admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 18:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-08-22 19:00:45 +00:00
parent e52d9e5671
commit 0f74a43fbc
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
26 changed files with 304 additions and 124 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

70
2022/1xxx/CVE-2022-1930.json
View File

@ -4,15 +4,79 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-1930",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@jfrog.com",
"TITLE": "ReDoS in eth-account encode_structured_data function",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "eth-account",
"product": {
"product_data": [
{
"product_name": "eth-account",
"version": {
"version_data": [
{
"version_name": "0.5.9",
"version_affected": "<",
"version_value": "",
"platform": ""
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-1333 Inefficient Regular Expression Complexity"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the eth-account PyPI package, when an attacker is able to supply arbitrary input to the encode_structured_data method"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://research.jfrog.com/vulnerabilities/eth-account-redos-xray-248681/",
"name": "https://research.jfrog.com/vulnerabilities/eth-account-redos-xray-248681/"
}
]
},
"impact": {
"cvss": {
"version": "3.1",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
}
}
}

10
2022/28xxx/CVE-2022-28710.json
View File

@ -18,15 +18,15 @@
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1550",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1550"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql",
"url": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql"
},
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1550",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1550"
}
]
},

10
2022/28xxx/CVE-2022-28712.json
View File

@ -18,15 +18,15 @@
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1540",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1540"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql",
"url": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql"
},
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1540",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1540"
}
]
},

10
2022/29xxx/CVE-2022-29468.json
View File

@ -18,15 +18,15 @@
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1534",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1534"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql",
"url": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql"
},
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1534",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1534"
}
]
},

12
2022/2xxx/CVE-2022-2842.json
View File

@ -22,7 +22,7 @@
"version": {
"version_data": [
{
"version_value": "n\/a"
"version_value": "n/a"
}
]
}
@ -57,16 +57,20 @@
"cvss": {
"version": "3.1",
"baseScore": "7.3",
"vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:L\/I:L\/A:L"
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
}
},
"references": {
"reference_data": [
{
"url": "https:\/\/github.com\/WhiteA1so\/CVE\/blob\/main\/Gym%20Management%20System-loginpage-Sqlinjection.pdf"
"url": "https://github.com/WhiteA1so/CVE/blob/main/Gym%20Management%20System-loginpage-Sqlinjection.pdf",
"refsource": "MISC",
"name": "https://github.com/WhiteA1so/CVE/blob/main/Gym%20Management%20System-loginpage-Sqlinjection.pdf"
},
{
"url": "https:\/\/vuldb.com\/?id.206451"
"url": "https://vuldb.com/?id.206451",
"refsource": "MISC",
"name": "https://vuldb.com/?id.206451"
}
]
}

10
2022/30xxx/CVE-2022-30534.json
View File

@ -18,15 +18,15 @@
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1546",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1546"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql",
"url": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql"
},
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1546",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1546"
}
]
},

10
2022/30xxx/CVE-2022-30547.json
View File

@ -18,15 +18,15 @@
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1547",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1547"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql",
"url": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql"
},
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1547",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1547"
}
]
},

10
2022/30xxx/CVE-2022-30605.json
View File

@ -18,15 +18,15 @@
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1535",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1535"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql",
"url": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql"
},
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1535",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1535"
}
]
},

10
2022/30xxx/CVE-2022-30690.json
View File

@ -18,15 +18,15 @@
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1539",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1539"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql",
"url": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql"
},
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1539",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1539"
}
]
},

10
2022/32xxx/CVE-2022-32282.json
View File

@ -18,15 +18,15 @@
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1545",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1545"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql",
"url": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql"
},
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1545",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1545"
}
]
},

10
2022/32xxx/CVE-2022-32572.json
View File

@ -18,15 +18,15 @@
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1548",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1548"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql",
"url": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql"
},
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1548",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1548"
}
]
},

10
2022/32xxx/CVE-2022-32761.json
View File

@ -18,15 +18,15 @@
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1549",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1549"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql",
"url": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql"
},
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1549",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1549"
}
]
},

12
2022/32xxx/CVE-2022-32768.json
View File

@ -12,21 +12,21 @@
"description_data": [
{
"lang": "eng",
"value": "Multiple authentication bypass vulnerabilities exist in the objects id handling functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request by an authenticated user can lead to unauthorized access and takeover of resources. An attacker can send an HTTP request to trigger this vulnerability.This vulnerability exists in the Live Schedules plugin, allowing an attacker to bypass authentication by guessing a sequential ID, allowing them to take over the another user's streams."
"value": "Multiple authentication bypass vulnerabilities exist in the objects id handling functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request by an authenticated user can lead to unauthorized access and takeover of resources. An attacker can send an HTTP request to trigger this vulnerability.This vulnerability exists in the Live Schedules plugin, allowing an attacker to bypass authentication by guessing a sequential ID, allowing them to take over the another user's streams."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1536",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1536"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql",
"url": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql"
},
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1536",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1536"
}
]
},

12
2022/32xxx/CVE-2022-32769.json
View File

@ -12,21 +12,21 @@
"description_data": [
{
"lang": "eng",
"value": "Multiple authentication bypass vulnerabilities exist in the objects id handling functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request by an authenticated user can lead to unauthorized access and takeover of resources. An attacker can send an HTTP request to trigger this vulnerability.This vulnerability exists in the Playlists plugin, allowing an attacker to bypass authentication by guessing a sequential ID, allowing them to take over the another user's playlists."
"value": "Multiple authentication bypass vulnerabilities exist in the objects id handling functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request by an authenticated user can lead to unauthorized access and takeover of resources. An attacker can send an HTTP request to trigger this vulnerability.This vulnerability exists in the Playlists plugin, allowing an attacker to bypass authentication by guessing a sequential ID, allowing them to take over the another user's playlists."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1536",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1536"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql",
"url": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql"
},
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1536",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1536"
}
]
},

10
2022/32xxx/CVE-2022-32770.json
View File

@ -18,15 +18,15 @@
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1538",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1538"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql",
"url": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql"
},
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1538",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1538"
}
]
},

10
2022/32xxx/CVE-2022-32771.json
View File

@ -18,15 +18,15 @@
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1538",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1538"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql",
"url": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql"
},
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1538",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1538"
}
]
},

10
2022/32xxx/CVE-2022-32772.json
View File

@ -18,15 +18,15 @@
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1538",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1538"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql",
"url": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql"
},
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1538",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1538"
}
]
},

10
2022/32xxx/CVE-2022-32777.json
View File

@ -18,15 +18,15 @@
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1542",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1542"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql",
"url": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql"
},
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1542",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1542"
}
]
},

10
2022/32xxx/CVE-2022-32778.json
View File

@ -18,15 +18,15 @@
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1542",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1542"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql",
"url": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql"
},
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1542",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1542"
}
]
},

12
2022/33xxx/CVE-2022-33147.json
View File

@ -12,21 +12,21 @@
"description_data": [
{
"lang": "eng",
"value": "A sql injection vulnerability exists in the ObjectYPT functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.This vulnerability exists in the aVideoEncoder functionality which can be used to add new videos, allowing an attacker to inject SQL by manipulating the videoDownloadedLink or duration parameter."
"value": "A sql injection vulnerability exists in the ObjectYPT functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.This vulnerability exists in the aVideoEncoder functionality which can be used to add new videos, allowing an attacker to inject SQL by manipulating the videoDownloadedLink or duration parameter."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1551",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1551"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql",
"url": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql"
},
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1551",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1551"
}
]
},

12
2022/33xxx/CVE-2022-33148.json
View File

@ -12,21 +12,21 @@
"description_data": [
{
"lang": "eng",
"value": "A sql injection vulnerability exists in the ObjectYPT functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.This vulnerability exists in the Live Schedules plugin, allowing an attacker to inject SQL by manipulating the title parameter."
"value": "A sql injection vulnerability exists in the ObjectYPT functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.This vulnerability exists in the Live Schedules plugin, allowing an attacker to inject SQL by manipulating the title parameter."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1551",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1551"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql",
"url": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql"
},
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1551",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1551"
}
]
},

12
2022/33xxx/CVE-2022-33149.json
View File

@ -12,21 +12,21 @@
"description_data": [
{
"lang": "eng",
"value": "A sql injection vulnerability exists in the ObjectYPT functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.This vulnerability exists in the CloneSite plugin, allowing an attacker to inject SQL by manipulating the url parameter."
"value": "A sql injection vulnerability exists in the ObjectYPT functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.This vulnerability exists in the CloneSite plugin, allowing an attacker to inject SQL by manipulating the url parameter."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1551",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1551"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql",
"url": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql"
},
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1551",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1551"
}
]
},

12
2022/34xxx/CVE-2022-34652.json
View File

@ -12,21 +12,21 @@
"description_data": [
{
"lang": "eng",
"value": "A sql injection vulnerability exists in the ObjectYPT functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.This vulnerability exists in the Live Schedules plugin, allowing an attacker to inject SQL by manipulating the description parameter."
"value": "A sql injection vulnerability exists in the ObjectYPT functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.This vulnerability exists in the Live Schedules plugin, allowing an attacker to inject SQL by manipulating the description parameter."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1551",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1551"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql",
"url": "https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql"
},
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1551",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1551"
}
]
},

88
2022/38xxx/CVE-2022-38171.json
View File

@ -1,18 +1,94 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-38171",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"DATE_PUBLIC": "2022-04-19T00:00:00.000Z",
"ID": "CVE-2022-38171",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readSymbolDictSeg() in JBIG2Stream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2021-30860 (Apple CoreGraphics)."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.xpdfreader.com/security-fixes.html",
"refsource": "CONFIRM",
"url": "http://www.xpdfreader.com/security-fixes.html"
},
{
"name": "https://dl.xpdfreader.com/xpdf-4.04.tar.gz",
"refsource": "CONFIRM",
"url": "https://dl.xpdfreader.com/xpdf-4.04.tar.gz"
},
{
"name": "https://dl.xpdfreader.com/old/xpdf-4.04.tar.gz",
"refsource": "CONFIRM",
"url": "https://dl.xpdfreader.com/old/xpdf-4.04.tar.gz"
},
{
"name": "https://www.cve.org/CVERecord?id=CVE-2021-30860",
"refsource": "MISC",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30860"
},
{
"name": "https://googleprojectzero.blogspot.com/2021/12/a-deep-dive-into-nso-zero-click.html",
"refsource": "MISC",
"url": "https://googleprojectzero.blogspot.com/2021/12/a-deep-dive-into-nso-zero-click.html"
},
{
"name": "https://github.com/jeffssh/CVE-2021-30860",
"refsource": "MISC",
"url": "https://github.com/jeffssh/CVE-2021-30860"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}

18
2022/38xxx/CVE-2022-38667.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-38667",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/38xxx/CVE-2022-38668.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-38668",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}