mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-30 18:04:30 +00:00
"-Synchronized-Data."
This commit is contained in:
CVE Team
parent
0a6e7fcf43
commit
f03575cdf9
@ -1,17 +1,61 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-46109",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2022-46109",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Tenda AC15 V15.03.06.23 is vulnerable to Buffer Overflow via function formSetClientState."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://github.com/z1r00/IOT_Vul/tree/main/Tenda/AC10/formSetClientState",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/z1r00/IOT_Vul/tree/main/Tenda/AC10/formSetClientState"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -52,7 +52,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability was found in Alinto SOGo up to 5.7.1 and classified as problematic. Affected by this issue is the function _migrateMailIdentities of the file SoObjects\/SOGo\/SOGoUserDefaults.m of the component Identity Handler. The manipulation of the argument fullName leads to cross site scripting. The attack may be launched remotely. Upgrading to version 5.8.0 is able to address this issue. The name of the patch is efac49ae91a4a325df9931e78e543f707a0f8e5e. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-215960."
|
||||
"value": "A vulnerability was found in Alinto SOGo up to 5.7.1 and classified as problematic. Affected by this issue is the function _migrateMailIdentities of the file SoObjects/SOGo/SOGoUserDefaults.m of the component Identity Handler. The manipulation of the argument fullName leads to cross site scripting. The attack may be launched remotely. Upgrading to version 5.8.0 is able to address this issue. The name of the patch is efac49ae91a4a325df9931e78e543f707a0f8e5e. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-215960."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -60,19 +60,25 @@
|
||||
"cvss": {
|
||||
"version": "3.1",
|
||||
"baseScore": "3.5",
|
||||
"vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:U\/C:N\/I:L\/A:N"
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https:\/\/github.com\/Alinto\/sogo\/commit\/efac49ae91a4a325df9931e78e543f707a0f8e5e"
|
||||
"url": "https://github.com/Alinto/sogo/commit/efac49ae91a4a325df9931e78e543f707a0f8e5e",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/Alinto/sogo/commit/efac49ae91a4a325df9931e78e543f707a0f8e5e"
|
||||
},
|
||||
{
|
||||
"url": "https:\/\/github.com\/Alinto\/sogo\/releases\/tag\/SOGo-5.8.0"
|
||||
"url": "https://github.com/Alinto/sogo/releases/tag/SOGo-5.8.0",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/Alinto/sogo/releases/tag/SOGo-5.8.0"
|
||||
},
|
||||
{
|
||||
"url": "https:\/\/vuldb.com\/?id.215960"
|
||||
"url": "https://vuldb.com/?id.215960",
|
||||
"refsource": "MISC",
|
||||
"name": "https://vuldb.com/?id.215960"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -4,7 +4,7 @@
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-4558",
|
||||
"TITLE": "Alinto SOGo Folder\/Mail NSString+Utilities.m cross site scripting",
|
||||
"TITLE": "Alinto SOGo Folder/Mail NSString+Utilities.m cross site scripting",
|
||||
"REQUESTER": "cna@vuldb.com",
|
||||
"ASSIGNER": "cna@vuldb.com",
|
||||
"STATE": "PUBLIC"
|
||||
@ -52,7 +52,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability was found in Alinto SOGo up to 5.7.1. It has been classified as problematic. This affects an unknown part of the file SoObjects\/SOGo\/NSString+Utilities.m of the component Folder\/Mail Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 5.8.0 is able to address this issue. The name of the patch is 1e0f5f00890f751e84d67be4f139dd7f00faa5f3. It is recommended to upgrade the affected component. The identifier VDB-215961 was assigned to this vulnerability."
|
||||
"value": "A vulnerability was found in Alinto SOGo up to 5.7.1. It has been classified as problematic. This affects an unknown part of the file SoObjects/SOGo/NSString+Utilities.m of the component Folder/Mail Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 5.8.0 is able to address this issue. The name of the patch is 1e0f5f00890f751e84d67be4f139dd7f00faa5f3. It is recommended to upgrade the affected component. The identifier VDB-215961 was assigned to this vulnerability."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -60,19 +60,25 @@
|
||||
"cvss": {
|
||||
"version": "3.1",
|
||||
"baseScore": "3.5",
|
||||
"vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:U\/C:N\/I:L\/A:N"
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https:\/\/github.com\/Alinto\/sogo\/commit\/1e0f5f00890f751e84d67be4f139dd7f00faa5f3"
|
||||
"url": "https://github.com/Alinto/sogo/releases/tag/SOGo-5.8.0",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/Alinto/sogo/releases/tag/SOGo-5.8.0"
|
||||
},
|
||||
{
|
||||
"url": "https:\/\/github.com\/Alinto\/sogo\/releases\/tag\/SOGo-5.8.0"
|
||||
"url": "https://github.com/Alinto/sogo/commit/1e0f5f00890f751e84d67be4f139dd7f00faa5f3",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/Alinto/sogo/commit/1e0f5f00890f751e84d67be4f139dd7f00faa5f3"
|
||||
},
|
||||
{
|
||||
"url": "https:\/\/vuldb.com\/?id.215961"
|
||||
"url": "https://vuldb.com/?id.215961",
|
||||
"refsource": "MISC",
|
||||
"name": "https://vuldb.com/?id.215961"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -55,7 +55,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability was found in INEX IPX-Manager up to 6.2.0. It has been declared as problematic. This vulnerability affects unknown code of the file resources\/views\/customer\/list.foil.php. The manipulation leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 6.3.0 is able to address this issue. The name of the patch is bc9b14c6f70cccdb89b559e8bc3a7318bfe9c243. It is recommended to upgrade the affected component. VDB-215962 is the identifier assigned to this vulnerability."
|
||||
"value": "A vulnerability was found in INEX IPX-Manager up to 6.2.0. It has been declared as problematic. This vulnerability affects unknown code of the file resources/views/customer/list.foil.php. The manipulation leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 6.3.0 is able to address this issue. The name of the patch is bc9b14c6f70cccdb89b559e8bc3a7318bfe9c243. It is recommended to upgrade the affected component. VDB-215962 is the identifier assigned to this vulnerability."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -63,19 +63,25 @@
|
||||
"cvss": {
|
||||
"version": "3.1",
|
||||
"baseScore": "3.5",
|
||||
"vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:U\/C:N\/I:L\/A:N"
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https:\/\/github.com\/inex\/IXP-Manager\/commit\/bc9b14c6f70cccdb89b559e8bc3a7318bfe9c243"
|
||||
"url": "https://github.com/inex/IXP-Manager/commit/bc9b14c6f70cccdb89b559e8bc3a7318bfe9c243",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/inex/IXP-Manager/commit/bc9b14c6f70cccdb89b559e8bc3a7318bfe9c243"
|
||||
},
|
||||
{
|
||||
"url": "https:\/\/github.com\/inex\/IXP-Manager\/releases\/tag\/v6.3.0"
|
||||
"url": "https://github.com/inex/IXP-Manager/releases/tag/v6.3.0",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/inex/IXP-Manager/releases/tag/v6.3.0"
|
||||
},
|
||||
{
|
||||
"url": "https:\/\/vuldb.com\/?id.215962"
|
||||
"url": "https://vuldb.com/?id.215962",
|
||||
"refsource": "MISC",
|
||||
"name": "https://vuldb.com/?id.215962"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -145,7 +145,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability was found in Joget up to 7.0.32. It has been rated as problematic. This issue affects the function getInternalJsCssLib of the file wflow-core\/src\/main\/java\/org\/joget\/plugin\/enterprise\/UniversalTheme.java of the component wflow-core. The manipulation of the argument key leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 8.0-BETA is able to address this issue. The name of the patch is ecf8be8f6f0cb725c18536ddc726d42a11bdaa1b. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-215963."
|
||||
"value": "A vulnerability was found in Joget up to 7.0.32. It has been rated as problematic. This issue affects the function getInternalJsCssLib of the file wflow-core/src/main/java/org/joget/plugin/enterprise/UniversalTheme.java of the component wflow-core. The manipulation of the argument key leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 8.0-BETA is able to address this issue. The name of the patch is ecf8be8f6f0cb725c18536ddc726d42a11bdaa1b. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-215963."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -153,19 +153,25 @@
|
||||
"cvss": {
|
||||
"version": "3.1",
|
||||
"baseScore": "3.5",
|
||||
"vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:U\/C:N\/I:L\/A:N"
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https:\/\/github.com\/jogetworkflow\/jw-community\/commit\/ecf8be8f6f0cb725c18536ddc726d42a11bdaa1b"
|
||||
"url": "https://github.com/jogetworkflow/jw-community/commit/ecf8be8f6f0cb725c18536ddc726d42a11bdaa1b",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/jogetworkflow/jw-community/commit/ecf8be8f6f0cb725c18536ddc726d42a11bdaa1b"
|
||||
},
|
||||
{
|
||||
"url": "https:\/\/github.com\/jogetworkflow\/jw-community\/releases\/tag\/8.0-BETA"
|
||||
"url": "https://github.com/jogetworkflow/jw-community/releases/tag/8.0-BETA",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/jogetworkflow/jw-community/releases/tag/8.0-BETA"
|
||||
},
|
||||
{
|
||||
"url": "https:\/\/vuldb.com\/?id.215963"
|
||||
"url": "https://vuldb.com/?id.215963",
|
||||
"refsource": "MISC",
|
||||
"name": "https://vuldb.com/?id.215963"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -22,7 +22,7 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n\/a"
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -49,7 +49,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability classified as problematic has been found in SemanticDrilldown Extension. Affected is the function printFilterLine of the file includes\/specials\/SDBrowseDataPage.php of the component GET Parameter Handler. The manipulation of the argument value leads to cross site scripting. It is possible to launch the attack remotely. The name of the patch is 6e18cf740a4548166c1d95f6d3a28541d298a3aa. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-215964."
|
||||
"value": "A vulnerability classified as problematic has been found in SemanticDrilldown Extension. Affected is the function printFilterLine of the file includes/specials/SDBrowseDataPage.php of the component GET Parameter Handler. The manipulation of the argument value leads to cross site scripting. It is possible to launch the attack remotely. The name of the patch is 6e18cf740a4548166c1d95f6d3a28541d298a3aa. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-215964."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -57,16 +57,20 @@
|
||||
"cvss": {
|
||||
"version": "3.1",
|
||||
"baseScore": "3.5",
|
||||
"vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:U\/C:N\/I:L\/A:N"
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https:\/\/github.com\/wikimedia\/mediawiki-extensions-SemanticDrilldown\/commit\/6e18cf740a4548166c1d95f6d3a28541d298a3aa"
|
||||
"url": "https://github.com/wikimedia/mediawiki-extensions-SemanticDrilldown/commit/6e18cf740a4548166c1d95f6d3a28541d298a3aa",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/wikimedia/mediawiki-extensions-SemanticDrilldown/commit/6e18cf740a4548166c1d95f6d3a28541d298a3aa"
|
||||
},
|
||||
{
|
||||
"url": "https:\/\/vuldb.com\/?id.215964"
|
||||
"url": "https://vuldb.com/?id.215964",
|
||||
"refsource": "MISC",
|
||||
"name": "https://vuldb.com/?id.215964"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user