admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-10-20 14:00:36 +00:00
parent 4efcff6b68
commit c71566c628
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
51 changed files with 564 additions and 523 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2019/25xxx/CVE-2019-25105.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability, which was classified as problematic, was found in dro.pm. This affects an unknown part of the file web/fileman.php. The manipulation of the argument secret/key leads to cross site scripting. It is possible to initiate the attack remotely. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The name of the patch is fa73c3a42bc5c246a1b8f815699ea241aef154bb. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-221763."
"value": "A vulnerability, which was classified as problematic, was found in dro.pm. This affects an unknown part of the file web/fileman.php. The manipulation of the argument secret/key leads to cross site scripting. It is possible to initiate the attack remotely. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The patch is named fa73c3a42bc5c246a1b8f815699ea241aef154bb. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-221763."
},
{
"lang": "deu",
@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"
}
]
}

11
2020/36xxx/CVE-2020-36637.json
View File

@ -11,11 +11,11 @@
"description_data": [
{
"lang": "eng",
"value": "** UNSUPPPORTED WHEN ASSIGNED **** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Chris92de AdminServ. It has been declared as problematic. This vulnerability affects unknown code of the file resources/core/adminserv.php. The manipulation of the argument text leads to cross site scripting. The attack can be initiated remotely. The name of the patch is 3ed17dab3b4d6e8bf1c82ddfbf882314365e9cd7. It is recommended to apply a patch to fix this issue. VDB-217042 is the identifier assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer."
"value": "** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Chris92de AdminServ. It has been declared as problematic. This vulnerability affects unknown code of the file resources/core/adminserv.php. The manipulation of the argument text leads to cross site scripting. The attack can be initiated remotely. The patch is identified as 3ed17dab3b4d6e8bf1c82ddfbf882314365e9cd7. It is recommended to apply a patch to fix this issue. VDB-217042 is the identifier assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer."
},
{
"lang": "deu",
"value": "** UNSUPPPORTED WHEN ASSIGNED **In Chris92de AdminServ wurde eine Schwachstelle ausgemacht. Sie wurde als problematisch eingestuft. Betroffen ist eine unbekannte Verarbeitung der Datei resources/core/adminserv.php. Dank Manipulation des Arguments text mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Patch wird als 3ed17dab3b4d6e8bf1c82ddfbf882314365e9cd7 bezeichnet. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
"value": "** UNSUPPPORTED WHEN ASSIGNED ** In Chris92de AdminServ wurde eine Schwachstelle ausgemacht. Sie wurde als problematisch eingestuft. Betroffen ist eine unbekannte Verarbeitung der Datei resources/core/adminserv.php. Dank Manipulation des Arguments text mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Patch wird als 3ed17dab3b4d6e8bf1c82ddfbf882314365e9cd7 bezeichnet. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
}
]
},
@ -44,8 +44,8 @@
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -103,8 +103,7 @@
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"
}
]
}

11
2020/36xxx/CVE-2020-36638.json
View File

@ -11,11 +11,11 @@
"description_data": [
{
"lang": "eng",
"value": "** UNSUPPPORTED WHEN ASSIGNED **** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Chris92de AdminServ. It has been rated as problematic. This issue affects some unknown processing of the file resources/core/adminserv.php. The manipulation of the argument error leads to cross site scripting. The attack may be initiated remotely. The name of the patch is 9a45087814295de6fb3a3fe38f96293665234da1. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217043. NOTE: This vulnerability only affects products that are no longer supported by the maintainer."
"value": "** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Chris92de AdminServ. It has been rated as problematic. This issue affects some unknown processing of the file resources/core/adminserv.php. The manipulation of the argument error leads to cross site scripting. The attack may be initiated remotely. The patch is named 9a45087814295de6fb3a3fe38f96293665234da1. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217043. NOTE: This vulnerability only affects products that are no longer supported by the maintainer."
},
{
"lang": "deu",
"value": "** UNSUPPPORTED WHEN ASSIGNED **Eine Schwachstelle wurde in Chris92de AdminServ ausgemacht. Sie wurde als problematisch eingestuft. Betroffen davon ist ein unbekannter Prozess der Datei resources/core/adminserv.php. Mit der Manipulation des Arguments error mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Patch wird als 9a45087814295de6fb3a3fe38f96293665234da1 bezeichnet. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
"value": "** UNSUPPPORTED WHEN ASSIGNED ** Eine Schwachstelle wurde in Chris92de AdminServ ausgemacht. Sie wurde als problematisch eingestuft. Betroffen davon ist ein unbekannter Prozess der Datei resources/core/adminserv.php. Mit der Manipulation des Arguments error mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Patch wird als 9a45087814295de6fb3a3fe38f96293665234da1 bezeichnet. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
}
]
},
@ -44,8 +44,8 @@
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -103,8 +103,7 @@
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"
}
]
}

11
2020/36xxx/CVE-2020-36639.json
View File

@ -11,11 +11,11 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been found in AlliedModders AMX Mod X and classified as critical. This vulnerability affects the function cmdVoteMap of the file plugins/adminvote.sma of the component Console Command Handler. The manipulation of the argument amx_votemap leads to path traversal. The name of the patch is a5f2b5539f6d61050b68df8b22ebb343a2862681. It is recommended to apply a patch to fix this issue. VDB-217354 is the identifier assigned to this vulnerability."
"value": "A vulnerability has been found in AlliedModders AMX Mod X on Windows and classified as critical. This vulnerability affects the function cmdVoteMap of the file plugins/adminvote.sma of the component Console Command Handler. The manipulation of the argument amx_votemap leads to path traversal. The patch is identified as a5f2b5539f6d61050b68df8b22ebb343a2862681. It is recommended to apply a patch to fix this issue. VDB-217354 is the identifier assigned to this vulnerability."
},
{
"lang": "deu",
"value": "In AlliedModders AMX Mod X wurde eine kritische Schwachstelle gefunden. Hierbei betrifft es die Funktion cmdVoteMap der Datei plugins/adminvote.sma der Komponente Console Command Handler. Mittels dem Manipulieren des Arguments amx_votemap mit unbekannten Daten kann eine path traversal-Schwachstelle ausgenutzt werden. Der Patch wird als a5f2b5539f6d61050b68df8b22ebb343a2862681 bezeichnet. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
"value": "In AlliedModders AMX Mod X f\u00fcr Windows wurde eine kritische Schwachstelle gefunden. Hierbei betrifft es die Funktion cmdVoteMap der Datei plugins/adminvote.sma der Komponente Console Command Handler. Mittels dem Manipulieren des Arguments amx_votemap mit unbekannten Daten kann eine path traversal-Schwachstelle ausgenutzt werden. Der Patch wird als a5f2b5539f6d61050b68df8b22ebb343a2862681 bezeichnet. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
}
]
},
@ -44,8 +44,8 @@
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -103,8 +103,7 @@
{
"version": "2.0",
"baseScore": 4.7,
"vectorString": "AV:A/AC:L/Au:M/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:A/AC:L/Au:M/C:P/I:P/A:P"
}
]
}

21
2020/36xxx/CVE-2020-36640.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability, which was classified as problematic, was found in bonitasoft bonita-connector-webservice up to 1.3.0. This affects the function TransformerConfigurationException of the file src/main/java/org/bonitasoft/connectors/ws/SecureWSConnector.java. The manipulation leads to xml external entity reference. Upgrading to version 1.3.1 is able to address this issue. The name of the patch is a12ad691c05af19e9061d7949b6b828ce48815d5. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217443."
"value": "A vulnerability, which was classified as problematic, was found in bonitasoft bonita-connector-webservice up to 1.3.0. This affects the function TransformerConfigurationException of the file src/main/java/org/bonitasoft/connectors/ws/SecureWSConnector.java. The manipulation leads to xml external entity reference. Upgrading to version 1.3.1 is able to address this issue. The patch is named a12ad691c05af19e9061d7949b6b828ce48815d5. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217443."
},
{
"lang": "deu",
@ -44,20 +44,20 @@
"version": {
"version_data": [
{
"version_value": "1.0",
"version_affected": "="
"version_affected": "=",
"version_value": "1.0"
},
{
"version_value": "1.1",
"version_affected": "="
"version_affected": "=",
"version_value": "1.1"
},
{
"version_value": "1.2",
"version_affected": "="
"version_affected": "=",
"version_value": "1.2"
},
{
"version_value": "1.3",
"version_affected": "="
"version_affected": "=",
"version_value": "1.3"
}
]
}
@ -120,8 +120,7 @@
{
"version": "2.0",
"baseScore": 4.9,
"vectorString": "AV:A/AC:M/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:A/AC:M/Au:S/C:P/I:P/A:P"
}
]
}

57
2020/36xxx/CVE-2020-36641.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability classified as problematic was found in gturri aXMLRPC up to 1.12.0. This vulnerability affects the function ResponseParser of the file src/main/java/de/timroes/axmlrpc/ResponseParser.java. The manipulation leads to xml external entity reference. Upgrading to version 1.12.1 is able to address this issue. The name of the patch is ad6615b3ec41353e614f6ea5fdd5b046442a832b. It is recommended to upgrade the affected component. VDB-217450 is the identifier assigned to this vulnerability."
"value": "A vulnerability classified as problematic was found in gturri aXMLRPC up to 1.12.0. This vulnerability affects the function ResponseParser of the file src/main/java/de/timroes/axmlrpc/ResponseParser.java. The manipulation leads to xml external entity reference. Upgrading to version 1.12.1 is able to address this issue. The patch is identified as ad6615b3ec41353e614f6ea5fdd5b046442a832b. It is recommended to upgrade the affected component. VDB-217450 is the identifier assigned to this vulnerability."
},
{
"lang": "deu",
@ -44,56 +44,56 @@
"version": {
"version_data": [
{
"version_value": "1.0",
"version_affected": "="
"version_affected": "=",
"version_value": "1.0"
},
{
"version_value": "1.1",
"version_affected": "="
"version_affected": "=",
"version_value": "1.1"
},
{
"version_value": "1.2",
"version_affected": "="
"version_affected": "=",
"version_value": "1.2"
},
{
"version_value": "1.3",
"version_affected": "="
"version_affected": "=",
"version_value": "1.3"
},
{
"version_value": "1.4",
"version_affected": "="
"version_affected": "=",
"version_value": "1.4"
},
{
"version_value": "1.5",
"version_affected": "="
"version_affected": "=",
"version_value": "1.5"
},
{
"version_value": "1.6",
"version_affected": "="
"version_affected": "=",
"version_value": "1.6"
},
{
"version_value": "1.7",
"version_affected": "="
"version_affected": "=",
"version_value": "1.7"
},
{
"version_value": "1.8",
"version_affected": "="
"version_affected": "=",
"version_value": "1.8"
},
{
"version_value": "1.9",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9"
},
{
"version_value": "1.10",
"version_affected": "="
"version_affected": "=",
"version_value": "1.10"
},
{
"version_value": "1.11",
"version_affected": "="
"version_affected": "=",
"version_value": "1.11"
},
{
"version_value": "1.12",
"version_affected": "="
"version_affected": "=",
"version_value": "1.12"
}
]
}
@ -151,8 +151,7 @@
{
"version": "2.0",
"baseScore": 4.9,
"vectorString": "AV:A/AC:M/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:A/AC:M/Au:S/C:P/I:P/A:P"
}
]
}

33
2020/36xxx/CVE-2020-36642.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in trampgeek jobe up to 1.6.x and classified as critical. This issue affects the function run_in_sandbox of the file application/libraries/LanguageTask.php. The manipulation leads to command injection. Upgrading to version 1.7.0 is able to address this issue. The name of the patch is 8f43daf50c943b98eaf0c542da901a4a16e85b02. It is recommended to upgrade the affected component. The identifier VDB-217553 was assigned to this vulnerability."
"value": "A vulnerability was found in trampgeek jobe up to 1.6.x and classified as critical. This issue affects the function run_in_sandbox of the file application/libraries/LanguageTask.php. The manipulation leads to command injection. Upgrading to version 1.7.0 is able to address this issue. The identifier of the patch is 8f43daf50c943b98eaf0c542da901a4a16e85b02. It is recommended to upgrade the affected component. The identifier VDB-217553 was assigned to this vulnerability."
},
{
"lang": "deu",
@ -44,32 +44,32 @@
"version": {
"version_data": [
{
"version_value": "1.0",
"version_affected": "="
"version_affected": "=",
"version_value": "1.0"
},
{
"version_value": "1.1",
"version_affected": "="
"version_affected": "=",
"version_value": "1.1"
},
{
"version_value": "1.2",
"version_affected": "="
"version_affected": "=",
"version_value": "1.2"
},
{
"version_value": "1.3",
"version_affected": "="
"version_affected": "=",
"version_value": "1.3"
},
{
"version_value": "1.4",
"version_affected": "="
"version_affected": "=",
"version_value": "1.4"
},
{
"version_value": "1.5",
"version_affected": "="
"version_affected": "=",
"version_value": "1.5"
},
{
"version_value": "1.6",
"version_affected": "="
"version_affected": "=",
"version_value": "1.6"
}
]
}
@ -132,8 +132,7 @@
{
"version": "2.0",
"baseScore": 5.2,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

13
2020/36xxx/CVE-2020-36644.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been found in jamesmartin Inline SVG up to 1.7.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file lib/inline_svg/action_view/helpers.rb of the component URL Parameter Handler. The manipulation of the argument filename leads to cross site scripting. The attack can be launched remotely. Upgrading to version 1.7.2 is able to address this issue. The name of the patch is f5363b351508486021f99e083c92068cf2943621. It is recommended to upgrade the affected component. The identifier VDB-217597 was assigned to this vulnerability."
"value": "A vulnerability has been found in jamesmartin Inline SVG up to 1.7.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file lib/inline_svg/action_view/helpers.rb of the component URL Parameter Handler. The manipulation of the argument filename leads to cross site scripting. The attack can be launched remotely. Upgrading to version 1.7.2 is able to address this issue. The identifier of the patch is f5363b351508486021f99e083c92068cf2943621. It is recommended to upgrade the affected component. The identifier VDB-217597 was assigned to this vulnerability."
},
{
"lang": "deu",
@ -44,12 +44,12 @@
"version": {
"version_data": [
{
"version_value": "1.7.0",
"version_affected": "="
"version_affected": "=",
"version_value": "1.7.0"
},
{
"version_value": "1.7.1",
"version_affected": "="
"version_affected": "=",
"version_value": "1.7.1"
}
]
}
@ -112,8 +112,7 @@
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"
}
]
}

9
2020/36xxx/CVE-2020-36645.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability, which was classified as critical, was found in square squalor. This affects an unknown part. The manipulation leads to sql injection. Upgrading to version v0.0.0 is able to address this issue. The name of the patch is f6f0a47cc344711042eb0970cb423e6950ba3f93. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217623."
"value": "A vulnerability, which was classified as critical, was found in square squalor. This affects an unknown part. The manipulation leads to sql injection. Upgrading to version v0.0.0 is able to address this issue. The patch is named f6f0a47cc344711042eb0970cb423e6950ba3f93. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217623."
},
{
"lang": "deu",
@ -44,8 +44,8 @@
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -108,8 +108,7 @@
{
"version": "2.0",
"baseScore": 5.2,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

161
2020/36xxx/CVE-2020-36646.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability classified as problematic has been found in MediaArea ZenLib up to 0.4.38. This affects the function Ztring::Date_From_Seconds_1970_Local of the file Source/ZenLib/Ztring.cpp. The manipulation of the argument Value leads to unchecked return value to null pointer dereference. Upgrading to version 0.4.39 is able to address this issue. The name of the patch is 6475fcccd37c9cf17e0cfe263b5fe0e2e47a8408. It is recommended to upgrade the affected component. The identifier VDB-217629 was assigned to this vulnerability."
"value": "A vulnerability classified as problematic has been found in MediaArea ZenLib up to 0.4.38. This affects the function Ztring::Date_From_Seconds_1970_Local of the file Source/ZenLib/Ztring.cpp. The manipulation of the argument Value leads to unchecked return value to null pointer dereference. Upgrading to version 0.4.39 is able to address this issue. The identifier of the patch is 6475fcccd37c9cf17e0cfe263b5fe0e2e47a8408. It is recommended to upgrade the affected component. The identifier VDB-217629 was assigned to this vulnerability."
},
{
"lang": "deu",
@ -44,160 +44,160 @@
"version": {
"version_data": [
{
"version_value": "0.4.0",
"version_affected": "="
"version_affected": "=",
"version_value": "0.4.0"
},
{
"version_value": "0.4.1",
"version_affected": "="
"version_affected": "=",
"version_value": "0.4.1"
},
{
"version_value": "0.4.2",
"version_affected": "="
"version_affected": "=",
"version_value": "0.4.2"
},
{
"version_value": "0.4.3",
"version_affected": "="
"version_affected": "=",
"version_value": "0.4.3"
},
{
"version_value": "0.4.4",
"version_affected": "="
"version_affected": "=",
"version_value": "0.4.4"
},
{
"version_value": "0.4.5",
"version_affected": "="
"version_affected": "=",
"version_value": "0.4.5"
},
{
"version_value": "0.4.6",
"version_affected": "="
"version_affected": "=",
"version_value": "0.4.6"
},
{
"version_value": "0.4.7",
"version_affected": "="
"version_affected": "=",
"version_value": "0.4.7"
},
{
"version_value": "0.4.8",
"version_affected": "="
"version_affected": "=",
"version_value": "0.4.8"
},
{
"version_value": "0.4.9",
"version_affected": "="
"version_affected": "=",
"version_value": "0.4.9"
},
{
"version_value": "0.4.10",
"version_affected": "="
"version_affected": "=",
"version_value": "0.4.10"
},
{
"version_value": "0.4.11",
"version_affected": "="
"version_affected": "=",
"version_value": "0.4.11"
},
{
"version_value": "0.4.12",
"version_affected": "="
"version_affected": "=",
"version_value": "0.4.12"
},
{
"version_value": "0.4.13",
"version_affected": "="
"version_affected": "=",
"version_value": "0.4.13"
},
{
"version_value": "0.4.14",
"version_affected": "="
"version_affected": "=",
"version_value": "0.4.14"
},
{
"version_value": "0.4.15",
"version_affected": "="
"version_affected": "=",
"version_value": "0.4.15"
},
{
"version_value": "0.4.16",
"version_affected": "="
"version_affected": "=",
"version_value": "0.4.16"
},
{
"version_value": "0.4.17",
"version_affected": "="
"version_affected": "=",
"version_value": "0.4.17"
},
{
"version_value": "0.4.18",
"version_affected": "="
"version_affected": "=",
"version_value": "0.4.18"
},
{
"version_value": "0.4.19",
"version_affected": "="
"version_affected": "=",
"version_value": "0.4.19"
},
{
"version_value": "0.4.20",
"version_affected": "="
"version_affected": "=",
"version_value": "0.4.20"
},
{
"version_value": "0.4.21",
"version_affected": "="
"version_affected": "=",
"version_value": "0.4.21"
},
{
"version_value": "0.4.22",
"version_affected": "="
"version_affected": "=",
"version_value": "0.4.22"
},
{
"version_value": "0.4.23",
"version_affected": "="
"version_affected": "=",
"version_value": "0.4.23"
},
{
"version_value": "0.4.24",
"version_affected": "="
"version_affected": "=",
"version_value": "0.4.24"
},
{
"version_value": "0.4.25",
"version_affected": "="
"version_affected": "=",
"version_value": "0.4.25"
},
{
"version_value": "0.4.26",
"version_affected": "="
"version_affected": "=",
"version_value": "0.4.26"
},
{
"version_value": "0.4.27",
"version_affected": "="
"version_affected": "=",
"version_value": "0.4.27"
},
{
"version_value": "0.4.28",
"version_affected": "="
"version_affected": "=",
"version_value": "0.4.28"
},
{
"version_value": "0.4.29",
"version_affected": "="
"version_affected": "=",
"version_value": "0.4.29"
},
{
"version_value": "0.4.30",
"version_affected": "="
"version_affected": "=",
"version_value": "0.4.30"
},
{
"version_value": "0.4.31",
"version_affected": "="
"version_affected": "=",
"version_value": "0.4.31"
},
{
"version_value": "0.4.32",
"version_affected": "="
"version_affected": "=",
"version_value": "0.4.32"
},
{
"version_value": "0.4.33",
"version_affected": "="
"version_affected": "=",
"version_value": "0.4.33"
},
{
"version_value": "0.4.34",
"version_affected": "="
"version_affected": "=",
"version_value": "0.4.34"
},
{
"version_value": "0.4.35",
"version_affected": "="
"version_affected": "=",
"version_value": "0.4.35"
},
{
"version_value": "0.4.36",
"version_affected": "="
"version_affected": "=",
"version_value": "0.4.36"
},
{
"version_value": "0.4.37",
"version_affected": "="
"version_affected": "=",
"version_value": "0.4.37"
},
{
"version_value": "0.4.38",
"version_affected": "="
"version_affected": "=",
"version_value": "0.4.38"
}
]
}
@ -260,8 +260,7 @@
{
"version": "2.0",
"baseScore": 2.3,
"vectorString": "AV:A/AC:M/Au:S/C:N/I:N/A:P",
"baseSeverity": "LOW"
"vectorString": "AV:A/AC:M/Au:S/C:N/I:N/A:P"
}
]
}

9
2020/36xxx/CVE-2020-36647.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability classified as critical has been found in YunoHost-Apps transmission_ynh. Affected is an unknown function of the file conf/nginx.conf. The manipulation leads to path traversal. The name of the patch is f136dfd44eda128129e5fd2d850a3a3c600e6a4a. It is recommended to apply a patch to fix this issue. VDB-217638 is the identifier assigned to this vulnerability."
"value": "A vulnerability classified as critical has been found in YunoHost-Apps transmission_ynh. Affected is an unknown function of the file conf/nginx.conf. The manipulation leads to path traversal. The patch is identified as f136dfd44eda128129e5fd2d850a3a3c600e6a4a. It is recommended to apply a patch to fix this issue. VDB-217638 is the identifier assigned to this vulnerability."
},
{
"lang": "deu",
@ -44,8 +44,8 @@
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -103,8 +103,7 @@
{
"version": "2.0",
"baseScore": 5.2,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

9
2020/36xxx/CVE-2020-36648.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability, which was classified as critical, was found in pouetnet pouet 2.0. This affects an unknown part. The manipulation of the argument howmany leads to sql injection. The name of the patch is 11d615931352066fb2f6dcb07428277c2cd99baf. It is recommended to apply a patch to fix this issue. The identifier VDB-217641 was assigned to this vulnerability."
"value": "A vulnerability, which was classified as critical, was found in pouetnet pouet 2.0. This affects an unknown part. The manipulation of the argument howmany leads to sql injection. The identifier of the patch is 11d615931352066fb2f6dcb07428277c2cd99baf. It is recommended to apply a patch to fix this issue. The identifier VDB-217641 was assigned to this vulnerability."
},
{
"lang": "deu",
@ -44,8 +44,8 @@
"version": {
"version_data": [
{
"version_value": "2.0",
"version_affected": "="
"version_affected": "=",
"version_value": "2.0"
}
]
}
@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 5.2,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

11
2020/36xxx/CVE-2020-36649.json
View File

@ -44,12 +44,12 @@
"version": {
"version_data": [
{
"version_value": "5.0",
"version_affected": "="
"version_affected": "=",
"version_value": "5.0"
},
{
"version_value": "5.1",
"version_affected": "="
"version_affected": "=",
"version_value": "5.1"
}
]
}
@ -117,8 +117,7 @@
{
"version": "2.0",
"baseScore": 2.3,
"vectorString": "AV:A/AC:M/Au:S/C:N/I:N/A:P",
"baseSeverity": "LOW"
"vectorString": "AV:A/AC:M/Au:S/C:N/I:N/A:P"
}
]
}

9
2020/36xxx/CVE-2020-36650.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability, which was classified as critical, was found in IonicaBizau node-gry up to 5.x. This affects an unknown part. The manipulation leads to command injection. Upgrading to version 6.0.0 is able to address this issue. The name of the patch is 5108446c1e23960d65e8b973f1d9486f9f9dbd6c. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-218019."
"value": "A vulnerability, which was classified as critical, was found in IonicaBizau node-gry up to 5.x. This affects an unknown part. The manipulation leads to command injection. Upgrading to version 6.0.0 is able to address this issue. The patch is named 5108446c1e23960d65e8b973f1d9486f9f9dbd6c. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-218019."
},
{
"lang": "deu",
@ -44,8 +44,8 @@
"version": {
"version_data": [
{
"version_value": "5.x",
"version_affected": "="
"version_affected": "=",
"version_value": "5.x"
}
]
}
@ -108,8 +108,7 @@
{
"version": "2.0",
"baseScore": 5.2,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

9
2020/36xxx/CVE-2020-36651.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been found in youngerheart nodeserver and classified as critical. Affected by this vulnerability is an unknown functionality of the file nodeserver.js. The manipulation leads to path traversal. The name of the patch is c4c0f0138ab5afbac58e03915d446680421bde28. It is recommended to apply a patch to fix this issue. The identifier VDB-218461 was assigned to this vulnerability."
"value": "A vulnerability has been found in youngerheart nodeserver and classified as critical. Affected by this vulnerability is an unknown functionality of the file nodeserver.js. The manipulation leads to path traversal. The identifier of the patch is c4c0f0138ab5afbac58e03915d446680421bde28. It is recommended to apply a patch to fix this issue. The identifier VDB-218461 was assigned to this vulnerability."
},
{
"lang": "deu",
@ -44,8 +44,8 @@
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -103,8 +103,7 @@
{
"version": "2.0",
"baseScore": 5.2,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

9
2020/36xxx/CVE-2020-36653.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in GENI Portal. It has been rated as problematic. Affected by this issue is some unknown functionality of the file portal/www/portal/error-text.php. The manipulation of the argument error leads to cross site scripting. The attack may be launched remotely. The name of the patch is c2356cc41260551073bfaa3a94d1ab074f554938. It is recommended to apply a patch to fix this issue. VDB-218474 is the identifier assigned to this vulnerability."
"value": "A vulnerability was found in GENI Portal. It has been rated as problematic. Affected by this issue is some unknown functionality of the file portal/www/portal/error-text.php. The manipulation of the argument error leads to cross site scripting. The attack may be launched remotely. The patch is identified as c2356cc41260551073bfaa3a94d1ab074f554938. It is recommended to apply a patch to fix this issue. VDB-218474 is the identifier assigned to this vulnerability."
},
{
"lang": "deu",
@ -44,8 +44,8 @@
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -103,8 +103,7 @@
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"
}
]
}

9
2020/36xxx/CVE-2020-36654.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability classified as problematic has been found in GENI Portal. This affects the function no_invocation_id_error of the file portal/www/portal/sliceresource.php. The manipulation of the argument invocation_id/invocation_user leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch is 39a96fb4b822bd3497442a96135de498d4a81337. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218475."
"value": "A vulnerability classified as problematic has been found in GENI Portal. This affects the function no_invocation_id_error of the file portal/www/portal/sliceresource.php. The manipulation of the argument invocation_id/invocation_user leads to cross site scripting. It is possible to initiate the attack remotely. The patch is named 39a96fb4b822bd3497442a96135de498d4a81337. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218475."
},
{
"lang": "deu",
@ -44,8 +44,8 @@
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -103,8 +103,7 @@
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"
}
]
}

9
2020/36xxx/CVE-2020-36660.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in paxswill EVE Ship Replacement Program 0.12.11. It has been rated as problematic. This issue affects some unknown processing of the file src/evesrp/views/api.py of the component User Information Handler. The manipulation leads to information disclosure. The attack may be initiated remotely. Upgrading to version 0.12.12 is able to address this issue. The name of the patch is 9e03f68e46e85ca9c9694a6971859b3ee66f0240. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-220211."
"value": "A vulnerability was found in paxswill EVE Ship Replacement Program 0.12.11. It has been rated as problematic. This issue affects some unknown processing of the file src/evesrp/views/api.py of the component User Information Handler. The manipulation leads to information disclosure. The attack may be initiated remotely. Upgrading to version 0.12.12 is able to address this issue. The patch is named 9e03f68e46e85ca9c9694a6971859b3ee66f0240. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-220211."
},
{
"lang": "deu",
@ -44,8 +44,8 @@
"version": {
"version_data": [
{
"version_value": "0.12.11",
"version_affected": "="
"version_affected": "=",
"version_value": "0.12.11"
}
]
}
@ -103,8 +103,7 @@
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N"
}
]
}

5
2020/36xxx/CVE-2020-36661.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in Kong lua-multipart 0.5.8-1. It has been declared as problematic. This vulnerability affects the function is_header of the file src/multipart.lua. The manipulation leads to inefficient regular expression complexity. Upgrading to version 0.5.9-1 is able to address this issue. The name of the patch is d632e5df43a2928fd537784a99a79dec288bf01b. It is recommended to upgrade the affected component. VDB-220642 is the identifier assigned to this vulnerability."
"value": "A vulnerability was found in Kong lua-multipart 0.5.8-1. It has been declared as problematic. This vulnerability affects the function is_header of the file src/multipart.lua. The manipulation leads to inefficient regular expression complexity. Upgrading to version 0.5.9-1 is able to address this issue. The patch is identified as d632e5df43a2928fd537784a99a79dec288bf01b. It is recommended to upgrade the affected component. VDB-220642 is the identifier assigned to this vulnerability."
},
{
"lang": "deu",
@ -108,8 +108,7 @@
{
"version": "2.0",
"baseScore": 2.7,
"vectorString": "AV:A/AC:L/Au:S/C:N/I:N/A:P",
"baseSeverity": "LOW"
"vectorString": "AV:A/AC:L/Au:S/C:N/I:N/A:P"
}
]
}

5
2020/36xxx/CVE-2020-36663.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability, which was classified as problematic, was found in Artes\u00e3os SEOTools up to 0.17.1. This affects the function makeTag of the file OpenGraph.php. The manipulation of the argument value leads to open redirect. Upgrading to version 0.17.2 is able to address this issue. The name of the patch is ca27cd0edf917e0bc805227013859b8b5a1f01fb. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-222231."
"value": "A vulnerability, which was classified as problematic, was found in Artes\u00e3os SEOTools up to 0.17.1. This affects the function makeTag of the file OpenGraph.php. The manipulation of the argument value leads to open redirect. Upgrading to version 0.17.2 is able to address this issue. The patch is named ca27cd0edf917e0bc805227013859b8b5a1f01fb. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-222231."
},
{
"lang": "deu",
@ -112,8 +112,7 @@
{
"version": "2.0",
"baseScore": 5.2,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

23
2020/36xxx/CVE-2020-36664.json
View File

@ -62,6 +62,16 @@
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.222232",
"refsource": "MISC",
"name": "https://vuldb.com/?id.222232"
},
{
"url": "https://vuldb.com/?ctiid.222232",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.222232"
},
{
"url": "https://github.com/artesaos/seotools/pull/201",
"refsource": "MISC",
@ -76,16 +86,6 @@
"url": "https://github.com/artesaos/seotools/releases/tag/v0.17.2",
"refsource": "MISC",
"name": "https://github.com/artesaos/seotools/releases/tag/v0.17.2"
},
{
"url": "https://vuldb.com/?id.222232",
"refsource": "MISC",
"name": "https://vuldb.com/?id.222232"
},
{
"url": "https://vuldb.com/?ctiid.222232",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.222232"
}
]
},
@ -112,8 +112,7 @@
{
"version": "2.0",
"baseScore": 5.2,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

25
2020/36xxx/CVE-2020-36665.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in Artes\u00e3os SEOTools up to 0.17.1 and classified as critical. This issue affects the function eachValue of the file TwitterCards.php. The manipulation of the argument value leads to open redirect. Upgrading to version 0.17.2 is able to address this issue. The name of the patch is ca27cd0edf917e0bc805227013859b8b5a1f01fb. It is recommended to upgrade the affected component. The identifier VDB-222233 was assigned to this vulnerability."
"value": "A vulnerability was found in Artes\u00e3os SEOTools up to 0.17.1 and classified as critical. This issue affects the function eachValue of the file TwitterCards.php. The manipulation of the argument value leads to open redirect. Upgrading to version 0.17.2 is able to address this issue. The identifier of the patch is ca27cd0edf917e0bc805227013859b8b5a1f01fb. It is recommended to upgrade the affected component. The identifier VDB-222233 was assigned to this vulnerability."
},
{
"lang": "deu",
@ -62,6 +62,16 @@
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.222233",
"refsource": "MISC",
"name": "https://vuldb.com/?id.222233"
},
{
"url": "https://vuldb.com/?ctiid.222233",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.222233"
},
{
"url": "https://github.com/artesaos/seotools/pull/201",
"refsource": "MISC",
@ -76,16 +86,6 @@
"url": "https://github.com/artesaos/seotools/releases/tag/v0.17.2",
"refsource": "MISC",
"name": "https://github.com/artesaos/seotools/releases/tag/v0.17.2"
},
{
"url": "https://vuldb.com/?id.222233",
"refsource": "MISC",
"name": "https://vuldb.com/?id.222233"
},
{
"url": "https://vuldb.com/?ctiid.222233",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.222233"
}
]
},
@ -112,8 +112,7 @@
{
"version": "2.0",
"baseScore": 5.2,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2020/36xxx/CVE-2020-36762.json
View File

@ -216,8 +216,7 @@
{
"version": "2.0",
"baseScore": 5.2,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

15
2021/4xxx/CVE-2021-4263.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability, which was classified as problematic, has been found in leanote 2.6.1. This issue affects the function define of the file public/js/plugins/history.js. The manipulation of the argument content leads to cross site scripting. The attack may be initiated remotely. The name of the patch is 0f9733c890077942150696dcc6d2b1482b7a0a19. It is recommended to apply a patch to fix this issue. The identifier VDB-216461 was assigned to this vulnerability."
"value": "A vulnerability, which was classified as problematic, has been found in leanote 2.6.1. This issue affects the function define of the file public/js/plugins/history.js. The manipulation of the argument content leads to cross site scripting. The attack may be initiated remotely. The identifier of the patch is 0f9733c890077942150696dcc6d2b1482b7a0a19. It is recommended to apply a patch to fix this issue. The identifier VDB-216461 was assigned to this vulnerability."
},
{
"lang": "deu",
@ -58,11 +58,6 @@
},
"references": {
"reference_data": [
{
"url": "https://github.com/leanote/leanote/commit/0f9733c890077942150696dcc6d2b1482b7a0a19",
"refsource": "MISC",
"name": "https://github.com/leanote/leanote/commit/0f9733c890077942150696dcc6d2b1482b7a0a19"
},
{
"url": "https://vuldb.com/?id.216461",
"refsource": "MISC",
@ -72,6 +67,11 @@
"url": "https://vuldb.com/?ctiid.216461",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.216461"
},
{
"url": "https://github.com/leanote/leanote/commit/0f9733c890077942150696dcc6d2b1482b7a0a19",
"refsource": "MISC",
"name": "https://github.com/leanote/leanote/commit/0f9733c890077942150696dcc6d2b1482b7a0a19"
}
]
},
@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"
}
]
}

25
2021/4xxx/CVE-2021-4297.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been found in trampgeek jobe up to 1.6.4 and classified as problematic. This vulnerability affects the function runs_post of the file application/controllers/Restapi.php. The manipulation of the argument sourcefilename leads to an unknown weakness. Upgrading to version 1.6.5 is able to address this issue. The name of the patch is 694da5013dbecc8d30dd83e2a83e78faadf93771. It is recommended to upgrade the affected component. VDB-217174 is the identifier assigned to this vulnerability."
"value": "A vulnerability has been found in trampgeek jobe up to 1.6.4 and classified as problematic. This vulnerability affects the function runs_post of the file application/controllers/Restapi.php. The manipulation of the argument sourcefilename leads to an unknown weakness. Upgrading to version 1.6.5 is able to address this issue. The patch is identified as 694da5013dbecc8d30dd83e2a83e78faadf93771. It is recommended to upgrade the affected component. VDB-217174 is the identifier assigned to this vulnerability."
},
{
"lang": "deu",
@ -43,24 +43,24 @@
"version": {
"version_data": [
{
"version_value": "1.6.0",
"version_affected": "="
"version_affected": "=",
"version_value": "1.6.0"
},
{
"version_value": "1.6.1",
"version_affected": "="
"version_affected": "=",
"version_value": "1.6.1"
},
{
"version_value": "1.6.2",
"version_affected": "="
"version_affected": "=",
"version_value": "1.6.2"
},
{
"version_value": "1.6.3",
"version_affected": "="
"version_affected": "=",
"version_value": "1.6.3"
},
{
"version_value": "1.6.4",
"version_affected": "="
"version_affected": "=",
"version_value": "1.6.4"
}
]
}
@ -118,8 +118,7 @@
{
"version": "2.0",
"baseScore": 4.9,
"vectorString": "AV:A/AC:M/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:A/AC:M/Au:S/C:P/I:P/A:P"
}
]
}

9
2021/4xxx/CVE-2021-4298.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability classified as critical has been found in Hesburgh Libraries of Notre Dame Sipity. This affects the function SearchCriteriaForWorksParameter of the file app/parameters/sipity/parameters/search_criteria_for_works_parameter.rb. The manipulation leads to sql injection. Upgrading to version 2021.8 is able to address this issue. The name of the patch is d1704c7363b899ffce65be03a796a0ee5fdbfbdc. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217179."
"value": "A vulnerability classified as critical has been found in Hesburgh Libraries of Notre Dame Sipity. This affects the function SearchCriteriaForWorksParameter of the file app/parameters/sipity/parameters/search_criteria_for_works_parameter.rb. The manipulation leads to sql injection. Upgrading to version 2021.8 is able to address this issue. The patch is named d1704c7363b899ffce65be03a796a0ee5fdbfbdc. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217179."
},
{
"lang": "deu",
@ -44,8 +44,8 @@
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -103,8 +103,7 @@
{
"version": "2.0",
"baseScore": 5.2,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

35
2021/4xxx/CVE-2021-4299.json
View File

@ -44,36 +44,36 @@
"version": {
"version_data": [
{
"version_value": "0.12.0",
"version_affected": "="
"version_affected": "=",
"version_value": "0.12.0"
},
{
"version_value": "0.12.1",
"version_affected": "="
"version_affected": "=",
"version_value": "0.12.1"
},
{
"version_value": "0.12.2",
"version_affected": "="
"version_affected": "=",
"version_value": "0.12.2"
},
{
"version_value": "0.12.3",
"version_affected": "="
"version_affected": "=",
"version_value": "0.12.3"
},
{
"version_value": "0.12.4",
"version_affected": "="
"version_affected": "=",
"version_value": "0.12.4"
},
{
"version_value": "0.12.5",
"version_affected": "="
"version_affected": "=",
"version_value": "0.12.5"
},
{
"version_value": "0.12.6",
"version_affected": "="
"version_affected": "=",
"version_value": "0.12.6"
},
{
"version_value": "0.12.7",
"version_affected": "="
"version_affected": "=",
"version_value": "0.12.7"
}
]
}
@ -131,8 +131,7 @@
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P"
}
]
}

9
2021/4xxx/CVE-2021-4300.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been found in ghostlander Halcyon and classified as critical. Affected by this vulnerability is the function CBlock::AddToBlockIndex of the file src/main.cpp of the component Block Verification. The manipulation leads to improper access controls. The attack can be launched remotely. Upgrading to version 1.1.1.0-hal is able to address this issue. The name of the patch is 0675b25ae9cc10b5fdc8ea3a32c642979762d45e. It is recommended to upgrade the affected component. The identifier VDB-217417 was assigned to this vulnerability."
"value": "A vulnerability has been found in ghostlander Halcyon and classified as critical. Affected by this vulnerability is the function CBlock::AddToBlockIndex of the file src/main.cpp of the component Block Verification. The manipulation leads to improper access controls. The attack can be launched remotely. Upgrading to version 1.1.1.0-hal is able to address this issue. The identifier of the patch is 0675b25ae9cc10b5fdc8ea3a32c642979762d45e. It is recommended to upgrade the affected component. The identifier VDB-217417 was assigned to this vulnerability."
},
{
"lang": "deu",
@ -44,8 +44,8 @@
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -103,8 +103,7 @@
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

123
2021/4xxx/CVE-2021-4301.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in slackero phpwcms up to 1.9.26 and classified as critical. Affected by this issue is some unknown functionality. The manipulation of the argument $phpwcms['db_prepend'] leads to sql injection. The attack may be launched remotely. Upgrading to version 1.9.27 is able to address this issue. The name of the patch is 77dafb6a8cc1015f0777daeb5792f43beef77a9d. It is recommended to upgrade the affected component. VDB-217418 is the identifier assigned to this vulnerability."
"value": "A vulnerability was found in slackero phpwcms up to 1.9.26 and classified as critical. Affected by this issue is some unknown functionality. The manipulation of the argument $phpwcms['db_prepend'] leads to sql injection. The attack may be launched remotely. Upgrading to version 1.9.27 is able to address this issue. The patch is identified as 77dafb6a8cc1015f0777daeb5792f43beef77a9d. It is recommended to upgrade the affected component. VDB-217418 is the identifier assigned to this vulnerability."
},
{
"lang": "deu",
@ -44,112 +44,112 @@
"version": {
"version_data": [
{
"version_value": "1.9.0",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.0"
},
{
"version_value": "1.9.1",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.1"
},
{
"version_value": "1.9.2",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.2"
},
{
"version_value": "1.9.3",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.3"
},
{
"version_value": "1.9.4",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.4"
},
{
"version_value": "1.9.5",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.5"
},
{
"version_value": "1.9.6",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.6"
},
{
"version_value": "1.9.7",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.7"
},
{
"version_value": "1.9.8",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.8"
},
{
"version_value": "1.9.9",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.9"
},
{
"version_value": "1.9.10",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.10"
},
{
"version_value": "1.9.11",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.11"
},
{
"version_value": "1.9.12",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.12"
},
{
"version_value": "1.9.13",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.13"
},
{
"version_value": "1.9.14",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.14"
},
{
"version_value": "1.9.15",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.15"
},
{
"version_value": "1.9.16",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.16"
},
{
"version_value": "1.9.17",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.17"
},
{
"version_value": "1.9.18",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.18"
},
{
"version_value": "1.9.19",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.19"
},
{
"version_value": "1.9.20",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.20"
},
{
"version_value": "1.9.21",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.21"
},
{
"version_value": "1.9.22",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.22"
},
{
"version_value": "1.9.23",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.23"
},
{
"version_value": "1.9.24",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.24"
},
{
"version_value": "1.9.25",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.25"
},
{
"version_value": "1.9.26",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.26"
}
]
}
@ -162,11 +162,6 @@
},
"references": {
"reference_data": [
{
"url": "https://github.com/slackero/phpwcms/releases/tag/v1.9.27",
"refsource": "MISC",
"name": "https://github.com/slackero/phpwcms/releases/tag/v1.9.27"
},
{
"url": "https://vuldb.com/?id.217418",
"refsource": "MISC",
@ -181,6 +176,11 @@
"url": "https://github.com/slackero/phpwcms/commit/77dafb6a8cc1015f0777daeb5792f43beef77a9d",
"refsource": "MISC",
"name": "https://github.com/slackero/phpwcms/commit/77dafb6a8cc1015f0777daeb5792f43beef77a9d"
},
{
"url": "https://github.com/slackero/phpwcms/releases/tag/v1.9.27",
"refsource": "MISC",
"name": "https://github.com/slackero/phpwcms/releases/tag/v1.9.27"
}
]
},
@ -207,8 +207,7 @@
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

113
2021/4xxx/CVE-2021-4302.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in slackero phpwcms up to 1.9.26. It has been classified as problematic. This affects an unknown part of the component SVG File Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 1.9.27 is able to address this issue. The name of the patch is b39db9c7ad3800f319195ff0e26a0981395b1c54. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217419."
"value": "A vulnerability was found in slackero phpwcms up to 1.9.26. It has been classified as problematic. This affects an unknown part of the component SVG File Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 1.9.27 is able to address this issue. The patch is named b39db9c7ad3800f319195ff0e26a0981395b1c54. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217419."
},
{
"lang": "deu",
@ -44,112 +44,112 @@
"version": {
"version_data": [
{
"version_value": "1.9.0",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.0"
},
{
"version_value": "1.9.1",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.1"
},
{
"version_value": "1.9.2",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.2"
},
{
"version_value": "1.9.3",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.3"
},
{
"version_value": "1.9.4",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.4"
},
{
"version_value": "1.9.5",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.5"
},
{
"version_value": "1.9.6",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.6"
},
{
"version_value": "1.9.7",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.7"
},
{
"version_value": "1.9.8",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.8"
},
{
"version_value": "1.9.9",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.9"
},
{
"version_value": "1.9.10",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.10"
},
{
"version_value": "1.9.11",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.11"
},
{
"version_value": "1.9.12",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.12"
},
{
"version_value": "1.9.13",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.13"
},
{
"version_value": "1.9.14",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.14"
},
{
"version_value": "1.9.15",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.15"
},
{
"version_value": "1.9.16",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.16"
},
{
"version_value": "1.9.17",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.17"
},
{
"version_value": "1.9.18",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.18"
},
{
"version_value": "1.9.19",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.19"
},
{
"version_value": "1.9.20",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.20"
},
{
"version_value": "1.9.21",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.21"
},
{
"version_value": "1.9.22",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.22"
},
{
"version_value": "1.9.23",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.23"
},
{
"version_value": "1.9.24",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.24"
},
{
"version_value": "1.9.25",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.25"
},
{
"version_value": "1.9.26",
"version_affected": "="
"version_affected": "=",
"version_value": "1.9.26"
}
]
}
@ -207,8 +207,7 @@
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"
}
]
}

11
2021/4xxx/CVE-2021-4303.json
View File

@ -11,11 +11,11 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability, which was classified as problematic, has been found in shannah Xataface up to 2.x. Affected by this issue is the function testftp of the file install/install_form.js.php of the component Installer. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 3.0.0 is able to address this issue. The name of the patch is 94143a4299e386f33bf582139cd4702571d93bde. It is recommended to upgrade the affected component. VDB-217442 is the identifier assigned to this vulnerability. NOTE: Installer is disabled by default."
"value": "A vulnerability, which was classified as problematic, has been found in shannah Xataface up to 2.x. Affected by this issue is the function testftp of the file install/install_form.js.php of the component Installer. The manipulation leads to cross site scripting. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. Upgrading to version 3.0.0 is able to address this issue. The patch is identified as 94143a4299e386f33bf582139cd4702571d93bde. It is recommended to upgrade the affected component. VDB-217442 is the identifier assigned to this vulnerability. NOTE: Installer is disabled by default."
},
{
"lang": "deu",
"value": "Eine problematische Schwachstelle wurde in shannah Xataface bis 2.x entdeckt. Dies betrifft die Funktion testftp der Datei install/install_form.js.php der Komponente Installer. Mittels dem Manipulieren mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Ein Aktualisieren auf die Version 3.0.0 vermag dieses Problem zu l\u00f6sen. Der Patch wird als 94143a4299e386f33bf582139cd4702571d93bde bezeichnet. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
"value": "Eine problematische Schwachstelle wurde in shannah Xataface bis 2.x entdeckt. Dies betrifft die Funktion testftp der Datei install/install_form.js.php der Komponente Installer. Mittels dem Manipulieren mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Sie ist schwierig ausnutzbar. Ein Aktualisieren auf die Version 3.0.0 vermag dieses Problem zu l\u00f6sen. Der Patch wird als 94143a4299e386f33bf582139cd4702571d93bde bezeichnet. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
}
]
},
@ -44,8 +44,8 @@
"version": {
"version_data": [
{
"version_value": "2.x",
"version_affected": "="
"version_affected": "=",
"version_value": "2.x"
}
]
}
@ -103,8 +103,7 @@
{
"version": "2.0",
"baseScore": 1.7,
"vectorString": "AV:N/AC:H/Au:M/C:N/I:P/A:N",
"baseSeverity": "LOW"
"vectorString": "AV:N/AC:H/Au:M/C:N/I:P/A:N"
}
]
}

9
2021/4xxx/CVE-2021-4304.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in eprintsug ulcc-core. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file cgi/toolbox/toolbox. The manipulation of the argument password leads to command injection. The attack can be launched remotely. The name of the patch is 811edaae81eb044891594f00062a828f51b22cb1. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217447."
"value": "A vulnerability was found in eprintsug ulcc-core. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file cgi/toolbox/toolbox. The manipulation of the argument password leads to command injection. The attack can be launched remotely. The patch is named 811edaae81eb044891594f00062a828f51b22cb1. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217447."
},
{
"lang": "deu",
@ -44,8 +44,8 @@
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

7
2021/4xxx/CVE-2021-4305.json
View File

@ -44,8 +44,8 @@
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -103,8 +103,7 @@
{
"version": "2.0",
"baseScore": 2.3,
"vectorString": "AV:A/AC:M/Au:S/C:N/I:N/A:P",
"baseSeverity": "LOW"
"vectorString": "AV:A/AC:M/Au:S/C:N/I:N/A:P"
}
]
}

35
2021/4xxx/CVE-2021-4306.json
View File

@ -44,36 +44,36 @@
"version": {
"version_data": [
{
"version_value": "2.1.0",
"version_affected": "="
"version_affected": "=",
"version_value": "2.1.0"
},
{
"version_value": "2.1.1",
"version_affected": "="
"version_affected": "=",
"version_value": "2.1.1"
},
{
"version_value": "2.1.2",
"version_affected": "="
"version_affected": "=",
"version_value": "2.1.2"
},
{
"version_value": "2.1.3",
"version_affected": "="
"version_affected": "=",
"version_value": "2.1.3"
},
{
"version_value": "2.1.4",
"version_affected": "="
"version_affected": "=",
"version_value": "2.1.4"
},
{
"version_value": "2.1.5",
"version_affected": "="
"version_affected": "=",
"version_value": "2.1.5"
},
{
"version_value": "2.1.6",
"version_affected": "="
"version_affected": "=",
"version_value": "2.1.6"
},
{
"version_value": "2.1.7",
"version_affected": "="
"version_affected": "=",
"version_value": "2.1.7"
}
]
}
@ -131,8 +131,7 @@
{
"version": "2.0",
"baseScore": 2.3,
"vectorString": "AV:A/AC:M/Au:S/C:N/I:N/A:P",
"baseSeverity": "LOW"
"vectorString": "AV:A/AC:M/Au:S/C:N/I:N/A:P"
}
]
}

33
2021/4xxx/CVE-2021-4307.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in Yomguithereal Baobab up to 2.6.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution'). The attack can be launched remotely. Upgrading to version 2.6.1 is able to address this issue. The name of the patch is c56639532a923d9a1600fb863ec7551b188b5d19. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217627."
"value": "A vulnerability was found in Yomguithereal Baobab up to 2.6.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution'). The attack can be launched remotely. Upgrading to version 2.6.1 is able to address this issue. The patch is named c56639532a923d9a1600fb863ec7551b188b5d19. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217627."
},
{
"lang": "deu",
@ -44,32 +44,32 @@
"version": {
"version_data": [
{
"version_value": "2.0",
"version_affected": "="
"version_affected": "=",
"version_value": "2.0"
},
{
"version_value": "2.1",
"version_affected": "="
"version_affected": "=",
"version_value": "2.1"
},
{
"version_value": "2.2",
"version_affected": "="
"version_affected": "=",
"version_value": "2.2"
},
{
"version_value": "2.3",
"version_affected": "="
"version_affected": "=",
"version_value": "2.3"
},
{
"version_value": "2.4",
"version_affected": "="
"version_affected": "=",
"version_value": "2.4"
},
{
"version_value": "2.5",
"version_affected": "="
"version_affected": "=",
"version_value": "2.5"
},
{
"version_value": "2.6",
"version_affected": "="
"version_affected": "=",
"version_value": "2.6"
}
]
}
@ -132,8 +132,7 @@
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

13
2021/4xxx/CVE-2021-4308.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in WebPA up to 3.1.1. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to sql injection. Upgrading to version 3.1.2 is able to address this issue. The name of the patch is 8836c4f549181e885a68e0e7ca561fdbcbd04bf0. It is recommended to upgrade the affected component. The identifier VDB-217637 was assigned to this vulnerability."
"value": "A vulnerability was found in WebPA up to 3.1.1. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to sql injection. Upgrading to version 3.1.2 is able to address this issue. The identifier of the patch is 8836c4f549181e885a68e0e7ca561fdbcbd04bf0. It is recommended to upgrade the affected component. The identifier VDB-217637 was assigned to this vulnerability."
},
{
"lang": "deu",
@ -44,12 +44,12 @@
"version": {
"version_data": [
{
"version_value": "3.1.0",
"version_affected": "="
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_value": "3.1.1",
"version_affected": "="
"version_affected": "=",
"version_value": "3.1.1"
}
]
}
@ -112,8 +112,7 @@
{
"version": "2.0",
"baseScore": 5.2,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

9
2021/4xxx/CVE-2021-4309.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability, which was classified as problematic, has been found in 01-Scripts 01ACP. This issue affects some unknown processing. The manipulation of the argument $_SERVER['SCRIPT_NAME'] leads to cross site scripting. The attack may be initiated remotely. The name of the patch is a16eb7da46ed22bc61067c212635394f2571d3c4. It is recommended to apply a patch to fix this issue. The identifier VDB-217649 was assigned to this vulnerability."
"value": "A vulnerability, which was classified as problematic, has been found in 01-Scripts 01ACP. This issue affects some unknown processing. The manipulation of the argument $_SERVER['SCRIPT_NAME'] leads to cross site scripting. The attack may be initiated remotely. The identifier of the patch is a16eb7da46ed22bc61067c212635394f2571d3c4. It is recommended to apply a patch to fix this issue. The identifier VDB-217649 was assigned to this vulnerability."
},
{
"lang": "deu",
@ -44,8 +44,8 @@
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"
}
]
}

9
2021/4xxx/CVE-2021-4310.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in 01-Scripts 01-Artikelsystem. It has been classified as problematic. Affected is an unknown function of the file 01article.php. The manipulation of the argument $_SERVER['PHP_SELF'] leads to cross site scripting. It is possible to launch the attack remotely. The name of the patch is ae849b347a58c2cb1be38d04bbe56fc883d5d84a. It is recommended to apply a patch to fix this issue. VDB-217662 is the identifier assigned to this vulnerability."
"value": "A vulnerability was found in 01-Scripts 01-Artikelsystem. It has been classified as problematic. Affected is an unknown function of the file 01article.php. The manipulation of the argument $_SERVER['PHP_SELF'] leads to cross site scripting. It is possible to launch the attack remotely. The patch is identified as ae849b347a58c2cb1be38d04bbe56fc883d5d84a. It is recommended to apply a patch to fix this issue. VDB-217662 is the identifier assigned to this vulnerability."
},
{
"lang": "deu",
@ -44,8 +44,8 @@
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"
}
]
}

9
2021/4xxx/CVE-2021-4311.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability classified as problematic was found in Talend Open Studio for MDM. This vulnerability affects unknown code of the component XML Handler. The manipulation leads to xml external entity reference. The name of the patch is 31d442b9fb1d518128fd18f6e4d54e06c3d67793. It is recommended to apply a patch to fix this issue. VDB-217666 is the identifier assigned to this vulnerability."
"value": "A vulnerability classified as problematic was found in Talend Open Studio for MDM. This vulnerability affects unknown code of the component XML Handler. The manipulation leads to xml external entity reference. The patch is identified as 31d442b9fb1d518128fd18f6e4d54e06c3d67793. It is recommended to apply a patch to fix this issue. VDB-217666 is the identifier assigned to this vulnerability."
},
{
"lang": "deu",
@ -44,8 +44,8 @@
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -103,8 +103,7 @@
{
"version": "2.0",
"baseScore": 4.9,
"vectorString": "AV:A/AC:M/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:A/AC:M/Au:S/C:P/I:P/A:P"
}
]
}

11
2021/4xxx/CVE-2021-4312.json
View File

@ -11,11 +11,11 @@
"description_data": [
{
"lang": "eng",
"value": "** UNSUPPPORTED WHEN ASSIGNED **** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as problematic has been found in Th3-822 Rapidleech. This affects the function zip_go of the file classes/options/zip.php. The manipulation of the argument archive leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch is 885a87ea4ee5e14fa95801eca255604fb2e138c6. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218295. NOTE: This vulnerability only affects products that are no longer supported by the maintainer."
"value": "** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as problematic has been found in Th3-822 Rapidleech. This affects the function zip_go of the file classes/options/zip.php. The manipulation of the argument archive leads to cross site scripting. It is possible to initiate the attack remotely. The patch is named 885a87ea4ee5e14fa95801eca255604fb2e138c6. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218295. NOTE: This vulnerability only affects products that are no longer supported by the maintainer."
},
{
"lang": "deu",
"value": "** UNSUPPPORTED WHEN ASSIGNED **Es wurde eine Schwachstelle in Th3-822 Rapidleech entdeckt. Sie wurde als problematisch eingestuft. Es betrifft die Funktion zip_go der Datei classes/options/zip.php. Dank der Manipulation des Arguments archive mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Patch wird als 885a87ea4ee5e14fa95801eca255604fb2e138c6 bezeichnet. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
"value": "** UNSUPPPORTED WHEN ASSIGNED ** Es wurde eine Schwachstelle in Th3-822 Rapidleech entdeckt. Sie wurde als problematisch eingestuft. Es betrifft die Funktion zip_go der Datei classes/options/zip.php. Dank der Manipulation des Arguments archive mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Patch wird als 885a87ea4ee5e14fa95801eca255604fb2e138c6 bezeichnet. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
}
]
},
@ -44,8 +44,8 @@
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"
}
]
}

9
2021/4xxx/CVE-2021-4313.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in NethServer phonenehome. It has been rated as critical. This issue affects the function get_info/get_country_coor of the file server/index.php. The manipulation leads to sql injection. The name of the patch is 759c30b0ddd7d493836bbdf695cf71624b377391. It is recommended to apply a patch to fix this issue. The identifier VDB-218393 was assigned to this vulnerability."
"value": "A vulnerability was found in NethServer phonenehome. It has been rated as critical. This issue affects the function get_info/get_country_coor of the file server/index.php. The manipulation leads to sql injection. The identifier of the patch is 759c30b0ddd7d493836bbdf695cf71624b377391. It is recommended to apply a patch to fix this issue. The identifier VDB-218393 was assigned to this vulnerability."
},
{
"lang": "deu",
@ -44,8 +44,8 @@
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -103,8 +103,7 @@
{
"version": "2.0",
"baseScore": 5.2,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

15
2021/4xxx/CVE-2021-4315.json
View File

@ -44,16 +44,16 @@
"version": {
"version_data": [
{
"version_value": "3.0",
"version_affected": "="
"version_affected": "=",
"version_value": "3.0"
},
{
"version_value": "3.1",
"version_affected": "="
"version_affected": "=",
"version_value": "3.1"
},
{
"version_value": "3.2",
"version_affected": "="
"version_affected": "=",
"version_value": "3.2"
}
]
}
@ -116,8 +116,7 @@
{
"version": "2.0",
"baseScore": 5.2,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

5
2021/4xxx/CVE-2021-4325.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability, which was classified as problematic, has been found in NHN TOAST UI Chart 4.1.4. This issue affects some unknown processing of the component Legend Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 4.2.0 is able to address this issue. The name of the patch is 1a3f455d17df379e11b501bb5ba1dd1bcc41d63e. It is recommended to upgrade the affected component. The identifier VDB-221501 was assigned to this vulnerability."
"value": "A vulnerability, which was classified as problematic, has been found in NHN TOAST UI Chart 4.1.4. This issue affects some unknown processing of the component Legend Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 4.2.0 is able to address this issue. The identifier of the patch is 1a3f455d17df379e11b501bb5ba1dd1bcc41d63e. It is recommended to upgrade the affected component. The identifier VDB-221501 was assigned to this vulnerability."
},
{
"lang": "deu",
@ -108,8 +108,7 @@
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"
}
]
}

5
2021/4xxx/CVE-2021-4327.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in SerenityOS. It has been rated as critical. Affected by this issue is the function initialize_typed_array_from_array_buffer in the library Userland/Libraries/LibJS/Runtime/TypedArray.cpp. The manipulation leads to integer overflow. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The name of the patch is f6c6047e49f1517778f5565681fb64750b14bf60. It is recommended to apply a patch to fix this issue. VDB-222074 is the identifier assigned to this vulnerability."
"value": "A vulnerability was found in SerenityOS. It has been rated as critical. Affected by this issue is the function initialize_typed_array_from_array_buffer in the library Userland/Libraries/LibJS/Runtime/TypedArray.cpp. The manipulation leads to integer overflow. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The patch is identified as f6c6047e49f1517778f5565681fb64750b14bf60. It is recommended to apply a patch to fix this issue. VDB-222074 is the identifier assigned to this vulnerability."
},
{
"lang": "deu",
@ -103,8 +103,7 @@
{
"version": "2.0",
"baseScore": 5.2,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2021/4xxx/CVE-2021-4328.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

5
2021/4xxx/CVE-2021-4329.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability, which was classified as critical, has been found in json-logic-js 2.0.0. Affected by this issue is some unknown functionality of the file logic.js. The manipulation leads to command injection. Upgrading to version 2.0.1 is able to address this issue. The name of the patch is c1dd82f5b15d8a553bb7a0cfa841ab8a11a9c227. It is recommended to upgrade the affected component. VDB-222266 is the identifier assigned to this vulnerability."
"value": "A vulnerability, which was classified as critical, has been found in json-logic-js 2.0.0. Affected by this issue is some unknown functionality of the file logic.js. The manipulation leads to command injection. Upgrading to version 2.0.1 is able to address this issue. The patch is identified as c1dd82f5b15d8a553bb7a0cfa841ab8a11a9c227. It is recommended to upgrade the affected component. VDB-222266 is the identifier assigned to this vulnerability."
},
{
"lang": "deu",
@ -103,8 +103,7 @@
{
"version": "2.0",
"baseScore": 5.2,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2021/4xxx/CVE-2021-4336.json
View File

@ -107,8 +107,7 @@
{
"version": "2.0",
"baseScore": 5.2,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2021/4xxx/CVE-2021-4428.json
View File

@ -108,8 +108,7 @@
{
"version": "2.0",
"baseScore": 3.3,
"vectorString": "AV:N/AC:L/Au:M/C:P/I:N/A:N",
"baseSeverity": "LOW"
"vectorString": "AV:N/AC:L/Au:M/C:P/I:N/A:N"
}
]
}

7
2022/1xxx/CVE-2022-1101.json
View File

@ -44,8 +44,8 @@
"version": {
"version_data": [
{
"version_value": "1.0",
"version_affected": "="
"version_affected": "=",
"version_value": "1.0"
}
]
}
@ -93,8 +93,7 @@
{
"version": "2.0",
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseSeverity": "HIGH"
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P"
}
]
}

18
2023/46xxx/CVE-2023-46286.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-46286",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

72
2023/46xxx/CVE-2023-46287.json Normal file
View File

@ -0,0 +1,72 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2023-46287",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "XSS exists in NagVis before 1.9.38 via the select function in share/server/core/functions/html.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/NagVis/nagvis/pull/356",
"refsource": "MISC",
"name": "https://github.com/NagVis/nagvis/pull/356"
},
{
"url": "https://github.com/NagVis/nagvis/pull/356/commits/d660591b23e5cfea4d1be2d3fb8f3855aa6020fb",
"refsource": "MISC",
"name": "https://github.com/NagVis/nagvis/pull/356/commits/d660591b23e5cfea4d1be2d3fb8f3855aa6020fb"
},
{
"url": "https://github.com/NagVis/nagvis/compare/nagvis-1.9.37...nagvis-1.9.38",
"refsource": "MISC",
"name": "https://github.com/NagVis/nagvis/compare/nagvis-1.9.37...nagvis-1.9.38"
}
]
}
}