admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 18:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-08-28 11:00:34 +00:00
parent 1c96bf37a4
commit 401f7c3f0f
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
9 changed files with 137 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
2022/1xxx/CVE-2022-1606.json
View File

@ -40,8 +40,9 @@
"version": {
"version_data": [
{
"version_value": "0",
"version_affected": "="
"version_affected": "<",
"version_name": "0",
"version_value": "22.3.11164.0"
}
]
}
@ -58,6 +59,11 @@
"url": "https://www.m-files.com/about/trust-center/security-advisories/cve-2022-1606/",
"refsource": "MISC",
"name": "https://www.m-files.com/about/trust-center/security-advisories/cve-2022-1606/"
},
{
"url": "https://product.m-files.com/security-advisories/cve-2022-1606/",
"refsource": "MISC",
"name": "https://product.m-files.com/security-advisories/cve-2022-1606/"
}
]
},

10
2022/1xxx/CVE-2022-1911.json
View File

@ -40,8 +40,9 @@
"version": {
"version_data": [
{
"version_value": "0",
"version_affected": "="
"version_affected": "<",
"version_name": "0",
"version_value": "22.6.11534.1"
}
]
}
@ -58,6 +59,11 @@
"url": "https://www.m-files.com/about/trust-center/security-advisories/cve-2022-1911/",
"refsource": "MISC",
"name": "https://www.m-files.com/about/trust-center/security-advisories/cve-2022-1911/"
},
{
"url": "https://product.m-files.com/security-advisories/cve-2022-1911/",
"refsource": "MISC",
"name": "https://product.m-files.com/security-advisories/cve-2022-1911/"
}
]
},

7
2022/3xxx/CVE-2022-3284.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Download key for a file in a vault was passed in an insecure way that could easily be logged in M-Files New Web in M-Files before 22.11.12011.0. This issue affects M-Files New Web: before 22.11.12011.0."
"value": "Download key for a file in a vault was passed in an insecure way that could easily be logged in M-Files New Web in M-Files before 22.11.12011.0.\nThis issue affects M-Files New Web: before 22.11.12011.0."
}
]
},
@ -59,6 +59,11 @@
"url": "https://www.m-files.com/about/trust-center/security-advisories/cve-2022-3284/",
"refsource": "MISC",
"name": "https://www.m-files.com/about/trust-center/security-advisories/cve-2022-3284/"
},
{
"url": "https://product.m-files.com/security-advisories/cve-2022-3284/",
"refsource": "MISC",
"name": "https://product.m-files.com/security-advisories/cve-2022-3284/"
}
]
},

10
2022/4xxx/CVE-2022-4264.json
View File

@ -40,8 +40,9 @@
"version": {
"version_data": [
{
"version_value": "0",
"version_affected": "="
"version_affected": "<",
"version_name": "0",
"version_value": "22.8.11691.0"
}
]
}
@ -58,6 +59,11 @@
"url": "https://www.m-files.com/about/trust-center/security-advisories/cve-2022-4264/",
"refsource": "MISC",
"name": "https://www.m-files.com/about/trust-center/security-advisories/cve-2022-4264/"
},
{
"url": "https://product.m-files.com/security-advisories/cve-2022-4264/",
"refsource": "MISC",
"name": "https://product.m-files.com/security-advisories/cve-2022-4264/"
}
]
},

12
2022/4xxx/CVE-2022-4270.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Incorrect privilege assignment issue in M-Files Web in M-Files Web versions before 22.5.11436.1 could have changed permissions accidentally."
"value": "Incorrect privilege assignment issue in M-Files Web in M-Files Web versions before\u00a022.5.11436.1 could have changed permissions accidentally."
}
]
},
@ -40,8 +40,9 @@
"version": {
"version_data": [
{
"version_value": "0",
"version_affected": "="
"version_affected": "<",
"version_name": "0",
"version_value": "22.5.11436.1"
}
]
}
@ -58,6 +59,11 @@
"url": "https://www.m-files.com/about/trust-center/security-advisories/cve-2022-4270/",
"refsource": "MISC",
"name": "https://www.m-files.com/about/trust-center/security-advisories/cve-2022-4270/"
},
{
"url": "https://product.m-files.com/security-advisories/cve-2022-4270/",
"refsource": "MISC",
"name": "https://product.m-files.com/security-advisories/cve-2022-4270/"
}
]
},

10
2022/4xxx/CVE-2022-4858.json
View File

@ -40,8 +40,9 @@
"version": {
"version_data": [
{
"version_value": "0",
"version_affected": "="
"version_affected": "<",
"version_name": "0",
"version_value": "22.10.11846.0"
}
]
}
@ -58,6 +59,11 @@
"url": "https://www.m-files.com/about/trust-center/security-advisories/cve-2022-4858/",
"refsource": "MISC",
"name": "https://www.m-files.com/about/trust-center/security-advisories/cve-2022-4858/"
},
{
"url": "https://product.m-files.com/security-advisories/cve-2022-4858/",
"refsource": "MISC",
"name": "https://product.m-files.com/security-advisories/cve-2022-4858/"
}
]
},

10
2022/4xxx/CVE-2022-4861.json
View File

@ -40,8 +40,9 @@
"version": {
"version_data": [
{
"version_value": "0",
"version_affected": "="
"version_affected": "<",
"version_name": "0",
"version_value": "22.5.11356.0"
}
]
}
@ -58,6 +59,11 @@
"url": "https://www.m-files.com/about/trust-center/security-advisories/cve-2022-4861/",
"refsource": "MISC",
"name": "https://www.m-files.com/about/trust-center/security-advisories/cve-2022-4861/"
},
{
"url": "https://product.m-files.com/security-advisories/cve-2022-4861/",
"refsource": "MISC",
"name": "https://product.m-files.com/security-advisories/cve-2022-4861/"
}
]
},

11
2022/4xxx/CVE-2022-4862.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Rendering of HTML provided by another authenticated user is possible in browser on M-Files Web before 22.12.12140.3. This allows the content to steal user sensitive information. This issue affects M-Files New Web: before 22.12.12140.3."
"value": "Rendering of HTML provided by another authenticated user is possible in browser on M-Files Web before 22.12.12140.3. This allows the content to steal user sensitive information. \n\n\nThis issue affects M-Files New Web: before 22.12.12140.3."
}
]
},
@ -59,6 +59,11 @@
"url": "https://www.m-files.com/about/trust-center/security-advisories/cve-2022-4862/",
"refsource": "MISC",
"name": "https://www.m-files.com/about/trust-center/security-advisories/cve-2022-4862/"
},
{
"url": "https://product.m-files.com/security-advisories/cve-2022-4862/",
"refsource": "MISC",
"name": "https://product.m-files.com/security-advisories/cve-2022-4862/"
}
]
},
@ -75,10 +80,10 @@
{
"base64": false,
"type": "text/html",
"value": "\n\nUpgrade to patched version of M-Files.\n\n<br>"
"value": "Upgrade to patched version of M-Files.\n\n<br>"
}
],
"value": "\nUpgrade to patched version of M-Files.\n\n\n"
"value": "Upgrade to patched version of M-Files."
}
],
"impact": {

79
2024/7xxx/CVE-2024-7269.json
View File

@ -1,18 +1,87 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-7269",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cvd@cert.pl",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper Neutralization of Input During Web Page Generation vulnerability in \"Update of Personal Details\" form in ConnX ESP HR Management allows Stored XSS attack.\u00a0An attacker might inject a script to be run in user's browser.\u00a0After multiple attempts to contact the vendor we did not receive any answer. The finder provided the information that\u00a0this issue affects ESP HR Management versions before 6.6."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "ConnX",
"product": {
"product_data": [
{
"product_name": "ESP HR Management",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "6.6"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert.pl/en/posts/2024/08/CVE-2024-7269/",
"refsource": "MISC",
"name": "https://cert.pl/en/posts/2024/08/CVE-2024-7269/"
},
{
"url": "https://cert.pl/posts/2024/08/CVE-2024-7269/",
"refsource": "MISC",
"name": "https://cert.pl/posts/2024/08/CVE-2024-7269/"
},
{
"url": "https://connx.com.au/",
"refsource": "MISC",
"name": "https://connx.com.au/"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"credits": [
{
"lang": "en",
"value": "Mariusz Sepczuk"
}
]
}