admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 18:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-04-06 10:01:32 +00:00
parent ece17db199
commit fc8a07cde9
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
5 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
2021/24xxx/CVE-2021-24009.json
View File

@ -71,7 +71,7 @@
"description_data": [
{
"lang": "eng",
"value": "Multiple improper neutralization of special elements used in an OS command vulnerabilities (CWE-78) in the\u00a0Web GUI of FortiWAN before 4.5.9 may allow an authenticated attacker to execute arbitrary commands on the underlying system's shell via specifically crafted HTTP requests."
"value": "Multiple improper neutralization of special elements used in an OS command vulnerabilities (CWE-78) in the Web GUI of FortiWAN before 4.5.9 may allow an authenticated attacker to execute arbitrary commands on the underlying system's shell via specifically crafted HTTP requests."
}
]
}

2
2021/26xxx/CVE-2021-26112.json
View File

@ -71,7 +71,7 @@
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflow vulnerabilities [CWE-121] both in network daemons and in\u00a0the command line interpreter of FortiWAN\u00a0before 4.5.9 may allow an unauthenticated attacker\u00a0to potentially corrupt control data in memory and execute arbitrary code via\u00a0specifically crafted requests."
"value": "Multiple stack-based buffer overflow vulnerabilities [CWE-121] both in network daemons and in the command line interpreter of FortiWAN before 4.5.9 may allow an unauthenticated attacker to potentially corrupt control data in memory and execute arbitrary code via specifically crafted requests."
}
]
}

2
2021/26xxx/CVE-2021-26114.json
View File

@ -71,7 +71,7 @@
"description_data": [
{
"lang": "eng",
"value": "Multiple improper neutralization of special elements used in an SQL command vulnerabilities in FortiWAN\u00a0before 4.5.9 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests."
"value": "Multiple improper neutralization of special elements used in an SQL command vulnerabilities in FortiWAN before 4.5.9 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests."
}
]
}

2
2021/32xxx/CVE-2021-32593.json
View File

@ -71,7 +71,7 @@
"description_data": [
{
"lang": "eng",
"value": "A use of a broken or risky cryptographic algorithm vulnerability [CWE-327]\u00a0in the Dynamic Tunnel Protocol of FortiWAN\u00a0before 4.5.9 may allow an unauthenticated remote attacker to decrypt and forge protocol communication messages."
"value": "A use of a broken or risky cryptographic algorithm vulnerability [CWE-327] in the Dynamic Tunnel Protocol of FortiWAN before 4.5.9 may allow an unauthenticated remote attacker to decrypt and forge protocol communication messages."
}
]
}

2
2022/23xxx/CVE-2022-23446.json
View File

@ -71,7 +71,7 @@
"description_data": [
{
"lang": "eng",
"value": "A improper control of a resource through its lifetime in Fortinet FortiEDR version 5.0.3 and earlier allows attacker to make the whole application unresponsive via changing its root directory access permission."
"value": "A improper control of a resource through its lifetime in Fortinet FortiEDR version 5.0.3 and earlier allows attacker to make the whole application unresponsive via changing its root directory access permission."
}
]
}