admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-10-07 18:00:29 +00:00
parent f4a0675fdf
commit 5825581b17
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
35 changed files with 1671 additions and 611 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
2020/15xxx/CVE-2020-15855.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-15855",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "patrick@puiterwijk.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "bodhi",
"version": {
"version_data": [
{
"version_value": "bodhi 5.6.1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://pyup.io/packages/pypi/bodhi/changelog#5.6.1",
"url": "https://pyup.io/packages/pypi/bodhi/changelog#5.6.1"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Two cross-site scripting vulnerabilities were fixed in Bodhi 5.6.1."
}
]
}

2
2021/40xxx/CVE-2021-40158.json
View File

@ -160,7 +160,7 @@
"description_data": [
{
"lang": "eng",
"value": "A maliciously crafted JT file in Autodesk Inventor 2022, 2021, 2020, 2019 may be forced to read beyond allocated boundaries when parsing the JT file. This vulnerability can be exploited to execute arbitrary code"
"value": "A maliciously crafted JT file in Autodesk Inventor 2022, 2021, 2020, 2019 and AutoCAD 2022 may be forced to read beyond allocated boundaries when parsing the JT file. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process."
}
]
}

2
2021/40xxx/CVE-2021-40159.json
View File

@ -65,7 +65,7 @@
"description_data": [
{
"lang": "eng",
"value": "An Information Disclosure vulnerability for JT files in Autodesk Inventor 2022, 2021, 2020, 2019 may lead to code execution through maliciously crafted JT files."
"value": "An Information Disclosure vulnerability for JT files in Autodesk Inventor 2022, 2021, 2020, 2019 in conjunction with other vulnerabilities may lead to code execution through maliciously crafted JT files in the context of the current process."
}
]
}

50
2021/40xxx/CVE-2021-40162.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-40162",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@autodesk.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
"version": {
"version_data": [
{
"version_value": "2022, 2021, 2020, 2019"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-Band Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011",
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
}
]
}

50
2021/40xxx/CVE-2021-40163.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-40163",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@autodesk.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
"version": {
"version_data": [
{
"version_value": "2022, 2021, 2020, 2019"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption "
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011",
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component."
}
]
}

50
2021/40xxx/CVE-2021-40164.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-40164",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@autodesk.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
"version": {
"version_data": [
{
"version_value": "2022, 2021, 2020, 2019"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap-based Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011",
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
}
]
}

50
2021/40xxx/CVE-2021-40165.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-40165",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@autodesk.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
"version": {
"version_data": [
{
"version_value": "2022, 2021, 2020, 2019"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011",
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
}
]
}

50
2021/40xxx/CVE-2021-40166.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-40166",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@autodesk.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
"version": {
"version_data": [
{
"version_value": "2022, 2021, 2020, 2019"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use-After-Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011",
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code."
}
]
}

91
2022/21xxx/CVE-2022-21936.json
View File

@ -1,18 +1,97 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "productsecurity@jci.com",
"DATE_PUBLIC": "2022-10-04T18:52:00.000Z",
"ID": "CVE-2022-21936",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Metasys MVE"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "On Metasys ADX Server version 12.0 running MVE, an Active Directory user could execute validated actions without providing a valid password when using MVE SMP UI."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories",
"refsource": "CONFIRM",
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"refsource": "CERT",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-277-01"
}
]
},
"solution": [
{
"lang": "eng",
"value": "Update Metasys ADX Server version 12.0 running MVE with patch 12.0.1."
}
],
"source": {
"discovery": "INTERNAL"
}
}

180
2022/22xxx/CVE-2022-22480.json
View File

@ -1,93 +1,93 @@
{
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/pages/node/6826695",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6826695 (QRadar SIEM)",
"name" : "https://www.ibm.com/support/pages/node/6826695"
},
{
"name" : "ibm-qradar-cve202222480-info-disc (225889)",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/225889"
}
]
},
"data_format" : "MITRE",
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2022-22480",
"DATE_PUBLIC" : "2022-10-04T00:00:00",
"STATE" : "PUBLIC"
},
"data_version" : "4.0",
"impact" : {
"cvssv3" : {
"BM" : {
"I" : "N",
"AC" : "H",
"S" : "U",
"UI" : "N",
"A" : "N",
"PR" : "N",
"AV" : "A",
"C" : "H",
"SCORE" : "5.300"
},
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"description" : {
"description_data" : [
{
"value" : "IBM QRadar SIEM 7.4 and 7.5 data node rebalancing does not function correctly when using encrypted hosts which could result in information disclosure. IBM X-Force ID: 225889.",
"lang" : "eng"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
"references": {
"reference_data": [
{
"product" : {
"product_data" : [
{
"product_name" : "QRadar SIEM",
"version" : {
"version_data" : [
{
"version_value" : "7.4.0"
},
{
"version_value" : "7.5.0"
}
]
}
}
]
},
"vendor_name" : "IBM"
"url": "https://www.ibm.com/support/pages/node/6826695",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 6826695 (QRadar SIEM)",
"name": "https://www.ibm.com/support/pages/node/6826695"
},
{
"name": "ibm-qradar-cve202222480-info-disc (225889)",
"title": "X-Force Vulnerability Report",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/225889"
}
]
}
},
"data_type" : "CVE"
}
]
},
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2022-22480",
"DATE_PUBLIC": "2022-10-04T00:00:00",
"STATE": "PUBLIC"
},
"data_version": "4.0",
"impact": {
"cvssv3": {
"BM": {
"I": "N",
"AC": "H",
"S": "U",
"UI": "N",
"A": "N",
"PR": "N",
"AV": "A",
"C": "H",
"SCORE": "5.300"
},
"TM": {
"RL": "O",
"RC": "C",
"E": "U"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Obtain Information",
"lang": "eng"
}
]
}
]
},
"description": {
"description_data": [
{
"value": "IBM QRadar SIEM 7.4 and 7.5 data node rebalancing does not function correctly when using encrypted hosts which could result in information disclosure. IBM X-Force ID: 225889.",
"lang": "eng"
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "QRadar SIEM",
"version": {
"version_data": [
{
"version_value": "7.4.0"
},
{
"version_value": "7.5.0"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_type": "CVE"
}

172
2022/22xxx/CVE-2022-22493.json
View File

@ -1,90 +1,90 @@
{
"data_version" : "4.0",
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6826727 (WebSphere Automation)",
"name" : "https://www.ibm.com/support/pages/node/6826727",
"url" : "https://www.ibm.com/support/pages/node/6826727",
"refsource" : "CONFIRM"
},
{
"title" : "X-Force Vulnerability Report",
"name" : "ibm-websphere-cve202222493-csrf (226449)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/226449",
"refsource" : "XF"
}
]
},
"data_format" : "MITRE",
"CVE_data_meta" : {
"ID" : "CVE-2022-22493",
"DATE_PUBLIC" : "2022-10-04T00:00:00",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"data_version": "4.0",
"references": {
"reference_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "WebSphere Automation for Cloud Pak for Watson AIOps",
"version" : {
"version_data" : [
{
"version_value" : "1.4.2"
}
]
}
}
]
}
"title": "IBM Security Bulletin 6826727 (WebSphere Automation)",
"name": "https://www.ibm.com/support/pages/node/6826727",
"url": "https://www.ibm.com/support/pages/node/6826727",
"refsource": "CONFIRM"
},
{
"title": "X-Force Vulnerability Report",
"name": "ibm-websphere-cve202222493-csrf (226449)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/226449",
"refsource": "XF"
}
]
}
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM WebSphere Automation for Cloud Pak for Watson AIOps 1.4.2 is vulnerable to cross-site request forgery, caused by improper cookie attribute setting. IBM X-Force ID: 226449."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Access"
}
]
},
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-22493",
"DATE_PUBLIC": "2022-10-04T00:00:00",
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "WebSphere Automation for Cloud Pak for Watson AIOps",
"version": {
"version_data": [
{
"version_value": "1.4.2"
}
]
}
}
]
}
}
]
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"AV" : "N",
"A" : "N",
"UI" : "R",
"PR" : "L",
"S" : "U",
"AC" : "L",
"I" : "L",
"SCORE" : "3.500",
"C" : "N"
},
"TM" : {
"RL" : "O",
"E" : "U",
"RC" : "C"
}
}
},
"data_type" : "CVE"
}
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM WebSphere Automation for Cloud Pak for Watson AIOps 1.4.2 is vulnerable to cross-site request forgery, caused by improper cookie attribute setting. IBM X-Force ID: 226449."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Access"
}
]
}
]
},
"impact": {
"cvssv3": {
"BM": {
"AV": "N",
"A": "N",
"UI": "R",
"PR": "L",
"S": "U",
"AC": "L",
"I": "L",
"SCORE": "3.500",
"C": "N"
},
"TM": {
"RL": "O",
"E": "U",
"RC": "C"
}
}
},
"data_type": "CVE"
}

2
2022/26xxx/CVE-2022-26376.json
View File

@ -12,7 +12,7 @@
"description_data": [
{
"lang": "eng",
"value": "A memory corruption vulnerability exists in the httpd unescape functionality of Asuswrt prior to 3.0.0.4.386_48706 and Asuswrt-Merlin New Gen prior to 386.7.. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability."
"value": "A memory corruption vulnerability exists in the httpd unescape functionality of Asuswrt prior to 3.0.0.4.386_48706 and Asuswrt-Merlin New Gen prior to 386.7.. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability."
}
]
},

15
2022/2xxx/CVE-2022-2553.json
View File

@ -11,21 +11,21 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Booth",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "Booth versions after v1.0-85-gda79b8b are vulnerable. Resolved in booth v1.0-263-g35bf0b7."
"version_value": "n/a"
}
]
}
}
]
}
},
"vendor_name": "n/a"
}
]
}
@ -36,7 +36,7 @@
"description": [
{
"lang": "eng",
"value": "CWE-287"
"value": "n/a"
}
]
}
@ -58,6 +58,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2022-e0a87993b8",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J4T4TTXAABVUCMPUL7XQ2PH5EYYOOQZY/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2022-6744980220",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OHDOFX7NQFH3UGZZA3SGW5SVMDDHIUVD/"
}
]
},

139
2022/2xxx/CVE-2022-2840.json
View File

@ -1,75 +1,80 @@
{
"CVE_data_meta": {
"ID": "CVE-2022-2840",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Zephyr Project Manager < 3.2.5 - Multiple Unauthenticated SQLi"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Zephyr Project Manager",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3.2.5",
"version_value": "3.2.5"
"CVE_data_meta": {
"ID": "CVE-2022-2840",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Zephyr Project Manager < 3.2.5 - Multiple Unauthenticated SQLi"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Zephyr Project Manager",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3.2.5",
"version_value": "3.2.5"
}
]
}
}
]
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Zephyr Project Manager WordPress plugin before 3.2.5 does not sanitise and escape various parameters before using them in SQL statements via various AJAX actions available to both unauthenticated and authenticated users, leading to SQL injections"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/13d8be88-c3b7-4d6e-9792-c98b801ba53c",
"name": "https://wpscan.com/vulnerability/13d8be88-c3b7-4d6e-9792-c98b801ba53c"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-89 SQL Injection",
"lang": "eng"
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Zephyr Project Manager WordPress plugin before 3.2.5 does not sanitise and escape various parameters before using them in SQL statements via various AJAX actions available to both unauthenticated and authenticated users, leading to SQL injections"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Rizacan TUFAN"
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/13d8be88-c3b7-4d6e-9792-c98b801ba53c",
"name": "https://wpscan.com/vulnerability/13d8be88-c3b7-4d6e-9792-c98b801ba53c"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/168652/WordPress-Zephyr-Project-Manager-3.2.42-SQL-Injection.html",
"url": "http://packetstormsecurity.com/files/168652/WordPress-Zephyr-Project-Manager-3.2.42-SQL-Injection.html"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-89 SQL Injection",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Rizacan TUFAN"
}
],
"source": {
"discovery": "EXTERNAL"
}
],
"source": {
"discovery": "EXTERNAL"
}
}

182
2022/30xxx/CVE-2022-30613.json
View File

@ -1,93 +1,93 @@
{
"data_type" : "CVE",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "7.4.0"
},
{
"version_value" : "7.5.0"
}
]
},
"product_name" : "QRadar SIEM"
}
]
}
}
]
}
},
"description" : {
"description_data" : [
{
"value" : "IBM QRadar SIEM 7.4 and 7.5 could disclose sensitive information via a local service to a privileged user. IBM X-Force ID: 227366.",
"lang" : "eng"
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"E" : "U",
"RC" : "C"
},
"BM" : {
"I" : "N",
"AC" : "L",
"S" : "U",
"PR" : "H",
"A" : "N",
"UI" : "N",
"AV" : "L",
"C" : "H",
"SCORE" : "4.400"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "7.4.0"
},
{
"version_value": "7.5.0"
}
]
},
"product_name": "QRadar SIEM"
}
]
}
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/pages/node/6826693",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6826693 (QRadar SIEM)",
"name" : "https://www.ibm.com/support/pages/node/6826693"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/227366",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"name" : "ibm-qradar-cve202230613-info-disc (227366)"
}
]
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2022-10-04T00:00:00",
"ID" : "CVE-2022-30613"
},
"data_format" : "MITRE",
"data_version" : "4.0"
}
}
},
"description": {
"description_data": [
{
"value": "IBM QRadar SIEM 7.4 and 7.5 could disclose sensitive information via a local service to a privileged user. IBM X-Force ID: 227366.",
"lang": "eng"
}
]
},
"impact": {
"cvssv3": {
"TM": {
"RL": "O",
"E": "U",
"RC": "C"
},
"BM": {
"I": "N",
"AC": "L",
"S": "U",
"PR": "H",
"A": "N",
"UI": "N",
"AV": "L",
"C": "H",
"SCORE": "4.400"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Obtain Information",
"lang": "eng"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.ibm.com/support/pages/node/6826693",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 6826693 (QRadar SIEM)",
"name": "https://www.ibm.com/support/pages/node/6826693"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/227366",
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"name": "ibm-qradar-cve202230613-info-disc (227366)"
}
]
},
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC",
"DATE_PUBLIC": "2022-10-04T00:00:00",
"ID": "CVE-2022-30613"
},
"data_format": "MITRE",
"data_version": "4.0"
}

204
2022/34xxx/CVE-2022-34308.json
View File

@ -1,106 +1,106 @@
{
"data_version" : "4.0",
"data_format" : "MITRE",
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/pages/node/6826645",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6826645 (CICS TX Advanced)",
"name" : "https://www.ibm.com/support/pages/node/6826645"
},
{
"title" : "IBM Security Bulletin 6826647 (CICS TX Standard)",
"name" : "https://www.ibm.com/support/pages/node/6826647",
"url" : "https://www.ibm.com/support/pages/node/6826647",
"refsource" : "CONFIRM"
},
{
"name" : "ibm-cics-cve202234308-dos (229437)",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/229437"
}
]
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2022-10-04T00:00:00",
"ID" : "CVE-2022-34308"
},
"description" : {
"description_data" : [
{
"value" : "IBM CICS TX 11.1 could allow a local user to cause a denial of service due to improper load handling. IBM X-Force ID: 229437.",
"lang" : "eng"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
"data_version": "4.0",
"data_format": "MITRE",
"references": {
"reference_data": [
{
"product" : {
"product_data" : [
{
"product_name" : "CICS TX Standard",
"version" : {
"version_data" : [
{
"version_value" : "11.1"
}
]
}
},
{
"product_name" : "CICS TX Advanced",
"version" : {
"version_data" : [
{
"version_value" : "11.1"
}
]
}
}
]
},
"vendor_name" : "IBM"
"url": "https://www.ibm.com/support/pages/node/6826645",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 6826645 (CICS TX Advanced)",
"name": "https://www.ibm.com/support/pages/node/6826645"
},
{
"title": "IBM Security Bulletin 6826647 (CICS TX Standard)",
"name": "https://www.ibm.com/support/pages/node/6826647",
"url": "https://www.ibm.com/support/pages/node/6826647",
"refsource": "CONFIRM"
},
{
"name": "ibm-cics-cve202234308-dos (229437)",
"title": "X-Force Vulnerability Report",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/229437"
}
]
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Denial of Service"
}
]
},
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC",
"DATE_PUBLIC": "2022-10-04T00:00:00",
"ID": "CVE-2022-34308"
},
"description": {
"description_data": [
{
"value": "IBM CICS TX 11.1 could allow a local user to cause a denial of service due to improper load handling. IBM X-Force ID: 229437.",
"lang": "eng"
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CICS TX Standard",
"version": {
"version_data": [
{
"version_value": "11.1"
}
]
}
},
{
"product_name": "CICS TX Advanced",
"version": {
"version_data": [
{
"version_value": "11.1"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"I" : "N",
"AC" : "L",
"S" : "U",
"A" : "H",
"UI" : "N",
"PR" : "N",
"AV" : "L",
"C" : "N",
"SCORE" : "6.200"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"data_type" : "CVE"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"impact": {
"cvssv3": {
"BM": {
"I": "N",
"AC": "L",
"S": "U",
"A": "H",
"UI": "N",
"PR": "N",
"AV": "L",
"C": "N",
"SCORE": "6.200"
},
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
}
}
},
"data_type": "CVE"
}

65
2022/37xxx/CVE-2022-37885.json
View File

@ -4,14 +4,73 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-37885",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-alert@hpe.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Aruba Access Points; 100 Series; 103 Series; 110 Series; 120 Series; 130 Series; 200 Series; 207 Series; 210 Series; 220 Series; 260 Series; 300 Series; 303 Series; 310 Series; 318 Series Hardened Access Points; 320 Series; 330 Series; 340 Series; 370 Series; 500 Series; 510 Series; 530 Series; 550 Series; 630 Series; 650 Series;",
"version": {
"version_data": [
{
"version_value": "Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below"
},
{
"version_value": "Aruba InstantOS 6.5.x: 6.5.4.23 and below"
},
{
"version_value": "Aruba InstantOS 8.6.x: 8.6.0.18 and below"
},
{
"version_value": "Aruba InstantOS 8.7.x: 8.7.1.9 and below"
},
{
"version_value": "Aruba InstantOS 8.10.x: 8.10.0.1 and below"
},
{
"version_value": "ArubaOS 10.3.x: 10.3.1.0 and below"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-014.txt",
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-014.txt"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211). Successful exploitation of these vulnerabilities results in the ability to execute arbitrary code as a privileged user on the underlying operating system of Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below; Aruba InstantOS 6.5.x: 6.5.4.23 and below; Aruba InstantOS 8.6.x: 8.6.0.18 and below; Aruba InstantOS 8.7.x: 8.7.1.9 and below; Aruba InstantOS 8.10.x: 8.10.0.1 and below; ArubaOS 10.3.x: 10.3.1.0 and below; Aruba has released upgrades for Aruba InnstantOS that address these security vulnerabilities."
}
]
}

65
2022/37xxx/CVE-2022-37886.json
View File

@ -4,14 +4,73 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-37886",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-alert@hpe.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Aruba Access Points: 100 Series; 103 Series; 110 Series; 120 Series; 130 Series; 200 Series; 207 Series; 210 Series; 220 Series; 260 Series; 300 Series; 303 Series; 310 Series; 318 Series Hardened Access Points; 320 Series; 330 Series; 340 Series; 370 Series; 500 Series; 510 Series; 530 Series; 550 Series; 630 Series; 650 Series;",
"version": {
"version_data": [
{
"version_value": "Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below"
},
{
"version_value": "Aruba InstantOS 6.5.x: 6.5.4.23 and below"
},
{
"version_value": "Aruba InstantOS 8.6.x: 8.6.0.18 and below"
},
{
"version_value": "Aruba InstantOS 8.7.x: 8.7.1.9 and below"
},
{
"version_value": "Aruba InstantOS 8.10.x: 8.10.0.1 and below"
},
{
"version_value": "ArubaOS 10.3.x: 10.3.1.0 and below"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-014.txt",
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-014.txt"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211). Successful exploitation of these vulnerabilities results in the ability to execute arbitrary code as a privileged user on the underlying operating system of Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below; Aruba InstantOS 6.5.x: 6.5.4.23 and below; Aruba InstantOS 8.6.x: 8.6.0.18 and below; Aruba InstantOS 8.7.x: 8.7.1.9 and below; Aruba InstantOS 8.10.x: 8.10.0.1 and below; ArubaOS 10.3.x: 10.3.1.0 and below; Aruba has released upgrades for Aruba InnstantOS that address these security vulnerabilities."
}
]
}

65
2022/37xxx/CVE-2022-37887.json
View File

@ -4,14 +4,73 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-37887",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-alert@hpe.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Aruba Access Points: 100 Series; 103 Series; 110 Series; 120 Series; 130 Series; 200 Series; 207 Series; 210 Series; 220 Series; 260 Series; 300 Series; 303 Series; 310 Series; 318 Series Hardened Access Points; 320 Series; 330 Series; 340 Series; 370 Series; 500 Series; 510 Series; 530 Series; 550 Series; 630 Series; 650 Series;",
"version": {
"version_data": [
{
"version_value": "Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below"
},
{
"version_value": "Aruba InstantOS 6.5.x: 6.5.4.23 and below"
},
{
"version_value": "Aruba InstantOS 8.6.x: 8.6.0.18 and below"
},
{
"version_value": "Aruba InstantOS 8.7.x: 8.7.1.9 and below"
},
{
"version_value": "Aruba InstantOS 8.10.x: 8.10.0.1 and below"
},
{
"version_value": "ArubaOS 10.3.x: 10.3.1.0 and below"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-014.txt",
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-014.txt"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211). Successful exploitation of these vulnerabilities results in the ability to execute arbitrary code as a privileged user on the underlying operating system of Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below; Aruba InstantOS 6.5.x: 6.5.4.23 and below; Aruba InstantOS 8.6.x: 8.6.0.18 and below; Aruba InstantOS 8.7.x: 8.7.1.9 and below; Aruba InstantOS 8.10.x: 8.10.0.1 and below; ArubaOS 10.3.x: 10.3.1.0 and below; Aruba has released upgrades for Aruba InnstantOS that address these security vulnerabilities."
}
]
}

65
2022/37xxx/CVE-2022-37889.json
View File

@ -4,14 +4,73 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-37889",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-alert@hpe.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Aruba Access Points: 100 Series; 103 Series; 110 Series; 120 Series; 130 Series; 200 Series; 207 Series; 210 Series; 220 Series; 260 Series; 300 Series; 303 Series; 310 Series; 318 Series Hardened Access Points; 320 Series; 330 Series; 340 Series; 370 Series; 500 Series; 510 Series; 530 Series; 550 Series; 630 Series; 650 Series;",
"version": {
"version_data": [
{
"version_value": "Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below"
},
{
"version_value": "Aruba InstantOS 6.5.x: 6.5.4.23 and below"
},
{
"version_value": "Aruba InstantOS 8.6.x: 8.6.0.18 and below"
},
{
"version_value": "Aruba InstantOS 8.7.x: 8.7.1.9 and below"
},
{
"version_value": "Aruba InstantOS 8.10.x: 8.10.0.1 and below"
},
{
"version_value": "ArubaOS 10.3.x: 10.3.1.0 and below"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-014.txt",
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-014.txt"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211). Successful exploitation of these vulnerabilities results in the ability to execute arbitrary code as a privileged user on the underlying operating system of Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below; Aruba InstantOS 6.5.x: 6.5.4.23 and below; Aruba InstantOS 8.6.x: 8.6.0.18 and below; Aruba InstantOS 8.7.x: 8.7.1.9 and below; Aruba InstantOS 8.10.x: 8.10.0.1 and below; ArubaOS 10.3.x: 10.3.1.0 and below; Aruba has released upgrades for Aruba InnstantOS that address these security vulnerabilities."
}
]
}

65
2022/37xxx/CVE-2022-37890.json
View File

@ -4,14 +4,73 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-37890",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-alert@hpe.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Aruba Access Points: 100 Series; 103 Series; 110 Series; 120 Series; 130 Series; 200 Series; 207 Series; 210 Series; 220 Series; 260 Series; 300 Series; 303 Series; 310 Series; 318 Series Hardened Access Points; 320 Series; 330 Series; 340 Series; 370 Series; 500 Series; 510 Series; 530 Series; 550 Series; 630 Series; 650 Series;",
"version": {
"version_data": [
{
"version_value": "Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below"
},
{
"version_value": "Aruba InstantOS 6.5.x: 6.5.4.23 and below"
},
{
"version_value": "Aruba InstantOS 8.6.x: 8.6.0.18 and below"
},
{
"version_value": "Aruba InstantOS 8.7.x: 8.7.1.9 and below"
},
{
"version_value": "Aruba InstantOS 8.10.x: 8.10.0.1 and below"
},
{
"version_value": "ArubaOS 10.3.x: 10.3.1.0 and below"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unauthenticated Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-014.txt",
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-014.txt"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Unauthenticated buffer overflow vulnerabilities exist within the Aruba InstantOS and ArubaOS 10 web management interface. Successful exploitation results in the execution of arbitrary commands on the underlying operating system of Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below; Aruba InstantOS 6.5.x: 6.5.4.23 and below; Aruba InstantOS 8.6.x: 8.6.0.18 and below; Aruba InstantOS 8.7.x: 8.7.1.9 and below; Aruba InstantOS 8.10.x: 8.10.0.1 and below; ArubaOS 10.3.x: 10.3.1.0 and below; Aruba has released upgrades for Aruba InnstantOS that address these security vulnerabilities."
}
]
}

65
2022/37xxx/CVE-2022-37891.json
View File

@ -4,14 +4,73 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-37891",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-alert@hpe.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Aruba Access Points: 100 Series; 103 Series; 110 Series; 120 Series; 130 Series; 200 Series; 207 Series; 210 Series; 220 Series; 260 Series; 300 Series; 303 Series; 310 Series; 318 Series Hardened Access Points; 320 Series; 330 Series; 340 Series; 370 Series; 500 Series; 510 Series; 530 Series; 550 Series; 630 Series; 650 Series;",
"version": {
"version_data": [
{
"version_value": "Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below"
},
{
"version_value": "Aruba InstantOS 6.5.x: 6.5.4.23 and below"
},
{
"version_value": "Aruba InstantOS 8.6.x: 8.6.0.18 and below"
},
{
"version_value": "Aruba InstantOS 8.7.x: 8.7.1.9 and below"
},
{
"version_value": "Aruba InstantOS 8.10.x: 8.10.0.1 and below"
},
{
"version_value": "ArubaOS 10.3.x: 10.3.1.0 and below"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unauthenticated Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-014.txt",
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-014.txt"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Unauthenticated buffer overflow vulnerabilities exist within the Aruba InstantOS and ArubaOS 10 web management interface. Successful exploitation results in the execution of arbitrary commands on the underlying operating system of Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below; Aruba InstantOS 6.5.x: 6.5.4.23 and below; Aruba InstantOS 8.6.x: 8.6.0.18 and below; Aruba InstantOS 8.7.x: 8.7.1.9 and below; Aruba InstantOS 8.10.x: 8.10.0.1 and below; ArubaOS 10.3.x: 10.3.1.0 and below; Aruba has released upgrades for Aruba InnstantOS that address these security vulnerabilities."
}
]
}

65
2022/37xxx/CVE-2022-37892.json
View File

@ -4,14 +4,73 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-37892",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-alert@hpe.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Aruba Access Points: 100 Series; 103 Series; 110 Series; 120 Series; 130 Series; 200 Series; 207 Series; 210 Series; 220 Series; 260 Series; 300 Series; 303 Series; 310 Series; 318 Series Hardened Access Points; 320 Series; 330 Series; 340 Series; 370 Series; 500 Series; 510 Series; 530 Series; 550 Series; 630 Series; 650 Series;",
"version": {
"version_data": [
{
"version_value": "Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below"
},
{
"version_value": "Aruba InstantOS 6.5.x: 6.5.4.23 and below"
},
{
"version_value": "Aruba InstantOS 8.6.x: 8.6.0.18 and below"
},
{
"version_value": "Aruba InstantOS 8.7.x: 8.7.1.9 and below"
},
{
"version_value": "Aruba InstantOS 8.10.x: 8.10.0.1 and below"
},
{
"version_value": "ArubaOS 10.3.x: 10.3.1.0 and below"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unauthenticated Stored Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-014.txt",
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-014.txt"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability in the Aruba InstantOS and ArubaOS 10 web management interface could allow an unauthenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim\u2019s browser in the context of the affected interface of Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below; Aruba InstantOS 6.5.x: 6.5.4.23 and below; Aruba InstantOS 8.6.x: 8.6.0.18 and below; Aruba InstantOS 8.7.x: 8.7.1.9 and below; Aruba InstantOS 8.10.x: 8.10.0.1 and below; ArubaOS 10.3.x: 10.3.1.0 and below; Aruba has released upgrades for Aruba InnstantOS that address this security vulnerability."
}
]
}

5
2022/38xxx/CVE-2022-38784.json
View File

@ -110,6 +110,11 @@
"refsource": "GENTOO",
"name": "GLSA-202209-21",
"url": "https://security.gentoo.org/glsa/202209-21"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2022-f79aa2bae9",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BGY72LBJMFAKQWC2XH4MRPIGPQLXTFL6/"
}
]
},

10
2022/39xxx/CVE-2022-39261.json
View File

@ -104,6 +104,16 @@
"refsource": "FEDORA",
"name": "FEDORA-2022-d39b2a755b",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2OKRUHPVLIQVFPPJ2UWC3WV3WQO763NR/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2022-1695454935",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YU4ZYX62H2NUAKKGUES4RZIM4KMTKZ7F/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2022-9d8ee4a6de",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NWRFPZSR74SYVJKBTKTMYUK36IJ3SQJP/"
}
]
},

5
2022/39xxx/CVE-2022-39264.json
View File

@ -96,6 +96,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2022-959b529587",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YBOL6OOQGPZD2RLYT4EHAWTFXNIHLYEN/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2022-1fd94a54a1",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TA6A5ADUVAYKD3ZFLF2JPZOTIOFJOEU7/"
}
]
},

5
2022/3xxx/CVE-2022-3204.json
View File

@ -70,6 +70,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2022-1326d2815c",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3G2HS6CYPSIGAKO6QLEZPG3RD6AMPB7B/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2022-164cf7837e",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/35QGS5FBQTG3DBSK7QV67PA64P24ABHY/"
}
]
}

5
2022/40xxx/CVE-2022-40674.json
View File

@ -76,6 +76,11 @@
"refsource": "GENTOO",
"name": "GLSA-202209-24",
"url": "https://security.gentoo.org/glsa/202209-24"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2022-15ec504440",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2ZKEPGFCZ7R6DRVH3K6RBJPT42ZBEG/"
}
]
}

172
2022/41xxx/CVE-2022-41291.json
View File

@ -1,90 +1,90 @@
{
"data_version" : "4.0",
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/pages/node/6823109",
"title" : "IBM Security Bulletin 6823109 (InfoSphere Information Server)",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/6823109"
},
{
"name" : "ibm-infosphere-cve202241291-session-fixati (236699)",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/236699"
}
]
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2022-41291",
"DATE_PUBLIC" : "2022-10-06T00:00:00",
"STATE" : "PUBLIC"
},
"data_format" : "MITRE",
"affects" : {
"vendor" : {
"vendor_data" : [
"data_version": "4.0",
"references": {
"reference_data": [
{
"product" : {
"product_data" : [
{
"product_name" : "InfoSphere Information Server",
"version" : {
"version_data" : [
{
"version_value" : "11.7"
}
]
}
}
]
},
"vendor_name" : "IBM"
"name": "https://www.ibm.com/support/pages/node/6823109",
"title": "IBM Security Bulletin 6823109 (InfoSphere Information Server)",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/pages/node/6823109"
},
{
"name": "ibm-infosphere-cve202241291-session-fixati (236699)",
"title": "X-Force Vulnerability Report",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/236699"
}
]
}
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM InfoSphere Information Server 11.7 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 236699."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Access"
}
]
},
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2022-41291",
"DATE_PUBLIC": "2022-10-06T00:00:00",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "InfoSphere Information Server",
"version": {
"version_data": [
{
"version_value": "11.7"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"S" : "U",
"AC" : "L",
"I" : "L",
"A" : "L",
"UI" : "N",
"PR" : "N",
"AV" : "A",
"C" : "L",
"SCORE" : "6.300"
},
"TM" : {
"RL" : "O",
"E" : "U",
"RC" : "C"
}
}
},
"data_type" : "CVE"
}
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM InfoSphere Information Server 11.7 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 236699."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Access"
}
]
}
]
},
"impact": {
"cvssv3": {
"BM": {
"S": "U",
"AC": "L",
"I": "L",
"A": "L",
"UI": "N",
"PR": "N",
"AV": "A",
"C": "L",
"SCORE": "6.300"
},
"TM": {
"RL": "O",
"E": "U",
"RC": "C"
}
}
},
"data_type": "CVE"
}

56
2022/41xxx/CVE-2022-41414.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-41414",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-41414",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An insecure default in the component auth.login.prompt.enabled of Liferay Portal v7.0.0 through v7.4.2 allows attackers to enumerate usernames, site names, and pages."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://portal.liferay.dev/learn/security/known-vulnerabilities",
"refsource": "MISC",
"name": "https://portal.liferay.dev/learn/security/known-vulnerabilities"
}
]
}

56
2022/41xxx/CVE-2022-41512.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-41512",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-41512",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An arbitrary file upload vulnerability in the component /php_action/editFile.php of Online Diagnostic Lab Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/TGAyouman/bug_report/blob/main/vendors/mayuri_k/online-diagnostic-lab-management-system/RCE-1.md",
"url": "https://github.com/TGAyouman/bug_report/blob/main/vendors/mayuri_k/online-diagnostic-lab-management-system/RCE-1.md"
}
]
}

56
2022/41xxx/CVE-2022-41513.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-41513",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-41513",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /diagnostic/edittest.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/TGAyouman/bug_report/blob/main/vendors/mayuri_k/online-diagnostic-lab-management-system/SQLi-1.md",
"url": "https://github.com/TGAyouman/bug_report/blob/main/vendors/mayuri_k/online-diagnostic-lab-management-system/SQLi-1.md"
}
]
}

56
2022/41xxx/CVE-2022-41514.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-41514",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-41514",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Open Source SACCO Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /sacco_shield/ajax.php?action=delete_loan."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/TGAyouman/bug_report/blob/main/vendors/mayuri_k/open-source-sacco-management-system/SQLi-1.md",
"url": "https://github.com/TGAyouman/bug_report/blob/main/vendors/mayuri_k/open-source-sacco-management-system/SQLi-1.md"
}
]
}

56
2022/41xxx/CVE-2022-41515.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-41515",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-41515",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Open Source SACCO Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /sacco_shield/ajax.php?action=delete_payment."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/TGAyouman/bug_report/blob/main/vendors/mayuri_k/open-source-sacco-management-system/SQLi-2.md",
"url": "https://github.com/TGAyouman/bug_report/blob/main/vendors/mayuri_k/open-source-sacco-management-system/SQLi-2.md"
}
]
}

56
2022/42xxx/CVE-2022-42092.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-42092",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-42092",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Backdrop CMS 1.22.0 has Unrestricted File Upload vulnerability via 'themes' that allows attackers to Remote Code Execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://grimthereaperteam.medium.com/backdrop-cms-1-22-0-unrestricted-file-upload-themes-ad42a599561c",
"refsource": "MISC",
"name": "https://grimthereaperteam.medium.com/backdrop-cms-1-22-0-unrestricted-file-upload-themes-ad42a599561c"
}
]
}