mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
"-Synchronized-Data."
This commit is contained in:
parent
e2d4d9760b
commit
75972c71b9
@ -1,109 +1,109 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"generator": {
|
||||
"engine": "Vulnogram 0.0.9"
|
||||
},
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2021-45475",
|
||||
"ASSIGNER": "cve@usom.gov.tr",
|
||||
"DATE_PUBLIC": "2022-10-26T21:00:00.000Z",
|
||||
"TITLE": "Information disclosure in Yordam Library Information Document Automation Program",
|
||||
"AKA": "",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"source": {
|
||||
"defect": [
|
||||
"TR-22-0669"
|
||||
],
|
||||
"advisory": "TR-22-0669",
|
||||
"discovery": "EXTERNAL"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Yordam Informatics Systems",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Yordam Library Information Document Automation Program",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_name": "",
|
||||
"version_affected": "<",
|
||||
"version_value": "19.02",
|
||||
"platform": ""
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"generator": {
|
||||
"engine": "Vulnogram 0.0.9"
|
||||
},
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2021-45475",
|
||||
"ASSIGNER": "cve@usom.gov.tr",
|
||||
"DATE_PUBLIC": "2022-10-26T21:00:00.000Z",
|
||||
"TITLE": "Information disclosure in Yordam Library Information Document Automation Program",
|
||||
"AKA": "",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"source": {
|
||||
"defect": [
|
||||
"TR-22-0669"
|
||||
],
|
||||
"advisory": "TR-22-0669",
|
||||
"discovery": "EXTERNAL"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Yordam Informatics Systems",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Yordam Library Information Document Automation Program",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_name": "",
|
||||
"version_affected": "<",
|
||||
"version_value": "19.02",
|
||||
"platform": ""
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-200 Information Exposure"
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-200 Information Exposure"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Yordam Library Information Document Automation product before version 19.02 has an unauthenticated Information disclosure vulnerability."
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.usom.gov.tr/bildirim/tr-22-0669",
|
||||
"name": "https://www.usom.gov.tr/bildirim/tr-22-0669"
|
||||
}
|
||||
]
|
||||
},
|
||||
"configuration": [],
|
||||
"impact": {
|
||||
"cvss": {
|
||||
"version": "3.1",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "NONE",
|
||||
"availabilityImpact": "NONE",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
|
||||
"baseScore": 5.3,
|
||||
"baseSeverity": "MEDIUM"
|
||||
}
|
||||
},
|
||||
"exploit": [],
|
||||
"work_around": [],
|
||||
"solution": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Yordam Library Information Document Automation program should be updated to version 19.02, provided by the vendor."
|
||||
}
|
||||
],
|
||||
"credit": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Bartu Utku Sarp "
|
||||
}
|
||||
]
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Yordam Library Information Document Automation product before version 19.02 has an unauthenticated Information disclosure vulnerability."
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.usom.gov.tr/bildirim/tr-22-0669",
|
||||
"name": "https://www.usom.gov.tr/bildirim/tr-22-0669"
|
||||
}
|
||||
]
|
||||
},
|
||||
"configuration": [],
|
||||
"impact": {
|
||||
"cvss": {
|
||||
"version": "3.1",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "NONE",
|
||||
"availabilityImpact": "NONE",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
|
||||
"baseScore": 5.3,
|
||||
"baseSeverity": "MEDIUM"
|
||||
}
|
||||
},
|
||||
"exploit": [],
|
||||
"work_around": [],
|
||||
"solution": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Yordam Library Information Document Automation program should be updated to version 19.02, provided by the vendor."
|
||||
}
|
||||
],
|
||||
"credit": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Bartu Utku Sarp "
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
@ -52,20 +52,24 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://security.snyk.io/vuln/SNYK-JS-SHESCAPE-3061108"
|
||||
"refsource": "MISC",
|
||||
"url": "https://security.snyk.io/vuln/SNYK-JS-SHESCAPE-3061108",
|
||||
"name": "https://security.snyk.io/vuln/SNYK-JS-SHESCAPE-3061108"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://github.com/ericcornelissen/shescape/blob/main/src/unix.js%23L52"
|
||||
"refsource": "MISC",
|
||||
"url": "https://github.com/ericcornelissen/shescape/blob/main/src/unix.js%23L52",
|
||||
"name": "https://github.com/ericcornelissen/shescape/blob/main/src/unix.js%23L52"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://github.com/ericcornelissen/shescape/commit/552e8eab56861720b1d4e5474fb65741643358f9"
|
||||
"refsource": "MISC",
|
||||
"url": "https://github.com/ericcornelissen/shescape/commit/552e8eab56861720b1d4e5474fb65741643358f9",
|
||||
"name": "https://github.com/ericcornelissen/shescape/commit/552e8eab56861720b1d4e5474fb65741643358f9"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://github.com/ericcornelissen/shescape/releases/tag/v1.6.1"
|
||||
"refsource": "MISC",
|
||||
"url": "https://github.com/ericcornelissen/shescape/releases/tag/v1.6.1",
|
||||
"name": "https://github.com/ericcornelissen/shescape/releases/tag/v1.6.1"
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -73,7 +77,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The package shescape from 1.5.10 and before 1.6.1 are vulnerable to Regular Expression Denial of Service (ReDoS) via the escape function in index.js, due to the usage of insecure regex in the escapeArgBash function.\r\n\r\n"
|
||||
"value": "The package shescape from 1.5.10 and before 1.6.1 are vulnerable to Regular Expression Denial of Service (ReDoS) via the escape function in index.js, due to the usage of insecure regex in the escapeArgBash function."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -49,7 +49,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability classified as critical has been found in SourceCodester Online Medicine Ordering System 1.0. Affected is an unknown function of the file admin\/?page=orders\/view_order. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. VDB-212346 is the identifier assigned to this vulnerability."
|
||||
"value": "A vulnerability classified as critical has been found in SourceCodester Online Medicine Ordering System 1.0. Affected is an unknown function of the file admin/?page=orders/view_order. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. VDB-212346 is the identifier assigned to this vulnerability."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -57,13 +57,15 @@
|
||||
"cvss": {
|
||||
"version": "3.1",
|
||||
"baseScore": "5.0",
|
||||
"vectorString": "CVSS:3.1\/AV:N\/AC:H\/PR:L\/UI:N\/S:U\/C:L\/I:L\/A:L"
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https:\/\/vuldb.com\/?id.212346"
|
||||
"url": "https://vuldb.com/?id.212346",
|
||||
"refsource": "MISC",
|
||||
"name": "https://vuldb.com/?id.212346"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -49,7 +49,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability classified as problematic was found in SourceCodester Online Medicine Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file \/omos\/admin\/?page=user\/list. The manipulation of the argument First Name\/Middle Name\/Last Name leads to cross site scripting. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-212347."
|
||||
"value": "A vulnerability classified as problematic was found in SourceCodester Online Medicine Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /omos/admin/?page=user/list. The manipulation of the argument First Name/Middle Name/Last Name leads to cross site scripting. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-212347."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -57,13 +57,15 @@
|
||||
"cvss": {
|
||||
"version": "3.1",
|
||||
"baseScore": "3.5",
|
||||
"vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:U\/C:N\/I:L\/A:N"
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https:\/\/vuldb.com\/?id.212347"
|
||||
"url": "https://vuldb.com/?id.212347",
|
||||
"refsource": "MISC",
|
||||
"name": "https://vuldb.com/?id.212347"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
18
2022/3xxx/CVE-2022-3717.json
Normal file
18
2022/3xxx/CVE-2022-3717.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-3717",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
18
2022/3xxx/CVE-2022-3718.json
Normal file
18
2022/3xxx/CVE-2022-3718.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-3718",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
18
2022/3xxx/CVE-2022-3719.json
Normal file
18
2022/3xxx/CVE-2022-3719.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-3719",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
Loading…
x
Reference in New Issue
Block a user