admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-06-27 19:00:51 +00:00
parent 32845fd84c
commit d7f54c06e1
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
11 changed files with 330 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

66
2017/20xxx/CVE-2017-20098.json
View File

@ -4,14 +4,74 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-20098",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"TITLE": "Admin Custom Login Plugin Persistent cross site scripting",
"REQUESTER": "cna@vuldb.com",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"generator": "vuldb.com",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "",
"product": {
"product_data": [
{
"product_name": "Admin Custom Login Plugin",
"version": {
"version_data": [
{
"version_value": "2.4.5.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-80 Basic Cross Site Scripting"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability was found in Admin Custom Login Plugin 2.4.5.2. It has been classified as problematic. Affected is an unknown function. The manipulation leads to basic cross site scripting (Persistent). It is possible to launch the attack remotely."
}
]
},
"credit": "Burak Kelebek",
"impact": {
"cvss": {
"version": "3.1",
"baseScore": "3.5",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"
}
},
"references": {
"reference_data": [
{
"url": "http://seclists.org/fulldisclosure/2017/Feb/75",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2017/Feb/75"
},
{
"url": "https://vuldb.com/?id.97368",
"refsource": "MISC",
"name": "https://vuldb.com/?id.97368"
}
]
}

66
2017/20xxx/CVE-2017-20099.json
View File

@ -4,14 +4,74 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-20099",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"TITLE": "Analytics Stats Counter Statistics Plugin code injection",
"REQUESTER": "cna@vuldb.com",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"generator": "vuldb.com",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "",
"product": {
"product_data": [
{
"product_name": "Analytics Stats Counter Statistics Plugin",
"version": {
"version_data": [
{
"version_value": "1.2.2.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-94 Code Injection"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability was found in Analytics Stats Counter Statistics Plugin 1.2.2.5 and classified as critical. This issue affects some unknown processing. The manipulation leads to code injection. The attack may be initiated remotely."
}
]
},
"credit": "Yorick Koster",
"impact": {
"cvss": {
"version": "3.1",
"baseScore": "7.3",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
}
},
"references": {
"reference_data": [
{
"url": "http://seclists.org/fulldisclosure/2017/Feb/74",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2017/Feb/74"
},
{
"url": "https://vuldb.com/?id.97367",
"refsource": "MISC",
"name": "https://vuldb.com/?id.97367"
}
]
}

6
2019/25xxx/CVE-2019-25071.json
View File

@ -4,7 +4,7 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-25071",
"TITLE": "Apple iPhone Siri Self privileges management",
"TITLE": "Apple iOS Siri Self privileges management",
"REQUESTER": "cna@vuldb.com",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
@ -18,7 +18,7 @@
"product": {
"product_data": [
{
"product_name": "iPhone",
"product_name": "iOS",
"version": {
"version_data": [
{
@ -52,7 +52,7 @@
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** A vulnerability was found in Apple iPhone up to 12.4.1. It has been declared as critical. Affected by this vulnerability is Siri. Playing an audio or video file might be able to initiate Siri on the same device which makes it possible to execute commands remotely. Exploit details have been disclosed to the public. The existence and implications of this vulnerability are doubted by Apple even though multiple public videos demonstrating the attack exist. Upgrading to version 13.0 migt be able to address this issue. It is recommended to upgrade affected devices."
"value": "A vulnerability was found in Apple iPhone up to 12.4.1. It has been declared as critical. Affected by this vulnerability is Siri. Playing an audio or video file might be able to initiate Siri on the same device which makes it possible to execute commands remotely. Exploit details have been disclosed to the public. The existence and implications of this vulnerability are doubted by Apple even though multiple public videos demonstrating the attack exist. Upgrading to version 13.0 migt be able to address this issue. It is recommended to upgrade affected devices. NOTE: Apple claims, that after examining the report they do not see any actual security implications."
}
]
},

50
2022/28xxx/CVE-2022-28622.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-28622",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-alert@hpe.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "HPE StoreOnce Software",
"version": {
"version_data": [
{
"version_value": "Prior to 4.3.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote unauthorized access"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst04311en_us",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst04311en_us"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A potential security vulnerability has been identified in HPE StoreOnce Software. The SSH server supports weak key exchange algorithms which could lead to remote unauthorized access. HPE has made the following software update to resolve the vulnerability in HPE StoreOnce Software 4.3.2."
}
]
}

5
2022/29xxx/CVE-2022-29548.json
View File

@ -56,6 +56,11 @@
"url": "https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2021-1603",
"refsource": "MISC",
"name": "https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2021-1603"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/167587/WSO2-Management-Console-Cross-Site-Scripting.html",
"url": "http://packetstormsecurity.com/files/167587/WSO2-Management-Console-Cross-Site-Scripting.html"
}
]
},

65
2022/2xxx/CVE-2022-2221.json
View File

@ -1,18 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "security@devolutions.net",
"ID": "CVE-2022-2221",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Remote Desktop Manager",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2022.1.8",
"version_value": "2022.1.8"
}
]
}
}
]
},
"vendor_name": "Devolutions"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Information Exposure vulnerability in My Account Settings of Devolutions Remote Desktop Manager before 2022.1.8 allows authenticated users to access credentials of other users. This issue affects: Devolutions Remote Desktop Manager versions prior to 2022.1.8."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200 Information Exposure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://devolutions.net/security/advisories/DEVO-2022-0004",
"name": "https://devolutions.net/security/advisories/DEVO-2022-0004"
}
]
},
"source": {
"advisory": "DEVO-2022-0004",
"discovery": "UNKNOWN"
}
}

18
2022/2xxx/CVE-2022-2226.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-2226",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/2xxx/CVE-2022-2227.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-2227",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/2xxx/CVE-2022-2228.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-2228",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/2xxx/CVE-2022-2229.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-2229",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/2xxx/CVE-2022-2230.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-2230",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}