admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 02:32:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-01-08 10:00:35 +00:00
parent dd642455dc
commit 97cf1d151a
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
6 changed files with 660 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

106
2007/10xxx/CVE-2007-10002.json Normal file
View File

@ -0,0 +1,106 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2007-10002",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability, which was classified as critical, has been found in web-cyradm. Affected by this issue is some unknown functionality of the file auth.inc.php. The manipulation of the argument login/login_password/LANG leads to sql injection. The attack may be launched remotely. The name of the patch is 2bcbead3bdb5f118bf2c38c541eaa73c29dcc90f. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-217640."
},
{
"lang": "deu",
"value": "Eine kritische Schwachstelle wurde in web-cyradm entdeckt. Davon betroffen ist unbekannter Code der Datei auth.inc.php. Mittels dem Manipulieren des Arguments login/login_password/LANG mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Patch wird als 2bcbead3bdb5f118bf2c38c541eaa73c29dcc90f bezeichnet. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 SQL Injection",
"cweId": "CWE-89"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "web-cyradm",
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.217640",
"refsource": "MISC",
"name": "https://vuldb.com/?id.217640"
},
{
"url": "https://vuldb.com/?ctiid.217640",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.217640"
},
{
"url": "https://github.com/web-cyradm/web-cyradm/commit/2bcbead3bdb5f118bf2c38c541eaa73c29dcc90f",
"refsource": "MISC",
"name": "https://github.com/web-cyradm/web-cyradm/commit/2bcbead3bdb5f118bf2c38c541eaa73c29dcc90f"
}
]
},
"credits": [
{
"lang": "en",
"value": "VulDB GitHub Commit Analyzer"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 7.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "HIGH"
},
{
"version": "3.0",
"baseScore": 7.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "HIGH"
},
{
"version": "2.0",
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseSeverity": "HIGH"
}
]
}
}

106
2014/125xxx/CVE-2014-125067.json Normal file
View File

@ -0,0 +1,106 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2014-125067",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability classified as critical was found in corincerami curiosity. Affected by this vulnerability is an unknown functionality of the file app/controllers/image_controller.rb. The manipulation of the argument sol leads to sql injection. The name of the patch is d64fddd74ca72714e73f4efe24259ca05c8190eb. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217639."
},
{
"lang": "deu",
"value": "In corincerami curiosity wurde eine kritische Schwachstelle entdeckt. Hierbei betrifft es unbekannten Programmcode der Datei app/controllers/image_controller.rb. Durch Manipulation des Arguments sol mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Patch wird als d64fddd74ca72714e73f4efe24259ca05c8190eb bezeichnet. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 SQL Injection",
"cweId": "CWE-89"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "corincerami",
"product": {
"product_data": [
{
"product_name": "curiosity",
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.217639",
"refsource": "MISC",
"name": "https://vuldb.com/?id.217639"
},
{
"url": "https://vuldb.com/?ctiid.217639",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.217639"
},
{
"url": "https://github.com/corincerami/curiosity/commit/d64fddd74ca72714e73f4efe24259ca05c8190eb",
"refsource": "MISC",
"name": "https://github.com/corincerami/curiosity/commit/d64fddd74ca72714e73f4efe24259ca05c8190eb"
}
]
},
"credits": [
{
"lang": "en",
"value": "VulDB GitHub Commit Analyzer"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 5.5,
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 5.5,
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 5.2,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
}
]
}
}

111
2015/10xxx/CVE-2015-10030.json Normal file
View File

@ -0,0 +1,111 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2015-10030",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been found in SUKOHI Surpass and classified as critical. This vulnerability affects unknown code of the file src/Sukohi/Surpass/Surpass.php. The manipulation of the argument dir leads to pathname traversal. Upgrading to version 1.0.0 is able to address this issue. The name of the patch is d22337d453a2a14194cdb02bf12cdf9d9f827aa7. It is recommended to upgrade the affected component. VDB-217642 is the identifier assigned to this vulnerability."
},
{
"lang": "deu",
"value": "In SUKOHI Surpass wurde eine kritische Schwachstelle gefunden. Betroffen ist eine unbekannte Verarbeitung der Datei src/Sukohi/Surpass/Surpass.php. Durch das Manipulieren des Arguments dir mit unbekannten Daten kann eine pathname traversal-Schwachstelle ausgenutzt werden. Ein Aktualisieren auf die Version 1.0.0 vermag dieses Problem zu l\u00f6sen. Der Patch wird als d22337d453a2a14194cdb02bf12cdf9d9f827aa7 bezeichnet. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-21 Pathname Traversal",
"cweId": "CWE-21"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "SUKOHI",
"product": {
"product_data": [
{
"product_name": "Surpass",
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.217642",
"refsource": "MISC",
"name": "https://vuldb.com/?id.217642"
},
{
"url": "https://vuldb.com/?ctiid.217642",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.217642"
},
{
"url": "https://github.com/SUKOHI/Surpass/commit/d22337d453a2a14194cdb02bf12cdf9d9f827aa7",
"refsource": "MISC",
"name": "https://github.com/SUKOHI/Surpass/commit/d22337d453a2a14194cdb02bf12cdf9d9f827aa7"
},
{
"url": "https://github.com/SUKOHI/Surpass/releases/tag/1.0.0",
"refsource": "MISC",
"name": "https://github.com/SUKOHI/Surpass/releases/tag/1.0.0"
}
]
},
"credits": [
{
"lang": "en",
"value": "VulDB GitHub Commit Analyzer"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 5.5,
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 5.5,
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 5.2,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
}
]
}
}

111
2020/36xxx/CVE-2020-36647.json Normal file
View File

@ -0,0 +1,111 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-36647",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability classified as critical has been found in YunoHost-Apps transmission_ynh. Affected is an unknown function of the file conf/nginx.conf. The manipulation leads to path traversal. The name of the patch is f136dfd44eda128129e5fd2d850a3a3c600e6a4a. It is recommended to apply a patch to fix this issue. VDB-217638 is the identifier assigned to this vulnerability."
},
{
"lang": "deu",
"value": "Es wurde eine kritische Schwachstelle in YunoHost-Apps transmission_ynh entdeckt. Dabei betrifft es einen unbekannter Codeteil der Datei conf/nginx.conf. Durch die Manipulation mit unbekannten Daten kann eine path traversal-Schwachstelle ausgenutzt werden. Der Patch wird als f136dfd44eda128129e5fd2d850a3a3c600e6a4a bezeichnet. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22 Path Traversal",
"cweId": "CWE-22"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "YunoHost-Apps",
"product": {
"product_data": [
{
"product_name": "transmission_ynh",
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.217638",
"refsource": "MISC",
"name": "https://vuldb.com/?id.217638"
},
{
"url": "https://vuldb.com/?ctiid.217638",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.217638"
},
{
"url": "https://github.com/YunoHost-Apps/transmission_ynh/pull/75",
"refsource": "MISC",
"name": "https://github.com/YunoHost-Apps/transmission_ynh/pull/75"
},
{
"url": "https://github.com/YunoHost-Apps/transmission_ynh/commit/f136dfd44eda128129e5fd2d850a3a3c600e6a4a",
"refsource": "MISC",
"name": "https://github.com/YunoHost-Apps/transmission_ynh/commit/f136dfd44eda128129e5fd2d850a3a3c600e6a4a"
}
]
},
"credits": [
{
"lang": "en",
"value": "VulDB GitHub Commit Analyzer"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 5.5,
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 5.5,
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 5.2,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
}
]
}
}

106
2020/36xxx/CVE-2020-36648.json Normal file
View File

@ -0,0 +1,106 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-36648",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability, which was classified as critical, was found in pouetnet pouet 2.0. This affects an unknown part. The manipulation of the argument howmany leads to sql injection. The name of the patch is 11d615931352066fb2f6dcb07428277c2cd99baf. It is recommended to apply a patch to fix this issue. The identifier VDB-217641 was assigned to this vulnerability."
},
{
"lang": "deu",
"value": "Es wurde eine kritische Schwachstelle in pouetnet pouet 2.0 gefunden. Hiervon betroffen ist ein unbekannter Codeblock. Mittels Manipulieren des Arguments howmany mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Patch wird als 11d615931352066fb2f6dcb07428277c2cd99baf bezeichnet. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 SQL Injection",
"cweId": "CWE-89"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "pouetnet",
"product": {
"product_data": [
{
"product_name": "pouet",
"version": {
"version_data": [
{
"version_value": "2.0",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.217641",
"refsource": "MISC",
"name": "https://vuldb.com/?id.217641"
},
{
"url": "https://vuldb.com/?ctiid.217641",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.217641"
},
{
"url": "https://github.com/pouetnet/pouet2.0/commit/11d615931352066fb2f6dcb07428277c2cd99baf",
"refsource": "MISC",
"name": "https://github.com/pouetnet/pouet2.0/commit/11d615931352066fb2f6dcb07428277c2cd99baf"
}
]
},
"credits": [
{
"lang": "en",
"value": "VulDB GitHub Commit Analyzer"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 5.5,
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 5.5,
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 5.2,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
}
]
}
}

120
2021/4xxx/CVE-2021-4308.json Normal file
View File

@ -0,0 +1,120 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-4308",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in WebPA up to 3.1.1. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to sql injection. Upgrading to version 3.1.2 is able to address this issue. The name of the patch is 8836c4f549181e885a68e0e7ca561fdbcbd04bf0. It is recommended to upgrade the affected component. The identifier VDB-217637 was assigned to this vulnerability."
},
{
"lang": "deu",
"value": "Eine Schwachstelle wurde in WebPA bis 3.1.1 ausgemacht. Sie wurde als kritisch eingestuft. Dies betrifft einen unbekannten Teil. Mit der Manipulation mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Ein Aktualisieren auf die Version 3.1.2 vermag dieses Problem zu l\u00f6sen. Der Patch wird als 8836c4f549181e885a68e0e7ca561fdbcbd04bf0 bezeichnet. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 SQL Injection",
"cweId": "CWE-89"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "WebPA",
"version": {
"version_data": [
{
"version_value": "3.1.0",
"version_affected": "="
},
{
"version_value": "3.1.1",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.217637",
"refsource": "MISC",
"name": "https://vuldb.com/?id.217637"
},
{
"url": "https://vuldb.com/?ctiid.217637",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.217637"
},
{
"url": "https://github.com/WebPA/WebPA/pull/87",
"refsource": "MISC",
"name": "https://github.com/WebPA/WebPA/pull/87"
},
{
"url": "https://github.com/WebPA/WebPA/commit/8836c4f549181e885a68e0e7ca561fdbcbd04bf0",
"refsource": "MISC",
"name": "https://github.com/WebPA/WebPA/commit/8836c4f549181e885a68e0e7ca561fdbcbd04bf0"
},
{
"url": "https://github.com/WebPA/WebPA/releases/tag/v3.1.2",
"refsource": "MISC",
"name": "https://github.com/WebPA/WebPA/releases/tag/v3.1.2"
}
]
},
"credits": [
{
"lang": "en",
"value": "VulDB GitHub Commit Analyzer"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 5.5,
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 5.5,
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 5.2,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
}
]
}
}