admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 19:17:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-11-13 09:00:30 +00:00
parent 1bed00d13b
commit d2bba7bc1e
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
13 changed files with 184 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
2022/3xxx/CVE-2022-3964.json
View File

@ -22,7 +22,7 @@
"version": {
"version_data": [
{
"version_value": "n\/a"
"version_value": "n/a"
}
]
}
@ -49,7 +49,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability classified as problematic has been found in ffmpeg. This affects an unknown part of the file libavcodec\/rpzaenc.c of the component QuickTime RPZA Video Encoder. The manipulation of the argument y_size leads to out-of-bounds read. It is possible to initiate the attack remotely. The name of the patch is 92f9b28ed84a77138105475beba16c146bdaf984. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-213543."
"value": "A vulnerability classified as problematic has been found in ffmpeg. This affects an unknown part of the file libavcodec/rpzaenc.c of the component QuickTime RPZA Video Encoder. The manipulation of the argument y_size leads to out-of-bounds read. It is possible to initiate the attack remotely. The name of the patch is 92f9b28ed84a77138105475beba16c146bdaf984. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-213543."
}
]
},
@ -57,16 +57,20 @@
"cvss": {
"version": "3.1",
"baseScore": "4.3",
"vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:U\/C:N\/I:N\/A:L"
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"
}
},
"references": {
"reference_data": [
{
"url": "https:\/\/git.ffmpeg.org\/gitweb\/ffmpeg.git\/commit\/92f9b28ed84a77138105475beba16c146bdaf984"
"url": "https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/92f9b28ed84a77138105475beba16c146bdaf984",
"refsource": "MISC",
"name": "https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/92f9b28ed84a77138105475beba16c146bdaf984"
},
{
"url": "https:\/\/vuldb.com\/?id.213543"
"url": "https://vuldb.com/?id.213543",
"refsource": "MISC",
"name": "https://vuldb.com/?id.213543"
}
]
}

14
2022/3xxx/CVE-2022-3965.json
View File

@ -22,7 +22,7 @@
"version": {
"version_data": [
{
"version_value": "n\/a"
"version_value": "n/a"
}
]
}
@ -49,7 +49,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability classified as problematic was found in ffmpeg. This vulnerability affects the function smc_encode_stream of the file libavcodec\/smcenc.c of the component QuickTime Graphics Video Encoder. The manipulation of the argument y_size leads to out-of-bounds read. The attack can be initiated remotely. The name of the patch is 13c13109759090b7f7182480d075e13b36ed8edd. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-213544."
"value": "A vulnerability classified as problematic was found in ffmpeg. This vulnerability affects the function smc_encode_stream of the file libavcodec/smcenc.c of the component QuickTime Graphics Video Encoder. The manipulation of the argument y_size leads to out-of-bounds read. The attack can be initiated remotely. The name of the patch is 13c13109759090b7f7182480d075e13b36ed8edd. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-213544."
}
]
},
@ -57,16 +57,20 @@
"cvss": {
"version": "3.1",
"baseScore": "4.3",
"vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:U\/C:N\/I:N\/A:L"
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"
}
},
"references": {
"reference_data": [
{
"url": "https:\/\/git.ffmpeg.org\/gitweb\/ffmpeg.git\/commit\/13c13109759090b7f7182480d075e13b36ed8edd"
"url": "https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/13c13109759090b7f7182480d075e13b36ed8edd",
"refsource": "MISC",
"name": "https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/13c13109759090b7f7182480d075e13b36ed8edd"
},
{
"url": "https:\/\/vuldb.com\/?id.213544"
"url": "https://vuldb.com/?id.213544",
"refsource": "MISC",
"name": "https://vuldb.com/?id.213544"
}
]
}

16
2022/3xxx/CVE-2022-3966.json
View File

@ -64,7 +64,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability, which was classified as critical, has been found in Ultimate Member Plugin up to 2.5.0. This issue affects the function load_template of the file includes\/core\/class-shortcodes.php of the component Template Handler. The manipulation of the argument tpl leads to pathname traversal. The attack may be initiated remotely. Upgrading to version 2.5.1 is able to address this issue. The name of the patch is e1bc94c1100f02a129721ba4be5fbc44c3d78ec4. It is recommended to upgrade the affected component. The identifier VDB-213545 was assigned to this vulnerability."
"value": "A vulnerability, which was classified as critical, has been found in Ultimate Member Plugin up to 2.5.0. This issue affects the function load_template of the file includes/core/class-shortcodes.php of the component Template Handler. The manipulation of the argument tpl leads to pathname traversal. The attack may be initiated remotely. Upgrading to version 2.5.1 is able to address this issue. The name of the patch is e1bc94c1100f02a129721ba4be5fbc44c3d78ec4. It is recommended to upgrade the affected component. The identifier VDB-213545 was assigned to this vulnerability."
}
]
},
@ -72,19 +72,25 @@
"cvss": {
"version": "3.1",
"baseScore": "4.3",
"vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:N\/A:N"
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"
}
},
"references": {
"reference_data": [
{
"url": "https:\/\/github.com\/ultimatemember\/ultimatemember\/commit\/e1bc94c1100f02a129721ba4be5fbc44c3d78ec4"
"url": "https://github.com/ultimatemember/ultimatemember/commit/e1bc94c1100f02a129721ba4be5fbc44c3d78ec4",
"refsource": "MISC",
"name": "https://github.com/ultimatemember/ultimatemember/commit/e1bc94c1100f02a129721ba4be5fbc44c3d78ec4"
},
{
"url": "https:\/\/github.com\/ultimatemember\/ultimatemember\/releases\/tag\/2.5.1"
"url": "https://github.com/ultimatemember/ultimatemember/releases/tag/2.5.1",
"refsource": "MISC",
"name": "https://github.com/ultimatemember/ultimatemember/releases/tag/2.5.1"
},
{
"url": "https:\/\/vuldb.com\/?id.213545"
"url": "https://vuldb.com/?id.213545",
"refsource": "MISC",
"name": "https://vuldb.com/?id.213545"
}
]
}

14
2022/3xxx/CVE-2022-3967.json
View File

@ -22,7 +22,7 @@
"version": {
"version_data": [
{
"version_value": "n\/a"
"version_value": "n/a"
}
]
}
@ -49,7 +49,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability, which was classified as critical, was found in Vesta Control Panel. Affected is an unknown function of the file func\/main.sh of the component sed Handler. The manipulation leads to argument injection. An attack has to be approached locally. The name of the patch is 39561c32c12cabe563de48cc96eccb9e2c655e25. It is recommended to apply a patch to fix this issue. VDB-213546 is the identifier assigned to this vulnerability."
"value": "A vulnerability, which was classified as critical, was found in Vesta Control Panel. Affected is an unknown function of the file func/main.sh of the component sed Handler. The manipulation leads to argument injection. An attack has to be approached locally. The name of the patch is 39561c32c12cabe563de48cc96eccb9e2c655e25. It is recommended to apply a patch to fix this issue. VDB-213546 is the identifier assigned to this vulnerability."
}
]
},
@ -57,16 +57,20 @@
"cvss": {
"version": "3.1",
"baseScore": "5.3",
"vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:L\/A:L"
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"
}
},
"references": {
"reference_data": [
{
"url": "https:\/\/github.com\/serghey-rodin\/vesta\/commit\/39561c32c12cabe563de48cc96eccb9e2c655e25"
"url": "https://github.com/serghey-rodin/vesta/commit/39561c32c12cabe563de48cc96eccb9e2c655e25",
"refsource": "MISC",
"name": "https://github.com/serghey-rodin/vesta/commit/39561c32c12cabe563de48cc96eccb9e2c655e25"
},
{
"url": "https:\/\/vuldb.com\/?id.213546"
"url": "https://vuldb.com/?id.213546",
"refsource": "MISC",
"name": "https://vuldb.com/?id.213546"
}
]
}

14
2022/3xxx/CVE-2022-3968.json
View File

@ -22,7 +22,7 @@
"version": {
"version_data": [
{
"version_value": "n\/a"
"version_value": "n/a"
}
]
}
@ -49,7 +49,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been found in emlog and classified as problematic. Affected by this vulnerability is an unknown functionality of the file admin\/article_save.php. The manipulation of the argument tag leads to cross site scripting. The attack can be launched remotely. The name of the patch is 5bf7a79826e0ea09bcc8a21f69a0c74107761a02. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-213547."
"value": "A vulnerability has been found in emlog and classified as problematic. Affected by this vulnerability is an unknown functionality of the file admin/article_save.php. The manipulation of the argument tag leads to cross site scripting. The attack can be launched remotely. The name of the patch is 5bf7a79826e0ea09bcc8a21f69a0c74107761a02. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-213547."
}
]
},
@ -57,16 +57,20 @@
"cvss": {
"version": "3.1",
"baseScore": "3.5",
"vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:U\/C:N\/I:L\/A:N"
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"
}
},
"references": {
"reference_data": [
{
"url": "https:\/\/github.com\/emlog\/emlog\/commit\/5bf7a79826e0ea09bcc8a21f69a0c74107761a02"
"url": "https://github.com/emlog/emlog/commit/5bf7a79826e0ea09bcc8a21f69a0c74107761a02",
"refsource": "MISC",
"name": "https://github.com/emlog/emlog/commit/5bf7a79826e0ea09bcc8a21f69a0c74107761a02"
},
{
"url": "https:\/\/vuldb.com\/?id.213547"
"url": "https://vuldb.com/?id.213547",
"refsource": "MISC",
"name": "https://vuldb.com/?id.213547"
}
]
}

20
2022/3xxx/CVE-2022-3969.json
View File

@ -82,7 +82,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in OpenKM up to 6.3.11 and classified as problematic. Affected by this issue is the function getFileExtension of the file src\/main\/java\/com\/openkm\/util\/FileUtils.java. The manipulation leads to insecure temporary file. Upgrading to version 6.3.12 is able to address this issue. The name of the patch is c069e4d73ab8864345c25119d8459495f45453e1. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-213548."
"value": "A vulnerability was found in OpenKM up to 6.3.11 and classified as problematic. Affected by this issue is the function getFileExtension of the file src/main/java/com/openkm/util/FileUtils.java. The manipulation leads to insecure temporary file. Upgrading to version 6.3.12 is able to address this issue. The name of the patch is c069e4d73ab8864345c25119d8459495f45453e1. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-213548."
}
]
},
@ -90,22 +90,30 @@
"cvss": {
"version": "3.1",
"baseScore": "2.6",
"vectorString": "CVSS:3.1\/AV:A\/AC:H\/PR:L\/UI:N\/S:U\/C:L\/I:N\/A:N"
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N"
}
},
"references": {
"reference_data": [
{
"url": "https:\/\/github.com\/openkm\/document-management-system\/pull\/332"
"url": "https://github.com/openkm/document-management-system/pull/332",
"refsource": "MISC",
"name": "https://github.com/openkm/document-management-system/pull/332"
},
{
"url": "https:\/\/github.com\/openkm\/document-management-system\/releases\/tag\/v6.3.12"
"url": "https://github.com/openkm/document-management-system/releases/tag/v6.3.12",
"refsource": "MISC",
"name": "https://github.com/openkm/document-management-system/releases/tag/v6.3.12"
},
{
"url": "https:\/\/github.com\/openkm\/document-management-system\/commit\/c069e4d73ab8864345c25119d8459495f45453e1"
"url": "https://github.com/openkm/document-management-system/commit/c069e4d73ab8864345c25119d8459495f45453e1",
"refsource": "MISC",
"name": "https://github.com/openkm/document-management-system/commit/c069e4d73ab8864345c25119d8459495f45453e1"
},
{
"url": "https:\/\/vuldb.com\/?id.213548"
"url": "https://vuldb.com/?id.213548",
"refsource": "MISC",
"name": "https://vuldb.com/?id.213548"
}
]
}

22
2022/3xxx/CVE-2022-3970.json
View File

@ -22,7 +22,7 @@
"version": {
"version_data": [
{
"version_value": "n\/a"
"version_value": "n/a"
}
]
}
@ -49,7 +49,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in LibTIFF. It has been classified as critical. This affects the function TIFFReadRGBATileExt of the file libtiff\/tif_getimage.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 227500897dfb07fb7d27f7aa570050e62617e3be. It is recommended to apply a patch to fix this issue. The identifier VDB-213549 was assigned to this vulnerability."
"value": "A vulnerability was found in LibTIFF. It has been classified as critical. This affects the function TIFFReadRGBATileExt of the file libtiff/tif_getimage.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 227500897dfb07fb7d27f7aa570050e62617e3be. It is recommended to apply a patch to fix this issue. The identifier VDB-213549 was assigned to this vulnerability."
}
]
},
@ -57,22 +57,30 @@
"cvss": {
"version": "3.1",
"baseScore": "6.3",
"vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:U\/C:L\/I:L\/A:L"
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"
}
},
"references": {
"reference_data": [
{
"url": "https:\/\/bugs.chromium.org\/p\/oss-fuzz\/issues\/detail?id=53137"
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53137",
"refsource": "MISC",
"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53137"
},
{
"url": "https:\/\/oss-fuzz.com\/download?testcase_id=5738253143900160"
"url": "https://oss-fuzz.com/download?testcase_id=5738253143900160",
"refsource": "MISC",
"name": "https://oss-fuzz.com/download?testcase_id=5738253143900160"
},
{
"url": "https:\/\/gitlab.com\/libtiff\/libtiff\/-\/commit\/227500897dfb07fb7d27f7aa570050e62617e3be"
"url": "https://gitlab.com/libtiff/libtiff/-/commit/227500897dfb07fb7d27f7aa570050e62617e3be",
"refsource": "MISC",
"name": "https://gitlab.com/libtiff/libtiff/-/commit/227500897dfb07fb7d27f7aa570050e62617e3be"
},
{
"url": "https:\/\/vuldb.com\/?id.213549"
"url": "https://vuldb.com/?id.213549",
"refsource": "MISC",
"name": "https://vuldb.com/?id.213549"
}
]
}

18
2022/3xxx/CVE-2022-3971.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-3971",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/3xxx/CVE-2022-3972.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-3972",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/3xxx/CVE-2022-3973.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-3973",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/3xxx/CVE-2022-3974.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-3974",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/3xxx/CVE-2022-3975.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-3975",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/3xxx/CVE-2022-3976.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-3976",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}