admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-11-01 19:00:30 +00:00
parent 629b3cc975
commit 03b0e87ac6
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
31 changed files with 1078 additions and 166 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
2020/4xxx/CVE-2020-4099.json
View File

@ -1,6 +1,6 @@
{
"CVE_data_meta": {
"ASSIGNER": "PSIRT@hcl.com",
"ASSIGNER": "psirt@hcl.com",
"DATE_PUBLIC": "2022-10-14T17:47:00.000Z",
"ID": "CVE-2020-4099",
"STATE": "PUBLIC",
@ -36,7 +36,7 @@
"description_data": [
{
"lang": "eng",
"value": "The application was signed using a key length less than or equal to 1024 bits, making it potentially vulnerable to forged digital signatures. An attacker could forge the same digital signature of the app after maliciously modifying the app."
"value": "The application was signed using a key length less than or equal to 1024 bits, making it potentially vulnerable to forged digital signatures. An attacker could forge the same digital signature of the app after maliciously modifying the app."
}
]
},
@ -74,12 +74,13 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0100861"
"refsource": "MISC",
"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0100861",
"name": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0100861"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}

207
2022/23xxx/CVE-2022-23738.json
View File

@ -1,109 +1,114 @@
{
"CVE_data_meta": {
"ASSIGNER": "product-cna@github.com",
"ID": "CVE-2022-23738",
"STATE": "PUBLIC",
"TITLE": "Incomplete cache verification issue in GitHub Enterprise Server leading to exposure of private repo files"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "GitHub Enterprise Server",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3.2",
"version_value": "3.2.20"
"CVE_data_meta": {
"ASSIGNER": "product-cna@github.com",
"ID": "CVE-2022-23738",
"STATE": "PUBLIC",
"TITLE": "Incomplete cache verification issue in GitHub Enterprise Server leading to exposure of private repo files"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "GitHub Enterprise Server",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3.2",
"version_value": "3.2.20"
},
{
"version_affected": "<",
"version_name": "3.3",
"version_value": "3.3.15"
},
{
"version_affected": "<",
"version_name": "3.4",
"version_value": "3.4.10"
},
{
"version_affected": "<",
"version_name": "3.5",
"version_value": "3.5.7"
},
{
"version_affected": "<",
"version_name": "3.6",
"version_value": "3.6.3"
}
]
}
}
]
},
{
"version_affected": "<",
"version_name": "3.3",
"version_value": "3.3.15"
},
{
"version_affected": "<",
"version_name": "3.4",
"version_value": "3.4.10"
},
{
"version_affected": "<",
"version_name": "3.5",
"version_value": "3.5.7"
},
{
"version_affected": "<",
"version_name": "3.6",
"version_value": "3.6.3"
}
]
"vendor_name": "GitHub"
}
}
]
},
"vendor_name": "GitHub"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "ahacker1"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An improper cache key vulnerability was identified in GitHub Enterprise Server that allowed an unauthorized actor to access private repository files through a public repository. To exploit this, an actor would need to already be authorized on the GitHub Enterprise Server instance, be able to create a public repository, and have a site administrator visit a specially crafted URL. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.6 and was fixed in versions 3.2.20, 3.3.15, 3.4.10, 3.5.7, 3.6.3. This vulnerability was reported via the GitHub Bug Bounty program."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
},
"credit": [
{
"lang": "eng",
"value": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor"
}
"value": "ahacker1"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An improper cache key vulnerability was identified in GitHub Enterprise Server that allowed an unauthorized actor to access private repository files through a public repository. To exploit this, an actor would need to already be authorized on the GitHub Enterprise Server instance, be able to create a public repository, and have a site administrator visit a specially crafted URL. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.6 and was fixed in versions 3.2.20, 3.3.15, 3.4.10, 3.5.7, 3.6.3. This vulnerability was reported via the GitHub Bug Bounty program."
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://docs.github.com/en/enterprise-server@3.2/admin/release-notes#3.2.20"
},
{
"refsource": "CONFIRM",
"url": "https://docs.github.com/en/enterprise-server@3.3/admin/release-notes#3.3.15"
},
{
"refsource": "CONFIRM",
"url": "https://docs.github.com/en/enterprise-server@3.4/admin/release-notes#3.4.10"
},
{
"refsource": "CONFIRM",
"url": "https://docs.github.com/en/enterprise-server@3.5/admin/release-notes#3.5.7"
},
{
"refsource": "CONFIRM",
"url": "https://docs.github.com/en/enterprise-server@3.6/admin/release-notes#3.6.3"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://docs.github.com/en/enterprise-server@3.2/admin/release-notes#3.2.20",
"name": "https://docs.github.com/en/enterprise-server@3.2/admin/release-notes#3.2.20"
},
{
"refsource": "MISC",
"url": "https://docs.github.com/en/enterprise-server@3.3/admin/release-notes#3.3.15",
"name": "https://docs.github.com/en/enterprise-server@3.3/admin/release-notes#3.3.15"
},
{
"refsource": "MISC",
"url": "https://docs.github.com/en/enterprise-server@3.4/admin/release-notes#3.4.10",
"name": "https://docs.github.com/en/enterprise-server@3.4/admin/release-notes#3.4.10"
},
{
"refsource": "MISC",
"url": "https://docs.github.com/en/enterprise-server@3.5/admin/release-notes#3.5.7",
"name": "https://docs.github.com/en/enterprise-server@3.5/admin/release-notes#3.5.7"
},
{
"refsource": "MISC",
"url": "https://docs.github.com/en/enterprise-server@3.6/admin/release-notes#3.6.3",
"name": "https://docs.github.com/en/enterprise-server@3.6/admin/release-notes#3.6.3"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}

5
2022/31xxx/CVE-2022-31777.json
View File

@ -78,6 +78,11 @@
"refsource": "MISC",
"url": "https://lists.apache.org/thread/60mgbswq2lsmrxykfxpqq13ztkm2ht6q",
"name": "https://lists.apache.org/thread/60mgbswq2lsmrxykfxpqq13ztkm2ht6q"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20221101 CVE-2022-31777: Apache Spark XSS vulnerability in log viewer UI Javascript",
"url": "http://www.openwall.com/lists/oss-security/2022/11/01/14"
}
]
},

5
2022/34xxx/CVE-2022-34662.json
View File

@ -73,6 +73,11 @@
"refsource": "MISC",
"url": "https://lists.apache.org/thread/pbdzqf9ntxyvs4cr0x2dgk9zlf43btz8",
"name": "https://lists.apache.org/thread/pbdzqf9ntxyvs4cr0x2dgk9zlf43btz8"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20221101 CVE-2022-34662: Apache DolphinScheduler prior to 3.0.0 allows path traversal",
"url": "http://www.openwall.com/lists/oss-security/2022/11/01/13"
}
]
},

5
2022/37xxx/CVE-2022-37454.json
View File

@ -81,6 +81,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221101 [SECURITY] [DLA 3175-1] python3.7 security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00000.html"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2022-f2a5082860",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4/"
}
]
}

58
2022/3xxx/CVE-2022-3304.json
View File

@ -1,17 +1,67 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-3304",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "chrome-cve-admin@google.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Use after free in CSS in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chrome security severity: High)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "Chrome-Release-0-M106",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1358907",
"refsource": "MISC",
"name": "https://crbug.com/1358907"
},
{
"url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html",
"refsource": "MISC",
"name": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html"
}
]
}

5
2022/3xxx/CVE-2022-3518.json
View File

@ -66,6 +66,11 @@
"url": "https://vuldb.com/?id.211014",
"refsource": "MISC",
"name": "https://vuldb.com/?id.211014"
},
{
"refsource": "MISC",
"name": "https://github.com/lohith19/CVE-2022-3518/blob/main/POC",
"url": "https://github.com/lohith19/CVE-2022-3518/blob/main/POC"
}
]
}

60
2022/3xxx/CVE-2022-3780.json
View File

@ -1,18 +1,70 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-3780",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@devolutions.net",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Database connections on deleted users could stay active on MySQL data sources in Remote Desktop Manager 2022.3.7 and below which allow deleted users to access unauthorized data. This issue affects : Remote Desktop Manager 2022.3.7 and prior versions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284 Improper Access Control",
"cweId": "CWE-284"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Devolutions",
"product": {
"product_data": [
{
"product_name": "Remote Desktop Manager",
"version": {
"version_data": [
{
"version_value": "0",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://devolutions.net/security/advisories/DEVO-2022-0008",
"refsource": "MISC",
"name": "https://devolutions.net/security/advisories/DEVO-2022-0008"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
}
}

71
2022/3xxx/CVE-2022-3781.json
View File

@ -1,18 +1,81 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-3781",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@devolutions.net",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Dashlane password and Keepass Server password in My Account Settings are not encrypted in the database in Devolutions Remote Desktop Manager 2022.2.26 and prior versions and Devolutions Server 2022.3.1 and prior versions which allows database users to read the data. This issue affects : Remote Desktop Manager 2022.2.26 and prior versions. Devolutions Server 2022.3.1 and prior versions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-311 Missing Encryption of Sensitive Data",
"cweId": "CWE-311"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Devolutions",
"product": {
"product_data": [
{
"product_name": "Remote Desktop Manager",
"version": {
"version_data": [
{
"version_value": "0",
"version_affected": "="
}
]
}
},
{
"product_name": "Devolutions Server",
"version": {
"version_data": [
{
"version_value": "0",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://devolutions.net/security/advisories/DEVO-2022-0009",
"refsource": "MISC",
"name": "https://devolutions.net/security/advisories/DEVO-2022-0009"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
}
}

70
2022/3xxx/CVE-2022-3796.json
View File

@ -4,14 +4,78 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-3796",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"TITLE": "Events Calendar Plugin Event post.php cross site scripting",
"REQUESTER": "cna@vuldb.com",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"generator": "vuldb.com",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "",
"product": {
"product_data": [
{
"product_name": "Events Calendar Plugin",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-707 Improper Neutralization -> CWE-74 Injection -> CWE-79 Cross Site Scripting"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability was found in Events Calendar Plugin. It has been declared as problematic. This vulnerability affects unknown code of the file post.php of the component Event Handler. The manipulation of the argument title/body leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-212632."
}
]
},
"impact": {
"cvss": {
"version": "3.1",
"baseScore": "2.4",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N"
}
},
"references": {
"reference_data": [
{
"url": "https://drive.google.com/file/d/1NMcJYb9HyenkaSK-PxwsS5fOeY6FgrtV/edit",
"refsource": "MISC",
"name": "https://drive.google.com/file/d/1NMcJYb9HyenkaSK-PxwsS5fOeY6FgrtV/edit"
},
{
"url": "https://drive.google.com/file/d/1vineiIgIn7xyo3C0V-7__neZHcbP8pgq/view",
"refsource": "MISC",
"name": "https://drive.google.com/file/d/1vineiIgIn7xyo3C0V-7__neZHcbP8pgq/view"
},
{
"url": "https://vuldb.com/?id.212632",
"refsource": "MISC",
"name": "https://vuldb.com/?id.212632"
}
]
}

65
2022/3xxx/CVE-2022-3797.json
View File

@ -4,14 +4,73 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-3797",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"TITLE": "eolinker apinto-dashboard login redirect",
"REQUESTER": "cna@vuldb.com",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"generator": "vuldb.com",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "eolinker",
"product": {
"product_data": [
{
"product_name": "apinto-dashboard",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-601 Open Redirect"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability was found in eolinker apinto-dashboard. It has been rated as problematic. This issue affects some unknown processing of the file /login. The manipulation of the argument callback leads to open redirect. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-212633 was assigned to this vulnerability."
}
]
},
"impact": {
"cvss": {
"version": "3.1",
"baseScore": "6.3",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"
}
},
"references": {
"reference_data": [
{
"url": "https://c2.im5i.com/2022/11/01/Xrny6.png",
"refsource": "MISC",
"name": "https://c2.im5i.com/2022/11/01/Xrny6.png"
},
{
"url": "https://vuldb.com/?id.212633",
"refsource": "MISC",
"name": "https://vuldb.com/?id.212633"
}
]
}

65
2022/3xxx/CVE-2022-3798.json
View File

@ -4,14 +4,73 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-3798",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"TITLE": "IBAX go-ibax tablesInfo sql injection",
"REQUESTER": "cna@vuldb.com",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"generator": "vuldb.com",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBAX",
"product": {
"product_data": [
{
"product_name": "go-ibax",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-707 Improper Neutralization -> CWE-74 Injection -> CWE-89 SQL Injection"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability classified as critical has been found in IBAX go-ibax. Affected is an unknown function of the file /api/v2/open/tablesInfo. The manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-212634 is the identifier assigned to this vulnerability."
}
]
},
"impact": {
"cvss": {
"version": "3.1",
"baseScore": "6.3",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/IBAX-io/go-ibax/issues/2060",
"refsource": "MISC",
"name": "https://github.com/IBAX-io/go-ibax/issues/2060"
},
{
"url": "https://vuldb.com/?id.212634",
"refsource": "MISC",
"name": "https://vuldb.com/?id.212634"
}
]
}

65
2022/3xxx/CVE-2022-3799.json
View File

@ -4,14 +4,73 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-3799",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"TITLE": "IBAX go-ibax tablesInfo sql injection",
"REQUESTER": "cna@vuldb.com",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"generator": "vuldb.com",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBAX",
"product": {
"product_data": [
{
"product_name": "go-ibax",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-707 Improper Neutralization -> CWE-74 Injection -> CWE-89 SQL Injection"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability classified as critical was found in IBAX go-ibax. Affected by this vulnerability is an unknown functionality of the file /api/v2/open/tablesInfo. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-212635."
}
]
},
"impact": {
"cvss": {
"version": "3.1",
"baseScore": "6.3",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/IBAX-io/go-ibax/issues/2060",
"refsource": "MISC",
"name": "https://github.com/IBAX-io/go-ibax/issues/2060"
},
{
"url": "https://vuldb.com/?id.212635",
"refsource": "MISC",
"name": "https://vuldb.com/?id.212635"
}
]
}

18
2022/3xxx/CVE-2022-3807.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-3807",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/3xxx/CVE-2022-3808.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-3808",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

56
2022/43xxx/CVE-2022-43328.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-43328",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-43328",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Canteen Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /editorder.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/YReyi/bug_report/blob/main/vendors/mayuri_k/canteen-management-system/SQLi-2.md",
"url": "https://github.com/YReyi/bug_report/blob/main/vendors/mayuri_k/canteen-management-system/SQLi-2.md"
}
]
}

56
2022/43xxx/CVE-2022-43329.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-43329",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-43329",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Canteen Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /print.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/YReyi/bug_report/blob/main/vendors/mayuri_k/canteen-management-system/SQLi-1.md",
"url": "https://github.com/YReyi/bug_report/blob/main/vendors/mayuri_k/canteen-management-system/SQLi-1.md"
}
]
}

56
2022/43xxx/CVE-2022-43330.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-43330",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-43330",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Canteen Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /editorder.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/YReyi/bug_report/blob/main/vendors/mayuri_k/canteen-management-system/SQLi-2.md",
"url": "https://github.com/YReyi/bug_report/blob/main/vendors/mayuri_k/canteen-management-system/SQLi-2.md"
}
]
}

56
2022/43xxx/CVE-2022-43331.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-43331",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-43331",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Canteen Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /php_action/printOrder.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/YReyi/bug_report/blob/main/vendors/mayuri_k/canteen-management-system/SQLi-3.md",
"url": "https://github.com/YReyi/bug_report/blob/main/vendors/mayuri_k/canteen-management-system/SQLi-3.md"
}
]
}

56
2022/43xxx/CVE-2022-43361.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-43361",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-43361",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Senayan Library Management System v9.4.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the component pop_chart.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/slims/slims9_bulian/issues/162",
"refsource": "MISC",
"name": "https://github.com/slims/slims9_bulian/issues/162"
}
]
}

56
2022/43xxx/CVE-2022-43362.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-43362",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-43362",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Senayan Library Management System v9.4.2 was discovered to contain a SQL injection vulnerability via the collType parameter at loan_by_class.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/slims/slims9_bulian/issues/163",
"refsource": "MISC",
"name": "https://github.com/slims/slims9_bulian/issues/163"
}
]
}

18
2022/44xxx/CVE-2022-44576.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-44576",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/44xxx/CVE-2022-44577.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-44577",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/44xxx/CVE-2022-44578.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-44578",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/44xxx/CVE-2022-44579.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-44579",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/44xxx/CVE-2022-44580.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-44580",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/44xxx/CVE-2022-44581.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-44581",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/44xxx/CVE-2022-44582.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-44582",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/44xxx/CVE-2022-44583.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-44583",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/44xxx/CVE-2022-44584.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-44584",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/44xxx/CVE-2022-44585.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-44585",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}