"-Synchronized-Data."

This commit is contained in:
CVE Team 2022-10-27 10:00:30 +00:00
parent e2d4d9760b
commit 75972c71b9
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
7 changed files with 179 additions and 117 deletions

View File

@ -1,109 +1,109 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"generator": {
"engine": "Vulnogram 0.0.9"
},
"CVE_data_meta": {
"ID": "CVE-2021-45475",
"ASSIGNER": "cve@usom.gov.tr",
"DATE_PUBLIC": "2022-10-26T21:00:00.000Z",
"TITLE": "Information disclosure in Yordam Library Information Document Automation Program",
"AKA": "",
"STATE": "PUBLIC"
},
"source": {
"defect": [
"TR-22-0669"
],
"advisory": "TR-22-0669",
"discovery": "EXTERNAL"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Yordam Informatics Systems",
"product": {
"product_data": [
{
"product_name": "Yordam Library Information Document Automation Program",
"version": {
"version_data": [
{
"version_name": "",
"version_affected": "<",
"version_value": "19.02",
"platform": ""
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"generator": {
"engine": "Vulnogram 0.0.9"
},
"CVE_data_meta": {
"ID": "CVE-2021-45475",
"ASSIGNER": "cve@usom.gov.tr",
"DATE_PUBLIC": "2022-10-26T21:00:00.000Z",
"TITLE": "Information disclosure in Yordam Library Information Document Automation Program",
"AKA": "",
"STATE": "PUBLIC"
},
"source": {
"defect": [
"TR-22-0669"
],
"advisory": "TR-22-0669",
"discovery": "EXTERNAL"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Yordam Informatics Systems",
"product": {
"product_data": [
{
"product_name": "Yordam Library Information Document Automation Program",
"version": {
"version_data": [
{
"version_name": "",
"version_affected": "<",
"version_value": "19.02",
"platform": ""
}
]
}
}
]
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200 Information Exposure"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200 Information Exposure"
}
]
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Yordam Library Information Document Automation product before version 19.02 has an unauthenticated Information disclosure vulnerability."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.usom.gov.tr/bildirim/tr-22-0669",
"name": "https://www.usom.gov.tr/bildirim/tr-22-0669"
}
]
},
"configuration": [],
"impact": {
"cvss": {
"version": "3.1",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
},
"exploit": [],
"work_around": [],
"solution": [
{
"lang": "eng",
"value": "Yordam Library Information Document Automation program should be updated to version 19.02, provided by the vendor."
}
],
"credit": [
{
"lang": "eng",
"value": "Bartu Utku Sarp "
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Yordam Library Information Document Automation product before version 19.02 has an unauthenticated Information disclosure vulnerability."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.usom.gov.tr/bildirim/tr-22-0669",
"name": "https://www.usom.gov.tr/bildirim/tr-22-0669"
}
]
},
"configuration": [],
"impact": {
"cvss": {
"version": "3.1",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
},
"exploit": [],
"work_around": [],
"solution": [
{
"lang": "eng",
"value": "Yordam Library Information Document Automation program should be updated to version 19.02, provided by the vendor."
}
],
"credit": [
{
"lang": "eng",
"value": "Bartu Utku Sarp "
}
]
}
}

View File

@ -52,20 +52,24 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://security.snyk.io/vuln/SNYK-JS-SHESCAPE-3061108"
"refsource": "MISC",
"url": "https://security.snyk.io/vuln/SNYK-JS-SHESCAPE-3061108",
"name": "https://security.snyk.io/vuln/SNYK-JS-SHESCAPE-3061108"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/ericcornelissen/shescape/blob/main/src/unix.js%23L52"
"refsource": "MISC",
"url": "https://github.com/ericcornelissen/shescape/blob/main/src/unix.js%23L52",
"name": "https://github.com/ericcornelissen/shescape/blob/main/src/unix.js%23L52"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/ericcornelissen/shescape/commit/552e8eab56861720b1d4e5474fb65741643358f9"
"refsource": "MISC",
"url": "https://github.com/ericcornelissen/shescape/commit/552e8eab56861720b1d4e5474fb65741643358f9",
"name": "https://github.com/ericcornelissen/shescape/commit/552e8eab56861720b1d4e5474fb65741643358f9"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/ericcornelissen/shescape/releases/tag/v1.6.1"
"refsource": "MISC",
"url": "https://github.com/ericcornelissen/shescape/releases/tag/v1.6.1",
"name": "https://github.com/ericcornelissen/shescape/releases/tag/v1.6.1"
}
]
},
@ -73,7 +77,7 @@
"description_data": [
{
"lang": "eng",
"value": "The package shescape from 1.5.10 and before 1.6.1 are vulnerable to Regular Expression Denial of Service (ReDoS) via the escape function in index.js, due to the usage of insecure regex in the escapeArgBash function.\r\n\r\n"
"value": "The package shescape from 1.5.10 and before 1.6.1 are vulnerable to Regular Expression Denial of Service (ReDoS) via the escape function in index.js, due to the usage of insecure regex in the escapeArgBash function."
}
]
},

View File

@ -49,7 +49,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability classified as critical has been found in SourceCodester Online Medicine Ordering System 1.0. Affected is an unknown function of the file admin\/?page=orders\/view_order. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. VDB-212346 is the identifier assigned to this vulnerability."
"value": "A vulnerability classified as critical has been found in SourceCodester Online Medicine Ordering System 1.0. Affected is an unknown function of the file admin/?page=orders/view_order. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. VDB-212346 is the identifier assigned to this vulnerability."
}
]
},
@ -57,13 +57,15 @@
"cvss": {
"version": "3.1",
"baseScore": "5.0",
"vectorString": "CVSS:3.1\/AV:N\/AC:H\/PR:L\/UI:N\/S:U\/C:L\/I:L\/A:L"
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"
}
},
"references": {
"reference_data": [
{
"url": "https:\/\/vuldb.com\/?id.212346"
"url": "https://vuldb.com/?id.212346",
"refsource": "MISC",
"name": "https://vuldb.com/?id.212346"
}
]
}

View File

@ -49,7 +49,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability classified as problematic was found in SourceCodester Online Medicine Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file \/omos\/admin\/?page=user\/list. The manipulation of the argument First Name\/Middle Name\/Last Name leads to cross site scripting. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-212347."
"value": "A vulnerability classified as problematic was found in SourceCodester Online Medicine Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /omos/admin/?page=user/list. The manipulation of the argument First Name/Middle Name/Last Name leads to cross site scripting. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-212347."
}
]
},
@ -57,13 +57,15 @@
"cvss": {
"version": "3.1",
"baseScore": "3.5",
"vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:U\/C:N\/I:L\/A:N"
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"
}
},
"references": {
"reference_data": [
{
"url": "https:\/\/vuldb.com\/?id.212347"
"url": "https://vuldb.com/?id.212347",
"refsource": "MISC",
"name": "https://vuldb.com/?id.212347"
}
]
}

View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-3717",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-3718",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-3719",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}