admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-07-01 21:00:54 +00:00
parent 21e7d7edaf
commit bc667aad5f
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
11 changed files with 366 additions and 75 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
2022/25xxx/CVE-2022-25758.json
View File

@ -48,16 +48,19 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-JS-SCSSTOKENIZER-2339884"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JS-SCSSTOKENIZER-2339884",
"name": "https://snyk.io/vuln/SNYK-JS-SCSSTOKENIZER-2339884"
},
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2936782"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2936782",
"name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2936782"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/sasstools/scss-tokenizer/issues/45"
"refsource": "MISC",
"url": "https://github.com/sasstools/scss-tokenizer/issues/45",
"name": "https://github.com/sasstools/scss-tokenizer/issues/45"
}
]
},
@ -65,7 +68,7 @@
"description_data": [
{
"lang": "eng",
"value": "All versions of package scss-tokenizer are vulnerable to Regular Expression Denial of Service (ReDoS) via the loadAnnotation() function, due to the usage of insecure regex.\r\n\r\n"
"value": "All versions of package scss-tokenizer are vulnerable to Regular Expression Denial of Service (ReDoS) via the loadAnnotation() function, due to the usage of insecure regex."
}
]
},

17
2022/25xxx/CVE-2022-25876.json
View File

@ -48,16 +48,19 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-JS-LINKPREVIEWJS-2933520"
"refsource": "MISC",
"url": "https://github.com/ospfranco/link-preview-js/issues/115",
"name": "https://github.com/ospfranco/link-preview-js/issues/115"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/ospfranco/link-preview-js/issues/115"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JS-LINKPREVIEWJS-2933520",
"name": "https://snyk.io/vuln/SNYK-JS-LINKPREVIEWJS-2933520"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/ospfranco/link-preview-js/pull/117"
"refsource": "MISC",
"url": "https://github.com/ospfranco/link-preview-js/pull/117",
"name": "https://github.com/ospfranco/link-preview-js/pull/117"
}
]
},
@ -65,7 +68,7 @@
"description_data": [
{
"lang": "eng",
"value": "The package link-preview-js before 2.1.16 are vulnerable to Server-side Request Forgery (SSRF) which allows attackers to send arbitrary requests to the local network and read the response. This is due to flawed DNS rebinding protection.\r\n\r\n"
"value": "The package link-preview-js before 2.1.16 are vulnerable to Server-side Request Forgery (SSRF) which allows attackers to send arbitrary requests to the local network and read the response. This is due to flawed DNS rebinding protection."
}
]
},

17
2022/25xxx/CVE-2022-25896.json
View File

@ -48,16 +48,19 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-JS-PASSPORT-2840631"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JS-PASSPORT-2840631",
"name": "https://snyk.io/vuln/SNYK-JS-PASSPORT-2840631"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/jaredhanson/passport/pull/900"
"refsource": "MISC",
"url": "https://github.com/jaredhanson/passport/pull/900",
"name": "https://github.com/jaredhanson/passport/pull/900"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/jaredhanson/passport/commit/7e9b9cf4d7be02428e963fc729496a45baeea608"
"refsource": "MISC",
"url": "https://github.com/jaredhanson/passport/commit/7e9b9cf4d7be02428e963fc729496a45baeea608",
"name": "https://github.com/jaredhanson/passport/commit/7e9b9cf4d7be02428e963fc729496a45baeea608"
}
]
},
@ -65,7 +68,7 @@
"description_data": [
{
"lang": "eng",
"value": "This affects the package passport before 0.6.0.\n When a user logs in or logs out, the session is regenerated instead of being closed.\n"
"value": "This affects the package passport before 0.6.0. When a user logs in or logs out, the session is regenerated instead of being closed."
}
]
},

32
2022/25xxx/CVE-2022-25898.json
View File

@ -48,28 +48,34 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-JS-JSRSASIGN-2869122"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JS-JSRSASIGN-2869122",
"name": "https://snyk.io/vuln/SNYK-JS-JSRSASIGN-2869122"
},
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2935896"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2935896",
"name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2935896"
},
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBKJUR-2935897"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBKJUR-2935897",
"name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBKJUR-2935897"
},
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-2935898"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-2935898",
"name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-2935898"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/kjur/jsrsasign/commit/4536a6e9e8bcf1a644ab7c07ed96e453347dae41"
"refsource": "MISC",
"url": "https://github.com/kjur/jsrsasign/commit/4536a6e9e8bcf1a644ab7c07ed96e453347dae41",
"name": "https://github.com/kjur/jsrsasign/commit/4536a6e9e8bcf1a644ab7c07ed96e453347dae41"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/kjur/jsrsasign/releases/tag/10.5.25"
"refsource": "MISC",
"url": "https://github.com/kjur/jsrsasign/releases/tag/10.5.25",
"name": "https://github.com/kjur/jsrsasign/releases/tag/10.5.25"
}
]
},
@ -77,7 +83,7 @@
"description_data": [
{
"lang": "eng",
"value": "The package jsrsasign before 10.5.25 are vulnerable to Improper Verification of Cryptographic Signature when JWS or JWT signature with non Base64URL encoding special characters or number escaped characters may be validated as valid by mistake.\r\n\r\n Workaround:\r\nValidate JWS or JWT signature if it has Base64URL and dot safe string before executing JWS.verify() or JWS.verifyJWT() method.\r\n\r\n"
"value": "The package jsrsasign before 10.5.25 are vulnerable to Improper Verification of Cryptographic Signature when JWS or JWT signature with non Base64URL encoding special characters or number escaped characters may be validated as valid by mistake. Workaround: Validate JWS or JWT signature if it has Base64URL and dot safe string before executing JWS.verify() or JWS.verifyJWT() method."
}
]
},

12
2022/25xxx/CVE-2022-25900.json
View File

@ -48,12 +48,14 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-JS-GITCLONE-2434308"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JS-GITCLONE-2434308",
"name": "https://snyk.io/vuln/SNYK-JS-GITCLONE-2434308"
},
{
"refsource": "CONFIRM",
"url": "https://gist.github.com/lirantal/9441f3a1212728476f7a6caa4acb2ccc"
"refsource": "MISC",
"url": "https://gist.github.com/lirantal/9441f3a1212728476f7a6caa4acb2ccc",
"name": "https://gist.github.com/lirantal/9441f3a1212728476f7a6caa4acb2ccc"
}
]
},
@ -61,7 +63,7 @@
"description_data": [
{
"lang": "eng",
"value": "All versions of package git-clone are vulnerable to Command Injection due to insecure usage of the --upload-pack feature of git.\r\n\r\n"
"value": "All versions of package git-clone are vulnerable to Command Injection due to insecure usage of the --upload-pack feature of git."
}
]
},

56
2022/31xxx/CVE-2022-31943.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-31943",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-31943",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "MCMS v5.2.8 was discovered to contain an arbitrary file upload vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/ming-soft/MCMS/issues/95",
"refsource": "MISC",
"name": "https://github.com/ming-soft/MCMS/issues/95"
}
]
}

56
2022/32xxx/CVE-2022-32093.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-32093",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-32093",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the loginid parameter at adminlogin.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/Danie1233/Hospital-Management-System-v1.0-SQLi-2/",
"refsource": "MISC",
"name": "https://github.com/Danie1233/Hospital-Management-System-v1.0-SQLi-2/"
}
]
}

56
2022/32xxx/CVE-2022-32094.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-32094",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-32094",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the loginid parameter at doctorlogin.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/Danie1233/Hospital-Management-System-v1.0-SQLi-3/",
"refsource": "MISC",
"name": "https://github.com/Danie1233/Hospital-Management-System-v1.0-SQLi-3/"
}
]
}

56
2022/32xxx/CVE-2022-32095.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-32095",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-32095",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter at orders.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/Danie1233/Hospital-Management-System-v1.0-SQLi-4/",
"refsource": "MISC",
"name": "https://github.com/Danie1233/Hospital-Management-System-v1.0-SQLi-4/"
}
]
}

66
2022/32xxx/CVE-2022-32384.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-32384",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-32384",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Tenda AC23 v16.03.07.44 was discovered to contain a stack overflow via the security_5g parameter in the function formWifiBasicSet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://tenda.com",
"refsource": "MISC",
"name": "http://tenda.com"
},
{
"url": "http://ac23.com",
"refsource": "MISC",
"name": "http://ac23.com"
},
{
"url": "https://drive.google.com/file/d/16hshiCHS8j3YaFPkQD3xajVuwu_QVBe3/view?usp=sharing",
"refsource": "MISC",
"name": "https://drive.google.com/file/d/16hshiCHS8j3YaFPkQD3xajVuwu_QVBe3/view?usp=sharing"
}
]
}

56
2022/32xxx/CVE-2022-32420.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-32420",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-32420",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "College Management System v1.0 was discovered to contain a remote code execution (RCE) vulnerability via /College/admin/teacher.php. This vulnerability is exploited via a crafted PHP file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/rainb0w-q/bug_report/blob/main/vendors/itsourcecode.com/college-management-system/RCE-1.md",
"url": "https://github.com/rainb0w-q/bug_report/blob/main/vendors/itsourcecode.com/college-management-system/RCE-1.md"
}
]
}