admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 19:17:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-11-17 17:00:36 +00:00
parent caabdbd897
commit 20b671f8e9
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
15 changed files with 382 additions and 53 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

99
2022/38xxx/CVE-2022-38390.json
View File

@ -1,17 +1,108 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-38390",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Multiple IBM Business Automation Workflow versions are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 233978."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "Business Automation Workflow",
"version": {
"version_data": [
{
"version_value": "22.0.1",
"version_affected": "="
},
{
"version_value": "21.0.1",
"version_affected": "="
},
{
"version_value": "20.0.0.1",
"version_affected": "="
},
{
"version_value": "19.0.0.1",
"version_affected": "="
},
{
"version_value": "18.0.0.0",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.ibm.com/support/pages/node/6839847",
"refsource": "MISC",
"name": "https://www.ibm.com/support/pages/node/6839847"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/233978",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/233978"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
]
}

95
2022/40xxx/CVE-2022-40751.json
View File

@ -1,17 +1,104 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40751",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "IBM UrbanCode Deploy (UCD) 6.2.7.0 through 6.2.7.17, 7.0.0.0 through 7.0.5.12, 7.1.0.0 through 7.1.2.8, and 7.2.0.0 through 7.2.3.1 could allow a user with administrative privileges including \"Manage Security\" permissions may be able to recover a credential previously saved for performing authenticated LDAP searches. IBM X-Force ID: 236601."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-522 Insufficiently Protected Credentials",
"cweId": "CWE-522"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "UrbanCode Deploy",
"version": {
"version_data": [
{
"version_value": "6.2.7.0",
"version_affected": "="
},
{
"version_value": "7.0.0.0",
"version_affected": "="
},
{
"version_value": "7.1.0.0",
"version_affected": "="
},
{
"version_value": "7.2.0.0",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.ibm.com/support/pages/node/6831907",
"refsource": "MISC",
"name": "https://www.ibm.com/support/pages/node/6831907"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/236601",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/236601"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
]
}

5
2022/42xxx/CVE-2022-42732.json
View File

@ -53,8 +53,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/shsa-741697"
"refsource": "MISC",
"url": "https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/shsa-741697",
"name": "https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/shsa-741697"
}
]
}

5
2022/42xxx/CVE-2022-42733.json
View File

@ -53,8 +53,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/shsa-741697"
"refsource": "MISC",
"url": "https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/shsa-741697",
"name": "https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/shsa-741697"
}
]
}

5
2022/42xxx/CVE-2022-42734.json
View File

@ -53,8 +53,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/shsa-741697"
"refsource": "MISC",
"url": "https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/shsa-741697",
"name": "https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/shsa-741697"
}
]
}

5
2022/42xxx/CVE-2022-42891.json
View File

@ -53,8 +53,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/shsa-741697"
"refsource": "MISC",
"url": "https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/shsa-741697",
"name": "https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/shsa-741697"
}
]
}

5
2022/42xxx/CVE-2022-42892.json
View File

@ -53,8 +53,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/shsa-741697"
"refsource": "MISC",
"url": "https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/shsa-741697",
"name": "https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/shsa-741697"
}
]
}

5
2022/42xxx/CVE-2022-42893.json
View File

@ -53,8 +53,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/shsa-741697"
"refsource": "MISC",
"url": "https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/shsa-741697",
"name": "https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/shsa-741697"
}
]
}

5
2022/42xxx/CVE-2022-42894.json
View File

@ -53,8 +53,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/shsa-741697"
"refsource": "MISC",
"url": "https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/shsa-741697",
"name": "https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/shsa-741697"
}
]
}

56
2022/43xxx/CVE-2022-43138.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-43138",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-43138",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Dolibarr Open Source ERP & CRM for Business before v14.0.1 allows attackers to escalate privileges via a crafted API."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.exploit-db.com/exploits/50248",
"refsource": "MISC",
"name": "https://www.exploit-db.com/exploits/50248"
}
]
}

56
2022/43xxx/CVE-2022-43140.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-43140",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-43140",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "kkFileView v4.1.0 was discovered to contain a Server-Side Request Forgery (SSRF) via the component cn.keking.web.controller.OnlinePreviewController#getCorsFile. This vulnerability allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the url parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/kekingcn/kkFileView/issues/392",
"refsource": "MISC",
"name": "https://github.com/kekingcn/kkFileView/issues/392"
}
]
}

56
2022/44xxx/CVE-2022-44384.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-44384",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-44384",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An arbitrary file upload vulnerability in rconfig v3.9.6 allows attackers to execute arbitrary code via a crafted PHP file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.exploit-db.com/exploits/49783",
"refsource": "MISC",
"name": "https://www.exploit-db.com/exploits/49783"
}
]
}

12
2022/4xxx/CVE-2022-4051.json
View File

@ -22,7 +22,7 @@
"version": {
"version_data": [
{
"version_value": "n\/a"
"version_value": "n/a"
}
]
}
@ -57,16 +57,20 @@
"cvss": {
"version": "3.1",
"baseScore": "6.3",
"vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:L\/A:L"
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"
}
},
"references": {
"reference_data": [
{
"url": "https:\/\/github.com\/itzmehedi\/Hostel-searching-project-using-PHP-Mysql\/issues\/1"
"url": "https://github.com/itzmehedi/Hostel-searching-project-using-PHP-Mysql/issues/1",
"refsource": "MISC",
"name": "https://github.com/itzmehedi/Hostel-searching-project-using-PHP-Mysql/issues/1"
},
{
"url": "https:\/\/vuldb.com\/?id.213844"
"url": "https://vuldb.com/?id.213844",
"refsource": "MISC",
"name": "https://vuldb.com/?id.213844"
}
]
}

14
2022/4xxx/CVE-2022-4052.json
View File

@ -22,7 +22,7 @@
"version": {
"version_data": [
{
"version_value": "n\/a"
"version_value": "n/a"
}
]
}
@ -49,7 +49,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in Student Attendance Management System and classified as critical. This issue affects some unknown processing of the file \/Admin\/createClass.php. The manipulation of the argument Id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-213845 was assigned to this vulnerability."
"value": "A vulnerability was found in Student Attendance Management System and classified as critical. This issue affects some unknown processing of the file /Admin/createClass.php. The manipulation of the argument Id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-213845 was assigned to this vulnerability."
}
]
},
@ -57,16 +57,20 @@
"cvss": {
"version": "3.1",
"baseScore": "4.7",
"vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:U\/C:L\/I:L\/A:L"
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L"
}
},
"references": {
"reference_data": [
{
"url": "https:\/\/github.com\/rickxy\/Student-Attendance-Management-System\/issues\/2"
"url": "https://github.com/rickxy/Student-Attendance-Management-System/issues/2",
"refsource": "MISC",
"name": "https://github.com/rickxy/Student-Attendance-Management-System/issues/2"
},
{
"url": "https:\/\/vuldb.com\/?id.213845"
"url": "https://vuldb.com/?id.213845",
"refsource": "MISC",
"name": "https://vuldb.com/?id.213845"
}
]
}

12
2022/4xxx/CVE-2022-4053.json
View File

@ -22,7 +22,7 @@
"version": {
"version_data": [
{
"version_value": "n\/a"
"version_value": "n/a"
}
]
}
@ -57,16 +57,20 @@
"cvss": {
"version": "3.1",
"baseScore": "2.4",
"vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:U\/C:N\/I:L\/A:N"
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N"
}
},
"references": {
"reference_data": [
{
"url": "https:\/\/github.com\/rickxy\/Student-Attendance-Management-System\/issues\/3"
"url": "https://github.com/rickxy/Student-Attendance-Management-System/issues/3",
"refsource": "MISC",
"name": "https://github.com/rickxy/Student-Attendance-Management-System/issues/3"
},
{
"url": "https:\/\/vuldb.com\/?id.213846"
"url": "https://vuldb.com/?id.213846",
"refsource": "MISC",
"name": "https://vuldb.com/?id.213846"
}
]
}