admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-10-19 18:00:35 +00:00
parent c792351162
commit 6afbfea84c
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
37 changed files with 1228 additions and 118 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

63
2013/4xxx/CVE-2013-4253.json
View File

@ -1,17 +1,66 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-4253",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2013-4253",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Openshift",
"version": {
"version_data": [
{
"version_value": "Red Hat Openshift 1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-377"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2014/06/05/19",
"url": "https://www.openwall.com/lists/oss-security/2014/06/05/19"
},
{
"refsource": "MISC",
"name": "https://github.com/openshift/openshift-extras/blob/enterprise-2.0/README.md#security-notice",
"url": "https://github.com/openshift/openshift-extras/blob/enterprise-2.0/README.md#security-notice"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The deployment script in the unsupported \"OpenShift Extras\" set of add-on scripts, in Red Hat Openshift 1, installs a default public key in the root user's authorized_keys file."
}
]
}

63
2013/4xxx/CVE-2013-4281.json
View File

@ -1,17 +1,66 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-4281",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2013-4281",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Openshift",
"version": {
"version_data": [
{
"version_value": "Red Hat Openshift 1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-276"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2014/06/05/19",
"url": "https://www.openwall.com/lists/oss-security/2014/06/05/19"
},
{
"refsource": "MISC",
"name": "https://github.com/openshift/openshift-extras/blob/enterprise-2.0/README.md#security-notice",
"url": "https://github.com/openshift/openshift-extras/blob/enterprise-2.0/README.md#security-notice"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In Red Hat Openshift 1, weak default permissions are applied to the /etc/openshift/server_priv.pem file on the broker server, which could allow users with local access to the broker to read this file."
}
]
}

5
2017/2xxx/CVE-2017-2601.json
View File

@ -104,6 +104,11 @@
"refsource": "MLIST",
"name": "[oss-security] 20220630 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/06/30/3"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20221019 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/10/19/3"
}
]
}

55
2022/1xxx/CVE-2022-1414.json
View File

@ -4,14 +4,63 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-1414",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "3scale-amp-system",
"version": {
"version_data": [
{
"version_value": "3scale-amp-system as shipped in 3scale-AMP 2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-1173"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2076794",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2076794"
},
{
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2022-1414",
"url": "https://access.redhat.com/security/cve/CVE-2022-1414"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "3scale API Management 2 does not perform adequate sanitation for user input in multiple fields. An authenticated user could use this flaw to inject scripts and possibly gain access to sensitive information or conduct further attacks."
}
]
}

94
2022/1xxx/CVE-2022-1523.json
View File

@ -1,18 +1,100 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2022-08-30T16:13:00.000Z",
"ID": "CVE-2022-1523",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Fuji Electric D300win Write-what-where condition"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "D300win",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3.7.1.16",
"version_value": "3.7.1.17"
}
]
}
}
]
},
"vendor_name": "Fuji Electric"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Uri Katz from Claroty reported these vulnerabilities to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Fuji Electric D300win prior to version 3.7.1.17 is vulnerable to a write-what-where condition, which could allow an attacker to overwrite program memory to manipulate the flow of information."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-123 Write-what-where Condition"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-242-05",
"refsource": "CONFIRM",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-242-05"
}
]
},
"solution": [
{
"lang": "eng",
"value": "Fuji Electric has fixed these vulnerabilities and recommends users upgrade to D300win v3.7.1.17 or later."
}
],
"source": {
"discovery": "UNKNOWN"
}
}

94
2022/1xxx/CVE-2022-1738.json
View File

@ -1,18 +1,100 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2022-08-30T16:13:00.000Z",
"ID": "CVE-2022-1738",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Fuji Electric D300win Out-of-bounds Read"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "D300win",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3.7.1.16",
"version_value": "3.7.1.17"
}
]
}
}
]
},
"vendor_name": "Fuji Electric"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Uri Katz from Claroty reported these vulnerabilities to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Fuji Electric D300win prior to version 3.7.1.17 is vulnerable to an out-of-bounds read, which could allow an attacker to leak sensitive data from the process memory."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125 Out-of-bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-242-05",
"refsource": "CONFIRM",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-242-05"
}
]
},
"solution": [
{
"lang": "eng",
"value": "Fuji Electric has fixed these vulnerabilities and recommends users upgrade to D300win v3.7.1.17 or later."
}
],
"source": {
"discovery": "UNKNOWN"
}
}

4
2022/1xxx/CVE-2022-1970.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2022-1970",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none."
}
]
}

50
2022/23xxx/CVE-2022-23241.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-23241",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-alert@netapp.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Clustered Data ONTAP",
"version": {
"version_data": [
{
"version_value": "9.11.1 through 9.11.1P2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Arbitrary Data Modification"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20221017-0001/",
"url": "https://security.netapp.com/advisory/ntap-20221017-0001/"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Clustered Data ONTAP versions 9.11.1 through 9.11.1P2 with SnapLock configured FlexGroups are susceptible to a vulnerability which could allow an authenticated remote attacker to arbitrarily modify or delete WORM data prior to the end of the retention period."
}
]
}

55
2022/2xxx/CVE-2022-2805.json
View File

@ -4,14 +4,63 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-2805",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "ovirt-engine",
"version": {
"version_data": [
{
"version_value": "ovirt-engine 4.5.3"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2079545",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2079545"
},
{
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2022-2805",
"url": "https://access.redhat.com/security/cve/CVE-2022-2805"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A flaw was found in ovirt-engine, which leads to the logging of plaintext passwords in the log file when using otapi-style. This flaw allows an attacker with sufficient privileges to read the log file, leading to confidentiality loss."
}
]
}

55
2022/3xxx/CVE-2022-3586.json
View File

@ -4,14 +4,63 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-3586",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Linux Kernel",
"version": {
"version_data": [
{
"version_value": "Fixed in kernel v6.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-416"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/9efd23297cca",
"url": "https://github.com/torvalds/linux/commit/9efd23297cca"
},
{
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/upcoming/",
"url": "https://www.zerodayinitiative.com/advisories/upcoming/"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A flaw was found in the Linux kernel\u2019s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service."
}
]
}

61
2022/40xxx/CVE-2022-40884.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40884",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-40884",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Bento4 1.6.0 has memory leaks via the mp4fragment."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/axiomatic-systems/Bento4/issues/759",
"refsource": "MISC",
"name": "https://github.com/axiomatic-systems/Bento4/issues/759"
},
{
"refsource": "MISC",
"name": "https://github.com/yangfar/CVE/blob/main/CVE-2022-40884.md",
"url": "https://github.com/yangfar/CVE/blob/main/CVE-2022-40884.md"
}
]
}

61
2022/40xxx/CVE-2022-40885.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40885",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-40885",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Bento4 v1.6.0-639 has a memory allocation issue that can cause denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/axiomatic-systems/Bento4/issues/761",
"refsource": "MISC",
"name": "https://github.com/axiomatic-systems/Bento4/issues/761"
},
{
"refsource": "MISC",
"name": "https://github.com/yangfar/CVE/blob/main/CVE-2022-40885.md",
"url": "https://github.com/yangfar/CVE/blob/main/CVE-2022-40885.md"
}
]
}

56
2022/42xxx/CVE-2022-42227.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-42227",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-42227",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "jsonlint 1.0 is vulnerable to heap-buffer-overflow via /home/hjsz/jsonlint/src/lexer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/p-ranav/jsonlint/issues/2",
"refsource": "MISC",
"name": "https://github.com/p-ranav/jsonlint/issues/2"
}
]
}

56
2022/43xxx/CVE-2022-43014.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-43014",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-43014",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the joborderID parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/hansmach1ne/opencats_zero-days/blob/main/XSS_in_joborderID.md",
"refsource": "MISC",
"name": "https://github.com/hansmach1ne/opencats_zero-days/blob/main/XSS_in_joborderID.md"
}
]
}

56
2022/43xxx/CVE-2022-43015.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-43015",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-43015",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the entriesPerPage parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/hansmach1ne/opencats_zero-days/blob/main/XSS_in_entriesPerPage.md",
"refsource": "MISC",
"name": "https://github.com/hansmach1ne/opencats_zero-days/blob/main/XSS_in_entriesPerPage.md"
}
]
}

56
2022/43xxx/CVE-2022-43016.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-43016",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-43016",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the callback component."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/hansmach1ne/opencats_zero-days/blob/main/XSS_in_callback.md",
"refsource": "MISC",
"name": "https://github.com/hansmach1ne/opencats_zero-days/blob/main/XSS_in_callback.md"
}
]
}

56
2022/43xxx/CVE-2022-43017.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-43017",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-43017",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the indexFile component."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/hansmach1ne/opencats_zero-days/blob/main/XSS_in_indexFile.md",
"refsource": "MISC",
"name": "https://github.com/hansmach1ne/opencats_zero-days/blob/main/XSS_in_indexFile.md"
}
]
}

56
2022/43xxx/CVE-2022-43018.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-43018",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-43018",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the email parameter in the Check Email function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/hansmach1ne/opencats_zero-days/blob/main/XSS_in_checkEmail.md",
"refsource": "MISC",
"name": "https://github.com/hansmach1ne/opencats_zero-days/blob/main/XSS_in_checkEmail.md"
}
]
}

56
2022/43xxx/CVE-2022-43019.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-43019",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-43019",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "OpenCATS v0.9.6 was discovered to contain a remote code execution (RCE) vulnerability via the getDataGridPager's ajax functionality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/hansmach1ne/opencats_zero-days/blob/main/RCE_via_deserialisation.md",
"refsource": "MISC",
"name": "https://github.com/hansmach1ne/opencats_zero-days/blob/main/RCE_via_deserialisation.md"
}
]
}

56
2022/43xxx/CVE-2022-43020.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-43020",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-43020",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerability via the tag_id variable in the Tag update function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/hansmach1ne/opencats_zero-days/blob/main/SQLI_in_Tag_Updates.md",
"refsource": "MISC",
"name": "https://github.com/hansmach1ne/opencats_zero-days/blob/main/SQLI_in_Tag_Updates.md"
}
]
}

56
2022/43xxx/CVE-2022-43021.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-43021",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-43021",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerability via the entriesPerPage variable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/hansmach1ne/opencats_zero-days/blob/main/SQLI_JobOrders.md",
"refsource": "MISC",
"name": "https://github.com/hansmach1ne/opencats_zero-days/blob/main/SQLI_JobOrders.md"
}
]
}

56
2022/43xxx/CVE-2022-43022.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-43022",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-43022",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerability via the tag_id variable in the Tag deletion function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/hansmach1ne/opencats_zero-days/blob/main/SQLI_tag_deletion.md",
"refsource": "MISC",
"name": "https://github.com/hansmach1ne/opencats_zero-days/blob/main/SQLI_tag_deletion.md"
}
]
}

56
2022/43xxx/CVE-2022-43023.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-43023",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-43023",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerability via the importID parameter in the Import viewerrors function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/hansmach1ne/opencats_zero-days/blob/main/SQLI_imports_errors.md",
"refsource": "MISC",
"name": "https://github.com/hansmach1ne/opencats_zero-days/blob/main/SQLI_imports_errors.md"
}
]
}

5
2022/43xxx/CVE-2022-43408.json
View File

@ -61,6 +61,11 @@
"name": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2828",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2828",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20221019 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/10/19/3"
}
]
}

5
2022/43xxx/CVE-2022-43410.json
View File

@ -57,6 +57,11 @@
"name": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2831",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2831",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20221019 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/10/19/3"
}
]
}

5
2022/43xxx/CVE-2022-43415.json
View File

@ -57,6 +57,11 @@
"name": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2337",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2337",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20221019 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/10/19/3"
}
]
}

5
2022/43xxx/CVE-2022-43416.json
View File

@ -57,6 +57,11 @@
"name": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2844",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2844",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20221019 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/10/19/3"
}
]
}

5
2022/43xxx/CVE-2022-43417.json
View File

@ -57,6 +57,11 @@
"name": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2845%20(1)",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2845%20(1)",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20221019 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/10/19/3"
}
]
}

5
2022/43xxx/CVE-2022-43418.json
View File

@ -57,6 +57,11 @@
"name": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2845%20(2)",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2845%20(2)",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20221019 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/10/19/3"
}
]
}

5
2022/43xxx/CVE-2022-43419.json
View File

@ -57,6 +57,11 @@
"name": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2846",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2846",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20221019 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/10/19/3"
}
]
}

5
2022/43xxx/CVE-2022-43420.json
View File

@ -57,6 +57,11 @@
"name": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2836",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2836",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20221019 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/10/19/3"
}
]
}

5
2022/43xxx/CVE-2022-43422.json
View File

@ -57,6 +57,11 @@
"name": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2620",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2620",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20221019 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/10/19/3"
}
]
}

5
2022/43xxx/CVE-2022-43426.json
View File

@ -61,6 +61,11 @@
"name": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2480",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2480",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20221019 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/10/19/3"
}
]
}

5
2022/43xxx/CVE-2022-43427.json
View File

@ -61,6 +61,11 @@
"name": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2623",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2623",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20221019 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/10/19/3"
}
]
}

5
2022/43xxx/CVE-2022-43430.json
View File

@ -61,6 +61,11 @@
"name": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2625",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2625",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20221019 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/10/19/3"
}
]
}

5
2022/43xxx/CVE-2022-43434.json
View File

@ -61,6 +61,11 @@
"name": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2865",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2865",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20221019 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/10/19/3"
}
]
}

5
2022/43xxx/CVE-2022-43435.json
View File

@ -61,6 +61,11 @@
"name": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2866",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2866",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20221019 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/10/19/3"
}
]
}