Advisory Database Sync

github · Dec 31, 2023 · 308f9ca · 308f9ca
1 parent 83934eb
commit 308f9ca
Show file tree

Hide file tree

Showing 195 changed files with 999 additions and 409 deletions.
diff --git a/advisories/unreviewed/2022/05/GHSA-25wg-pp2p-rfw9/GHSA-25wg-pp2p-rfw9.json b/advisories/unreviewed/2022/05/GHSA-25wg-pp2p-rfw9/GHSA-25wg-pp2p-rfw9.json
@@ -1,14 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-25wg-pp2p-rfw9",
-  "modified": "2022-05-24T17:30:57Z",
+  "modified": "2023-12-31T21:30:23Z",
   "published": "2022-05-24T17:30:57Z",
   "aliases": [
     "CVE-2020-16923"
   ],
   "details": "A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1167.",
   "severity": [
-
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+    }
   ],
   "affected": [
 

diff --git a/advisories/unreviewed/2022/05/GHSA-2fx8-gx73-p72f/GHSA-2fx8-gx73-p72f.json b/advisories/unreviewed/2022/05/GHSA-2fx8-gx73-p72f/GHSA-2fx8-gx73-p72f.json
@@ -1,14 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-2fx8-gx73-p72f",
-  "modified": "2022-05-24T17:33:40Z",
+  "modified": "2023-12-31T21:30:24Z",
   "published": "2022-05-24T17:33:40Z",
   "aliases": [
     "CVE-2020-16998"
   ],
   "details": "DirectX Elevation of Privilege Vulnerability",
   "severity": [
-
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
+    }
   ],
   "affected": [
 

diff --git a/advisories/unreviewed/2022/05/GHSA-2gpf-vwmc-jj37/GHSA-2gpf-vwmc-jj37.json b/advisories/unreviewed/2022/05/GHSA-2gpf-vwmc-jj37/GHSA-2gpf-vwmc-jj37.json
@@ -1,14 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-2gpf-vwmc-jj37",
-  "modified": "2022-05-24T17:33:41Z",
+  "modified": "2023-12-31T21:30:25Z",
   "published": "2022-05-24T17:33:41Z",
   "aliases": [
     "CVE-2020-17007"
   ],
   "details": "Windows Error Reporting Elevation of Privilege Vulnerability",
   "severity": [
-
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
+    }
   ],
   "affected": [
 

diff --git a/advisories/unreviewed/2022/05/GHSA-2qp9-54h2-9wwv/GHSA-2qp9-54h2-9wwv.json b/advisories/unreviewed/2022/05/GHSA-2qp9-54h2-9wwv/GHSA-2qp9-54h2-9wwv.json
@@ -1,14 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-2qp9-54h2-9wwv",
-  "modified": "2022-05-24T17:31:02Z",
+  "modified": "2023-12-31T21:30:24Z",
   "published": "2022-05-24T17:31:02Z",
   "aliases": [
     "CVE-2020-17003"
   ],
   "details": "A remote code execution vulnerability exists when the Base3D rendering engine improperly handles memory.An attacker who successfully exploited the vulnerability would gain execution on a victim system.The security update addresses the vulnerability by correcting how the Base3D rendering engine handles memory., aka 'Base3D Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-16918.",
   "severity": [
-
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+    }
   ],
   "affected": [
 

diff --git a/advisories/unreviewed/2022/05/GHSA-2r72-fwfv-2p48/GHSA-2r72-fwfv-2p48.json b/advisories/unreviewed/2022/05/GHSA-2r72-fwfv-2p48/GHSA-2r72-fwfv-2p48.json
@@ -1,14 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-2r72-fwfv-2p48",
-  "modified": "2022-05-24T17:33:39Z",
+  "modified": "2023-12-31T21:30:24Z",
   "published": "2022-05-24T17:33:39Z",
   "aliases": [
     "CVE-2020-16988"
   ],
   "details": "Azure Sphere Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-16981, CVE-2020-16989, CVE-2020-16992, CVE-2020-16993.",
   "severity": [
-
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"
+    }
   ],
   "affected": [
 

diff --git a/advisories/unreviewed/2022/05/GHSA-2wcf-8w35-jp7x/GHSA-2wcf-8w35-jp7x.json b/advisories/unreviewed/2022/05/GHSA-2wcf-8w35-jp7x/GHSA-2wcf-8w35-jp7x.json
@@ -1,14 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-2wcf-8w35-jp7x",
-  "modified": "2022-05-24T17:33:42Z",
+  "modified": "2023-12-31T21:30:25Z",
   "published": "2022-05-24T17:33:42Z",
   "aliases": [
     "CVE-2020-17016"
   ],
   "details": "Microsoft SharePoint Spoofing Vulnerability This CVE ID is unique from CVE-2020-17015, CVE-2020-17060.",
   "severity": [
-
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"
+    }
   ],
   "affected": [
 

diff --git a/advisories/unreviewed/2022/05/GHSA-3547-93q4-3wvc/GHSA-3547-93q4-3wvc.json b/advisories/unreviewed/2022/05/GHSA-3547-93q4-3wvc/GHSA-3547-93q4-3wvc.json
@@ -1,14 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-3547-93q4-3wvc",
-  "modified": "2022-05-24T17:33:41Z",
+  "modified": "2023-12-31T21:30:25Z",
   "published": "2022-05-24T17:33:41Z",
   "aliases": [
     "CVE-2020-17006"
   ],
   "details": "Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability This CVE ID is unique from CVE-2020-17005, CVE-2020-17018, CVE-2020-17021.",
   "severity": [
-
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"
+    }
   ],
   "affected": [
 

diff --git a/advisories/unreviewed/2022/05/GHSA-374m-mqq5-65qf/GHSA-374m-mqq5-65qf.json b/advisories/unreviewed/2022/05/GHSA-374m-mqq5-65qf/GHSA-374m-mqq5-65qf.json
@@ -1,14 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-374m-mqq5-65qf",
-  "modified": "2022-05-24T17:33:40Z",
+  "modified": "2023-12-31T21:30:24Z",
   "published": "2022-05-24T17:33:40Z",
   "aliases": [
     "CVE-2020-16997"
   ],
   "details": "Remote Desktop Protocol Server Information Disclosure Vulnerability",
   "severity": [
-
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"
+    }
   ],
   "affected": [
 

diff --git a/advisories/unreviewed/2022/05/GHSA-386j-h4xj-j5ph/GHSA-386j-h4xj-j5ph.json b/advisories/unreviewed/2022/05/GHSA-386j-h4xj-j5ph/GHSA-386j-h4xj-j5ph.json
@@ -1,14 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-386j-h4xj-j5ph",
-  "modified": "2022-05-24T17:31:00Z",
+  "modified": "2023-12-31T21:30:23Z",
   "published": "2022-05-24T17:31:00Z",
   "aliases": [
     "CVE-2020-16940"
   ],
   "details": "An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles junction points, aka 'Windows - User Profile Service Elevation of Privilege Vulnerability'.",
   "severity": [
-
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+    }
   ],
   "affected": [
 

diff --git a/advisories/unreviewed/2022/05/GHSA-38h4-92v3-hhh5/GHSA-38h4-92v3-hhh5.json b/advisories/unreviewed/2022/05/GHSA-38h4-92v3-hhh5/GHSA-38h4-92v3-hhh5.json
@@ -1,14 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-38h4-92v3-hhh5",
-  "modified": "2022-05-24T17:33:42Z",
+  "modified": "2023-12-31T21:30:25Z",
   "published": "2022-05-24T17:33:42Z",
   "aliases": [
     "CVE-2020-17021"
   ],
   "details": "Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability This CVE ID is unique from CVE-2020-17005, CVE-2020-17006, CVE-2020-17018.",
   "severity": [
-
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"
+    }
   ],
   "affected": [
 

diff --git a/advisories/unreviewed/2022/05/GHSA-3c69-6w5j-4xrh/GHSA-3c69-6w5j-4xrh.json b/advisories/unreviewed/2022/05/GHSA-3c69-6w5j-4xrh/GHSA-3c69-6w5j-4xrh.json
@@ -1,14 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-3c69-6w5j-4xrh",
-  "modified": "2022-05-24T17:30:56Z",
+  "modified": "2023-12-31T21:30:22Z",
   "published": "2022-05-24T17:30:56Z",
   "aliases": [
     "CVE-2020-16907"
   ],
   "details": "An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-16913.",
   "severity": [
-
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+    }
   ],
   "affected": [
 

diff --git a/advisories/unreviewed/2022/05/GHSA-3p6w-82x2-65rf/GHSA-3p6w-82x2-65rf.json b/advisories/unreviewed/2022/05/GHSA-3p6w-82x2-65rf/GHSA-3p6w-82x2-65rf.json
@@ -1,14 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-3p6w-82x2-65rf",
-  "modified": "2022-05-24T17:30:57Z",
+  "modified": "2023-12-31T21:30:23Z",
   "published": "2022-05-24T17:30:57Z",
   "aliases": [
     "CVE-2020-16928"
   ],
   "details": "An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files, aka 'Microsoft Office Click-to-Run Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-16934, CVE-2020-16955.",
   "severity": [
-
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+    }
   ],
   "affected": [
 

diff --git a/advisories/unreviewed/2022/05/GHSA-3pq5-r3xm-vfqc/GHSA-3pq5-r3xm-vfqc.json b/advisories/unreviewed/2022/05/GHSA-3pq5-r3xm-vfqc/GHSA-3pq5-r3xm-vfqc.json
@@ -1,14 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-3pq5-r3xm-vfqc",
-  "modified": "2022-05-24T17:33:45Z",
+  "modified": "2023-12-31T21:30:27Z",
   "published": "2022-05-24T17:33:45Z",
   "aliases": [
     "CVE-2020-17043"
   ],
   "details": "Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17044, CVE-2020-17055.",
   "severity": [
-
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+    }
   ],
   "affected": [
 

diff --git a/advisories/unreviewed/2022/05/GHSA-42r2-5q5x-6f5w/GHSA-42r2-5q5x-6f5w.json b/advisories/unreviewed/2022/05/GHSA-42r2-5q5x-6f5w/GHSA-42r2-5q5x-6f5w.json
@@ -1,14 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-42r2-5q5x-6f5w",
-  "modified": "2022-05-24T17:30:56Z",
+  "modified": "2023-12-31T21:30:22Z",
   "published": "2022-05-24T17:30:56Z",
   "aliases": [
     "CVE-2020-16916"
   ],
   "details": "An elevation of privilege vulnerability exists when Windows improperly handles COM object creation, aka 'Windows COM Server Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-16935.",
   "severity": [
-
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+    }
   ],
   "affected": [
 

diff --git a/advisories/unreviewed/2022/05/GHSA-4426-wxwq-q9rv/GHSA-4426-wxwq-q9rv.json b/advisories/unreviewed/2022/05/GHSA-4426-wxwq-q9rv/GHSA-4426-wxwq-q9rv.json
@@ -1,14 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-4426-wxwq-q9rv",
-  "modified": "2022-05-24T17:33:53Z",
+  "modified": "2023-12-31T21:30:30Z",
   "published": "2022-05-24T17:33:53Z",
   "aliases": [
     "CVE-2020-17107"
   ],
   "details": "HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17106, CVE-2020-17108, CVE-2020-17109, CVE-2020-17110.",
   "severity": [
-
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+    }
   ],
   "affected": [
 

diff --git a/advisories/unreviewed/2022/05/GHSA-46w7-72mj-jqwq/GHSA-46w7-72mj-jqwq.json b/advisories/unreviewed/2022/05/GHSA-46w7-72mj-jqwq/GHSA-46w7-72mj-jqwq.json
@@ -1,14 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-46w7-72mj-jqwq",
-  "modified": "2022-05-24T17:33:51Z",
+  "modified": "2023-12-31T21:30:29Z",
   "published": "2022-05-24T17:33:51Z",
   "aliases": [
     "CVE-2020-17081"
   ],
   "details": "Microsoft Raw Image Extension Information Disclosure Vulnerability",
   "severity": [
-
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"
+    }
   ],
   "affected": [
 

diff --git a/advisories/unreviewed/2022/05/GHSA-488g-rx3g-pv33/GHSA-488g-rx3g-pv33.json b/advisories/unreviewed/2022/05/GHSA-488g-rx3g-pv33/GHSA-488g-rx3g-pv33.json
@@ -1,14 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-488g-rx3g-pv33",
-  "modified": "2022-05-24T17:30:58Z",
+  "modified": "2023-12-31T21:30:23Z",
   "published": "2022-05-24T17:30:58Z",
   "aliases": [
     "CVE-2020-16936"
   ],
   "details": "An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Backup Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-16912, CVE-2020-16972, CVE-2020-16973, CVE-2020-16974, CVE-2020-16975, CVE-2020-16976.",
   "severity": [
-
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+    }
   ],
   "affected": [
 

diff --git a/advisories/unreviewed/2022/05/GHSA-48j5-4383-xf7j/GHSA-48j5-4383-xf7j.json b/advisories/unreviewed/2022/05/GHSA-48j5-4383-xf7j/GHSA-48j5-4383-xf7j.json
@@ -1,14 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-48j5-4383-xf7j",
-  "modified": "2022-05-24T17:33:42Z",
+  "modified": "2023-12-31T21:30:25Z",
   "published": "2022-05-24T17:33:42Z",
   "aliases": [
     "CVE-2020-17029"
   ],
   "details": "Windows Canonical Display Driver Information Disclosure Vulnerability",
   "severity": [
-
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
+    }
   ],
   "affected": [
 

diff --git a/advisories/unreviewed/2022/05/GHSA-48xg-22gf-h585/GHSA-48xg-22gf-h585.json b/advisories/unreviewed/2022/05/GHSA-48xg-22gf-h585/GHSA-48xg-22gf-h585.json
@@ -1,14 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-48xg-22gf-h585",
-  "modified": "2022-05-24T17:33:42Z",
+  "modified": "2023-12-31T21:30:25Z",
   "published": "2022-05-24T17:33:42Z",
   "aliases": [
     "CVE-2020-17018"
   ],
   "details": "Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability This CVE ID is unique from CVE-2020-17005, CVE-2020-17006, CVE-2020-17021.",
   "severity": [
-
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"
+    }
   ],
   "affected": [
 

diff --git a/advisories/unreviewed/2022/05/GHSA-4m8x-ppc6-475j/GHSA-4m8x-ppc6-475j.json b/advisories/unreviewed/2022/05/GHSA-4m8x-ppc6-475j/GHSA-4m8x-ppc6-475j.json
@@ -1,14 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-4m8x-ppc6-475j",
-  "modified": "2022-05-24T17:33:41Z",
+  "modified": "2023-12-31T21:30:25Z",
   "published": "2022-05-24T17:33:41Z",
   "aliases": [
     "CVE-2020-17014"
   ],
   "details": "Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17001.",
   "severity": [
-
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+    }
   ],
   "affected": [