xx/CVE-2022-21975.json b/CVE-2022/CVE-2022-219xx/CVE-2022-21975.json index 2459a1f1f4e..b408e9ee1b3 100644 --- a/CVE-2022/CVE-2022-219xx/CVE-2022-21975.json +++ b/CVE-2022/CVE-2022-219xx/CVE-2022-21975.json @@ -2,12 +2,12 @@ "id": "CVE-2022-21975", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:10.113", - "lastModified": "2022-05-23T17:29:19.050", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:09.633", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Hyper-V Denial of Service Vulnerability." + "value": "Windows Hyper-V Denial of Service Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,7 +37,7 @@ "impactScore": 3.6 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -174,12 +174,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21975", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21975", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-219xx/CVE-2022-21977.json b/CVE-2022/CVE-2022-219xx/CVE-2022-21977.json index 3ee8daafe59..ab3e4023636 100644 --- a/CVE-2022/CVE-2022-219xx/CVE-2022-21977.json +++ b/CVE-2022/CVE-2022-219xx/CVE-2022-21977.json @@ -2,12 +2,12 @@ "id": "CVE-2022-21977", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:10.207", - "lastModified": "2022-05-23T17:29:19.063", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:09.723", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Media Foundation Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-22010." + "value": "Media Foundation Information Disclosure Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,7 +37,7 @@ "impactScore": 1.4 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -189,12 +189,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21977", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21977", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-219xx/CVE-2022-21990.json b/CVE-2022/CVE-2022-219xx/CVE-2022-21990.json index ea20148b22b..a15c7957a7d 100644 --- a/CVE-2022/CVE-2022-219xx/CVE-2022-21990.json +++ b/CVE-2022/CVE-2022-219xx/CVE-2022-21990.json @@ -2,12 +2,12 @@ "id": "CVE-2022-21990", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:10.300", - "lastModified": "2022-05-23T17:29:19.077", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:09.813", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Remote Desktop Client Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-23285." + "value": "Remote Desktop Client Remote Code Execution Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,7 +37,7 @@ "impactScore": 5.9 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -209,12 +209,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21990", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21990", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-220xx/CVE-2022-22006.json b/CVE-2022/CVE-2022-220xx/CVE-2022-22006.json index dea958ddf68..e4ca30bdb09 100644 --- a/CVE-2022/CVE-2022-220xx/CVE-2022-22006.json +++ b/CVE-2022/CVE-2022-220xx/CVE-2022-22006.json @@ -2,12 +2,12 @@ "id": "CVE-2022-22006", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:10.390", - "lastModified": "2022-03-14T15:54:55.790", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:09.897", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22007, CVE-2022-23301, CVE-2022-24452, CVE-2022-24453, CVE-2022-24456." + "value": "HEVC Video Extensions Remote Code Execution Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,7 +37,7 @@ "impactScore": 5.9 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -115,19 +115,8 @@ ], "references": [ { - "url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0012/MNDT-2022-0012.md", - "source": "secure@microsoft.com", - "tags": [ - "Third Party Advisory" - ] - }, - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22006", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22006", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-220xx/CVE-2022-22007.json b/CVE-2022/CVE-2022-220xx/CVE-2022-22007.json index 8899992c72f..d5256b8ed65 100644 --- a/CVE-2022/CVE-2022-220xx/CVE-2022-22007.json +++ b/CVE-2022/CVE-2022-220xx/CVE-2022-22007.json @@ -2,12 +2,12 @@ "id": "CVE-2022-22007", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:10.477", - "lastModified": "2022-03-14T16:03:32.487", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:09.983", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22006, CVE-2022-23301, CVE-2022-24452, CVE-2022-24453, CVE-2022-24456." + "value": "HEVC Video Extensions Remote Code Execution Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,7 +37,7 @@ "impactScore": 5.9 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -115,19 +115,8 @@ ], "references": [ { - "url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0013/MNDT-2022-0013.md", - "source": "secure@microsoft.com", - "tags": [ - "Third Party Advisory" - ] - }, - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22007", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22007", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-220xx/CVE-2022-22010.json b/CVE-2022/CVE-2022-220xx/CVE-2022-22010.json index 4ad41b2cada..446a7dc20ff 100644 --- a/CVE-2022/CVE-2022-220xx/CVE-2022-22010.json +++ b/CVE-2022/CVE-2022-220xx/CVE-2022-22010.json @@ -2,12 +2,12 @@ "id": "CVE-2022-22010", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:10.667", - "lastModified": "2022-05-23T17:29:19.093", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:10.067", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Media Foundation Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-21977." + "value": "Media Foundation Information Disclosure Vulnerability" }, { "lang": "es", @@ -16,29 +16,9 @@ ], "metrics": { "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - }, { "source": "secure@microsoft.com", - "type": "Secondary", + "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L", @@ -55,6 +35,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 2.5 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 } ], "cvssMetricV2": [ @@ -194,12 +194,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22010", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22010", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-232xx/CVE-2022-23253.json b/CVE-2022/CVE-2022-232xx/CVE-2022-23253.json index 333aca8e388..d4cae388a07 100644 --- a/CVE-2022/CVE-2022-232xx/CVE-2022-23253.json +++ b/CVE-2022/CVE-2022-232xx/CVE-2022-23253.json @@ -2,12 +2,12 @@ "id": "CVE-2022-23253", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:10.837", - "lastModified": "2022-05-23T17:29:19.110", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:10.163", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Point-to-Point Tunneling Protocol Denial of Service Vulnerability." + "value": "Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,7 +37,7 @@ "impactScore": 3.6 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -204,12 +204,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23253", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23253", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-232xx/CVE-2022-23265.json b/CVE-2022/CVE-2022-232xx/CVE-2022-23265.json index db4c4fca131..706985a4b3d 100644 --- a/CVE-2022/CVE-2022-232xx/CVE-2022-23265.json +++ b/CVE-2022/CVE-2022-232xx/CVE-2022-23265.json @@ -2,12 +2,12 @@ "id": "CVE-2022-23265", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:10.933", - "lastModified": "2022-03-14T16:12:57.360", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:10.243", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Microsoft Defender for IoT Remote Code Execution Vulnerability." + "value": "Microsoft Defender for IoT Remote Code Execution Vulnerability" }, { "lang": "es", @@ -16,29 +16,9 @@ ], "metrics": { "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 - }, { "source": "secure@microsoft.com", - "type": "Secondary", + "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", @@ -55,6 +35,26 @@ }, "exploitabilityScore": 1.2, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -115,12 +115,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23265", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23265", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-232xx/CVE-2022-23266.json b/CVE-2022/CVE-2022-232xx/CVE-2022-23266.json index d05fbd6a922..07b456d8239 100644 --- a/CVE-2022/CVE-2022-232xx/CVE-2022-23266.json +++ b/CVE-2022/CVE-2022-232xx/CVE-2022-23266.json @@ -2,12 +2,12 @@ "id": "CVE-2022-23266", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:11.030", - "lastModified": "2022-03-14T16:16:26.387", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:10.320", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Microsoft Defender for IoT Elevation of Privilege Vulnerability." + "value": "Microsoft Defender for IoT Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,7 +37,7 @@ "impactScore": 5.9 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -115,12 +115,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23266", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23266", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-232xx/CVE-2022-23277.json b/CVE-2022/CVE-2022-232xx/CVE-2022-23277.json index 3d4eae13c5a..99b4fe47d3d 100644 --- a/CVE-2022/CVE-2022-232xx/CVE-2022-23277.json +++ b/CVE-2022/CVE-2022-232xx/CVE-2022-23277.json @@ -2,12 +2,12 @@ "id": "CVE-2022-23277", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:11.113", - "lastModified": "2022-08-26T19:15:13.573", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:10.393", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Microsoft Exchange Server Remote Code Execution Vulnerability." + "value": "Microsoft Exchange Server Remote Code Execution Vulnerability" }, { "lang": "es", @@ -134,21 +134,8 @@ ], "references": [ { - "url": "http://packetstormsecurity.com/files/168131/Microsoft-Exchange-Server-ChainedSerializationBinder-Remote-Code-Execution.html", - "source": "secure@microsoft.com", - "tags": [ - "Exploit", - "Third Party Advisory", - "VDB Entry" - ] - }, - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23277", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23277", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-232xx/CVE-2022-23278.json b/CVE-2022/CVE-2022-232xx/CVE-2022-23278.json index 1721f470179..08f1a0ec12f 100644 --- a/CVE-2022/CVE-2022-232xx/CVE-2022-23278.json +++ b/CVE-2022/CVE-2022-232xx/CVE-2022-23278.json @@ -2,12 +2,12 @@ "id": "CVE-2022-23278", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:11.210", - "lastModified": "2022-05-23T17:29:19.123", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:10.480", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Microsoft Defender for Endpoint Spoofing Vulnerability." + "value": "Microsoft Defender for Endpoint Spoofing Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,7 +37,7 @@ "impactScore": 3.6 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -241,12 +241,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23278", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23278", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-232xx/CVE-2022-23281.json b/CVE-2022/CVE-2022-232xx/CVE-2022-23281.json index cffd29c3938..83c783b1f22 100644 --- a/CVE-2022/CVE-2022-232xx/CVE-2022-23281.json +++ b/CVE-2022/CVE-2022-232xx/CVE-2022-23281.json @@ -2,12 +2,12 @@ "id": "CVE-2022-23281", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:11.323", - "lastModified": "2022-05-23T17:29:19.137", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:10.590", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Common Log File System Driver Information Disclosure Vulnerability." + "value": "Windows Common Log File System Driver Information Disclosure Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,7 +37,7 @@ "impactScore": 3.6 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -209,12 +209,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23281", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23281", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-232xx/CVE-2022-23282.json b/CVE-2022/CVE-2022-232xx/CVE-2022-23282.json index 64c965e8738..45f41c4965f 100644 --- a/CVE-2022/CVE-2022-232xx/CVE-2022-23282.json +++ b/CVE-2022/CVE-2022-232xx/CVE-2022-23282.json @@ -2,12 +2,12 @@ "id": "CVE-2022-23282", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:11.427", - "lastModified": "2022-03-14T16:44:59.667", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:10.667", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Paint 3D Remote Code Execution Vulnerability." + "value": "Paint 3D Remote Code Execution Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,7 +37,7 @@ "impactScore": 5.9 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -114,12 +114,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23282", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23282", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-232xx/CVE-2022-23283.json b/CVE-2022/CVE-2022-232xx/CVE-2022-23283.json index 0e4ebf592d2..2cf7784a01e 100644 --- a/CVE-2022/CVE-2022-232xx/CVE-2022-23283.json +++ b/CVE-2022/CVE-2022-232xx/CVE-2022-23283.json @@ -2,12 +2,12 @@ "id": "CVE-2022-23283", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:11.530", - "lastModified": "2022-05-23T17:29:19.160", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:10.747", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows ALPC Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-23287, CVE-2022-24505." + "value": "Windows ALPC Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,7 +37,7 @@ "impactScore": 5.9 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -209,12 +209,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23283", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23283", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-232xx/CVE-2022-23284.json b/CVE-2022/CVE-2022-232xx/CVE-2022-23284.json index a31128b1722..7c05bc5a320 100644 --- a/CVE-2022/CVE-2022-232xx/CVE-2022-23284.json +++ b/CVE-2022/CVE-2022-232xx/CVE-2022-23284.json @@ -2,12 +2,12 @@ "id": "CVE-2022-23284", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:11.667", - "lastModified": "2022-05-23T17:29:19.180", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:10.827", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Print Spooler Elevation of Privilege Vulnerability." + "value": "Windows Print Spooler Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,7 +37,7 @@ "impactScore": 5.9 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -194,12 +194,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23284", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23284", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-232xx/CVE-2022-23285.json b/CVE-2022/CVE-2022-232xx/CVE-2022-23285.json index 7f7548e4ea8..d9eb37a6874 100644 --- a/CVE-2022/CVE-2022-232xx/CVE-2022-23285.json +++ b/CVE-2022/CVE-2022-232xx/CVE-2022-23285.json @@ -2,12 +2,12 @@ "id": "CVE-2022-23285", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:11.770", - "lastModified": "2022-03-14T16:55:44.697", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:10.917", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Remote Desktop Client Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21990." + "value": "Remote Desktop Client Remote Code Execution Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,7 +37,7 @@ "impactScore": 5.9 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -189,12 +189,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23285", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23285", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-232xx/CVE-2022-23286.json b/CVE-2022/CVE-2022-232xx/CVE-2022-23286.json index f2bc02e9085..f14c8301503 100644 --- a/CVE-2022/CVE-2022-232xx/CVE-2022-23286.json +++ b/CVE-2022/CVE-2022-232xx/CVE-2022-23286.json @@ -2,12 +2,12 @@ "id": "CVE-2022-23286", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:11.893", - "lastModified": "2022-05-23T17:29:19.197", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:11.000", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability." + "value": "Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,7 +37,7 @@ "impactScore": 5.9 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -159,12 +159,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23286", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23286", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-232xx/CVE-2022-23287.json b/CVE-2022/CVE-2022-232xx/CVE-2022-23287.json index 591f70e2497..db7bea5311f 100644 --- a/CVE-2022/CVE-2022-232xx/CVE-2022-23287.json +++ b/CVE-2022/CVE-2022-232xx/CVE-2022-23287.json @@ -2,12 +2,12 @@ "id": "CVE-2022-23287", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:11.993", - "lastModified": "2022-05-23T17:29:19.210", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:11.087", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows ALPC Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-23283, CVE-2022-24505." + "value": "Windows ALPC Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,7 +37,7 @@ "impactScore": 5.9 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -174,12 +174,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23287", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23287", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-232xx/CVE-2022-23288.json b/CVE-2022/CVE-2022-232xx/CVE-2022-23288.json index cf2c1c97917..ade3d446b73 100644 --- a/CVE-2022/CVE-2022-232xx/CVE-2022-23288.json +++ b/CVE-2022/CVE-2022-232xx/CVE-2022-23288.json @@ -2,12 +2,12 @@ "id": "CVE-2022-23288", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:12.100", - "lastModified": "2022-05-23T17:29:19.220", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:11.167", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows DWM Core Library Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-23291." + "value": "Windows DWM Core Library Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,7 +37,7 @@ "impactScore": 5.9 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -153,12 +153,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23288", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23288", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-232xx/CVE-2022-23290.json b/CVE-2022/CVE-2022-232xx/CVE-2022-23290.json index d154710abd1..b5d9ee6eeda 100644 --- a/CVE-2022/CVE-2022-232xx/CVE-2022-23290.json +++ b/CVE-2022/CVE-2022-232xx/CVE-2022-23290.json @@ -2,12 +2,12 @@ "id": "CVE-2022-23290", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:12.197", - "lastModified": "2022-05-23T17:29:19.230", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:11.243", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Inking COM Elevation of Privilege Vulnerability." + "value": "Windows Inking COM Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,7 +37,7 @@ "impactScore": 5.9 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -209,12 +209,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23290", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23290", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-232xx/CVE-2022-23291.json b/CVE-2022/CVE-2022-232xx/CVE-2022-23291.json index 632c2cb01e6..e9e3954a817 100644 --- a/CVE-2022/CVE-2022-232xx/CVE-2022-23291.json +++ b/CVE-2022/CVE-2022-232xx/CVE-2022-23291.json @@ -2,12 +2,12 @@ "id": "CVE-2022-23291", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:12.283", - "lastModified": "2022-05-23T17:29:19.250", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:11.330", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows DWM Core Library Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-23288." + "value": "Windows DWM Core Library Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,7 +37,7 @@ "impactScore": 5.9 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -159,12 +159,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23291", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23291", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-232xx/CVE-2022-23293.json b/CVE-2022/CVE-2022-232xx/CVE-2022-23293.json index 5b2cd74232b..7a0b6a6cafe 100644 --- a/CVE-2022/CVE-2022-232xx/CVE-2022-23293.json +++ b/CVE-2022/CVE-2022-232xx/CVE-2022-23293.json @@ -2,12 +2,12 @@ "id": "CVE-2022-23293", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:12.380", - "lastModified": "2022-05-23T17:29:19.260", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:11.417", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Fast FAT File System Driver Elevation of Privilege Vulnerability." + "value": "Windows Fast FAT File System Driver Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,7 +37,7 @@ "impactScore": 5.9 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -209,12 +209,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23293", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23293", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-232xx/CVE-2022-23294.json b/CVE-2022/CVE-2022-232xx/CVE-2022-23294.json index a4f034009fe..a1fde23bc6f 100644 --- a/CVE-2022/CVE-2022-232xx/CVE-2022-23294.json +++ b/CVE-2022/CVE-2022-232xx/CVE-2022-23294.json @@ -2,12 +2,12 @@ "id": "CVE-2022-23294", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:12.463", - "lastModified": "2022-05-23T17:29:19.290", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:11.500", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Event Tracing Remote Code Execution Vulnerability." + "value": "Windows Event Tracing Remote Code Execution Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,7 +37,7 @@ "impactScore": 5.9 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -194,12 +194,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23294", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23294", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-232xx/CVE-2022-23295.json b/CVE-2022/CVE-2022-232xx/CVE-2022-23295.json index c64cf59afb5..c991532322e 100644 --- a/CVE-2022/CVE-2022-232xx/CVE-2022-23295.json +++ b/CVE-2022/CVE-2022-232xx/CVE-2022-23295.json @@ -2,12 +2,12 @@ "id": "CVE-2022-23295", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:12.550", - "lastModified": "2022-03-14T17:59:14.877", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:11.583", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Raw Image Extension Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-23300." + "value": "Raw Image Extension Remote Code Execution Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,7 +37,7 @@ "impactScore": 5.9 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -115,12 +115,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23295", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23295", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-232xx/CVE-2022-23296.json b/CVE-2022/CVE-2022-232xx/CVE-2022-23296.json index 3899615887d..ab6d849b803 100644 --- a/CVE-2022/CVE-2022-232xx/CVE-2022-23296.json +++ b/CVE-2022/CVE-2022-232xx/CVE-2022-23296.json @@ -2,12 +2,12 @@ "id": "CVE-2022-23296", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:12.640", - "lastModified": "2022-05-23T17:29:19.300", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:11.663", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Installer Elevation of Privilege Vulnerability." + "value": "Windows Installer Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -209,19 +209,8 @@ ], "references": [ { - "url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0017/MNDT-2022-0017.md", - "source": "secure@microsoft.com", - "tags": [ - "Third Party Advisory" - ] - }, - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23296", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23296", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-232xx/CVE-2022-23297.json b/CVE-2022/CVE-2022-232xx/CVE-2022-23297.json index 7b7e270992a..d8bd487cc8e 100644 --- a/CVE-2022/CVE-2022-232xx/CVE-2022-23297.json +++ b/CVE-2022/CVE-2022-232xx/CVE-2022-23297.json @@ -2,12 +2,12 @@ "id": "CVE-2022-23297", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:12.740", - "lastModified": "2022-05-23T17:29:19.330", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:11.747", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability." + "value": "Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,7 +37,7 @@ "impactScore": 3.6 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -209,12 +209,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23297", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23297", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-232xx/CVE-2022-23298.json b/CVE-2022/CVE-2022-232xx/CVE-2022-23298.json index 6a40815fdca..29980325d7a 100644 --- a/CVE-2022/CVE-2022-232xx/CVE-2022-23298.json +++ b/CVE-2022/CVE-2022-232xx/CVE-2022-23298.json @@ -2,12 +2,12 @@ "id": "CVE-2022-23298", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:12.830", - "lastModified": "2022-05-23T17:29:19.350", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:11.833", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows NT OS Kernel Elevation of Privilege Vulnerability." + "value": "Windows NT OS Kernel Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,7 +37,7 @@ "impactScore": 5.9 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -213,12 +213,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23298", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23298", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-232xx/CVE-2022-23299.json b/CVE-2022/CVE-2022-232xx/CVE-2022-23299.json index 56221e66fc0..bca542a8fac 100644 --- a/CVE-2022/CVE-2022-232xx/CVE-2022-23299.json +++ b/CVE-2022/CVE-2022-232xx/CVE-2022-23299.json @@ -2,12 +2,12 @@ "id": "CVE-2022-23299", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:12.923", - "lastModified": "2022-05-23T17:29:19.370", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:11.923", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows PDEV Elevation of Privilege Vulnerability." + "value": "Windows PDEV Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,7 +37,7 @@ "impactScore": 5.9 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -209,12 +209,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23299", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23299", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-233xx/CVE-2022-23300.json b/CVE-2022/CVE-2022-233xx/CVE-2022-23300.json index cd6566cab58..ed3b825ad95 100644 --- a/CVE-2022/CVE-2022-233xx/CVE-2022-23300.json +++ b/CVE-2022/CVE-2022-233xx/CVE-2022-23300.json @@ -2,12 +2,12 @@ "id": "CVE-2022-23300", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:13.023", - "lastModified": "2022-03-14T18:22:27.540", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:12.017", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Raw Image Extension Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-23295." + "value": "Raw Image Extension Remote Code Execution Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,7 +37,7 @@ "impactScore": 5.9 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -115,12 +115,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23300", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23300", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-233xx/CVE-2022-23301.json b/CVE-2022/CVE-2022-233xx/CVE-2022-23301.json index 3001309b8ac..aa8fe2bfc1a 100644 --- a/CVE-2022/CVE-2022-233xx/CVE-2022-23301.json +++ b/CVE-2022/CVE-2022-233xx/CVE-2022-23301.json @@ -2,12 +2,12 @@ "id": "CVE-2022-23301", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:13.113", - "lastModified": "2022-03-14T18:23:21.120", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:12.107", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22006, CVE-2022-22007, CVE-2022-24452, CVE-2022-24453, CVE-2022-24456." + "value": "HEVC Video Extensions Remote Code Execution Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,7 +37,7 @@ "impactScore": 5.9 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -115,12 +115,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23301", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23301", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-244xx/CVE-2022-24451.json b/CVE-2022/CVE-2022-244xx/CVE-2022-24451.json index 25bb9cd5c94..a8dd400195e 100644 --- a/CVE-2022/CVE-2022-244xx/CVE-2022-24451.json +++ b/CVE-2022/CVE-2022-244xx/CVE-2022-24451.json @@ -2,12 +2,12 @@ "id": "CVE-2022-24451", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:13.210", - "lastModified": "2022-03-14T18:26:58.170", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:12.187", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "VP9 Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24501." + "value": "VP9 Video Extensions Remote Code Execution Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,7 +37,7 @@ "impactScore": 5.9 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -115,12 +115,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24451", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24451", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-244xx/CVE-2022-24452.json b/CVE-2022/CVE-2022-244xx/CVE-2022-24452.json index 0e05157192d..392d6329342 100644 --- a/CVE-2022/CVE-2022-244xx/CVE-2022-24452.json +++ b/CVE-2022/CVE-2022-244xx/CVE-2022-24452.json @@ -2,12 +2,12 @@ "id": "CVE-2022-24452", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:13.297", - "lastModified": "2022-03-14T18:28:38.043", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:12.267", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22006, CVE-2022-22007, CVE-2022-23301, CVE-2022-24453, CVE-2022-24456." + "value": "HEVC Video Extensions Remote Code Execution Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,7 +37,7 @@ "impactScore": 5.9 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -115,12 +115,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24452", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24452", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-244xx/CVE-2022-24453.json b/CVE-2022/CVE-2022-244xx/CVE-2022-24453.json index e50722da8d5..cb40d5ec9f9 100644 --- a/CVE-2022/CVE-2022-244xx/CVE-2022-24453.json +++ b/CVE-2022/CVE-2022-244xx/CVE-2022-24453.json @@ -2,12 +2,12 @@ "id": "CVE-2022-24453", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:13.397", - "lastModified": "2022-03-14T18:29:46.547", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:12.350", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22006, CVE-2022-22007, CVE-2022-23301, CVE-2022-24452, CVE-2022-24456." + "value": "HEVC Video Extensions Remote Code Execution Vulnerability" }, { "lang": "es", @@ -115,19 +115,8 @@ ], "references": [ { - "url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0014/MNDT-2022-0014.md", - "source": "secure@microsoft.com", - "tags": [ - "Third Party Advisory" - ] - }, - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24453", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24453", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-244xx/CVE-2022-24454.json b/CVE-2022/CVE-2022-244xx/CVE-2022-24454.json index c01b2925d80..d5e50c2f6a1 100644 --- a/CVE-2022/CVE-2022-244xx/CVE-2022-24454.json +++ b/CVE-2022/CVE-2022-244xx/CVE-2022-24454.json @@ -2,12 +2,12 @@ "id": "CVE-2022-24454", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:13.497", - "lastModified": "2022-05-23T17:29:19.393", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:12.420", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Security Support Provider Interface Elevation of Privilege Vulnerability." + "value": "Windows Security Support Provider Interface Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,7 +37,7 @@ "impactScore": 5.9 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -204,12 +204,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24454", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24454", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-244xx/CVE-2022-24455.json b/CVE-2022/CVE-2022-244xx/CVE-2022-24455.json index d696811e483..95adab4fef5 100644 --- a/CVE-2022/CVE-2022-244xx/CVE-2022-24455.json +++ b/CVE-2022/CVE-2022-244xx/CVE-2022-24455.json @@ -2,12 +2,12 @@ "id": "CVE-2022-24455", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:13.587", - "lastModified": "2022-03-14T18:41:00.733", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:12.503", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows CD-ROM Driver Elevation of Privilege Vulnerability." + "value": "Windows CD-ROM Driver Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,7 +37,7 @@ "impactScore": 5.9 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -159,12 +159,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24455", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24455", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-244xx/CVE-2022-24456.json b/CVE-2022/CVE-2022-244xx/CVE-2022-24456.json index bf94bce4a79..ebd090e162e 100644 --- a/CVE-2022/CVE-2022-244xx/CVE-2022-24456.json +++ b/CVE-2022/CVE-2022-244xx/CVE-2022-24456.json @@ -2,12 +2,12 @@ "id": "CVE-2022-24456", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:13.673", - "lastModified": "2022-03-14T18:44:13.907", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:12.580", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22006, CVE-2022-22007, CVE-2022-23301, CVE-2022-24452, CVE-2022-24453." + "value": "HEVC Video Extensions Remote Code Execution Vulnerability" }, { "lang": "es", @@ -115,19 +115,8 @@ ], "references": [ { - "url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0015/MNDT-2022-0015.md", - "source": "secure@microsoft.com", - "tags": [ - "Third Party Advisory" - ] - }, - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24456", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24456", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-244xx/CVE-2022-24457.json b/CVE-2022/CVE-2022-244xx/CVE-2022-24457.json index e48b3227c81..caa2e40a1f6 100644 --- a/CVE-2022/CVE-2022-244xx/CVE-2022-24457.json +++ b/CVE-2022/CVE-2022-244xx/CVE-2022-24457.json @@ -2,12 +2,12 @@ "id": "CVE-2022-24457", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:13.770", - "lastModified": "2022-03-14T18:45:11.247", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:12.663", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "HEIF Image Extensions Remote Code Execution Vulnerability." + "value": "HEIF Image Extensions Remote Code Execution Vulnerability" }, { "lang": "es", @@ -115,19 +115,8 @@ ], "references": [ { - "url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0016/MNDT-2022-0016.md", - "source": "secure@microsoft.com", - "tags": [ - "Third Party Advisory" - ] - }, - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24457", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24457", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-244xx/CVE-2022-24459.json b/CVE-2022/CVE-2022-244xx/CVE-2022-24459.json index 8960366131c..7dc7036c183 100644 --- a/CVE-2022/CVE-2022-244xx/CVE-2022-24459.json +++ b/CVE-2022/CVE-2022-244xx/CVE-2022-24459.json @@ -2,12 +2,12 @@ "id": "CVE-2022-24459", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:13.867", - "lastModified": "2022-05-23T17:29:19.410", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:12.767", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Fax and Scan Service Elevation of Privilege Vulnerability." + "value": "Windows Fax and Scan Service Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,7 +37,7 @@ "impactScore": 5.9 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -209,12 +209,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24459", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24459", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-244xx/CVE-2022-24460.json b/CVE-2022/CVE-2022-244xx/CVE-2022-24460.json index afcb80aa39b..8011bdd5ebd 100644 --- a/CVE-2022/CVE-2022-244xx/CVE-2022-24460.json +++ b/CVE-2022/CVE-2022-244xx/CVE-2022-24460.json @@ -2,12 +2,12 @@ "id": "CVE-2022-24460", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:13.950", - "lastModified": "2022-05-23T17:29:19.430", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:12.843", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Tablet Windows User Interface Application Elevation of Privilege Vulnerability." + "value": "Tablet Windows User Interface Application Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,7 +37,7 @@ "impactScore": 5.9 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -178,12 +178,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24460", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24460", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-244xx/CVE-2022-24461.json b/CVE-2022/CVE-2022-244xx/CVE-2022-24461.json index 0ca2f9b3c5e..6826d09be1d 100644 --- a/CVE-2022/CVE-2022-244xx/CVE-2022-24461.json +++ b/CVE-2022/CVE-2022-244xx/CVE-2022-24461.json @@ -2,12 +2,12 @@ "id": "CVE-2022-24461", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:14.037", - "lastModified": "2022-03-14T18:52:23.793", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:12.927", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Microsoft Office Visio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24509, CVE-2022-24510." + "value": "Microsoft Office Visio Remote Code Execution Vulnerability" }, { "lang": "es", @@ -104,12 +104,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24461", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24461", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-244xx/CVE-2022-24462.json b/CVE-2022/CVE-2022-244xx/CVE-2022-24462.json index 5d641875986..e7a7c1e3df4 100644 --- a/CVE-2022/CVE-2022-244xx/CVE-2022-24462.json +++ b/CVE-2022/CVE-2022-244xx/CVE-2022-24462.json @@ -2,12 +2,12 @@ "id": "CVE-2022-24462", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:14.127", - "lastModified": "2022-03-14T18:53:09.590", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:13.013", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Microsoft Word Security Feature Bypass Vulnerability." + "value": "Microsoft Word Security Feature Bypass Vulnerability" }, { "lang": "es", @@ -104,12 +104,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24462", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24462", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-244xx/CVE-2022-24463.json b/CVE-2022/CVE-2022-244xx/CVE-2022-24463.json index df3150d5a03..b270dc29b5e 100644 --- a/CVE-2022/CVE-2022-244xx/CVE-2022-24463.json +++ b/CVE-2022/CVE-2022-244xx/CVE-2022-24463.json @@ -2,12 +2,12 @@ "id": "CVE-2022-24463", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:14.200", - "lastModified": "2022-03-14T18:54:39.350", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:13.107", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Microsoft Exchange Server Spoofing Vulnerability." + "value": "Microsoft Exchange Server Spoofing Vulnerability" }, { "lang": "es", @@ -109,12 +109,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24463", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24463", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-244xx/CVE-2022-24464.json b/CVE-2022/CVE-2022-244xx/CVE-2022-24464.json index 4ce2600cab8..88d9ab1cc86 100644 --- a/CVE-2022/CVE-2022-244xx/CVE-2022-24464.json +++ b/CVE-2022/CVE-2022-244xx/CVE-2022-24464.json @@ -2,12 +2,12 @@ "id": "CVE-2022-24464", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:14.277", - "lastModified": "2022-05-12T16:26:56.323", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:13.200", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": ".NET and Visual Studio Denial of Service Vulnerability." + "value": ".NET and Visual Studio Denial of Service Vulnerability" }, { "lang": "es", @@ -184,60 +184,8 @@ ], "references": [ { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", - "source": "secure@microsoft.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", - "source": "secure@microsoft.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", - "source": "secure@microsoft.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", - "source": "secure@microsoft.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", - "source": "secure@microsoft.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", - "source": "secure@microsoft.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24464", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24464", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-244xx/CVE-2022-24465.json b/CVE-2022/CVE-2022-244xx/CVE-2022-24465.json index cfae9a29385..082fc6564f8 100644 --- a/CVE-2022/CVE-2022-244xx/CVE-2022-24465.json +++ b/CVE-2022/CVE-2022-244xx/CVE-2022-24465.json @@ -2,12 +2,12 @@ "id": "CVE-2022-24465", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:14.377", - "lastModified": "2022-03-14T19:00:03.473", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:13.323", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Microsoft Intune Portal for iOS Security Feature Bypass Vulnerability." + "value": "Microsoft Intune Portal for iOS Security Feature Bypass Vulnerability" }, { "lang": "es", @@ -16,29 +16,9 @@ ], "metrics": { "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - }, { "source": "secure@microsoft.com", - "type": "Secondary", + "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", @@ -55,6 +35,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 1.4 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 } ], "cvssMetricV2": [ @@ -114,12 +114,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24465", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24465", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-244xx/CVE-2022-24467.json b/CVE-2022/CVE-2022-244xx/CVE-2022-24467.json index c8b11bc557a..037317ddb1f 100644 --- a/CVE-2022/CVE-2022-244xx/CVE-2022-24467.json +++ b/CVE-2022/CVE-2022-244xx/CVE-2022-24467.json @@ -2,12 +2,12 @@ "id": "CVE-2022-24467", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:14.477", - "lastModified": "2022-03-14T17:37:59.113", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:13.437", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24468, CVE-2022-24470, CVE-2022-24471, CVE-2022-24517, CVE-2022-24520." + "value": "Azure Site Recovery Remote Code Execution Vulnerability" }, { "lang": "es", @@ -95,12 +95,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24467", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24467", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-244xx/CVE-2022-24468.json b/CVE-2022/CVE-2022-244xx/CVE-2022-24468.json index 1c89e3acf13..a91eefe5a12 100644 --- a/CVE-2022/CVE-2022-244xx/CVE-2022-24468.json +++ b/CVE-2022/CVE-2022-244xx/CVE-2022-24468.json @@ -2,12 +2,12 @@ "id": "CVE-2022-24468", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:14.560", - "lastModified": "2022-03-14T17:38:27.087", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:13.513", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24467, CVE-2022-24470, CVE-2022-24471, CVE-2022-24517, CVE-2022-24520." + "value": "Azure Site Recovery Remote Code Execution Vulnerability" }, { "lang": "es", @@ -95,12 +95,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24468", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24468", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-244xx/CVE-2022-24469.json b/CVE-2022/CVE-2022-244xx/CVE-2022-24469.json index e9db62dcf5c..f515a6a6fe3 100644 --- a/CVE-2022/CVE-2022-244xx/CVE-2022-24469.json +++ b/CVE-2022/CVE-2022-244xx/CVE-2022-24469.json @@ -2,12 +2,12 @@ "id": "CVE-2022-24469", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:14.637", - "lastModified": "2022-03-14T17:39:36.880", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:13.587", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24506, CVE-2022-24515, CVE-2022-24518, CVE-2022-24519." + "value": "Azure Site Recovery Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -16,29 +16,9 @@ ], "metrics": { "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 - }, { "source": "secure@microsoft.com", - "type": "Secondary", + "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", @@ -55,6 +35,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 5.2 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -115,12 +115,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24469", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24469", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-244xx/CVE-2022-24470.json b/CVE-2022/CVE-2022-244xx/CVE-2022-24470.json index 5de84191130..3c445c00d11 100644 --- a/CVE-2022/CVE-2022-244xx/CVE-2022-24470.json +++ b/CVE-2022/CVE-2022-244xx/CVE-2022-24470.json @@ -2,12 +2,12 @@ "id": "CVE-2022-24470", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:14.723", - "lastModified": "2022-03-14T17:40:18.880", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:13.673", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24467, CVE-2022-24468, CVE-2022-24471, CVE-2022-24517, CVE-2022-24520." + "value": "Azure Site Recovery Remote Code Execution Vulnerability" }, { "lang": "es", @@ -95,12 +95,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24470", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24470", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-244xx/CVE-2022-24471.json b/CVE-2022/CVE-2022-244xx/CVE-2022-24471.json index 80bb8b15ded..2351e205ea6 100644 --- a/CVE-2022/CVE-2022-244xx/CVE-2022-24471.json +++ b/CVE-2022/CVE-2022-244xx/CVE-2022-24471.json @@ -2,12 +2,12 @@ "id": "CVE-2022-24471", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:14.803", - "lastModified": "2022-03-14T17:42:30.853", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:13.770", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24467, CVE-2022-24468, CVE-2022-24470, CVE-2022-24517, CVE-2022-24520." + "value": "Azure Site Recovery Remote Code Execution Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,7 +37,7 @@ "impactScore": 5.9 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -115,12 +115,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24471", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24471", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-245xx/CVE-2022-24501.json b/CVE-2022/CVE-2022-245xx/CVE-2022-24501.json index 157cf306d3a..e5129e402f7 100644 --- a/CVE-2022/CVE-2022-245xx/CVE-2022-24501.json +++ b/CVE-2022/CVE-2022-245xx/CVE-2022-24501.json @@ -2,12 +2,12 @@ "id": "CVE-2022-24501", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:14.880", - "lastModified": "2022-03-14T19:01:26.063", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:13.857", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "VP9 Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24451." + "value": "VP9 Video Extensions Remote Code Execution Vulnerability" }, { "lang": "es", @@ -94,12 +94,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24501", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24501", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-245xx/CVE-2022-24502.json b/CVE-2022/CVE-2022-245xx/CVE-2022-24502.json index 920141071ff..b917f83380e 100644 --- a/CVE-2022/CVE-2022-245xx/CVE-2022-24502.json +++ b/CVE-2022/CVE-2022-245xx/CVE-2022-24502.json @@ -2,12 +2,12 @@ "id": "CVE-2022-24502", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:14.957", - "lastModified": "2022-05-23T17:29:19.443", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:13.947", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows HTML Platforms Security Feature Bypass Vulnerability." + "value": "Windows HTML Platforms Security Feature Bypass Vulnerability" }, { "lang": "es", @@ -16,29 +16,9 @@ ], "metrics": { "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 6.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 3.6 - }, { "source": "secure@microsoft.com", - "type": "Secondary", + "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", @@ -55,6 +35,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 1.4 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 } ], "cvssMetricV2": [ @@ -209,12 +209,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24502", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24502", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-245xx/CVE-2022-24503.json b/CVE-2022/CVE-2022-245xx/CVE-2022-24503.json index 1912c3795dc..2eb50bc652c 100644 --- a/CVE-2022/CVE-2022-245xx/CVE-2022-24503.json +++ b/CVE-2022/CVE-2022-245xx/CVE-2022-24503.json @@ -2,12 +2,12 @@ "id": "CVE-2022-24503", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:15.043", - "lastModified": "2022-05-23T17:29:19.480", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:14.030", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Remote Desktop Protocol Client Information Disclosure Vulnerability." + "value": "Remote Desktop Protocol Client Information Disclosure Vulnerability" }, { "lang": "es", @@ -16,29 +16,9 @@ ], "metrics": { "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 3.9, - "impactScore": 1.4 - }, { "source": "secure@microsoft.com", - "type": "Secondary", + "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L", @@ -55,6 +35,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 2.5 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 } ], "cvssMetricV2": [ @@ -210,12 +210,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24503", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24503", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-245xx/CVE-2022-24505.json b/CVE-2022/CVE-2022-245xx/CVE-2022-24505.json index 62415b763a1..e87a3abb6a2 100644 --- a/CVE-2022/CVE-2022-245xx/CVE-2022-24505.json +++ b/CVE-2022/CVE-2022-245xx/CVE-2022-24505.json @@ -2,12 +2,12 @@ "id": "CVE-2022-24505", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:15.127", - "lastModified": "2022-05-23T17:29:19.500", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:14.133", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows ALPC Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-23283, CVE-2022-23287." + "value": "Windows ALPC Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -154,12 +154,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24505", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24505", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-245xx/CVE-2022-24506.json b/CVE-2022/CVE-2022-245xx/CVE-2022-24506.json index e9f568d900b..8ffc1d1a4e0 100644 --- a/CVE-2022/CVE-2022-245xx/CVE-2022-24506.json +++ b/CVE-2022/CVE-2022-245xx/CVE-2022-24506.json @@ -2,12 +2,12 @@ "id": "CVE-2022-24506", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:15.210", - "lastModified": "2022-03-16T00:27:51.847", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:14.257", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24469, CVE-2022-24515, CVE-2022-24518, CVE-2022-24519." + "value": "Azure Site Recovery Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -16,29 +16,9 @@ ], "metrics": { "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.2, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.2, - "impactScore": 5.9 - }, { "source": "secure@microsoft.com", - "type": "Secondary", + "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H", @@ -55,6 +35,26 @@ }, "exploitabilityScore": 1.2, "impactScore": 5.2 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -115,12 +115,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24506", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24506", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-245xx/CVE-2022-24507.json b/CVE-2022/CVE-2022-245xx/CVE-2022-24507.json index c3c23a70cee..808dccfc136 100644 --- a/CVE-2022/CVE-2022-245xx/CVE-2022-24507.json +++ b/CVE-2022/CVE-2022-245xx/CVE-2022-24507.json @@ -2,12 +2,12 @@ "id": "CVE-2022-24507", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:15.293", - "lastModified": "2022-05-23T17:29:19.517", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:14.337", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability." + "value": "Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -144,12 +144,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24507", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24507", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-245xx/CVE-2022-24508.json b/CVE-2022/CVE-2022-245xx/CVE-2022-24508.json index c70322eae9a..f6bea7276cc 100644 --- a/CVE-2022/CVE-2022-245xx/CVE-2022-24508.json +++ b/CVE-2022/CVE-2022-245xx/CVE-2022-24508.json @@ -2,12 +2,12 @@ "id": "CVE-2022-24508", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:15.387", - "lastModified": "2022-05-23T17:29:19.527", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:14.417", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows SMBv3 Client/Server Remote Code Execution Vulnerability." + "value": "Win32 File Enumeration Remote Code Execution Vulnerability" }, { "lang": "es", @@ -119,12 +119,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24508", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24508", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-245xx/CVE-2022-24509.json b/CVE-2022/CVE-2022-245xx/CVE-2022-24509.json index 2588720074d..c3807e423e7 100644 --- a/CVE-2022/CVE-2022-245xx/CVE-2022-24509.json +++ b/CVE-2022/CVE-2022-245xx/CVE-2022-24509.json @@ -2,12 +2,12 @@ "id": "CVE-2022-24509", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:15.473", - "lastModified": "2022-03-16T00:24:06.540", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:14.510", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Microsoft Office Visio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24461, CVE-2022-24510." + "value": "Microsoft Office Visio Remote Code Execution Vulnerability" }, { "lang": "es", @@ -104,12 +104,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24509", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24509", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-245xx/CVE-2022-24510.json b/CVE-2022/CVE-2022-245xx/CVE-2022-24510.json index a99661e7e7a..560c84bc80f 100644 --- a/CVE-2022/CVE-2022-245xx/CVE-2022-24510.json +++ b/CVE-2022/CVE-2022-245xx/CVE-2022-24510.json @@ -2,12 +2,12 @@ "id": "CVE-2022-24510", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:15.563", - "lastModified": "2022-03-16T00:21:48.440", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:14.597", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Microsoft Office Visio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24461, CVE-2022-24509." + "value": "Microsoft Office Visio Remote Code Execution Vulnerability" }, { "lang": "es", @@ -104,12 +104,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24510", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24510", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-245xx/CVE-2022-24511.json b/CVE-2022/CVE-2022-245xx/CVE-2022-24511.json index 6f66bde2490..57fe97b5f02 100644 --- a/CVE-2022/CVE-2022-245xx/CVE-2022-24511.json +++ b/CVE-2022/CVE-2022-245xx/CVE-2022-24511.json @@ -2,12 +2,12 @@ "id": "CVE-2022-24511", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:15.650", - "lastModified": "2022-03-16T00:15:43.370", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:14.683", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Microsoft Office Word Tampering Vulnerability." + "value": "Microsoft Office Word Tampering Vulnerability" }, { "lang": "es", @@ -16,29 +16,9 @@ ], "metrics": { "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - }, { "source": "secure@microsoft.com", - "type": "Secondary", + "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", @@ -55,6 +35,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 3.6 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 } ], "cvssMetricV2": [ @@ -134,12 +134,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24511", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24511", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-245xx/CVE-2022-24512.json b/CVE-2022/CVE-2022-245xx/CVE-2022-24512.json index fc7984de0ed..2231555f1d5 100644 --- a/CVE-2022/CVE-2022-245xx/CVE-2022-24512.json +++ b/CVE-2022/CVE-2022-245xx/CVE-2022-24512.json @@ -2,12 +2,12 @@ "id": "CVE-2022-24512", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:15.737", - "lastModified": "2023-04-17T18:52:38.160", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:14.777", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": ".NET and Visual Studio Remote Code Execution Vulnerability." + "value": ".NET and Visual Studio Remote Code Execution Vulnerability" }, { "lang": "es", @@ -219,60 +219,8 @@ ], "references": [ { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", - "source": "secure@microsoft.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", - "source": "secure@microsoft.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", - "source": "secure@microsoft.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", - "source": "secure@microsoft.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", - "source": "secure@microsoft.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", - "source": "secure@microsoft.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24512", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-245xx/CVE-2022-24515.json b/CVE-2022/CVE-2022-245xx/CVE-2022-24515.json index 3432be505f8..67afbbdc6d7 100644 --- a/CVE-2022/CVE-2022-245xx/CVE-2022-24515.json +++ b/CVE-2022/CVE-2022-245xx/CVE-2022-24515.json @@ -2,12 +2,12 @@ "id": "CVE-2022-24515", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:15.807", - "lastModified": "2022-05-26T16:31:56.463", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:14.877", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24469, CVE-2022-24506, CVE-2022-24518, CVE-2022-24519." + "value": "Azure Site Recovery Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -16,29 +16,9 @@ ], "metrics": { "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.2, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.2, - "impactScore": 5.9 - }, { "source": "secure@microsoft.com", - "type": "Secondary", + "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H", @@ -55,6 +35,26 @@ }, "exploitabilityScore": 1.2, "impactScore": 5.2 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -115,12 +115,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24515", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24515", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-245xx/CVE-2022-24517.json b/CVE-2022/CVE-2022-245xx/CVE-2022-24517.json index 27fca8c8c98..0ed6fe20013 100644 --- a/CVE-2022/CVE-2022-245xx/CVE-2022-24517.json +++ b/CVE-2022/CVE-2022-245xx/CVE-2022-24517.json @@ -2,12 +2,12 @@ "id": "CVE-2022-24517", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:15.897", - "lastModified": "2022-03-14T17:57:02.870", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:14.997", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24467, CVE-2022-24468, CVE-2022-24470, CVE-2022-24471, CVE-2022-24520." + "value": "Azure Site Recovery Remote Code Execution Vulnerability" }, { "lang": "es", @@ -95,12 +95,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24517", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24517", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-245xx/CVE-2022-24518.json b/CVE-2022/CVE-2022-245xx/CVE-2022-24518.json index 3353f7d4004..4e75b86f09d 100644 --- a/CVE-2022/CVE-2022-245xx/CVE-2022-24518.json +++ b/CVE-2022/CVE-2022-245xx/CVE-2022-24518.json @@ -2,12 +2,12 @@ "id": "CVE-2022-24518", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:15.983", - "lastModified": "2022-03-14T17:56:30.730", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:15.077", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24469, CVE-2022-24506, CVE-2022-24515, CVE-2022-24519." + "value": "Azure Site Recovery Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -16,29 +16,9 @@ ], "metrics": { "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.9, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.2, - "impactScore": 3.6 - }, { "source": "secure@microsoft.com", - "type": "Secondary", + "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H", @@ -55,6 +35,26 @@ }, "exploitabilityScore": 1.2, "impactScore": 5.2 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.6 } ], "cvssMetricV2": [ @@ -115,12 +115,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24518", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24518", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-245xx/CVE-2022-24519.json b/CVE-2022/CVE-2022-245xx/CVE-2022-24519.json index dd33c03961d..3b9fc9d9f0c 100644 --- a/CVE-2022/CVE-2022-245xx/CVE-2022-24519.json +++ b/CVE-2022/CVE-2022-245xx/CVE-2022-24519.json @@ -2,12 +2,12 @@ "id": "CVE-2022-24519", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:16.070", - "lastModified": "2022-03-14T17:44:12.617", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:15.167", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24469, CVE-2022-24506, CVE-2022-24515, CVE-2022-24518." + "value": "Azure Site Recovery Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -16,29 +16,9 @@ ], "metrics": { "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.9, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.2, - "impactScore": 3.6 - }, { "source": "secure@microsoft.com", - "type": "Secondary", + "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H", @@ -55,6 +35,26 @@ }, "exploitabilityScore": 1.2, "impactScore": 5.2 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.6 } ], "cvssMetricV2": [ @@ -115,12 +115,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24519", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24519", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-245xx/CVE-2022-24520.json b/CVE-2022/CVE-2022-245xx/CVE-2022-24520.json index 39af1b3a9cb..b99bdff1f46 100644 --- a/CVE-2022/CVE-2022-245xx/CVE-2022-24520.json +++ b/CVE-2022/CVE-2022-245xx/CVE-2022-24520.json @@ -2,12 +2,12 @@ "id": "CVE-2022-24520", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:16.157", - "lastModified": "2022-03-14T17:43:03.027", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:15.267", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24467, CVE-2022-24468, CVE-2022-24470, CVE-2022-24471, CVE-2022-24517." + "value": "Azure Site Recovery Remote Code Execution Vulnerability" }, { "lang": "es", @@ -95,12 +95,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24520", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24520", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-245xx/CVE-2022-24522.json b/CVE-2022/CVE-2022-245xx/CVE-2022-24522.json index 08a9402763c..823e34fbb2d 100644 --- a/CVE-2022/CVE-2022-245xx/CVE-2022-24522.json +++ b/CVE-2022/CVE-2022-245xx/CVE-2022-24522.json @@ -2,12 +2,12 @@ "id": "CVE-2022-24522", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:16.237", - "lastModified": "2022-03-15T15:53:09.720", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:15.360", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Skype Extension for Chrome Information Disclosure Vulnerability." + "value": "Skype Extension for Chrome Information Disclosure Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,23 +37,23 @@ "impactScore": 3.6 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", - "userInteraction": "NONE", + "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", - "baseScore": 7.5, - "baseSeverity": "HIGH" + "baseScore": 6.5, + "baseSeverity": "MEDIUM" }, - "exploitabilityScore": 3.9, + "exploitabilityScore": 2.8, "impactScore": 3.6 } ], @@ -115,12 +115,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24522", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24522", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-245xx/CVE-2022-24525.json b/CVE-2022/CVE-2022-245xx/CVE-2022-24525.json index 4cf3e71bf35..f9af947e7b1 100644 --- a/CVE-2022/CVE-2022-245xx/CVE-2022-24525.json +++ b/CVE-2022/CVE-2022-245xx/CVE-2022-24525.json @@ -2,12 +2,12 @@ "id": "CVE-2022-24525", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:16.290", - "lastModified": "2022-05-23T17:29:19.533", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:15.457", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Update Stack Elevation of Privilege Vulnerability." + "value": "Windows Update Stack Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,7 +37,7 @@ "impactScore": 5.9 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -144,12 +144,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24525", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24525", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-245xx/CVE-2022-24526.json b/CVE-2022/CVE-2022-245xx/CVE-2022-24526.json index 7c5ba6b3156..e9edb55006c 100644 --- a/CVE-2022/CVE-2022-245xx/CVE-2022-24526.json +++ b/CVE-2022/CVE-2022-245xx/CVE-2022-24526.json @@ -2,12 +2,12 @@ "id": "CVE-2022-24526", "sourceIdentifier": "secure@microsoft.com", "published": "2022-03-09T17:15:16.350", - "lastModified": "2022-03-15T15:42:56.767", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-29T02:15:15.557", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Visual Studio Code Spoofing Vulnerability." + "value": "Visual Studio Code Spoofing Vulnerability" }, { "lang": "es", @@ -16,29 +16,9 @@ ], "metrics": { "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "HIGH", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - }, { "source": "secure@microsoft.com", - "type": "Secondary", + "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", @@ -55,6 +35,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 2.7 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 } ], "cvssMetricV2": [ @@ -115,12 +115,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24526", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24526", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-268xx/CVE-2022-26899.json b/CVE-2022/CVE-2022-268xx/CVE-2022-26899.json new file mode 100644 index 00000000000..7b878edbcd8 --- /dev/null +++ b/CVE-2022/CVE-2022-268xx/CVE-2022-26899.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2022-26899", + "sourceIdentifier": "secure@microsoft.com", + "published": "2023-06-29T02:15:15.657", + "lastModified": "2023-06-29T02:15:15.657", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secure@microsoft.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ] + }, + "references": [ + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26899", + "source": "secure@microsoft.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-464xx/CVE-2022-46407.json b/CVE-2022/CVE-2022-464xx/CVE-2022-46407.json new file mode 100644 index 00000000000..e1019e556ae --- /dev/null +++ b/CVE-2022/CVE-2022-464xx/CVE-2022-46407.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-46407", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-29T02:15:15.827", + "lastModified": "2023-06-29T02:15:15.827", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Ericsson Network Manager (ENM), versions prior to 22.2, contains a vulnerability in the REST endpoint \u201ceditprofile\u201d where Open Redirect HTTP Header Injection can lead to redirection of the submitted request to domain out of control of ENM deployment. The attacker would need admin/elevated access to exploit the vulnerability" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.gruppotim.it/it/footer/red-team.html", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-464xx/CVE-2022-46408.json b/CVE-2022/CVE-2022-464xx/CVE-2022-46408.json new file mode 100644 index 00000000000..f647156e1ea --- /dev/null +++ b/CVE-2022/CVE-2022-464xx/CVE-2022-46408.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-46408", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-29T03:15:09.357", + "lastModified": "2023-06-29T03:15:09.357", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Ericsson Network Manager (ENM), versions prior to 22.1, contains a vulnerability in the application Network Connectivity Manager (NCM) where improper Neutralization of Formula Elements in a CSV File can lead to remote code execution or data leakage via maliciously injected hyperlinks. The attacker would need admin/elevated access to exploit the vulnerability." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.gruppotim.it/it/footer/red-team.html", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-16xx/CVE-2023-1602.json b/CVE-2023/CVE-2023-16xx/CVE-2023-1602.json new file mode 100644 index 00000000000..c314081c385 --- /dev/null +++ b/CVE-2023/CVE-2023-16xx/CVE-2023-1602.json @@ -0,0 +1,63 @@ +{ + "id": "CVE-2023-1602", + "sourceIdentifier": "security@wordfence.com", + "published": "2023-06-29T02:15:15.937", + "lastModified": "2023-06-29T02:15:15.937", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Short URL plugin for WordPress is vulnerable to stored Cross-Site Scripting via the 'comment' parameter due to insufficient input sanitization and output escaping in versions up to, and including, 1.6.4. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/2931815/shorten-url/trunk/shorten-url.php", + "source": "security@wordfence.com" + }, + { + "url": "https://wordpress.org/plugins/shorten-url/#developers", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a5f29f35-da79-4389-a0a5-a1be0b0b8996?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-29xx/CVE-2023-2982.json b/CVE-2023/CVE-2023-29xx/CVE-2023-2982.json new file mode 100644 index 00000000000..d27577e7941 --- /dev/null +++ b/CVE-2023/CVE-2023-29xx/CVE-2023-2982.json @@ -0,0 +1,71 @@ +{ + "id": "CVE-2023-2982", + "sourceIdentifier": "security@wordfence.com", + "published": "2023-06-29T02:15:16.103", + "lastModified": "2023-06-29T02:15:16.103", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 7.6.4. This is due to insufficient encryption on the user being supplied during a login validated through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they know the email address associated with that user. This was partially patched in version 7.6.4 and fully patched in version 7.6.5." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-288" + } + ] + } + ], + "references": [ + { + "url": "https://lana.codes/lanavdb/2326f41f-a39f-4fde-8627-9d29fff91443/", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/miniorange-login-openid/trunk/mo-openid-social-login-functions.php#L107", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2924863/miniorange-login-openid", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2925914/miniorange-login-openid", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/08ca186a-2486-4a58-9c53-03e9eba13e66?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-346xx/CVE-2023-34648.json b/CVE-2023/CVE-2023-346xx/CVE-2023-34648.json new file mode 100644 index 00000000000..f76e8da8d7b --- /dev/null +++ b/CVE-2023/CVE-2023-346xx/CVE-2023-34648.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-34648", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-29T03:15:09.423", + "lastModified": "2023-06-29T03:15:09.423", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A Cross Site Scripting vulnerability in PHPgurukl User Registration Login and User Management System with admin panel v.1.0 allows a local attacker to execute arbitrary code via a crafted script to the signup.php." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/ckalnarayan/Common-Vulnerabilities-and-Exposures/blob/main/CVE-2023-34648", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-347xx/CVE-2023-34734.json b/CVE-2023/CVE-2023-347xx/CVE-2023-34734.json new file mode 100644 index 00000000000..2e83db5ef67 --- /dev/null +++ b/CVE-2023/CVE-2023-347xx/CVE-2023-34734.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-34734", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-29T03:15:09.470", + "lastModified": "2023-06-29T03:15:09.470", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Annet AC Centralized Management Platform 1.02.040 is vulnerable to Stored Cross-Site Scripting (XSS) ." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/prismbreak/vulnerabilities/issues/3", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-348xx/CVE-2023-34831.json b/CVE-2023/CVE-2023-348xx/CVE-2023-34831.json new file mode 100644 index 00000000000..1d52d299ac8 --- /dev/null +++ b/CVE-2023/CVE-2023-348xx/CVE-2023-34831.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-34831", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-29T03:15:09.517", + "lastModified": "2023-06-29T03:15:09.517", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The \"Submission Web Form\" of Turnitin LTI tool/plugin version 1.3 is affected by HTML Injection attacks. The security issue affects the submission web form (\"id\" and \"title\" HTTP POST parameters) where the students submit their reports for similarity/plagiarism checks." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/IthacaLabs/Turnitin/blob/main/Turnitin_LTI_1.3_HTMLi_CVE-2023-34831/Turnitin_LTI_1.3_HTMLi_CVE-2023-34831.txt", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/IthacaLabs/Turnitin/blob/main/Turnitin_Submission_Web_Form/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-348xx/CVE-2023-34834.json b/CVE-2023/CVE-2023-348xx/CVE-2023-34834.json new file mode 100644 index 00000000000..92a93869bc4 --- /dev/null +++ b/CVE-2023/CVE-2023-348xx/CVE-2023-34834.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-34834", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-29T03:15:09.563", + "lastModified": "2023-06-29T03:15:09.563", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A Directory Browsing vulnerability in MCL-Net version 4.3.5.8788 webserver running on default port 5080, allows attackers to gain sensitive information about the configured databases via the \"/file\" endpoint." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://www.mclv4.mcl-collection.com/index.php", + "source": "cve@mitre.org" + }, + { + "url": "https://www.exploit-db.com/exploits/51542", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-372xx/CVE-2023-37237.json b/CVE-2023/CVE-2023-372xx/CVE-2023-37237.json new file mode 100644 index 00000000000..5590c46ffeb --- /dev/null +++ b/CVE-2023/CVE-2023-372xx/CVE-2023-37237.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-37237", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-29T02:15:16.207", + "lastModified": "2023-06-29T02:15:16.207", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In Veritas NetBackup Appliance before 4.1.0.1 MR3, insecure permissions may allow an authenticated Admin to bypass shell restrictions and execute arbitrary operating system commands via SSH." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.2 + } + ] + }, + "references": [ + { + "url": "https://www.veritas.com/content/support/en_US/security/VTS23-004", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index b32c6c23850..e30b378b543 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-06-29T02:00:31.226986+00:00 +2023-06-29T04:00:26.718571+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-06-29T01:15:51.267000+00:00 +2023-06-29T03:15:09.563000+00:00 ``` ### Last Data Feed Release @@ -29,52 +29,54 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -218856 +218866 ``` ### CVEs added in the last Commit -Recently added CVEs: `8` +Recently added CVEs: `10` -* [CVE-2022-29144](CVE-2022/CVE-2022-291xx/CVE-2022-29144.json) (`2023-06-29T01:15:49.663`) -* [CVE-2022-29146](CVE-2022/CVE-2022-291xx/CVE-2022-29146.json) (`2023-06-29T01:15:50.000`) -* [CVE-2022-29147](CVE-2022/CVE-2022-291xx/CVE-2022-29147.json) (`2023-06-29T01:15:50.450`) -* [CVE-2023-33661](CVE-2023/CVE-2023-336xx/CVE-2023-33661.json) (`2023-06-29T00:15:09.567`) -* [CVE-2023-34738](CVE-2023/CVE-2023-347xx/CVE-2023-34738.json) (`2023-06-29T00:15:09.620`) -* [CVE-2023-34843](CVE-2023/CVE-2023-348xx/CVE-2023-34843.json) (`2023-06-29T00:15:09.670`) -* [CVE-2023-32610](CVE-2023/CVE-2023-326xx/CVE-2023-32610.json) (`2023-06-29T01:15:50.913`) -* [CVE-2023-36476](CVE-2023/CVE-2023-364xx/CVE-2023-36476.json) (`2023-06-29T01:15:51.267`) +* [CVE-2022-26899](CVE-2022/CVE-2022-268xx/CVE-2022-26899.json) (`2023-06-29T02:15:15.657`) +* [CVE-2022-46407](CVE-2022/CVE-2022-464xx/CVE-2022-46407.json) (`2023-06-29T02:15:15.827`) +* [CVE-2022-46408](CVE-2022/CVE-2022-464xx/CVE-2022-46408.json) (`2023-06-29T03:15:09.357`) +* [CVE-2023-1602](CVE-2023/CVE-2023-16xx/CVE-2023-1602.json) (`2023-06-29T02:15:15.937`) +* [CVE-2023-2982](CVE-2023/CVE-2023-29xx/CVE-2023-2982.json) (`2023-06-29T02:15:16.103`) +* [CVE-2023-37237](CVE-2023/CVE-2023-372xx/CVE-2023-37237.json) (`2023-06-29T02:15:16.207`) +* [CVE-2023-34648](CVE-2023/CVE-2023-346xx/CVE-2023-34648.json) (`2023-06-29T03:15:09.423`) +* [CVE-2023-34734](CVE-2023/CVE-2023-347xx/CVE-2023-34734.json) (`2023-06-29T03:15:09.470`) +* [CVE-2023-34831](CVE-2023/CVE-2023-348xx/CVE-2023-34831.json) (`2023-06-29T03:15:09.517`) +* [CVE-2023-34834](CVE-2023/CVE-2023-348xx/CVE-2023-34834.json) (`2023-06-29T03:15:09.563`) ### CVEs modified in the last Commit -Recently modified CVEs: `124` +Recently modified CVEs: `70` -* [CVE-2022-26891](CVE-2022/CVE-2022-268xx/CVE-2022-26891.json) (`2023-06-29T01:15:42.250`) -* [CVE-2022-26894](CVE-2022/CVE-2022-268xx/CVE-2022-26894.json) (`2023-06-29T01:15:42.607`) -* [CVE-2022-26895](CVE-2022/CVE-2022-268xx/CVE-2022-26895.json) (`2023-06-29T01:15:43.007`) -* [CVE-2022-26896](CVE-2022/CVE-2022-268xx/CVE-2022-26896.json) (`2023-06-29T01:15:43.333`) -* [CVE-2022-26897](CVE-2022/CVE-2022-268xx/CVE-2022-26897.json) (`2023-06-29T01:15:43.587`) -* [CVE-2022-26898](CVE-2022/CVE-2022-268xx/CVE-2022-26898.json) (`2023-06-29T01:15:43.880`) -* [CVE-2022-26900](CVE-2022/CVE-2022-269xx/CVE-2022-26900.json) (`2023-06-29T01:15:44.453`) -* [CVE-2022-26901](CVE-2022/CVE-2022-269xx/CVE-2022-26901.json) (`2023-06-29T01:15:44.737`) -* [CVE-2022-26903](CVE-2022/CVE-2022-269xx/CVE-2022-26903.json) (`2023-06-29T01:15:45.140`) -* [CVE-2022-26904](CVE-2022/CVE-2022-269xx/CVE-2022-26904.json) (`2023-06-29T01:15:45.370`) -* [CVE-2022-26907](CVE-2022/CVE-2022-269xx/CVE-2022-26907.json) (`2023-06-29T01:15:45.540`) -* [CVE-2022-26908](CVE-2022/CVE-2022-269xx/CVE-2022-26908.json) (`2023-06-29T01:15:45.777`) -* [CVE-2022-26909](CVE-2022/CVE-2022-269xx/CVE-2022-26909.json) (`2023-06-29T01:15:46.053`) -* [CVE-2022-26910](CVE-2022/CVE-2022-269xx/CVE-2022-26910.json) (`2023-06-29T01:15:46.310`) -* [CVE-2022-26911](CVE-2022/CVE-2022-269xx/CVE-2022-26911.json) (`2023-06-29T01:15:46.623`) -* [CVE-2022-26912](CVE-2022/CVE-2022-269xx/CVE-2022-26912.json) (`2023-06-29T01:15:46.863`) -* [CVE-2022-26914](CVE-2022/CVE-2022-269xx/CVE-2022-26914.json) (`2023-06-29T01:15:47.143`) -* [CVE-2022-26915](CVE-2022/CVE-2022-269xx/CVE-2022-26915.json) (`2023-06-29T01:15:47.453`) -* [CVE-2022-26916](CVE-2022/CVE-2022-269xx/CVE-2022-26916.json) (`2023-06-29T01:15:47.683`) -* [CVE-2022-26917](CVE-2022/CVE-2022-269xx/CVE-2022-26917.json) (`2023-06-29T01:15:47.850`) -* [CVE-2022-26918](CVE-2022/CVE-2022-269xx/CVE-2022-26918.json) (`2023-06-29T01:15:48.103`) -* [CVE-2022-26919](CVE-2022/CVE-2022-269xx/CVE-2022-26919.json) (`2023-06-29T01:15:48.303`) -* [CVE-2022-26920](CVE-2022/CVE-2022-269xx/CVE-2022-26920.json) (`2023-06-29T01:15:48.537`) -* [CVE-2022-26921](CVE-2022/CVE-2022-269xx/CVE-2022-26921.json) (`2023-06-29T01:15:48.897`) -* [CVE-2022-26924](CVE-2022/CVE-2022-269xx/CVE-2022-26924.json) (`2023-06-29T01:15:49.313`) +* [CVE-2022-24465](CVE-2022/CVE-2022-244xx/CVE-2022-24465.json) (`2023-06-29T02:15:13.323`) +* [CVE-2022-24467](CVE-2022/CVE-2022-244xx/CVE-2022-24467.json) (`2023-06-29T02:15:13.437`) +* [CVE-2022-24468](CVE-2022/CVE-2022-244xx/CVE-2022-24468.json) (`2023-06-29T02:15:13.513`) +* [CVE-2022-24469](CVE-2022/CVE-2022-244xx/CVE-2022-24469.json) (`2023-06-29T02:15:13.587`) +* [CVE-2022-24470](CVE-2022/CVE-2022-244xx/CVE-2022-24470.json) (`2023-06-29T02:15:13.673`) +* [CVE-2022-24471](CVE-2022/CVE-2022-244xx/CVE-2022-24471.json) (`2023-06-29T02:15:13.770`) +* [CVE-2022-24501](CVE-2022/CVE-2022-245xx/CVE-2022-24501.json) (`2023-06-29T02:15:13.857`) +* [CVE-2022-24502](CVE-2022/CVE-2022-245xx/CVE-2022-24502.json) (`2023-06-29T02:15:13.947`) +* [CVE-2022-24503](CVE-2022/CVE-2022-245xx/CVE-2022-24503.json) (`2023-06-29T02:15:14.030`) +* [CVE-2022-24505](CVE-2022/CVE-2022-245xx/CVE-2022-24505.json) (`2023-06-29T02:15:14.133`) +* [CVE-2022-24506](CVE-2022/CVE-2022-245xx/CVE-2022-24506.json) (`2023-06-29T02:15:14.257`) +* [CVE-2022-24507](CVE-2022/CVE-2022-245xx/CVE-2022-24507.json) (`2023-06-29T02:15:14.337`) +* [CVE-2022-24508](CVE-2022/CVE-2022-245xx/CVE-2022-24508.json) (`2023-06-29T02:15:14.417`) +* [CVE-2022-24509](CVE-2022/CVE-2022-245xx/CVE-2022-24509.json) (`2023-06-29T02:15:14.510`) +* [CVE-2022-24510](CVE-2022/CVE-2022-245xx/CVE-2022-24510.json) (`2023-06-29T02:15:14.597`) +* [CVE-2022-24511](CVE-2022/CVE-2022-245xx/CVE-2022-24511.json) (`2023-06-29T02:15:14.683`) +* [CVE-2022-24512](CVE-2022/CVE-2022-245xx/CVE-2022-24512.json) (`2023-06-29T02:15:14.777`) +* [CVE-2022-24515](CVE-2022/CVE-2022-245xx/CVE-2022-24515.json) (`2023-06-29T02:15:14.877`) +* [CVE-2022-24517](CVE-2022/CVE-2022-245xx/CVE-2022-24517.json) (`2023-06-29T02:15:14.997`) +* [CVE-2022-24518](CVE-2022/CVE-2022-245xx/CVE-2022-24518.json) (`2023-06-29T02:15:15.077`) +* [CVE-2022-24519](CVE-2022/CVE-2022-245xx/CVE-2022-24519.json) (`2023-06-29T02:15:15.167`) +* [CVE-2022-24520](CVE-2022/CVE-2022-245xx/CVE-2022-24520.json) (`2023-06-29T02:15:15.267`) +* [CVE-2022-24522](CVE-2022/CVE-2022-245xx/CVE-2022-24522.json) (`2023-06-29T02:15:15.360`) +* [CVE-2022-24525](CVE-2022/CVE-2022-245xx/CVE-2022-24525.json) (`2023-06-29T02:15:15.457`) +* [CVE-2022-24526](CVE-2022/CVE-2022-245xx/CVE-2022-24526.json) (`2023-06-29T02:15:15.557`) ## Download and Usage