Auto-Update: 2024-08-27T20:00:17.835238+00:00

fkie-cad · Aug 27, 2024 · 37a7ba5 · 37a7ba5
1 parent 06d8a1d
commit 37a7ba5
Show file tree

Hide file tree

Showing 93 changed files with 4,758 additions and 817 deletions.
diff --git a/CVE-2019/CVE-2019-190xx/CVE-2019-19049.json b/CVE-2019/CVE-2019-190xx/CVE-2019-19049.json
@@ -2,8 +2,8 @@
   "id": "CVE-2019-19049",
   "sourceIdentifier": "[email protected]",
   "published": "2019-11-18T06:15:11.640",
-  "lastModified": "2024-08-05T02:15:57.810",
-  "vulnStatus": "Modified",
+  "lastModified": "2024-08-27T18:44:14.520",
+  "vulnStatus": "Analyzed",
   "cveTags": [
     {
       "sourceIdentifier": "[email protected]",
@@ -93,8 +93,52 @@
             {
               "vulnerable": true,
               "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
+              "versionStartIncluding": "3.17",
+              "versionEndExcluding": "4.4.200",
+              "matchCriteriaId": "6748ABF8-124E-4304-853C-24C0E719A55B"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
+              "versionStartIncluding": "4.5",
+              "versionEndExcluding": "4.9.200",
+              "matchCriteriaId": "8F820171-74F9-4002-93B0-7569665CFE05"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
+              "versionStartIncluding": "4.10",
+              "versionEndExcluding": "4.14.153",
+              "matchCriteriaId": "C55640AE-5371-476C-8C65-148F7E3990C5"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
+              "versionStartIncluding": "4.15",
+              "versionEndExcluding": "4.19.83",
+              "matchCriteriaId": "182277BD-EFC5-494B-888A-F7D12B80E56E"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
+              "versionStartIncluding": "4.20",
               "versionEndExcluding": "5.3.10",
-              "matchCriteriaId": "F30BED58-4FF3-46D2-A535-AC5A126D67A3"
+              "matchCriteriaId": "39BAAF54-1709-4F76-BAA4-A2D183722FEA"
+            }
+          ]
+        }
+      ]
+    },
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
+              "matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493"
             }
           ]
         }
@@ -104,11 +148,18 @@
   "references": [
     {
       "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html",
-      "source": "[email protected]"
+      "source": "[email protected]",
+      "tags": [
+        "Mailing List",
+        "Third Party Advisory"
+      ]
     },
     {
       "url": "https://bugzilla.suse.com/show_bug.cgi?id=1157173",
-      "source": "[email protected]"
+      "source": "[email protected]",
+      "tags": [
+        "Issue Tracking"
+      ]
     },
     {
       "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.10",

diff --git a/CVE-2019/CVE-2019-190xx/CVE-2019-19064.json b/CVE-2019/CVE-2019-190xx/CVE-2019-19064.json
@@ -2,8 +2,8 @@
   "id": "CVE-2019-19064",
   "sourceIdentifier": "[email protected]",
   "published": "2019-11-18T06:15:12.607",
-  "lastModified": "2024-08-05T02:15:58.570",
-  "vulnStatus": "Modified",
+  "lastModified": "2024-08-27T19:38:19.673",
+  "vulnStatus": "Analyzed",
   "cveTags": [
     {
       "sourceIdentifier": "[email protected]",
@@ -93,8 +93,29 @@
             {
               "vulnerable": true,
               "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
-              "versionEndIncluding": "5.3.11",
-              "matchCriteriaId": "EB2904AC-AD7A-498D-8619-CBB421E9165D"
+              "versionStartIncluding": "5.2",
+              "versionEndExcluding": "5.4.13",
+              "matchCriteriaId": "0C926075-BF14-456C-96D1-0FFA1A4DD150"
+            }
+          ]
+        }
+      ]
+    },
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
+              "matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
+              "matchCriteriaId": "80F0FA5D-8D3B-4C0E-81E2-87998286AF33"
             }
           ]
         }
@@ -104,7 +125,10 @@
   "references": [
     {
       "url": "https://bugzilla.suse.com/show_bug.cgi?id=1157300",
-      "source": "[email protected]"
+      "source": "[email protected]",
+      "tags": [
+        "Issue Tracking"
+      ]
     },
     {
       "url": "https://github.com/torvalds/linux/commit/057b8945f78f76d0b04eeb5c27cd9225e5e7ad86",
@@ -116,15 +140,24 @@
     },
     {
       "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/",
-      "source": "[email protected]"
+      "source": "[email protected]",
+      "tags": [
+        "Mailing List"
+      ]
     },
     {
       "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/",
-      "source": "[email protected]"
+      "source": "[email protected]",
+      "tags": [
+        "Mailing List"
+      ]
     },
     {
       "url": "https://usn.ubuntu.com/4300-1/",
-      "source": "[email protected]"
+      "source": "[email protected]",
+      "tags": [
+        "Third Party Advisory"
+      ]
     }
   ]
 }
diff --git a/CVE-2021/CVE-2021-381xx/CVE-2021-38160.json b/CVE-2021/CVE-2021-381xx/CVE-2021-38160.json
@@ -2,8 +2,8 @@
   "id": "CVE-2021-38160",
   "sourceIdentifier": "[email protected]",
   "published": "2021-08-07T04:15:06.967",
-  "lastModified": "2024-08-04T02:15:30.860",
-  "vulnStatus": "Modified",
+  "lastModified": "2024-08-27T19:37:50.600",
+  "vulnStatus": "Analyzed",
   "cveTags": [
     {
       "sourceIdentifier": "[email protected]",
@@ -93,8 +93,58 @@
             {
               "vulnerable": true,
               "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
+              "versionStartIncluding": "2.6.24",
+              "versionEndExcluding": "4.4.276",
+              "matchCriteriaId": "1DAFBDE6-EDBA-4AB8-9AF9-6359EB1CE1A0"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
+              "versionStartIncluding": "4.5",
+              "versionEndExcluding": "4.9.276",
+              "matchCriteriaId": "C79FFC06-9530-4CD7-B651-01D786CC925E"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
+              "versionStartIncluding": "4.10",
+              "versionEndExcluding": "4.14.240",
+              "matchCriteriaId": "FB359B2E-773D-4D52-9915-E07A47ABE72B"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
+              "versionStartIncluding": "4.15",
+              "versionEndExcluding": "4.19.198",
+              "matchCriteriaId": "B93AEDB9-C52B-4222-8F9A-882DAD9EF5B2"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
+              "versionStartIncluding": "4.20",
+              "versionEndExcluding": "5.4.134",
+              "matchCriteriaId": "508D9771-335F-44A6-9F2F-880DF1267A1F"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
+              "versionStartIncluding": "5.5",
+              "versionEndExcluding": "5.10.52",
+              "matchCriteriaId": "7C1E6FB6-53C8-4DC4-8AE5-93094BA39F62"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
+              "versionStartIncluding": "5.11",
+              "versionEndExcluding": "5.12.19",
+              "matchCriteriaId": "34C1A2F4-DD44-4CF1-8FD4-751A0D746A9E"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
+              "versionStartIncluding": "5.13",
               "versionEndExcluding": "5.13.4",
-              "matchCriteriaId": "4C85356F-2C6C-4FB9-B0CA-949711182223"
+              "matchCriteriaId": "F93FA3CC-0C79-410B-A7D7-245C2AA0723A"
             }
           ]
         }

diff --git a/CVE-2022/CVE-2022-342xx/CVE-2022-34269.json b/CVE-2022/CVE-2022-342xx/CVE-2022-34269.json
@@ -2,7 +2,7 @@
   "id": "CVE-2022-34269",
   "sourceIdentifier": "[email protected]",
   "published": "2024-02-29T01:35:13.213",
-  "lastModified": "2024-02-29T13:49:47.277",
+  "lastModified": "2024-08-27T18:35:00.573",
   "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
@@ -15,7 +15,42 @@
       "value": "Se descubri\u00f3 un problema en RWS WorldServer antes de la versi\u00f3n 11.7.3. Un atacante remoto autenticado puede realizar un ataque SSRF ciego ws-legacy/load_dtd?system_id= para implementar c\u00f3digo JSP en el servicio Apache Axis que se ejecuta en la interfaz del host local, lo que lleva a la ejecuci\u00f3n del comando."
     }
   ],
-  "metrics": {},
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 8.8,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-918"
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://www.rws.com/localization/products/trados-enterprise/worldserver/",

diff --git a/CVE-2022/CVE-2022-399xx/CVE-2022-39996.json b/CVE-2022/CVE-2022-399xx/CVE-2022-39996.json
@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2022-39996",
+  "sourceIdentifier": "[email protected]",
+  "published": "2024-08-27T18:15:13.197",
+  "lastModified": "2024-08-27T19:35:01.613",
+  "vulnStatus": "Awaiting Analysis",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Cross Site Scripting vulnerability in Teldats Router RS123, RS123w allows attacker to execute arbitrary code via the cmdcookie parameter to the upgrade/query.php page."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 5.4,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.3,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/uyhacked/Teldat-s-Router/blob/main/Teldat",
+      "source": "[email protected]"
+    },
+    {
+      "url": "https://github.com/uyhacked/Teldat-s-Router/blob/main/Teldat%27s%20Router%20Vulnerability.md",
+      "source": "[email protected]"
+    }
+  ]
+}
diff --git a/CVE-2022/CVE-2022-399xx/CVE-2022-39997.json b/CVE-2022/CVE-2022-399xx/CVE-2022-39997.json
@@ -0,0 +1,25 @@
+{
+  "id": "CVE-2022-39997",
+  "sourceIdentifier": "[email protected]",
+  "published": "2024-08-27T19:15:15.953",
+  "lastModified": "2024-08-27T19:15:15.953",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A weak password requirement issue was discovered in Teldats Router RS123, RS123w allows a remote attacker to escalate privileges"
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/uyhacked/Teldat-s-Router/blob/main/Teldat",
+      "source": "[email protected]"
+    },
+    {
+      "url": "https://github.com/uyhacked/Teldat-s-Router/blob/main/Teldat%27s%20Router%20Vulnerability.md",
+      "source": "[email protected]"
+    }
+  ]
+}