admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-06-09 16:01:46 +00:00
parent 0b5f1e0485
commit 53d127dcbe
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
12 changed files with 213 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

70
2022/0xxx/CVE-2022-0823.json
View File

@ -1 +1,69 @@
{"data_type":"CVE","data_format":"MITRE","data_version":"4.0","CVE_data_meta":{"ASSIGNER":"PSIRT@zyxel.com.tw","ID":"CVE-2022-0823"},"affects":{"vendor":{"vendor_data":[{"vendor_name":"Zyxel","product":{"product_data":[{"product_name":"Zyxel GS1200 series firmware","version":{"version_data":[{"version_value":"2.00 Patch 1"}]}}]}}]}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-203: Observable Discrepancy"}]}]},"references":{"reference_data":[{"refsource":"CONFIRM","name":"https://www.zyxel.com/support/Zyxel-security-advisory-for-password-guessing-vulnerability-of-GS1200-series-switches.shtml","url":"https://www.zyxel.com/support/Zyxel-security-advisory-for-password-guessing-vulnerability-of-GS1200-series-switches.shtml"}]},"impact":{"cvss":{"baseScore":"6.2","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","version":"3.1"}},"description":{"description_data":[{"lang":"eng","value":"An improper control of interaction frequency vulnerability in Zyxel GS1200 series switches could allow a local attacker to guess the password by using a timing side-channel attack."}]}}
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "security@zyxel.com.tw",
"ID": "CVE-2022-0823",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Zyxel",
"product": {
"product_data": [
{
"product_name": "Zyxel GS1200 series firmware",
"version": {
"version_data": [
{
"version_value": "2.00 Patch 1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-203: Observable Discrepancy"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.zyxel.com/support/Zyxel-security-advisory-for-password-guessing-vulnerability-of-GS1200-series-switches.shtml",
"url": "https://www.zyxel.com/support/Zyxel-security-advisory-for-password-guessing-vulnerability-of-GS1200-series-switches.shtml"
}
]
},
"impact": {
"cvss": {
"baseScore": "6.2",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "An improper control of interaction frequency vulnerability in Zyxel GS1200 series switches could allow a local attacker to guess the password by using a timing side-channel attack."
}
]
}
}

7
2022/24xxx/CVE-2022-24969.json
View File

@ -42,7 +42,7 @@
"description_data": [
{
"lang": "eng",
"value": "bypass CVE-2021-25640 \n\n> In Apache Dubbo prior to 2.6.12 and 2.7.15, the usage of parseURL method will lead to the bypass of the white host check which can cause open redirect or SSRF vulnerability."
"value": "bypass CVE-2021-25640 > In Apache Dubbo prior to 2.6.12 and 2.7.15, the usage of parseURL method will lead to the bypass of the white host check which can cause open redirect or SSRF vulnerability."
}
]
},
@ -67,8 +67,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://lists.apache.org/thread/1xbckc3467wfk5r7n2o44r2brdsbwxgr"
"refsource": "MISC",
"url": "https://lists.apache.org/thread/1xbckc3467wfk5r7n2o44r2brdsbwxgr",
"name": "https://lists.apache.org/thread/1xbckc3467wfk5r7n2o44r2brdsbwxgr"
}
]
},

12
2022/2xxx/CVE-2022-2017.json
View File

@ -49,7 +49,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in SourceCodester Prison Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file \/pms\/admin\/visits\/view_visit.php of the component Visit Handler. The manipulation of the argument id with the input 2%27and%201=2%20union%20select%201,2,3,4,5,6,7,user(),database()--+ leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
"value": "A vulnerability was found in SourceCodester Prison Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /pms/admin/visits/view_visit.php of the component Visit Handler. The manipulation of the argument id with the input 2%27and%201=2%20union%20select%201,2,3,4,5,6,7,user(),database()--+ leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
}
]
},
@ -57,16 +57,20 @@
"cvss": {
"version": "3.1",
"baseScore": "4.7",
"vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:U\/C:L\/I:L\/A:L"
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L"
}
},
"references": {
"reference_data": [
{
"url": "https:\/\/github.com\/ch0ing\/vul\/blob\/main\/WebRay.com.cn\/Prison%20Management%20System(SQLI)2.md"
"url": "https://github.com/ch0ing/vul/blob/main/WebRay.com.cn/Prison%20Management%20System(SQLI)2.md",
"refsource": "MISC",
"name": "https://github.com/ch0ing/vul/blob/main/WebRay.com.cn/Prison%20Management%20System(SQLI)2.md"
},
{
"url": "https:\/\/vuldb.com\/?id.201365"
"url": "https://vuldb.com/?id.201365",
"refsource": "MISC",
"name": "https://vuldb.com/?id.201365"
}
]
}

12
2022/2xxx/CVE-2022-2018.json
View File

@ -49,7 +49,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability classified as critical has been found in SourceCodester Prison Management System 1.0. Affected is an unknown function of the file \/admin\/?page=inmates\/view_inmate of the component Inmate Handler. The manipulation of the argument id with the input 1%27%20and%201=2%20union%20select%201,user(),3,4,5,6,7,8,9,0,database(),2,3,4,5,6,7,8,9,0,1,2,3,4--+ leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
"value": "A vulnerability classified as critical has been found in SourceCodester Prison Management System 1.0. Affected is an unknown function of the file /admin/?page=inmates/view_inmate of the component Inmate Handler. The manipulation of the argument id with the input 1%27%20and%201=2%20union%20select%201,user(),3,4,5,6,7,8,9,0,database(),2,3,4,5,6,7,8,9,0,1,2,3,4--+ leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
}
]
},
@ -57,16 +57,20 @@
"cvss": {
"version": "3.1",
"baseScore": "4.7",
"vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:U\/C:L\/I:L\/A:L"
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L"
}
},
"references": {
"reference_data": [
{
"url": "https:\/\/github.com\/ch0ing\/vul\/blob\/main\/WebRay.com.cn\/Prison%20Management%20System(SQLI).md"
"url": "https://github.com/ch0ing/vul/blob/main/WebRay.com.cn/Prison%20Management%20System(SQLI).md",
"refsource": "MISC",
"name": "https://github.com/ch0ing/vul/blob/main/WebRay.com.cn/Prison%20Management%20System(SQLI).md"
},
{
"url": "https:\/\/vuldb.com\/?id.201366"
"url": "https://vuldb.com/?id.201366",
"refsource": "MISC",
"name": "https://vuldb.com/?id.201366"
}
]
}

12
2022/2xxx/CVE-2022-2019.json
View File

@ -49,7 +49,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability classified as critical was found in SourceCodester Prison Management System 1.0. Affected by this vulnerability is an unknown functionality of the file \/classes\/Users.php?f=save of the component New User Creation. The manipulation leads to improper authorization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
"value": "A vulnerability classified as critical was found in SourceCodester Prison Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /classes/Users.php?f=save of the component New User Creation. The manipulation leads to improper authorization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
}
]
},
@ -57,16 +57,20 @@
"cvss": {
"version": "3.1",
"baseScore": "7.3",
"vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:L\/I:L\/A:L"
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
}
},
"references": {
"reference_data": [
{
"url": "https:\/\/github.com\/ch0ing\/vul\/blob\/main\/WebRay.com.cn\/Prison%20Management%20System--.md"
"url": "https://github.com/ch0ing/vul/blob/main/WebRay.com.cn/Prison%20Management%20System--.md",
"refsource": "MISC",
"name": "https://github.com/ch0ing/vul/blob/main/WebRay.com.cn/Prison%20Management%20System--.md"
},
{
"url": "https:\/\/vuldb.com\/?id.201367"
"url": "https://vuldb.com/?id.201367",
"refsource": "MISC",
"name": "https://vuldb.com/?id.201367"
}
]
}

12
2022/2xxx/CVE-2022-2020.json
View File

@ -49,7 +49,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability, which was classified as problematic, has been found in SourceCodester Prison Management System 1.0. Affected by this issue is some unknown functionality of the file \/admin\/?page=system_info of the component System Name Handler. The manipulation with the input <img src=\"\" onerror=\"alert(1)\"> leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
"value": "A vulnerability, which was classified as problematic, has been found in SourceCodester Prison Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/?page=system_info of the component System Name Handler. The manipulation with the input <img src=\"\" onerror=\"alert(1)\"> leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
}
]
},
@ -57,16 +57,20 @@
"cvss": {
"version": "3.1",
"baseScore": "2.4",
"vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:U\/C:N\/I:L\/A:N"
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N"
}
},
"references": {
"reference_data": [
{
"url": "https:\/\/github.com\/ch0ing\/vul\/blob\/main\/WebRay.com.cn\/Prison%20Management%20System(XSS).md"
"url": "https://github.com/ch0ing/vul/blob/main/WebRay.com.cn/Prison%20Management%20System(XSS).md",
"refsource": "MISC",
"name": "https://github.com/ch0ing/vul/blob/main/WebRay.com.cn/Prison%20Management%20System(XSS).md"
},
{
"url": "https:\/\/vuldb.com\/?id.201368"
"url": "https://vuldb.com/?id.201368",
"refsource": "MISC",
"name": "https://vuldb.com/?id.201368"
}
]
}

18
2022/32xxx/CVE-2022-32750.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-32750",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/32xxx/CVE-2022-32751.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-32751",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/32xxx/CVE-2022-32754.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-32754",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/32xxx/CVE-2022-32755.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-32755",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/32xxx/CVE-2022-32757.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-32757",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/32xxx/CVE-2022-32758.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-32758",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}