admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-01-26 21:07:12 +00:00
parent 079e51d752
commit 7f0a501f4d
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
59 changed files with 1444 additions and 89 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
2018/7xxx/CVE-2018-7364.json
View File

@ -73,6 +73,16 @@
"name": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009943", "name": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009943",
"refsource": "CONFIRM", "refsource": "CONFIRM",
"url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009943" "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009943"
},
{
"refsource": "MISC",
"name": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009943",
"url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009943"
},
{
"refsource": "MISC",
"name": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-34f2-7h57-rg7p",
"url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-34f2-7h57-rg7p"
} }
] ]
}, },

61
2020/18xxx/CVE-2020-18329.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-18329",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2020-18329",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An issue was discovered in Rehau devices that use a pCOWeb card BIOS v6.27, BOOT v5.00, web version v2.2, allows attackers to gain full unauthenticated access to the configuration and service interface."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://medium.com/@SergiuSechel/insecure-permissions-in-rehau-group-unlimited-polymer-solutions-implementation-of-carel-pcoweb-514c148ae694",
"refsource": "MISC",
"name": "https://medium.com/@SergiuSechel/insecure-permissions-in-rehau-group-unlimited-polymer-solutions-implementation-of-carel-pcoweb-514c148ae694"
},
{
"refsource": "MISC",
"name": "https://github.com/cybertoxin/CVEs/blob/main/CVE_2020_18329.md",
"url": "https://github.com/cybertoxin/CVEs/blob/main/CVE_2020_18329.md"
} }
] ]
} }

61
2020/18xxx/CVE-2020-18331.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-18331",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2020-18331",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Directory traversal vulnerability in ChinaMobile PLC Wireless Router model GPN2.4P21-C-CN running the firmware version W2000EN-01(hardware platform Gpn2.4P21-C_WIFI-V0.05), via the getpage parameter to /cgi-bin/webproc."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://medium.com/@SergiuSechel/insecure-permissions-and-multiple-vulnerabilities-in-chinamobile-plc-wireless-routers-leaves-more-d3eb9ff70d24",
"refsource": "MISC",
"name": "https://medium.com/@SergiuSechel/insecure-permissions-and-multiple-vulnerabilities-in-chinamobile-plc-wireless-routers-leaves-more-d3eb9ff70d24"
},
{
"refsource": "MISC",
"name": "https://github.com/cybertoxin/CVEs/blob/main/CVE_2020_18331.md",
"url": "https://github.com/cybertoxin/CVEs/blob/main/CVE_2020_18331.md"
} }
] ]
} }

5
2020/21xxx/CVE-2020-21596.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/strukturag/libde265/issues/236", "url": "https://github.com/strukturag/libde265/issues/236",
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/strukturag/libde265/issues/236" "name": "https://github.com/strukturag/libde265/issues/236"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230124 [SECURITY] [DLA 3280-1] libde265 security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00020.html"
} }
] ]
} }

5
2020/21xxx/CVE-2020-21597.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/strukturag/libde265/issues/238", "url": "https://github.com/strukturag/libde265/issues/238",
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/strukturag/libde265/issues/238" "name": "https://github.com/strukturag/libde265/issues/238"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230124 [SECURITY] [DLA 3280-1] libde265 security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00020.html"
} }
] ]
} }

5
2020/21xxx/CVE-2020-21598.json
View File

@ -61,6 +61,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://cwe.mitre.org/data/definitions/122.html", "name": "https://cwe.mitre.org/data/definitions/122.html",
"url": "https://cwe.mitre.org/data/definitions/122.html" "url": "https://cwe.mitre.org/data/definitions/122.html"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230124 [SECURITY] [DLA 3280-1] libde265 security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00020.html"
} }
] ]
} }

5
2021/29xxx/CVE-2021-29023.json
View File

@ -56,6 +56,11 @@
"url": "https://notnnor.github.io/research/2021/03/16/weak-password-recovery-mechanism-in-invoiceplane.html", "url": "https://notnnor.github.io/research/2021/03/16/weak-password-recovery-mechanism-in-invoiceplane.html",
"refsource": "MISC", "refsource": "MISC",
"name": "https://notnnor.github.io/research/2021/03/16/weak-password-recovery-mechanism-in-invoiceplane.html" "name": "https://notnnor.github.io/research/2021/03/16/weak-password-recovery-mechanism-in-invoiceplane.html"
},
{
"refsource": "MISC",
"name": "https://github.com/InvoicePlane/InvoicePlane/pull/767",
"url": "https://github.com/InvoicePlane/InvoicePlane/pull/767"
} }
] ]
} }

83
2022/21xxx/CVE-2022-21192.json
View File

@ -1,17 +1,92 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-21192", "ID": "CVE-2022-21192",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "report@snyk.io",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "All versions of the package serve-lite are vulnerable to Directory Traversal due to missing input sanitization or other checks and protections employed to the req.url passed as-is to path.join()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Directory Traversal",
"cweId": "CWE-22"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "serve-lite",
"version": {
"version_data": [
{
"version_value": "0",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security.snyk.io/vuln/SNYK-JS-SERVELITE-3149916",
"refsource": "MISC",
"name": "https://security.snyk.io/vuln/SNYK-JS-SERVELITE-3149916"
},
{
"url": "https://gist.github.com/lirantal/9ccdfda0edcb95e36d07a04b0b6c2db0",
"refsource": "MISC",
"name": "https://gist.github.com/lirantal/9ccdfda0edcb95e36d07a04b0b6c2db0"
}
]
},
"credits": [
{
"lang": "en",
"value": "Liran Tal"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
} }
] ]
} }

87
2022/21xxx/CVE-2022-21810.json
View File

@ -1,17 +1,96 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-21810", "ID": "CVE-2022-21810",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "report@snyk.io",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "All versions of the package smartctl are vulnerable to Command Injection via the info method due to improper input sanitization."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Command Injection",
"cweId": "CWE-78"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "smartctl",
"version": {
"version_data": [
{
"version_value": "0",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security.snyk.io/vuln/SNYK-JS-SMARTCTL-3175613",
"refsource": "MISC",
"name": "https://security.snyk.io/vuln/SNYK-JS-SMARTCTL-3175613"
},
{
"url": "https://github.com/baslr/node-smartctl/blob/f61266084d5b3e4baae9bd85f67ec4ec6a716736/index.js%23L18",
"refsource": "MISC",
"name": "https://github.com/baslr/node-smartctl/blob/f61266084d5b3e4baae9bd85f67ec4ec6a716736/index.js%23L18"
}
]
},
"credits": [
{
"lang": "en",
"value": "Junmin Zhu at SJTU"
},
{
"lang": "en",
"value": "JHU System Security Lab"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P"
} }
] ]
} }

83
2022/25xxx/CVE-2022-25847.json
View File

@ -1,17 +1,92 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-25847", "ID": "CVE-2022-25847",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "report@snyk.io",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "All versions of the package serve-lite are vulnerable to Cross-site Scripting (XSS) because when it detects a request to a directory, it renders a file listing of all of its contents with links that include the actual file names without any sanitization or output encoding."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site Scripting (XSS)",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "serve-lite",
"version": {
"version_data": [
{
"version_value": "0",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security.snyk.io/vuln/SNYK-JS-SERVELITE-3149915",
"refsource": "MISC",
"name": "https://security.snyk.io/vuln/SNYK-JS-SERVELITE-3149915"
},
{
"url": "https://gist.github.com/lirantal/52debd25284726fcc2eaed9c7512975c",
"refsource": "MISC",
"name": "https://gist.github.com/lirantal/52debd25284726fcc2eaed9c7512975c"
}
]
},
"credits": [
{
"lang": "en",
"value": "Liran Tal"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"
} }
] ]
} }

103
2022/25xxx/CVE-2022-25882.json
View File

@ -1,17 +1,112 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-25882", "ID": "CVE-2022-25882",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "report@snyk.io",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Versions of the package onnx before 1.13.0 are vulnerable to Directory Traversal as the external_data field of the tensor proto can have a path to the file which is outside the model current directory or user-provided directory, for example \"../../../etc/passwd\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Directory Traversal",
"cweId": "CWE-22"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "onnx",
"version": {
"version_data": [
{
"version_value": "0",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security.snyk.io/vuln/SNYK-PYTHON-ONNX-2395479",
"refsource": "MISC",
"name": "https://security.snyk.io/vuln/SNYK-PYTHON-ONNX-2395479"
},
{
"url": "https://github.com/onnx/onnx/issues/3991",
"refsource": "MISC",
"name": "https://github.com/onnx/onnx/issues/3991"
},
{
"url": "https://github.com/onnx/onnx/blob/96516aecd4c110b0ac57eba08ac236ebf7205728/onnx/checker.cc%23L129",
"refsource": "MISC",
"name": "https://github.com/onnx/onnx/blob/96516aecd4c110b0ac57eba08ac236ebf7205728/onnx/checker.cc%23L129"
},
{
"url": "https://github.com/onnx/onnx/pull/4400",
"refsource": "MISC",
"name": "https://github.com/onnx/onnx/pull/4400"
},
{
"url": "https://github.com/onnx/onnx/commit/f369b0e859024095d721f1d1612da5a8fa38988d",
"refsource": "MISC",
"name": "https://github.com/onnx/onnx/commit/f369b0e859024095d721f1d1612da5a8fa38988d"
},
{
"url": "https://gist.github.com/jnovikov/02a9aff9bf2188033e77bd91ff062856",
"refsource": "MISC",
"name": "https://gist.github.com/jnovikov/02a9aff9bf2188033e77bd91ff062856"
}
]
},
"credits": [
{
"lang": "en",
"value": "jnovikov"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P"
} }
] ]
} }

88
2022/25xxx/CVE-2022-25894.json
View File

@ -1,17 +1,97 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-25894", "ID": "CVE-2022-25894",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "report@snyk.io",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "All versions of the package com.bstek.uflo:uflo-core are vulnerable to Remote Code Execution (RCE) in the ExpressionContextImpl class via jexl.createExpression(expression).evaluate(context); functionality, due to improper user input validation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution (RCE)",
"cweId": "CWE-94"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "com.bstek.uflo:uflo-core",
"version": {
"version_data": [
{
"version_value": "0",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security.snyk.io/vuln/SNYK-JAVA-COMBSTEKUFLO-3091112",
"refsource": "MISC",
"name": "https://security.snyk.io/vuln/SNYK-JAVA-COMBSTEKUFLO-3091112"
},
{
"url": "https://github.com/youseries/uflo/blob/b3e198bc6523e5a6ba69edd84ba10e05a3b78726/uflo-core/src/main/java/com/bstek/uflo/expr/impl/ExpressionContextImpl.java%23L126",
"refsource": "MISC",
"name": "https://github.com/youseries/uflo/blob/b3e198bc6523e5a6ba69edd84ba10e05a3b78726/uflo-core/src/main/java/com/bstek/uflo/expr/impl/ExpressionContextImpl.java%23L126"
},
{
"url": "https://fmyyy1.github.io/2022/10/23/uflo2rce/",
"refsource": "MISC",
"name": "https://fmyyy1.github.io/2022/10/23/uflo2rce/"
}
]
},
"credits": [
{
"lang": "en",
"value": "fmyyy"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P"
} }
] ]
} }

87
2022/25xxx/CVE-2022-25927.json
View File

@ -1,17 +1,96 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-25927", "ID": "CVE-2022-25927",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "report@snyk.io",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Versions of the package ua-parser-js from 0.7.30 and before 0.7.33, from 0.8.1 and before 1.0.33 are vulnerable to Regular Expression Denial of Service (ReDoS) via the trim() function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Regular Expression Denial of Service (ReDoS)",
"cweId": "CWE-1333"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "ua-parser-js",
"version": {
"version_data": [
{
"version_value": "0.7.30",
"version_affected": "="
},
{
"version_value": "0.8.1",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security.snyk.io/vuln/SNYK-JS-UAPARSERJS-3244450",
"refsource": "MISC",
"name": "https://security.snyk.io/vuln/SNYK-JS-UAPARSERJS-3244450"
},
{
"url": "https://github.com/faisalman/ua-parser-js/commit/a6140a17dd0300a35cfc9cff999545f267889411",
"refsource": "MISC",
"name": "https://github.com/faisalman/ua-parser-js/commit/a6140a17dd0300a35cfc9cff999545f267889411"
}
]
},
"credits": [
{
"lang": "en",
"value": "Beau Harder"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P"
} }
] ]
} }

78
2022/25xxx/CVE-2022-25962.json
View File

@ -1,17 +1,87 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-25962", "ID": "CVE-2022-25962",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "report@snyk.io",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "All versions of the package vagrant.js are vulnerable to Command Injection via the boxAdd function due to improper input sanitization."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Command Injection",
"cweId": "CWE-78"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "vagrant.js",
"version": {
"version_data": [
{
"version_value": "0",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security.snyk.io/vuln/SNYK-JS-VAGRANTJS-3175614",
"refsource": "MISC",
"name": "https://security.snyk.io/vuln/SNYK-JS-VAGRANTJS-3175614"
}
]
},
"credits": [
{
"lang": "en",
"value": "HU System Security Lab"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P"
} }
] ]
} }

5
2022/32xxx/CVE-2022-32212.json
View File

@ -88,6 +88,11 @@
"refsource": "CONFIRM", "refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf" "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf"
},
{
"refsource": "DEBIAN",
"name": "DSA-5326",
"url": "https://www.debian.org/security/2023/dsa-5326"
} }
] ]
}, },

5
2022/32xxx/CVE-2022-32213.json
View File

@ -73,6 +73,11 @@
"refsource": "CONFIRM", "refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf" "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf"
},
{
"refsource": "DEBIAN",
"name": "DSA-5326",
"url": "https://www.debian.org/security/2023/dsa-5326"
} }
] ]
}, },

5
2022/32xxx/CVE-2022-32214.json
View File

@ -53,6 +53,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://hackerone.com/reports/1524692", "name": "https://hackerone.com/reports/1524692",
"url": "https://hackerone.com/reports/1524692" "url": "https://hackerone.com/reports/1524692"
},
{
"refsource": "DEBIAN",
"name": "DSA-5326",
"url": "https://www.debian.org/security/2023/dsa-5326"
} }
] ]
}, },

5
2022/32xxx/CVE-2022-32215.json
View File

@ -73,6 +73,11 @@
"refsource": "CONFIRM", "refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf" "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf"
},
{
"refsource": "DEBIAN",
"name": "DSA-5326",
"url": "https://www.debian.org/security/2023/dsa-5326"
} }
] ]
}, },

5
2022/35xxx/CVE-2022-35255.json
View File

@ -58,6 +58,11 @@
"refsource": "CONFIRM", "refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20230113-0002/", "name": "https://security.netapp.com/advisory/ntap-20230113-0002/",
"url": "https://security.netapp.com/advisory/ntap-20230113-0002/" "url": "https://security.netapp.com/advisory/ntap-20230113-0002/"
},
{
"refsource": "DEBIAN",
"name": "DSA-5326",
"url": "https://www.debian.org/security/2023/dsa-5326"
} }
] ]
}, },

5
2022/35xxx/CVE-2022-35256.json
View File

@ -53,6 +53,11 @@
"refsource": "CONFIRM", "refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf" "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf"
},
{
"refsource": "DEBIAN",
"name": "DSA-5326",
"url": "https://www.debian.org/security/2023/dsa-5326"
} }
] ]
}, },

5
2022/37xxx/CVE-2022-37290.json
View File

@ -71,6 +71,11 @@
"refsource": "FEDORA", "refsource": "FEDORA",
"name": "FEDORA-2023-dbe1157188", "name": "FEDORA-2023-dbe1157188",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PX5CVF4FAHFA6UNKHFBBLOP2NUMIQJAY/" "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PX5CVF4FAHFA6UNKHFBBLOP2NUMIQJAY/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2023-f81ad89b81",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XYPDZ7LBBUVU3WFK7DCGDFGK2GXTKGT5/"
} }
] ]
} }

5
2022/43xxx/CVE-2022-43235.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/strukturag/libde265/issues/337", "url": "https://github.com/strukturag/libde265/issues/337",
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/strukturag/libde265/issues/337" "name": "https://github.com/strukturag/libde265/issues/337"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230124 [SECURITY] [DLA 3280-1] libde265 security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00020.html"
} }
] ]
} }

5
2022/43xxx/CVE-2022-43236.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/strukturag/libde265/issues/343", "url": "https://github.com/strukturag/libde265/issues/343",
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/strukturag/libde265/issues/343" "name": "https://github.com/strukturag/libde265/issues/343"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230124 [SECURITY] [DLA 3280-1] libde265 security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00020.html"
} }
] ]
} }

5
2022/43xxx/CVE-2022-43237.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/strukturag/libde265/issues/344", "url": "https://github.com/strukturag/libde265/issues/344",
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/strukturag/libde265/issues/344" "name": "https://github.com/strukturag/libde265/issues/344"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230124 [SECURITY] [DLA 3280-1] libde265 security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00020.html"
} }
] ]
} }

5
2022/43xxx/CVE-2022-43238.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/strukturag/libde265/issues/336", "url": "https://github.com/strukturag/libde265/issues/336",
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/strukturag/libde265/issues/336" "name": "https://github.com/strukturag/libde265/issues/336"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230124 [SECURITY] [DLA 3280-1] libde265 security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00020.html"
} }
] ]
} }

5
2022/43xxx/CVE-2022-43239.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/strukturag/libde265/issues/341", "url": "https://github.com/strukturag/libde265/issues/341",
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/strukturag/libde265/issues/341" "name": "https://github.com/strukturag/libde265/issues/341"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230124 [SECURITY] [DLA 3280-1] libde265 security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00020.html"
} }
] ]
} }

5
2022/43xxx/CVE-2022-43240.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/strukturag/libde265/issues/335", "url": "https://github.com/strukturag/libde265/issues/335",
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/strukturag/libde265/issues/335" "name": "https://github.com/strukturag/libde265/issues/335"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230124 [SECURITY] [DLA 3280-1] libde265 security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00020.html"
} }
] ]
} }

5
2022/43xxx/CVE-2022-43241.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/strukturag/libde265/issues/338", "url": "https://github.com/strukturag/libde265/issues/338",
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/strukturag/libde265/issues/338" "name": "https://github.com/strukturag/libde265/issues/338"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230124 [SECURITY] [DLA 3280-1] libde265 security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00020.html"
} }
] ]
} }

5
2022/43xxx/CVE-2022-43242.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/strukturag/libde265/issues/340", "url": "https://github.com/strukturag/libde265/issues/340",
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/strukturag/libde265/issues/340" "name": "https://github.com/strukturag/libde265/issues/340"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230124 [SECURITY] [DLA 3280-1] libde265 security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00020.html"
} }
] ]
} }

5
2022/43xxx/CVE-2022-43243.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/strukturag/libde265/issues/339", "url": "https://github.com/strukturag/libde265/issues/339",
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/strukturag/libde265/issues/339" "name": "https://github.com/strukturag/libde265/issues/339"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230124 [SECURITY] [DLA 3280-1] libde265 security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00020.html"
} }
] ]
} }

5
2022/43xxx/CVE-2022-43244.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/strukturag/libde265/issues/342", "url": "https://github.com/strukturag/libde265/issues/342",
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/strukturag/libde265/issues/342" "name": "https://github.com/strukturag/libde265/issues/342"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230124 [SECURITY] [DLA 3280-1] libde265 security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00020.html"
} }
] ]
} }

5
2022/43xxx/CVE-2022-43245.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/strukturag/libde265/issues/352", "url": "https://github.com/strukturag/libde265/issues/352",
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/strukturag/libde265/issues/352" "name": "https://github.com/strukturag/libde265/issues/352"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230124 [SECURITY] [DLA 3280-1] libde265 security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00020.html"
} }
] ]
} }

5
2022/43xxx/CVE-2022-43248.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/strukturag/libde265/issues/349", "url": "https://github.com/strukturag/libde265/issues/349",
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/strukturag/libde265/issues/349" "name": "https://github.com/strukturag/libde265/issues/349"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230124 [SECURITY] [DLA 3280-1] libde265 security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00020.html"
} }
] ]
} }

5
2022/43xxx/CVE-2022-43249.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/strukturag/libde265/issues/345", "url": "https://github.com/strukturag/libde265/issues/345",
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/strukturag/libde265/issues/345" "name": "https://github.com/strukturag/libde265/issues/345"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230124 [SECURITY] [DLA 3280-1] libde265 security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00020.html"
} }
] ]
} }

5
2022/43xxx/CVE-2022-43250.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/strukturag/libde265/issues/346", "url": "https://github.com/strukturag/libde265/issues/346",
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/strukturag/libde265/issues/346" "name": "https://github.com/strukturag/libde265/issues/346"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230124 [SECURITY] [DLA 3280-1] libde265 security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00020.html"
} }
] ]
} }

5
2022/43xxx/CVE-2022-43252.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/strukturag/libde265/issues/347", "url": "https://github.com/strukturag/libde265/issues/347",
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/strukturag/libde265/issues/347" "name": "https://github.com/strukturag/libde265/issues/347"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230124 [SECURITY] [DLA 3280-1] libde265 security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00020.html"
} }
] ]
} }

5
2022/43xxx/CVE-2022-43253.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/strukturag/libde265/issues/348", "url": "https://github.com/strukturag/libde265/issues/348",
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/strukturag/libde265/issues/348" "name": "https://github.com/strukturag/libde265/issues/348"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230124 [SECURITY] [DLA 3280-1] libde265 security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00020.html"
} }
] ]
} }

5
2022/43xxx/CVE-2022-43548.json
View File

@ -53,6 +53,11 @@
"refsource": "CONFIRM", "refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20230120-0004/", "name": "https://security.netapp.com/advisory/ntap-20230120-0004/",
"url": "https://security.netapp.com/advisory/ntap-20230120-0004/" "url": "https://security.netapp.com/advisory/ntap-20230120-0004/"
},
{
"refsource": "DEBIAN",
"name": "DSA-5326",
"url": "https://www.debian.org/security/2023/dsa-5326"
} }
] ]
}, },

56
2022/44xxx/CVE-2022-44018.json
View File

@ -1,17 +1,61 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-44018",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2022-44018",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "In Softing uaToolkit Embedded before 1.40.1, a malformed PubSub discovery announcement message can cause a NULL pointer dereference or out-of-bounds memory access in the subscriber application."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-10.html",
"url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-10.html"
} }
] ]
} }

61
2022/45xxx/CVE-2022-45730.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-45730",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2022-45730",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A cross-site scripting (XSS) vulnerability in Doctor Appointment Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://phpgurukul.com/doctor-appointment-management-system-using-php-and-mysql/",
"refsource": "MISC",
"name": "https://phpgurukul.com/doctor-appointment-management-system-using-php-and-mysql/"
},
{
"refsource": "MISC",
"name": "https://github.com/Rajeshwar40/CVE/blob/main/CVE-2022-45730",
"url": "https://github.com/Rajeshwar40/CVE/blob/main/CVE-2022-45730"
} }
] ]
} }

56
2022/45xxx/CVE-2022-45920.json
View File

@ -1,17 +1,61 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-45920",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2022-45920",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "In Softing uaToolkit Embedded before 1.41, a malformed CreateMonitoredItems request may cause a memory leak."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-10.html",
"url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-10.html"
} }
] ]
} }

61
2022/46xxx/CVE-2022-46128.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-46128",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2022-46128",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "phpgurukul Doctor Appointment Management System V 1.0.0 is vulnerable to Cross Site Scripting (XSS) via searchdata=."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://phpgurukul.com/projects/Doctor-Appointment-System_PHP.zip",
"refsource": "MISC",
"name": "https://phpgurukul.com/projects/Doctor-Appointment-System_PHP.zip"
},
{
"refsource": "MISC",
"name": "https://github.com/Rajeshwar40/CVE/blob/main/2022-46128",
"url": "https://github.com/Rajeshwar40/CVE/blob/main/2022-46128"
} }
] ]
} }

61
2022/46xxx/CVE-2022-46624.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-46624",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2022-46624",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A cross-site scripting (XSS) vulnerability in Online Graduate Tracer System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.sourcecodester.com/php/15904/online-graduate-tracer-system-college-ict-alumni.html",
"refsource": "MISC",
"name": "https://www.sourcecodester.com/php/15904/online-graduate-tracer-system-college-ict-alumni.html"
},
{
"refsource": "MISC",
"name": "https://github.com/Rajeshwar40/CVE/blob/main/CVE-2022-46624",
"url": "https://github.com/Rajeshwar40/CVE/blob/main/CVE-2022-46624"
} }
] ]
} }

61
2022/46xxx/CVE-2022-46957.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-46957",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2022-46957",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Sourcecodester.com Online Graduate Tracer System V 1.0.0 is vulnerable to Cross Site Scripting (XSS)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.sourcecodester.com/sites/default/files/download/oretnom23/tracking.zip",
"refsource": "MISC",
"name": "https://www.sourcecodester.com/sites/default/files/download/oretnom23/tracking.zip"
},
{
"refsource": "MISC",
"name": "https://github.com/Rajeshwar40/CVE/blob/main/CVE-2022-46957",
"url": "https://github.com/Rajeshwar40/CVE/blob/main/CVE-2022-46957"
} }
] ]
} }

56
2022/47xxx/CVE-2022-47052.json
View File

@ -1,17 +1,61 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-47052",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2022-47052",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "NETGEAR Nighthawk R6220 v1.1.0.112_1.0.1 was discovered to contain a cross-site scripting (XSS) vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/dest-3/NETGEAR/tree/main/CVE-2022-47052",
"url": "https://github.com/dest-3/NETGEAR/tree/main/CVE-2022-47052"
} }
] ]
} }

61
2022/47xxx/CVE-2022-47073.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-47073",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2022-47073",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A cross-site scripting (XSS) vulnerability in the Create Ticket page of Small CRM v3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Subject parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://packetstormsecurity.com",
"refsource": "MISC",
"name": "https://packetstormsecurity.com"
},
{
"refsource": "MISC",
"name": "https://medium.com/@shiva.infocop/stored-xss-found-in-small-crm-phpgurukul-7890ea3c04df",
"url": "https://medium.com/@shiva.infocop/stored-xss-found-in-small-crm-phpgurukul-7890ea3c04df"
} }
] ]
} }

5
2022/47xxx/CVE-2022-47655.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/strukturag/libde265/issues/367", "url": "https://github.com/strukturag/libde265/issues/367",
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/strukturag/libde265/issues/367" "name": "https://github.com/strukturag/libde265/issues/367"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230124 [SECURITY] [DLA 3280-1] libde265 security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00020.html"
} }
] ]
} }

5
2022/47xxx/CVE-2022-47950.json
View File

@ -61,6 +61,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://security.openstack.org/ossa/OSSA-2023-001.html", "name": "https://security.openstack.org/ossa/OSSA-2023-001.html",
"url": "https://security.openstack.org/ossa/OSSA-2023-001.html" "url": "https://security.openstack.org/ossa/OSSA-2023-001.html"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230125 [SECURITY] [DLA 3281-1] swift security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00021.html"
} }
] ]
} }

18
2023/0xxx/CVE-2023-0488.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-0488",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/0xxx/CVE-2023-0489.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-0489",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/0xxx/CVE-2023-0490.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-0490",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/0xxx/CVE-2023-0491.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-0491",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/0xxx/CVE-2023-0492.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-0492",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/0xxx/CVE-2023-0493.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-0493",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/22xxx/CVE-2023-22845.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-22845",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

5
2023/23xxx/CVE-2023-23589.json
View File

@ -71,6 +71,11 @@
"refsource": "DEBIAN", "refsource": "DEBIAN",
"name": "DSA-5320", "name": "DSA-5320",
"url": "https://www.debian.org/security/2023/dsa-5320" "url": "https://www.debian.org/security/2023/dsa-5320"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2023-c290171664",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZMY4FWXYKP3MDXTZ3EJ7XJVGBCKBK2XL/"
} }
] ]
} }

18
2023/24xxx/CVE-2023-24472.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-24472",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/24xxx/CVE-2023-24473.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-24473",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

2
2023/24xxx/CVE-2023-24508.json
View File

@ -11,7 +11,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB and Nova 246 devices with firmware through RTS/RTD 3.6.6 are vulnerable to remote shell code exploitation via HTTP command injections. Commands are executed using pre-login execution and executed with root permissions. The following methods below have been tested and validated by a 3rd party analyst and has been confirmed exploitable special thanks to Rustam Amin for providing the steps to reproduce." "value": "Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB devices with firmware through RTS/RTD 3.6.6 are vulnerable to remote shell code exploitation via HTTP command injections. Commands are executed using pre-login execution and executed with root permissions. The following methods below have been tested and validated by a 3rd party analyst and has been confirmed exploitable special thanks to Rustam Amin for providing the steps to reproduce."
} }
] ]
}, },