admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 11:06:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-01-05 09:00:42 +00:00
parent 6dd5c50aa6
commit 4d9280b645
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
8 changed files with 589 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

106
2016/15xxx/CVE-2016-15009.json Normal file
View File

@ -0,0 +1,106 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2016-15009",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability classified as problematic has been found in OpenACS bug-tracker. Affected is an unknown function of the file lib/nav-bar.adp of the component Search. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The name of the patch is aee43e5714cd8b697355ec3bf83eefee176d3fc3. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-217440."
},
{
"lang": "deu",
"value": "Es wurde eine problematische Schwachstelle in OpenACS bug-tracker entdeckt. Es betrifft eine unbekannte Funktion der Datei lib/nav-bar.adp der Komponente Search. Durch die Manipulation mit unbekannten Daten kann eine cross-site request forgery-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Patch wird als aee43e5714cd8b697355ec3bf83eefee176d3fc3 bezeichnet. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery",
"cweId": "CWE-352"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "OpenACS",
"product": {
"product_data": [
{
"product_name": "bug-tracker",
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.217440",
"refsource": "MISC",
"name": "https://vuldb.com/?id.217440"
},
{
"url": "https://vuldb.com/?ctiid.217440",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.217440"
},
{
"url": "https://github.com/openacs/bug-tracker/commit/aee43e5714cd8b697355ec3bf83eefee176d3fc3",
"refsource": "MISC",
"name": "https://github.com/openacs/bug-tracker/commit/aee43e5714cd8b697355ec3bf83eefee176d3fc3"
}
]
},
"credits": [
{
"lang": "en",
"value": "VulDB GitHub Commit Analyzer"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 3.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "LOW"
},
{
"version": "3.0",
"baseScore": 3.5,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "LOW"
},
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
}
]
}
}

115
2016/15xxx/CVE-2016-15010.json Normal file
View File

@ -0,0 +1,115 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2016-15010",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** UNSUPPPORTED WHEN ASSIGNED **** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as problematic was found in University of Cambridge django-ucamlookup up to 1.9.1. Affected by this vulnerability is an unknown functionality of the component Lookup Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. Upgrading to version 1.9.2 is able to address this issue. The name of the patch is 5e25e4765637ea4b9e0bf5fcd5e9a922abee7eb3. It is recommended to upgrade the affected component. The identifier VDB-217441 was assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer."
},
{
"lang": "deu",
"value": "** UNSUPPPORTED WHEN ASSIGNED **In University of Cambridge django-ucamlookup bis 1.9.1 wurde eine problematische Schwachstelle entdeckt. Das betrifft eine unbekannte Funktionalit\u00e4t der Komponente Lookup Handler. Durch Manipulation mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Ein Aktualisieren auf die Version 1.9.2 vermag dieses Problem zu l\u00f6sen. Der Patch wird als 5e25e4765637ea4b9e0bf5fcd5e9a922abee7eb3 bezeichnet. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross Site Scripting",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "University of Cambridge",
"product": {
"product_data": [
{
"product_name": "django-ucamlookup",
"version": {
"version_data": [
{
"version_value": "1.9.0",
"version_affected": "="
},
{
"version_value": "1.9.1",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.217441",
"refsource": "MISC",
"name": "https://vuldb.com/?id.217441"
},
{
"url": "https://vuldb.com/?ctiid.217441",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.217441"
},
{
"url": "https://github.com/uisautomation/django-ucamlookup/commit/5e25e4765637ea4b9e0bf5fcd5e9a922abee7eb3",
"refsource": "MISC",
"name": "https://github.com/uisautomation/django-ucamlookup/commit/5e25e4765637ea4b9e0bf5fcd5e9a922abee7eb3"
},
{
"url": "https://github.com/uisautomation/django-ucamlookup/releases/tag/1.9.2",
"refsource": "MISC",
"name": "https://github.com/uisautomation/django-ucamlookup/releases/tag/1.9.2"
}
]
},
"credits": [
{
"lang": "en",
"value": "VulDB GitHub Commit Analyzer"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 3.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "LOW"
},
{
"version": "3.0",
"baseScore": 3.5,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "LOW"
},
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
}
]
}
}

111
2018/25xxx/CVE-2018-25064.json Normal file
View File

@ -0,0 +1,111 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2018-25064",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in OSM Lab show-me-the-way. It has been rated as problematic. This issue affects some unknown processing of the file js/site.js. The manipulation leads to cross site scripting. The attack may be initiated remotely. The name of the patch is 4bed3b34dcc01fe6661f39c0e5d2285b340f7cac. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217439."
},
{
"lang": "deu",
"value": "Eine Schwachstelle wurde in OSM Lab show-me-the-way ausgemacht. Sie wurde als problematisch eingestuft. Hierbei geht es um eine nicht exakt ausgemachte Funktion der Datei js/site.js. Mit der Manipulation mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Patch wird als 4bed3b34dcc01fe6661f39c0e5d2285b340f7cac bezeichnet. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross Site Scripting",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "OSM Lab",
"product": {
"product_data": [
{
"product_name": "show-me-the-way",
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.217439",
"refsource": "MISC",
"name": "https://vuldb.com/?id.217439"
},
{
"url": "https://vuldb.com/?ctiid.217439",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.217439"
},
{
"url": "https://github.com/osmlab/show-me-the-way/pull/57",
"refsource": "MISC",
"name": "https://github.com/osmlab/show-me-the-way/pull/57"
},
{
"url": "https://github.com/osmlab/show-me-the-way/commit/4bed3b34dcc01fe6661f39c0e5d2285b340f7cac",
"refsource": "MISC",
"name": "https://github.com/osmlab/show-me-the-way/commit/4bed3b34dcc01fe6661f39c0e5d2285b340f7cac"
}
]
},
"credits": [
{
"lang": "en",
"value": "VulDB GitHub Commit Analyzer"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 3.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "LOW"
},
{
"version": "3.0",
"baseScore": 3.5,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "LOW"
},
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
}
]
}
}

111
2021/4xxx/CVE-2021-4303.json Normal file
View File

@ -0,0 +1,111 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-4303",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability, which was classified as problematic, has been found in shannah Xataface up to 2.x. Affected by this issue is the function testftp of the file install/install_form.js.php of the component Installer. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 3.0.0 is able to address this issue. The name of the patch is 94143a4299e386f33bf582139cd4702571d93bde. It is recommended to upgrade the affected component. VDB-217442 is the identifier assigned to this vulnerability. NOTE: Installer is disabled by default."
},
{
"lang": "deu",
"value": "Eine problematische Schwachstelle wurde in shannah Xataface bis 2.x entdeckt. Dies betrifft die Funktion testftp der Datei install/install_form.js.php der Komponente Installer. Mittels dem Manipulieren mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Ein Aktualisieren auf die Version 3.0.0 vermag dieses Problem zu l\u00f6sen. Der Patch wird als 94143a4299e386f33bf582139cd4702571d93bde bezeichnet. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross Site Scripting",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "shannah",
"product": {
"product_data": [
{
"product_name": "Xataface",
"version": {
"version_data": [
{
"version_value": "2.x",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.217442",
"refsource": "MISC",
"name": "https://vuldb.com/?id.217442"
},
{
"url": "https://vuldb.com/?ctiid.217442",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.217442"
},
{
"url": "https://github.com/shannah/xataface/commit/94143a4299e386f33bf582139cd4702571d93bde",
"refsource": "MISC",
"name": "https://github.com/shannah/xataface/commit/94143a4299e386f33bf582139cd4702571d93bde"
},
{
"url": "https://github.com/shannah/xataface/releases/tag/3.0.0",
"refsource": "MISC",
"name": "https://github.com/shannah/xataface/releases/tag/3.0.0"
}
]
},
"credits": [
{
"lang": "en",
"value": "VulDB GitHub Commit Analyzer"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 2,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "LOW"
},
{
"version": "3.0",
"baseScore": 2,
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "LOW"
},
{
"version": "2.0",
"baseScore": 1.7,
"vectorString": "AV:N/AC:H/Au:M/C:N/I:P/A:N",
"baseSeverity": "LOW"
}
]
}
}

96
2022/4xxx/CVE-2022-4869.json
View File

@ -1,17 +1,105 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-4869",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability was found in Evolution Events Artaxerxes. It has been declared as problematic. This vulnerability affects unknown code of the file arta/common/middleware.py of the component POST Parameter Handler. The manipulation of the argument password leads to information disclosure. The attack can be initiated remotely. The name of the patch is 022111407d34815c16c6eada2de69ca34084dc0d. It is recommended to apply a patch to fix this issue. VDB-217438 is the identifier assigned to this vulnerability."
},
{
"lang": "deu",
"value": "In Evolution Events Artaxerxes wurde eine Schwachstelle ausgemacht. Sie wurde als problematisch eingestuft. Dabei geht es um eine nicht genauer bekannte Funktion der Datei arta/common/middleware.py der Komponente POST Parameter Handler. Dank Manipulation des Arguments password mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Patch wird als 022111407d34815c16c6eada2de69ca34084dc0d bezeichnet. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200 Information Disclosure",
"cweId": "CWE-200"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Evolution Events",
"product": {
"product_data": [
{
"product_name": "Artaxerxes",
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.217438",
"refsource": "MISC",
"name": "https://vuldb.com/?id.217438"
},
{
"url": "https://vuldb.com/?ctiid.217438",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.217438"
},
{
"url": "https://github.com/evolution-events/Artaxerxes/commit/022111407d34815c16c6eada2de69ca34084dc0d",
"refsource": "MISC",
"name": "https://github.com/evolution-events/Artaxerxes/commit/022111407d34815c16c6eada2de69ca34084dc0d"
}
]
},
"credits": [
{
"lang": "en",
"value": "VulDB GitHub Commit Analyzer"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 3.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"baseSeverity": "LOW"
},
{
"version": "3.0",
"baseScore": 3.5,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"baseSeverity": "LOW"
},
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"baseSeverity": "MEDIUM"
}
]
}

18
2023/0xxx/CVE-2023-0078.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-0078",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/0xxx/CVE-2023-0079.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-0079",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/0xxx/CVE-2023-0080.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-0080",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}