admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-01-01 17:00:37 +00:00
parent 4832369946
commit 9dcd926493
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
3 changed files with 328 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

111
2010/10xxx/CVE-2010-10002.json Normal file
View File

@ -0,0 +1,111 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2010-10002",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** UNSUPPPORTED WHEN ASSIGNED **** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as problematic has been found in SimpleSAMLphp simplesamlphp-module-openid. Affected is an unknown function of the file templates/consumer.php of the component OpenID Handler. The manipulation of the argument AuthState leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 1.0 is able to address this issue. The name of the patch is d652d41ccaf8c45d5707e741c0c5d82a2365a9a3. It is recommended to upgrade the affected component. VDB-217170 is the identifier assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer."
},
{
"lang": "deu",
"value": "** UNSUPPPORTED WHEN ASSIGNED **Es wurde eine problematische Schwachstelle in SimpleSAMLphp simplesamlphp-module-openid entdeckt. Es betrifft eine unbekannte Funktion der Datei templates/consumer.php der Komponente OpenID Handler. Durch Manipulieren des Arguments AuthState mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Ein Aktualisieren auf die Version 1.0 vermag dieses Problem zu l\u00f6sen. Der Patch wird als d652d41ccaf8c45d5707e741c0c5d82a2365a9a3 bezeichnet. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross Site Scripting",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "SimpleSAMLphp",
"product": {
"product_data": [
{
"product_name": "simplesamlphp-module-openid",
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.217170",
"refsource": "MISC",
"name": "https://vuldb.com/?id.217170"
},
{
"url": "https://vuldb.com/?ctiid.217170",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.217170"
},
{
"url": "https://github.com/simplesamlphp/simplesamlphp-module-openid/commit/d652d41ccaf8c45d5707e741c0c5d82a2365a9a3",
"refsource": "MISC",
"name": "https://github.com/simplesamlphp/simplesamlphp-module-openid/commit/d652d41ccaf8c45d5707e741c0c5d82a2365a9a3"
},
{
"url": "https://github.com/simplesamlphp/simplesamlphp-module-openid/releases/tag/v1.0",
"refsource": "MISC",
"name": "https://github.com/simplesamlphp/simplesamlphp-module-openid/releases/tag/v1.0"
}
]
},
"credits": [
{
"lang": "en",
"value": "VulDB GitHub Commit Analyzer"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 3.1,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "LOW"
},
{
"version": "3.0",
"baseScore": 3.1,
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "LOW"
},
{
"version": "2.0",
"baseScore": 2.6,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"baseSeverity": "LOW"
}
]
}
}

111
2013/10xxx/CVE-2013-10006.json Normal file
View File

@ -0,0 +1,111 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2013-10006",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability classified as problematic was found in Ziftr primecoin up to 0.8.4rc1. Affected by this vulnerability is the function HTTPAuthorized of the file src/bitcoinrpc.cpp. The manipulation of the argument strUserPass/strRPCUserColonPass leads to observable timing discrepancy. Upgrading to version 0.8.4rc2 is able to address this issue. The name of the patch is cdb3441b5cd2c1bae49fae671dc4a496f7c96322. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217171."
},
{
"lang": "deu",
"value": "In Ziftr primecoin bis 0.8.4rc1 wurde eine problematische Schwachstelle entdeckt. Das betrifft die Funktion HTTPAuthorized der Datei src/bitcoinrpc.cpp. Durch das Beeinflussen des Arguments strUserPass/strRPCUserColonPass mit unbekannten Daten kann eine observable timing discrepancy-Schwachstelle ausgenutzt werden. Ein Aktualisieren auf die Version 0.8.4rc2 vermag dieses Problem zu l\u00f6sen. Der Patch wird als cdb3441b5cd2c1bae49fae671dc4a496f7c96322 bezeichnet. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-208 Observable Timing Discrepancy",
"cweId": "CWE-208"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Ziftr",
"product": {
"product_data": [
{
"product_name": "primecoin",
"version": {
"version_data": [
{
"version_value": "0.8.4rc1",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.217171",
"refsource": "MISC",
"name": "https://vuldb.com/?id.217171"
},
{
"url": "https://vuldb.com/?ctiid.217171",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.217171"
},
{
"url": "https://github.com/Ziftr/primecoin/commit/cdb3441b5cd2c1bae49fae671dc4a496f7c96322",
"refsource": "MISC",
"name": "https://github.com/Ziftr/primecoin/commit/cdb3441b5cd2c1bae49fae671dc4a496f7c96322"
},
{
"url": "https://github.com/Ziftr/primecoin/releases/tag/v0.8.4rc2",
"refsource": "MISC",
"name": "https://github.com/Ziftr/primecoin/releases/tag/v0.8.4rc2"
}
]
},
"credits": [
{
"lang": "en",
"value": "VulDB GitHub Commit Analyzer"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 2.6,
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseSeverity": "LOW"
},
{
"version": "3.0",
"baseScore": 2.6,
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseSeverity": "LOW"
},
{
"version": "2.0",
"baseScore": 1.4,
"vectorString": "AV:A/AC:H/Au:S/C:P/I:N/A:N",
"baseSeverity": "LOW"
}
]
}
}

106
2015/10xxx/CVE-2015-10006.json Normal file
View File

@ -0,0 +1,106 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2015-10006",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability, which was classified as problematic, has been found in admont28 Ingnovarq. Affected by this issue is some unknown functionality of the file app/controller/insertarSliderAjax.php. The manipulation of the argument imagetitle leads to cross site scripting. The attack may be launched remotely. The name of the patch is 9d18a39944d79dfedacd754a742df38f99d3c0e2. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-217172."
},
{
"lang": "deu",
"value": "Eine problematische Schwachstelle wurde in admont28 Ingnovarq entdeckt. Dies betrifft einen unbekannten Teil der Datei app/controller/insertarSliderAjax.php. Durch Beeinflussen des Arguments imagetitle mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Patch wird als 9d18a39944d79dfedacd754a742df38f99d3c0e2 bezeichnet. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross Site Scripting",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "admont28",
"product": {
"product_data": [
{
"product_name": "Ingnovarq",
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.217172",
"refsource": "MISC",
"name": "https://vuldb.com/?id.217172"
},
{
"url": "https://vuldb.com/?ctiid.217172",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.217172"
},
{
"url": "https://github.com/admont28/ingnovarq/commit/9d18a39944d79dfedacd754a742df38f99d3c0e2",
"refsource": "MISC",
"name": "https://github.com/admont28/ingnovarq/commit/9d18a39944d79dfedacd754a742df38f99d3c0e2"
}
]
},
"credits": [
{
"lang": "en",
"value": "VulDB GitHub Commit Analyzer"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 3.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "LOW"
},
{
"version": "3.0",
"baseScore": 3.5,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "LOW"
},
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
}
]
}
}